Edit tour
Windows
Analysis Report
PURCHASE ORDER 5172025.xla.xlsx
Overview
General Information
| Sample name: | PURCHASE ORDER 5172025.xla.xlsx |
| Analysis ID: | 1648273 |
| MD5: | e79caec024d0abddc288e30c2c974945 |
| SHA1: | 2e56b64b76874ae950f7d71b115fff184e0b33f3 |
| SHA256: | fb12a393e8260ef0e83bb670f86e19ce598b14bb9bbb8f90d27b573a310180f5 |
| Tags: | xlaxlsxuser-abuse_ch |
| Infos: |  |
 | |
Detection
| Score: | 48 |
| Range: | 0 - 100 |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
Document contains embedded VBA macros
Document embeds suspicious OLE2 link
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: Excel Network Connections
Sigma detected: Suspicious Office Outbound Connections
Suricata IDS alerts with low severity for network traffic
Unable to load, office file is protected or invalid
Uses a known web browser user agent for HTTP communication
Classification
- System is w10x64
EXCEL.EXE (PID: 6800 cmdline: "C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\EXCEL .EXE" /aut omation -E mbedding MD5: 4A871771235598812032C822E6F68F19) 
splwow64.exe (PID: 4440 cmdline: C:\Windows \splwow64. exe 12288 MD5: 77DE7761B037061C7C112FD3C5B91E73)
- EXCEL.EXE (PID: 6096 cmdline:
"C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\EXCEL .EXE" "C:\ Users\user \Desktop\P URCHASE OR DER 517202 5.xla.xlsx " MD5: 4A871771235598812032C822E6F68F19)
- cleanup
⊘No configs have been found
⊘No yara matches
| Source: | Author: Christopher Peacock '@securepeacock', SCYTHE '@scythe_io', Florian Roth '@Neo23x0", Tim Shelton: | ||
| Source: | Author: X__Junior (Nextron Systems): | ||
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-25T17:45:35.224449+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.12 | 49760 | 13.107.246.40 | 443 | TCP |
| 2025-03-25T17:45:47.588911+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.12 | 49762 | 13.107.246.40 | 443 | TCP |
| 2025-03-25T17:45:54.470701+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.12 | 49764 | 13.107.246.40 | 443 | TCP |
| 2025-03-25T17:45:54.479758+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.12 | 49763 | 13.107.246.40 | 443 | TCP |
- • AV Detection
- • Compliance
- • Software Vulnerabilities
- • Networking
- • System Summary
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | ReversingLabs: | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | DNS query: | ||
| Source: | DNS query: | ||
| Source: | DNS query: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | JA3 fingerprint: | ||
| Source: | JA3 fingerprint: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | OLE indicator, VBA macros: | ||
| Source: | Stream path 'MBD00A6776F/\x1Ole' : | ||
| Source: | Window title found: | ||
| Source: | Classification label: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | OLE indicator, Workbook stream: | ||
| Source: | File read: | Jump to behavior | ||
| Source: | ReversingLabs: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
| Source: | Window detected: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Static file information: | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | Initial sample: | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Stream path 'MBD00A6776E/Package' entropy: | ||
| Source: | Stream path 'Workbook' entropy: | ||
| Source: | Window / User API: | Jump to behavior | ||
| Source: | Last function: | ||
| Source: | Last function: | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Process information queried: | Jump to behavior | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | 1 Scripting | Valid Accounts | 3 Exploitation for Client Execution | 1 Scripting | 1 Process Injection | 2 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Virtualization/Sandbox Evasion | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 3 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Process Injection | Security Account Manager | 1 Application Window Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Obfuscated Files or Information | NTDS | 1 File and Directory Discovery | Distributed Component Object Model | Input Capture | 14 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | Software Packing | LSA Secrets | 1 System Information Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 22% | ReversingLabs | Document-Excel.Exploit.CVE-2017-0199 |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| s-part-0010.t-0009.t-msedge.net | 13.107.246.38 | true | false | high | |
| s-part-0012.t-0009.t-msedge.net | 13.107.246.40 | true | false | high | |
| host1.emobility.energy | 162.19.137.157 | true | false | high | |
| edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | 208.89.73.17 | true | false | high | |
| s-0005.dual-s-msedge.net | 52.123.129.14 | true | false | high | |
| otelrules.svc.static.microsoft | unknown | unknown | false | high | |
| t.emobility.energy | unknown | unknown | false | high |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | high | ||
| false |
| unknown | |
| false | high | ||
| false | high | ||
| false |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 13.107.246.40 | s-part-0012.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 162.19.137.157 | host1.emobility.energy | United States | 209 | CENTURYLINK-US-LEGACY-QWESTUS | false |
| Joe Sandbox version: | 42.0.0 Malachite |
| Analysis ID: | 1648273 |
| Start date and time: | 2025-03-25 17:43:22 +01:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 5m 7s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowsofficecookbook.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 11 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | PURCHASE ORDER 5172025.xla.xlsx |
| Detection: | MAL |
| Classification: | mal48.winXLSX@4/4@3/2 |
| EGA Information: | Failed |
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, d llhost.exe, sppsvc.exe, WMIADA P.exe, SIHClient.exe, conhost. exe, svchost.exe - Excluded IPs from analysis (wh
itelisted): 184.31.69.3, 52.10 9.8.89, 52.109.8.36, 208.89.73 .17, 51.105.71.136, 52.109.0.9 1, 20.189.173.24, 52.123.129.1 4, 172.202.163.200, 40.126.24. 82 - Excluded domains from analysis
(whitelisted): slscr.update.m icrosoft.com, cus-config.offic eapps.live.com, fs-wildcard.mi crosoft.com.edgekey.net, fs-wi ldcard.microsoft.com.edgekey.n et.globalredir.akadns.net, e16 604.dscf.akamaiedge.net, mobil e.events.data.microsoft.com, r oaming.officeapps.live.com, os iprod-cus-buff-azsc-000.centra lus.cloudapp.azure.com, dual-s -0005-office.config.skype.com, login.live.com, wus-azsc-conf ig.officeapps.live.com, office client.microsoft.com, prod.fs. microsoft.com.akadns.net, c.pk i.goog, wu-b-net.trafficmanage r.net, ecs.office.com, self-ev ents-data.trafficmanager.net, fs.microsoft.com, ctldl.window supdate.com.delivery.microsoft .com, prod.configsvc1.live.com .akadns.net, self.events.data. microsoft.com, onedscolprduks0 0.uksouth.cloudapp.azure.com, ctldl.windowsupdate.com, prod. roaming1.live.com.akadns.net, cus-azsc-000.roaming.officeapp s.live.com, fe3cr.delivery.mp. microsoft.com, us1.roaming1.li ve.com.akadns.net, config.offi ceapps.live.com, us.configsvc1 .live.com.akadns.net, onedscol prdw - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtCreateKey calls foun d. - Report size getting too big, t
oo many NtQueryAttributesFile calls found. - Report size getting too big, t
oo many NtQueryValueKey calls found. - Report size getting too big, t
oo many NtReadVirtualMemory ca lls found. - Some HTTPS proxied raw data pa
ckets have been limited to 10 per session. Please view the P CAPs for the complete data.
| Time | Type | Description |
|---|---|---|
| 12:45:27 | API Interceptor |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 13.107.246.40 | Get hash | malicious | HTMLPhisher | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| 162.19.137.157 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com | Get hash | malicious | PureCrypter, AsyncRAT | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Vidar | Browse |
| ||
| Get hash | malicious | SheetRat | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| s-part-0010.t-0009.t-msedge.net | Get hash | malicious | HTMLPhisher | Browse |
| |
| Get hash | malicious | AnarchyGrabber, AsyncRAT, DBatLoader, Discord Token Stealer, FritzFrog, HawkEye, Lokibot | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | PureLog Stealer, XWorm | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
| host1.emobility.energy | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| s-part-0012.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | PureLog Stealer, XWorm | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| CENTURYLINK-US-LEGACY-QWESTUS | Get hash | malicious | Okiru | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| MICROSOFT-CORP-MSN-AS-BLOCKUS | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Gafgyt, Okiru | Browse |
| ||
| Get hash | malicious | Okiru | Browse |
| ||
| Get hash | malicious | Gafgyt, Okiru | Browse |
| ||
| Get hash | malicious | Okiru | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | PureLog Stealer, XWorm | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 6271f898ce5be7dd52b0fc260d0662b3 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| a0e9f5d64349fb13191bc781f81f42e1 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | DarkVision Rat | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
⊘No context
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 118 |
| Entropy (8bit): | 3.5700810731231707 |
| Encrypted: | false |
| SSDEEP: | 3:QaklTlAlXMLLmHlIlFLlmIK/5lTn84vlJlhlXlDHlA6l3l6Als:QFulcLk04/5p8GVz6QRq |
| MD5: | 573220372DA4ED487441611079B623CD |
| SHA1: | 8F9D967AC6EF34640F1F0845214FBC6994C0CB80 |
| SHA-256: | BE84B842025E4241BFE0C9F7B8F86A322E4396D893EF87EA1E29C74F47B6A22D |
| SHA-512: | F19FA3583668C3AF92A9CEF7010BD6ECEC7285F9C8665F2E9528DBA606F105D9AF9B1DB0CF6E7F77EF2E395943DC0D5CB37149E773319078688979E4024F9DD7 |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 784 |
| Entropy (8bit): | 2.7137690747287806 |
| Encrypted: | false |
| SSDEEP: | 12:YIrxA3rOpKmA4RP7EcJBSiGl6s8ACn2QYKrn2GpQPZRprw+25WHWspMSp:YIrcSpKmNRwcfHGF8A8iWxKZR++2IHWI |
| MD5: | 96F26AC9D00AF170C209932485A93F1B |
| SHA1: | E103D165A1E529CA08D98391E050175C4492BB92 |
| SHA-256: | A370505E61C2FB7827705A4875890DBB0DB3A232514AA75FE99E5A637602D230 |
| SHA-512: | FF680B0C42CC7918DB73ED715841F9AC1DAB27EF10E44101A3ED63A61A03725CF86F02D06A39BB0BA7C4F5EF5635EAB4D0B60F2A1538781D7A94112C9AF2674E |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
| SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
| SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
| SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 165 |
| Entropy (8bit): | 1.4377382811115937 |
| Encrypted: | false |
| SSDEEP: | 3:BJbFFFjpQl2fV:/bFFFNQlS |
| MD5: | 037948E5945313159DC8146EB7973386 |
| SHA1: | 4CEF8EE5AF61A21ADB398F6C296F48242158A1AA |
| SHA-256: | E63CBDD61699DD98D41777B269B57916B6E67F51E457D71BF62E8BD56D1362E4 |
| SHA-512: | E2D94EEDAD02B0D8B478DA100F753608C6A3A49E37FB53E11815CEA7806DF045DF96D5C53E41A4AD9B772A63FDF180FFEB2F49078334AB3C267FAC26E3B21F01 |
| Malicious: | true |
| Reputation: | low |
| Preview: |
| File type: | |
| Entropy (8bit): | 7.982615142561084 |
| TrID: |
|
| File name: | PURCHASE ORDER 5172025.xla.xlsx |
| File size: | 1'268'224 bytes |
| MD5: | e79caec024d0abddc288e30c2c974945 |
| SHA1: | 2e56b64b76874ae950f7d71b115fff184e0b33f3 |
| SHA256: | fb12a393e8260ef0e83bb670f86e19ce598b14bb9bbb8f90d27b573a310180f5 |
| SHA512: | b4870c6be966a5c016f5a16d911bfb792c43a6f1c78b8cfe34bf989e01479ed4b845dfd9d356303985063988d8f18524cfe65abe08d68ffd851fdbb927bb2267 |
| SSDEEP: | 24576:YN/dT0Hr47PD4UTqRgJ+pn0M9cWNVDfrsnlf:YNFTs4DD4hg00MtDDTM1 |
| TLSH: | 694523A87BC1CFA6C5FB55FD48A6A9154006FCC0A26B97477241B7CE7530378838B68B |
| File Content Preview: | ........................>...................................v...................................................................................y.......{...................................................................................................... |
 | |
| Icon Hash: | 35e58a8c0c8a85b9 |
| Document Type: | OLE |
| Number of OLE Files: | 1 |
| Has Summary Info: | |
| Application Name: | Microsoft Excel |
| Encrypted Document: | True |
| Contains Word Document Stream: | False |
| Contains Workbook/Book Stream: | True |
| Contains PowerPoint Document Stream: | False |
| Contains Visio Document Stream: | False |
| Contains ObjectPool Stream: | False |
| Flash Objects Count: | 0 |
| Contains VBA Macros: | True |
| Code Page: | 1252 |
| Author: | |
| Last Saved By: | |
| Create Time: | 2006-09-16 00:00:00 |
| Last Saved Time: | 2025-03-25 10:25:39 |
| Creating Application: | |
| Security: | 1 |
| Document Code Page: | 1252 |
| Thumbnail Scaling Desired: | False |
| Contains Dirty Links: | False |
| Shared Document: | False |
| Changed Hyperlinks: | False |
| Application Version: | 786432 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet1 |
| VBA File Name: | Sheet1.cls |
| Stream Size: | 977 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - . 0 |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 bd e1 ca 7f 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet2 |
| VBA File Name: | Sheet2.cls |
| Stream Size: | 977 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . @ . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - . 0 |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 bd e1 e5 40 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet3 |
| VBA File Name: | Sheet3.cls |
| Stream Size: | 977 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - . |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 bd e1 69 15 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/ThisWorkbook |
| VBA File Name: | ThisWorkbook.cls |
| Stream Size: | 985 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . t 1 . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 1 . 9 . - . |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 bd e1 74 31 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | \x1CompObj |
| CLSID: | |
| File Type: | data |
| Stream Size: | 114 |
| Entropy: | 4.25248375192737 |
| Base64 Encoded: | True |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . F & . . . M i c r o s o f t O f f i c e E x c e l 2 0 0 3 W o r k s h e e t . . . . . B i f f 8 . . . . . E x c e l . S h e e t . 8 . 9 q . . . . . . . . . . . . |
| Data Raw: | 01 00 fe ff 03 0a 00 00 ff ff ff ff 20 08 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 26 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 4f 66 66 69 63 65 20 45 78 63 65 6c 20 32 30 30 33 20 57 6f 72 6b 73 68 65 65 74 00 06 00 00 00 42 69 66 66 38 00 0e 00 00 00 45 78 63 65 6c 2e 53 68 65 65 74 2e 38 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
| Stream Path: | \x5DocumentSummaryInformation |
| CLSID: | |
| File Type: | data |
| Stream Size: | 244 |
| Entropy: | 2.889430592781307 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + , 0 . . . . . . . . . . . . . . H . . . . . . . P . . . . . . . X . . . . . . . ` . . . . . . . h . . . . . . . p . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S h e e t 1 . . . . . S h e e t 2 . . . . . S h e e t 3 . . . . . . . . . . . . . . . . . W o r k s h e e t s . . . . . . . . . |
| Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 d5 cd d5 9c 2e 1b 10 93 97 08 00 2b 2c f9 ae 30 00 00 00 c4 00 00 00 08 00 00 00 01 00 00 00 48 00 00 00 17 00 00 00 50 00 00 00 0b 00 00 00 58 00 00 00 10 00 00 00 60 00 00 00 13 00 00 00 68 00 00 00 16 00 00 00 70 00 00 00 0d 00 00 00 78 00 00 00 0c 00 00 00 a1 00 00 00 02 00 00 00 e4 04 00 00 |
General | |
| Stream Path: | \x5SummaryInformation |
| CLSID: | |
| File Type: | data |
| Stream Size: | 200 |
| Entropy: | 3.2603503175049817 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . O h . . . + ' 0 . . . . . . . . . . . . . . @ . . . . . . . H . . . . . . . T . . . . . . . ` . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M i c r o s o f t E x c e l . @ . . . . | . # . @ . . . S . A p . . . . . . . . . |
| Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 e0 85 9f f2 f9 4f 68 10 ab 91 08 00 2b 27 b3 d9 30 00 00 00 98 00 00 00 07 00 00 00 01 00 00 00 40 00 00 00 04 00 00 00 48 00 00 00 08 00 00 00 54 00 00 00 12 00 00 00 60 00 00 00 0c 00 00 00 78 00 00 00 0d 00 00 00 84 00 00 00 13 00 00 00 90 00 00 00 02 00 00 00 e4 04 00 00 1e 00 00 00 04 00 00 00 |
General | |
| Stream Path: | MBD00A6776E/\x1CompObj |
| CLSID: | |
| File Type: | data |
| Stream Size: | 99 |
| Entropy: | 3.631242196770981 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . ! . . . M i c r o s o f t O f f i c e E x c e l W o r k s h e e t . . . . . E x c e l M L 1 2 . . . . . 9 q . . . . . . . . . . . . |
| Data Raw: | 01 00 fe ff 03 0a 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 4f 66 66 69 63 65 20 45 78 63 65 6c 20 57 6f 72 6b 73 68 65 65 74 00 0a 00 00 00 45 78 63 65 6c 4d 4c 31 32 00 00 00 00 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
| Stream Path: | MBD00A6776E/Package |
| CLSID: | |
| File Type: | Microsoft Excel 2007+ |
| Stream Size: | 1099154 |
| Entropy: | 7.995034746087403 |
| Base64 Encoded: | True |
| Data ASCII: | P K . . . . . . . . . . ! . w 1 . . . . j . . . . . . [ C o n t e n t _ T y p e s ] . x m l . ( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
| Data Raw: | 50 4b 03 04 14 00 06 00 08 00 00 00 21 00 77 31 d5 0e e3 01 00 00 6a 08 00 00 13 00 cd 01 5b 43 6f 6e 74 65 6e 74 5f 54 79 70 65 73 5d 2e 78 6d 6c 20 a2 c9 01 28 a0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
| Stream Path: | MBD00A6776F/\x1Ole |
| CLSID: | |
| File Type: | data |
| Stream Size: | 494 |
| Entropy: | 5.845279778686223 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . H . . . . . . . . . . . . . . . . . y . . . K . . . . h . t . t . p . s . : . / . / . t . . . e . m . o . b . i . l . i . t . y . . . e . n . e . r . g . y . / . k . q . Q . 8 . b . I . . . i 2 h A $ . 9 v . M . | " | . ^ } . . . 2 . . p 4 1 = M [ z T E ^ ~ I i . - = . A X ' ` . . r G | p . B ' $ G * z F v . \\ x w Y Y n B Z X " ] \\ H . l $ W J d , W | J . S A / g } . ] . . . . . . . . . . . . . . . . . . . Z . D . L . b . T . 8 . c . a . d . B . E . l . R . x . 8 . V . v . N . 0 . Y . M . s . R . |
| Data Raw: | 01 00 00 02 8f 48 a6 20 03 b0 a1 13 00 00 00 00 00 00 00 00 00 00 00 00 f6 00 00 00 e0 c9 ea 79 f9 ba ce 11 8c 82 00 aa 00 4b a9 0b f2 00 00 00 68 00 74 00 74 00 70 00 73 00 3a 00 2f 00 2f 00 74 00 2e 00 65 00 6d 00 6f 00 62 00 69 00 6c 00 69 00 74 00 79 00 2e 00 65 00 6e 00 65 00 72 00 67 00 79 00 2f 00 6b 00 71 00 51 00 38 00 62 00 49 00 00 00 69 df 32 68 8c dc 41 24 13 39 fb 76 |
General | |
| Stream Path: | Workbook |
| CLSID: | |
| File Type: | Applesoft BASIC program data, first line number 16 |
| Stream Size: | 144844 |
| Entropy: | 7.99545252584344 |
| Base64 Encoded: | True |
| Data ASCII: | . . . . . . . . . . . . . . . . . / . 6 . . . . . . . . ; / @ ] ; ] X . . . 2 z u : Z 6 . : . ~ . : @ D o . * E . ~ } . . . . . . . . . . . U . . . \\ . p . . W g b O . l N f y I . : ~ . . . U 6 . p ; Z z " N 3 j ] > . ` , . 4 . 0 . # ^ . F v ! . g e b e V q . T o . . C h G B . . . a . . . " . . . = . . . . x . . . n Y : . . ; o . j . . . . . . . . . . . y a . . . . w . . . . . . . = . . . X ^ . . ? O 5 . i G @ . . . . . . . } " . . . L r . . . . . . . r . . . A 1 . . . w R ? ( Y " G j k r . . > . e . 1 . |
| Data Raw: | 09 08 10 00 00 06 05 00 ab 1f cd 07 c1 00 01 00 06 04 00 00 2f 00 36 00 01 00 01 00 01 00 18 3b 2f 40 f2 5d 3b 5d 58 d7 9a 01 ef cf 85 ec 32 7a af 75 3a 5a e4 f3 36 d5 a5 3a 1d 7e 7f 3a 84 40 ac 44 6f 0e 2a 9a 20 45 f5 dc 9a 7e 7d 12 87 00 00 00 e1 00 02 00 b0 04 c1 00 02 00 55 b0 e2 00 00 00 5c 00 70 00 aa b5 e6 a6 b9 f0 57 67 62 94 4f 1b ba 6c 4e d1 cb d8 66 f9 e2 79 b6 a0 49 d8 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/PROJECT |
| CLSID: | |
| File Type: | ASCII text, with CRLF line terminators |
| Stream Size: | 531 |
| Entropy: | 5.22065657326829 |
| Base64 Encoded: | True |
| Data ASCII: | I D = " { 1 2 F 7 0 6 2 C - 6 A 4 9 - 4 1 0 5 - B F D 6 - F 4 8 3 3 1 8 3 3 3 5 E } " . . D o c u m e n t = T h i s W o r k b o o k / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 1 / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 2 / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 3 / & H 0 0 0 0 0 0 0 0 . . N a m e = " V B A P r o j e c t " . . H e l p C o n t e x t I D = " 0 " . . V e r s i o n C o m p a t i b l e 3 2 = " 3 9 3 2 2 2 0 0 0 " . . C M G = " C 7 C 5 6 C A 4 9 4 A C 6 C B 0 6 |
| Data Raw: | 49 44 3d 22 7b 31 32 46 37 30 36 32 43 2d 36 41 34 39 2d 34 31 30 35 2d 42 46 44 36 2d 46 34 38 33 33 31 38 33 33 33 35 45 7d 22 0d 0a 44 6f 63 75 6d 65 6e 74 3d 54 68 69 73 57 6f 72 6b 62 6f 6f 6b 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 44 6f 63 75 6d 65 6e 74 3d 53 68 65 65 74 31 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 44 6f 63 75 6d 65 6e 74 3d 53 68 65 65 74 32 2f 26 48 30 30 30 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/PROJECTwm |
| CLSID: | |
| File Type: | data |
| Stream Size: | 104 |
| Entropy: | 3.0488640812019017 |
| Base64 Encoded: | False |
| Data ASCII: | T h i s W o r k b o o k . T . h . i . s . W . o . r . k . b . o . o . k . . . S h e e t 1 . S . h . e . e . t . 1 . . . S h e e t 2 . S . h . e . e . t . 2 . . . S h e e t 3 . S . h . e . e . t . 3 . . . . . |
| Data Raw: | 54 68 69 73 57 6f 72 6b 62 6f 6f 6b 00 54 00 68 00 69 00 73 00 57 00 6f 00 72 00 6b 00 62 00 6f 00 6f 00 6b 00 00 00 53 68 65 65 74 31 00 53 00 68 00 65 00 65 00 74 00 31 00 00 00 53 68 65 65 74 32 00 53 00 68 00 65 00 65 00 74 00 32 00 00 00 53 68 65 65 74 33 00 53 00 68 00 65 00 65 00 74 00 33 00 00 00 00 00 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/_VBA_PROJECT |
| CLSID: | |
| File Type: | data |
| Stream Size: | 2644 |
| Entropy: | 3.989996811732665 |
| Base64 Encoded: | False |
| Data ASCII: | a . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . * . \\ . G . { . 0 . 0 . 0 . 2 . 0 . 4 . E . F . - . 0 . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . - . C . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 4 . 6 . } . # . 4 . . . 0 . # . 9 . # . C . : . \\ . P . R . O . G . R . A . ~ . 2 . \\ . C . O . M . M . O . N . ~ . 1 . \\ . M . I . C . R . O . S . ~ . 1 . \\ . V . B . A . \\ . V . B . A . 6 . \\ . V . B . E . 6 . . . D . L . L . # . V . i . s . u . a . l . . B . a . s . i . c . . F . o . r . |
| Data Raw: | cc 61 88 00 00 01 00 ff 09 40 00 00 09 04 00 00 e4 04 01 00 00 00 00 00 00 00 00 00 01 00 04 00 02 00 fa 00 2a 00 5c 00 47 00 7b 00 30 00 30 00 30 00 32 00 30 00 34 00 45 00 46 00 2d 00 30 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 2d 00 43 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 34 00 36 00 7d 00 23 00 34 00 2e 00 30 00 23 00 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/dir |
| CLSID: | |
| File Type: | data |
| Stream Size: | 553 |
| Entropy: | 6.357006260243376 |
| Base64 Encoded: | True |
| Data ASCII: | . % . . . . . . . . 0 * . . . . p . . H . . . . d . . . . . . . V B A P r o j e c t . . 4 . . @ . . j . . . = . . . . r . . . . . . . . . S . i . . . . J < . . . . . r s t d o l e > . . . s . t . d . o . l . e . . . h . % . ^ . . * \\ G { 0 0 0 2 0 4 3 0 - . . . . . C . . . . . . 0 0 4 . 6 } # 2 . 0 # 0 . # C : \\ W i n d . o w s \\ S y s W O W 6 4 \\ . e 2 . . t l b # O L E . A u t o m a t i . o n . ` . . E O f f D i c E O . f . i . c E . . E . 2 D F 8 D 0 4 C . - 5 B F A - 1 0 1 B - B D E 5 E A A C 4 . 2 |
| Data Raw: | 01 25 b2 80 01 00 04 00 00 00 01 00 30 2a 02 02 90 09 00 70 14 06 48 03 00 82 02 00 64 e4 04 04 00 0a 00 1c 00 56 42 41 50 72 6f 6a 65 88 63 74 05 00 34 00 00 40 02 14 6a 06 02 0a 3d 02 0a 07 02 72 01 14 08 05 06 12 09 02 12 53 12 fa 69 08 94 00 0c 02 4a 3c 02 0a 16 00 01 72 80 73 74 64 6f 6c 65 3e 02 19 00 73 00 74 00 64 00 6f 00 80 6c 00 65 00 0d 00 68 00 25 02 5e 00 03 2a 5c 47 |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library NodeDownload Network PCAP: filtered – full
| Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-25T17:45:35.224449+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.12 | 49760 | 13.107.246.40 | 443 | TCP |
| 2025-03-25T17:45:47.588911+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.12 | 49762 | 13.107.246.40 | 443 | TCP |
| 2025-03-25T17:45:54.470701+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.12 | 49764 | 13.107.246.40 | 443 | TCP |
| 2025-03-25T17:45:54.479758+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.12 | 49763 | 13.107.246.40 | 443 | TCP |
- Total Packets: 432
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 25, 2025 17:45:19.612176895 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:19.612227917 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:19.612337112 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:19.612610102 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:19.612622023 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:19.990912914 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:19.991005898 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:19.995302916 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:19.995312929 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:19.995584965 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:19.999192953 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:19.999574900 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.040271044 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.374588966 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.374669075 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.374685049 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.374715090 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.385057926 CET | 49757 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.385086060 CET | 443 | 49757 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.386332035 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.386379004 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.386527061 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.386657953 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.386672974 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.763771057 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.763828993 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.764297962 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.764306068 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:20.764719963 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:20.764724970 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:21.330982924 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:21.331037998 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:21.331046104 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:21.331064939 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:21.331085920 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:21.331108093 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:21.331140041 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:21.331157923 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:21.333292007 CET | 49758 | 443 | 192.168.2.12 | 162.19.137.157 |
| Mar 25, 2025 17:45:21.333308935 CET | 443 | 49758 | 162.19.137.157 | 192.168.2.12 |
| Mar 25, 2025 17:45:34.905832052 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:34.905869007 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:34.905962944 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:34.906347990 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:34.906358957 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.224374056 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.224448919 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.225771904 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.225799084 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.226052046 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.227332115 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.272279978 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.563448906 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.563471079 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.563493967 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.563563108 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.563585043 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.563637018 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.627932072 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.627959967 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.628026962 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.628041029 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.628096104 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.727011919 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.727040052 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.727107048 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.727137089 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.727157116 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.727181911 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.834309101 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.834333897 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.834388018 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.834405899 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.834438086 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.834460020 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.934820890 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.934853077 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.934896946 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:35.934906960 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:35.934956074 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.077363014 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.077384949 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.077462912 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.077481985 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.077523947 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.176179886 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.176203012 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.176271915 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.176290989 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.176304102 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.176332951 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.300527096 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.300554991 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.300601006 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.300621986 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.300645113 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.300654888 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.434056997 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.434082985 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.434134960 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.434155941 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.434184074 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.434206009 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.620970964 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.621000051 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.621077061 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.621095896 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.621114016 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.621145010 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.719538927 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.719566107 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.719619989 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.719650984 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.719686985 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.719723940 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.881938934 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.881963015 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.882030964 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:36.882051945 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:36.882091045 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.032023907 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.032043934 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.032095909 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.032110929 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.032128096 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.032155037 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.238934040 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.238960981 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.239049911 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.239062071 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.239120007 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.375164032 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.375194073 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.375273943 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.375293016 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.375365019 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.526230097 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.526256084 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.526316881 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.526330948 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.526401997 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.692153931 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.692174911 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.692234039 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.692249060 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.692281008 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.692305088 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.871503115 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.871526957 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.871606112 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:37.871618986 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:37.871665001 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.003114939 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.003140926 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.003210068 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.003237009 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.003254890 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.003284931 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.168996096 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.169018984 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.169070959 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.169086933 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.169130087 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.169151068 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.279865980 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.279895067 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.280014038 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.280034065 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.280083895 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.516558886 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.516580105 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.516664982 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.516678095 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.516717911 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.516741991 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.619307041 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.619328976 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.619380951 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.619395018 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.619410038 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.619476080 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.793885946 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.793909073 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.793992996 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:38.794015884 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:38.794112921 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.020886898 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.020910978 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.020981073 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.021003962 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.021038055 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.021068096 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.119410992 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.119442940 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.119502068 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.119522095 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.119561911 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.119587898 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.318594933 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.318617105 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.318696022 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.318727016 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.318768978 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.318792105 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.452342987 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.452364922 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.452425957 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.452454090 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.452476025 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.452600956 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.746727943 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.746737957 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.746773005 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.746825933 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.746854067 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.746875048 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.746922970 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.846683979 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.846705914 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.846757889 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.846779108 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:39.846810102 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:39.846831083 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.076456070 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.076467991 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.076530933 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.076545000 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.076560974 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.076622963 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.260629892 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.260672092 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.260716915 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.260732889 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.260746956 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.260951042 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.432657003 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.432691097 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.432749033 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.432770967 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.432800055 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.432820082 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.585591078 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.585611105 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.585679054 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.585699081 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.585745096 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.729650974 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.729671955 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.729726076 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.729744911 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.729777098 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.729793072 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.864077091 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.864099026 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.864192963 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:40.864211082 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:40.864305973 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.028779030 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.028800011 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.028855085 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.028882980 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.028898001 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.028924942 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.138019085 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.138039112 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.138101101 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.138118029 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.138133049 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.138163090 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.282130957 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.282161951 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.282222986 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.282242060 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.282267094 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.282308102 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.440462112 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.440485954 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.440552950 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.440571070 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.440609932 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.440637112 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.632695913 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.632721901 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.632776022 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.632795095 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.632836103 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.632855892 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.924293041 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.924314022 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.924398899 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:41.924423933 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.924446106 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:41.924617052 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:42.248923063 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.248939037 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.248982906 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.249018908 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:42.249043941 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.249061108 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:42.249084949 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:42.660552025 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.660563946 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.660587072 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.660634041 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:42.660649061 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:42.660691977 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.312515020 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.312527895 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.312556028 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.312613010 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.312629938 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.312676907 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.623402119 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.623420954 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.623455048 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.623496056 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.623516083 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.623529911 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.623554945 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.932467937 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.932481050 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.932507038 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.932535887 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.932548046 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:43.932569981 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:43.932586908 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.131361008 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.131390095 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.131439924 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.131465912 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.131520987 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.131551027 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.381737947 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.381748915 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.381784916 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.381947041 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.381947041 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.381973982 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.382016897 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.685007095 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.685039997 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.685086012 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.685089111 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.685153008 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:44.685164928 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:44.685208082 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:45.114480972 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.114497900 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.114521980 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.114563942 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:45.114584923 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.114624023 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:45.114634037 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:45.710305929 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.710350990 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.710406065 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.710417032 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:45.710501909 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.710544109 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:45.710561037 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:45.710663080 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:46.363329887 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.363343954 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.363370895 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.363425016 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:46.363481045 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.363518000 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:46.363549948 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:46.946069002 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.946103096 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.946156025 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.946239948 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:46.946320057 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:46.946362972 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:46.946387053 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.272839069 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.272886992 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.272991896 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.273312092 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.273323059 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.367984056 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.367996931 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.368031025 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.368067026 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.368098021 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.368117094 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.368139029 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.588838100 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.588911057 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.590270996 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.590281010 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.590565920 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.591937065 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.632280111 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.669491053 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.669506073 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.669548988 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.669574976 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.669595003 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.669634104 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.669651031 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.895979881 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.896003008 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.896018982 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.896076918 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.896091938 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.896135092 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.933764935 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.933784008 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.933846951 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:47.933856010 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:47.933907032 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.068766117 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.068780899 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.068804979 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.068837881 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.068854094 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.068888903 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.068908930 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.110815048 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.110836029 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.110881090 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.110896111 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.110919952 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.110943079 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.122225046 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.122240067 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.122288942 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.122308969 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.122315884 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.122349024 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.122394085 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.127634048 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.127648115 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.127706051 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.127715111 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.155081987 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.155101061 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.155147076 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.155158997 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.155190945 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.203598022 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.315371037 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.315427065 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.315460920 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.315475941 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.315519094 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.315546036 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.315587044 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.315612078 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.315618038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.315640926 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.315661907 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.326303959 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.326318979 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.326416016 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.326422930 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.326435089 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.326525927 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.354386091 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.354403973 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.354477882 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.354490042 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.354531050 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.425359011 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.425378084 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.425568104 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.425595045 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.425651073 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.515212059 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.515249014 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.515311003 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.515330076 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.515393972 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.515393972 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.569039106 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.569053888 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.569082022 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.569134951 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.569161892 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.569197893 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.569217920 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.645955086 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.645975113 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.646068096 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.646079063 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.646133900 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.646135092 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.659780979 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.659801960 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.659889936 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.659895897 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.659997940 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.660279989 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.758774996 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.758815050 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.758905888 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.758905888 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.758924007 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.760039091 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.767220974 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.767245054 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.767292976 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.767330885 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.767364025 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.767899036 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.857839108 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.857877970 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.857949018 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.857949018 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.857968092 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.858082056 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.951211929 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.951239109 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.951334000 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.951334000 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.951349020 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.951505899 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.978868961 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.978882074 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.978955984 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.978964090 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.979008913 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:48.979043961 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:48.979065895 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.044735909 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.044768095 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.044845104 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.044845104 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.044857025 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.045243979 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.118350029 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.118386030 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.118427038 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.118446112 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.118463039 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.118484020 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.164644003 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.164674997 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.164752960 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.164805889 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.164849043 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.165062904 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.271678925 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.271713018 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.271831036 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.271831036 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.271845102 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.272135973 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.371880054 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.371910095 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.371980906 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.372054100 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.372098923 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.372123957 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.406832933 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.406872988 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.406927109 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.406944036 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.407068968 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.407068968 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.507906914 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.507935047 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.508069038 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.508138895 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.508198977 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.525254965 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.525286913 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.525388002 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.525388002 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.525402069 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.525917053 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.706542969 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.706569910 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.706624985 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.706690073 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.706722975 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.706939936 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.722467899 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.722496986 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.722549915 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.722563028 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.722590923 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.722675085 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.870018005 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.870073080 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.870126009 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.870172024 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:49.870204926 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:49.870234966 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.012646914 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.012680054 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.012728930 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.012743950 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.012789011 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.015687943 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.015741110 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.015803099 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.015876055 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.015913010 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.016071081 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.178164959 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.178194046 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.178277969 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.178347111 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.178386927 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.178409100 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.200011969 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.200099945 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.200301886 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.200301886 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.200301886 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.200360060 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.291091919 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.291125059 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.291169882 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.291188002 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.291201115 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.291228056 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.438030005 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.438097954 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.589973927 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.590004921 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.590045929 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.590059042 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.590085983 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.590106010 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.851852894 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.851870060 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.851927996 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.851948977 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.851990938 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:50.852024078 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:50.852042913 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.220201015 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.220218897 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.220249891 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.220294952 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.220313072 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.220338106 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.220361948 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.404309988 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.404341936 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.404392004 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.404402971 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.404439926 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.404464006 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.700479031 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.700494051 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.700531006 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.700706959 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.700706959 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:51.700735092 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:51.701821089 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.001880884 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.001897097 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.001944065 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.002017975 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.002017975 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.002036095 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.004277945 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.295314074 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.295329094 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.295406103 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.295484066 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.295484066 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.295504093 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.295860052 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.535087109 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.535101891 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.535140038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.535197020 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.535219908 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.535231113 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.535351038 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.839725971 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.839742899 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.839783907 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.839812040 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.839826107 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:52.839873075 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:52.839893103 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.053337097 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.053352118 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.053391933 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.053399086 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.053416967 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.053438902 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.053457022 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.258759022 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.258786917 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.258848906 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.258861065 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.258877993 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.258919001 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.497565031 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.497580051 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.497637033 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.497654915 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.497667074 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.497693062 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.497709990 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.634251118 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.634279013 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.634382963 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.634393930 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.634442091 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.809351921 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.809380054 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.809453011 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.809473038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.809489012 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.809631109 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.956407070 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.956435919 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.956608057 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:53.956624985 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:53.956727028 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.171070099 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.171070099 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.171120882 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.171134949 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.171251059 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.171251059 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.171416044 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.171428919 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.171502113 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.171514034 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.219856977 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.219872952 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.219908953 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.220010042 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.220010042 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.220025063 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.220098019 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.314481974 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.314517975 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.314635992 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.314635992 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.314646959 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.314981937 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.469280005 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.470700979 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.470700979 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.470719099 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.470727921 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.479041100 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.479758024 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.479774952 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.480214119 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.480223894 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.521292925 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.521306992 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.521348953 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.521384954 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.521401882 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.521452904 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.521452904 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.664482117 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.664522886 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.664624929 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.664625883 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.664640903 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.664684057 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.665904045 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.666068077 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.666296959 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.666562080 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.666577101 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.666608095 CET | 49764 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.666615009 CET | 443 | 49764 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.677736044 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.677761078 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.677812099 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.677829981 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.678205967 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.678220987 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.678378105 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.678410053 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.678442955 CET | 443 | 49763 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.678839922 CET | 49763 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.843915939 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.843947887 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.844021082 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:54.844034910 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:54.844777107 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.285442114 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.285460949 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.285482883 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.285531044 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.285551071 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.285597086 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.285597086 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.406073093 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.406109095 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.406137943 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.406224966 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.406238079 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.406299114 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.686840057 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.686856031 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.686923027 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.686947107 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.687015057 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.963499069 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.963519096 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.963541031 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.963582039 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.963607073 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:55.963654995 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:55.963654995 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.380564928 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.380585909 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.380626917 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.380635023 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.380656958 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.380682945 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.380682945 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.380747080 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.675570965 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.675590038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.675631046 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.675705910 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.675705910 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.675726891 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.675798893 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.938683987 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.938703060 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.938827038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.938873053 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.938891888 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:56.939069033 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:56.939069033 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.270216942 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.270239115 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.270303965 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.270345926 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.270410061 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.270421982 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.270431995 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.270525932 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.622759104 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.622781038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.622803926 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.622860909 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.622891903 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.622936010 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.623007059 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.887550116 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.887574911 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.887639046 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.887655973 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.887708902 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:57.887725115 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:57.887783051 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.145179033 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.145200968 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.145227909 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.145256996 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.145271063 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.145323992 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.419320107 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.419341087 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.419367075 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.419395924 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.419414997 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.419444084 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.419461012 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.633732080 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.633754969 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.633780003 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.633830070 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.633851051 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.633867979 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.634078979 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.833014965 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.833081007 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.833156109 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.833157063 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.833194017 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.833775997 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.994596958 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.994672060 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.994761944 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.994761944 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:58.994791985 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:58.995227098 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.167294025 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.167326927 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.167484999 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.167484999 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.167504072 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.171231031 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.319859028 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.319888115 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.319982052 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.319993973 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.320118904 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.456363916 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.456396103 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.456463099 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.456480026 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.456532001 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.456532001 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.615428925 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.615458012 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.615509987 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.615525961 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.615912914 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.936036110 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.936053038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.936093092 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.936275005 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:45:59.936292887 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:45:59.936578035 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:00.717847109 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:00.717863083 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:00.717899084 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:00.717951059 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:00.717963934 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:00.718022108 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:00.718966961 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.171994925 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.172010899 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.172159910 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.172209024 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.172228098 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.172310114 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.172310114 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.573712111 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.573729038 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.573770046 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.573894024 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.573894024 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.573910952 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Mar 25, 2025 17:46:01.574182987 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.574182987 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.574182987 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.875452042 CET | 49762 | 443 | 192.168.2.12 | 13.107.246.40 |
| Mar 25, 2025 17:46:01.875489950 CET | 443 | 49762 | 13.107.246.40 | 192.168.2.12 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 25, 2025 17:44:50.239650011 CET | 57960 | 53 | 192.168.2.12 | 1.1.1.1 |
| Mar 25, 2025 17:44:50.387264013 CET | 53 | 57960 | 1.1.1.1 | 192.168.2.12 |
| Mar 25, 2025 17:45:19.454612017 CET | 62972 | 53 | 192.168.2.12 | 1.1.1.1 |
| Mar 25, 2025 17:45:19.610821009 CET | 53 | 62972 | 1.1.1.1 | 192.168.2.12 |
| Mar 25, 2025 17:45:34.780280113 CET | 65459 | 53 | 192.168.2.12 | 1.1.1.1 |
| Mar 25, 2025 17:45:34.904680967 CET | 53 | 65459 | 1.1.1.1 | 192.168.2.12 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Mar 25, 2025 17:44:50.239650011 CET | 192.168.2.12 | 1.1.1.1 | 0x2b21 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 25, 2025 17:45:19.454612017 CET | 192.168.2.12 | 1.1.1.1 | 0x3f27 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 25, 2025 17:45:34.780280113 CET | 192.168.2.12 | 1.1.1.1 | 0x3597 | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Mar 25, 2025 17:44:29.987071037 CET | 1.1.1.1 | 192.168.2.12 | 0xca3 | No error (0) | s-0005.dual-s-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:29.987071037 CET | 1.1.1.1 | 192.168.2.12 | 0xca3 | No error (0) | 52.123.129.14 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:29.987071037 CET | 1.1.1.1 | 192.168.2.12 | 0xca3 | No error (0) | 52.123.128.14 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.17 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.27 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.23 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.19 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.29 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.31 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.21 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:30.520709038 CET | 1.1.1.1 | 192.168.2.12 | 0x783b | No error (0) | 208.89.73.25 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:50.387264013 CET | 1.1.1.1 | 192.168.2.12 | 0x2b21 | No error (0) | otelrules-bzhndjfje8dvh5fd.z01.azurefd.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:50.387264013 CET | 1.1.1.1 | 192.168.2.12 | 0x2b21 | No error (0) | star-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:50.387264013 CET | 1.1.1.1 | 192.168.2.12 | 0x2b21 | No error (0) | shed.dual-low.s-part-0010.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:50.387264013 CET | 1.1.1.1 | 192.168.2.12 | 0x2b21 | No error (0) | s-part-0010.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:44:50.387264013 CET | 1.1.1.1 | 192.168.2.12 | 0x2b21 | No error (0) | 13.107.246.38 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:45:19.610821009 CET | 1.1.1.1 | 192.168.2.12 | 0x3f27 | No error (0) | host1.emobility.energy | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:45:19.610821009 CET | 1.1.1.1 | 192.168.2.12 | 0x3f27 | No error (0) | 162.19.137.157 | A (IP address) | IN (0x0001) | false | ||
| Mar 25, 2025 17:45:34.904680967 CET | 1.1.1.1 | 192.168.2.12 | 0x3597 | No error (0) | otelrules-bzhndjfje8dvh5fd.z01.azurefd.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:45:34.904680967 CET | 1.1.1.1 | 192.168.2.12 | 0x3597 | No error (0) | star-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:45:34.904680967 CET | 1.1.1.1 | 192.168.2.12 | 0x3597 | No error (0) | shed.dual-low.s-part-0012.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:45:34.904680967 CET | 1.1.1.1 | 192.168.2.12 | 0x3597 | No error (0) | s-part-0012.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 25, 2025 17:45:34.904680967 CET | 1.1.1.1 | 192.168.2.12 | 0x3597 | No error (0) | 13.107.246.40 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.12 | 49757 | 162.19.137.157 | 443 | 6800 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-25 16:45:19 UTC | 202 | OUT | |
| 2025-03-25 16:45:20 UTC | 539 | IN | |
| 2025-03-25 16:45:20 UTC | 38 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.12 | 49758 | 162.19.137.157 | 443 | 6800 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-25 16:45:20 UTC | 199 | OUT | |
| 2025-03-25 16:45:21 UTC | 590 | IN | |
| 2025-03-25 16:45:21 UTC | 4645 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.12 | 49760 | 13.107.246.40 | 443 | 6800 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-25 16:45:35 UTC | 226 | OUT | |
| 2025-03-25 16:45:35 UTC | 493 | IN | |
| 2025-03-25 16:45:35 UTC | 15891 | IN | |
| 2025-03-25 16:45:35 UTC | 16384 | IN | |
| 2025-03-25 16:45:35 UTC | 16384 | IN | |
| 2025-03-25 16:45:35 UTC | 16384 | IN | |
| 2025-03-25 16:45:35 UTC | 16384 | IN | |
| 2025-03-25 16:45:36 UTC | 16384 | IN | |
| 2025-03-25 16:45:36 UTC | 16384 | IN | |
| 2025-03-25 16:45:36 UTC | 16384 | IN | |
| 2025-03-25 16:45:36 UTC | 16384 | IN | |
| 2025-03-25 16:45:36 UTC | 16384 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.12 | 49762 | 13.107.246.40 | 443 | 6096 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-25 16:45:47 UTC | 226 | OUT | |
| 2025-03-25 16:45:47 UTC | 493 | IN | |
| 2025-03-25 16:45:47 UTC | 15891 | IN | |
| 2025-03-25 16:45:47 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN | |
| 2025-03-25 16:45:48 UTC | 16384 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.12 | 49764 | 13.107.246.40 | 443 | 6800 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-25 16:45:54 UTC | 214 | OUT | |
| 2025-03-25 16:45:54 UTC | 470 | IN | |
| 2025-03-25 16:45:54 UTC | 204 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.12 | 49763 | 13.107.246.40 | 443 | 6800 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-25 16:45:54 UTC | 214 | OUT | |
| 2025-03-25 16:45:54 UTC | 515 | IN | |
| 2025-03-25 16:45:54 UTC | 2128 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 12:44:24 |
| Start date: | 25/03/2025 |
| Path: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x560000 |
| File size: | 53'161'064 bytes |
| MD5 hash: | 4A871771235598812032C822E6F68F19 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 6 |
| Start time: | 12:45:27 |
| Start date: | 25/03/2025 |
| Path: | C:\Windows\splwow64.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6c3730000 |
| File size: | 163'840 bytes |
| MD5 hash: | 77DE7761B037061C7C112FD3C5B91E73 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 8 |
| Start time: | 12:45:41 |
| Start date: | 25/03/2025 |
| Path: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x560000 |
| File size: | 53'161'064 bytes |
| MD5 hash: | 4A871771235598812032C822E6F68F19 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
Call Graph
Graph
Hide Legend
- Entrypoint
- Decryption Function
- Executed
- Not Executed
- Show Help
Module: Sheet1
Declaration
| Line | Content |
|---|---|
| 1 | Attribute VB_Name = "Sheet1" |
| 2 | Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}" |
| 3 | Attribute VB_GlobalNameSpace = False |
| 4 | Attribute VB_Creatable = False |
| 5 | Attribute VB_PredeclaredId = True |
| 6 | Attribute VB_Exposed = True |
| 7 | Attribute VB_TemplateDerived = False |
| 8 | Attribute VB_Customizable = True |
Module: Sheet2
Declaration
| Line | Content |
|---|---|
| 1 | Attribute VB_Name = "Sheet2" |
| 2 | Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}" |
| 3 | Attribute VB_GlobalNameSpace = False |
| 4 | Attribute VB_Creatable = False |
| 5 | Attribute VB_PredeclaredId = True |
| 6 | Attribute VB_Exposed = True |
| 7 | Attribute VB_TemplateDerived = False |
| 8 | Attribute VB_Customizable = True |
Module: Sheet3
Declaration
| Line | Content |
|---|---|
| 1 | Attribute VB_Name = "Sheet3" |
| 2 | Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}" |
| 3 | Attribute VB_GlobalNameSpace = False |
| 4 | Attribute VB_Creatable = False |
| 5 | Attribute VB_PredeclaredId = True |
| 6 | Attribute VB_Exposed = True |
| 7 | Attribute VB_TemplateDerived = False |
| 8 | Attribute VB_Customizable = True |
Module: ThisWorkbook
Declaration
| Line | Content |
|---|---|
| 1 | Attribute VB_Name = "ThisWorkbook" |
| 2 | Attribute VB_Base = "0{00020819-0000-0000-C000-000000000046}" |
| 3 | Attribute VB_GlobalNameSpace = False |
| 4 | Attribute VB_Creatable = False |
| 5 | Attribute VB_PredeclaredId = True |
| 6 | Attribute VB_Exposed = True |
| 7 | Attribute VB_TemplateDerived = False |
| 8 | Attribute VB_Customizable = True |
