Edit tour
Windows
Analysis Report
https://tinyurl.com/2abosd8k
Overview
General Information
| Sample URL: | https://tinyurl.com/2abosd8k |
| Analysis ID: | 854202 |
| Infos: | |
 | |
Detection
| Score: | 64 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Snort IDS alert for network traffic
Uses cmd line tools excessively to alter registry or file data
Contains functionality to log keystrokes (.Net Source)
Uses shutdown.exe to shutdown or reboot the system
.NET source code contains potential unpacker
Queries the volume information (name, serial number etc) of a device
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Deletes files inside the Windows folder
May sleep (evasive loops) to hinder dynamic analysis
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Uses code obfuscation techniques (call, push, ret)
Creates files inside the system directory
PE file contains sections with non-standard names
Detected potential crypto function
Found potential string decryption / allocating functions
Sample execution stops while process was sleeping (likely an evasion)
Contains functionality to dynamically determine API calls
Found dropped PE file which has not been started or loaded
Uses insecure TLS / SSL version for HTTPS connection
Searches for user specific document files
Contains long sleeps (>= 3 min)
Creates a DirectInput object (often for capturing keystrokes)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Drops PE files
Tries to load missing DLLs
Drops PE files to the windows directory (C:\Windows)
Binary contains a suspicious time stamp
Uses reg.exe to modify the Windows registry
Checks for available system drives (often done to infect USB drives)
Found large amount of non-executed APIs
Creates a process in suspended mode (likely to inject code)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Classification
- System is w10x64
cmd.exe (PID: 1396 cmdline: C:\Windows \system32\ cmd.exe /c wget -t 2 -v -T 60 -P "C:\Use rs\user\De sktop\down load" --no -check-cer tificate - -content-d isposition --user-ag ent="Mozil la/5.0 (Wi ndows NT 6 .1; WOW64; Trident/7 .0; AS; rv :11.0) lik e Gecko" " https://ti nyurl.com/ 2abosd8k" > cmdline. out 2>&1 MD5: F3BDBE3BB6F734E357235F4D5898582D) - conhost.exe (PID: 6952 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) 
wget.exe (PID: 6876 cmdline: wget -t 2 -v -T 60 - P "C:\User s\user\Des ktop\downl oad" --no- check-cert ificate -- content-di sposition --user-age nt="Mozill a/5.0 (Win dows NT 6. 1; WOW64; Trident/7. 0; AS; rv: 11.0) like Gecko" "h ttps://tin yurl.com/2 abosd8k" MD5: 3DADB6E2ECE9C4B3E1E322E617658B60)
chrome.exe (PID: 6996 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t C:\Users \user\Desk top\downlo ad\empresa 01.html MD5: 0FEC2748F363150DC54C1CAFFB1A9408) - chrome.exe (PID: 7056 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1764 --fi eld-trial- handle=181 6,i,426070 2216927358 363,702354 1832913782 999,131072 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionTarget Prediction /prefetch :8 MD5: 0FEC2748F363150DC54C1CAFFB1A9408) - unarchiver.exe (PID: 8128 cmdline:
C:\Windows \SysWOW64\ unarchiver .exe" "C:\ Users\user \Downloads \Or amento - Pedido segunda-fe ira, 24 de abril de 2023F1nKhT NeGq3kSwMt zuiK.zip MD5: 16FF3CC6CC330A08EED70CBC1D35F5D2) - 7za.exe (PID: 8152 cmdline:
C:\Windows \System32\ 7za.exe" x -pinfecte d -y -o"C: \Users\use r\AppData\ Local\Temp \mzgml0ot. pkx" "C:\U sers\user\ Downloads\ Or amento - Pedido s egunda-fei ra, 24 de abril de 2 023F1nKhTN eGq3kSwMtz uiK.zip MD5: 77E556CDFDC5C592F5C46DB4127C6F4C) - conhost.exe (PID: 8172 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - cmd.exe (PID: 4692 cmdline:
cmd.exe" / C "C:\User s\user\App Data\Local \Temp\mzgm l0ot.pkx\M Contrato UK .msi MD5: F3BDBE3BB6F734E357235F4D5898582D) - conhost.exe (PID: 3536 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) 
msiexec.exe (PID: 7084 cmdline: "C:\Window s\System32 \msiexec.e xe" /i "C: \Users\use r\AppData\ Local\Temp \mzgml0ot. pkx\M Cont rato UK .m si" MD5: 12C17B5A5C2A7B97342C362CA467E9A2)
- msiexec.exe (PID: 6636 cmdline:
C:\Windows \system32\ msiexec.ex e /V MD5: 4767B71A318E201188A0D0A420C8B608) - msiexec.exe (PID: 7112 cmdline:
C:\Windows \syswow64\ MsiExec.ex e -Embeddi ng 497B8A5 4F042C6247 6132993137 8FB15 MD5: 12C17B5A5C2A7B97342C362CA467E9A2) - cmd.exe (PID: 7664 cmdline:
C:\Windows \System32\ cmd.exe" / C start /M IN reg add HKCU\SOFT WARE\Micro soft\Windo ws\Current Version\Ru n /v tqVXf ZhGNW /t r eg_sz /d " """C:\User s\Public\D ocuments\t qVXfZhGNW\ openshot-q t.exe"" MD5: F3BDBE3BB6F734E357235F4D5898582D) - conhost.exe (PID: 7844 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - reg.exe (PID: 7176 cmdline:
reg add HK CU\SOFTWAR E\Microsof t\Windows\ CurrentVer sion\Run / v tqVXfZhG NW /t reg_ sz /d """" C:\Users\P ublic\Docu ments\tqVX fZhGNW\ope nshot-qt.e xe""" MD5: CEE2A7E57DF2A159A065A34913A055C2) - conhost.exe (PID: 7296 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - cmd.exe (PID: 7752 cmdline:
"C:\Window s\System32 \cmd.exe" /C shutdow n -r -f -t 60 MD5: F3BDBE3BB6F734E357235F4D5898582D) - conhost.exe (PID: 3808 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - shutdown.exe (PID: 5068 cmdline:
shutdown - r -f -t 60 MD5: E2EB9CC0FE26E28406FB6F82F8E81B26) - cmd.exe (PID: 1848 cmdline:
"C:\Window s\system32 \cmd.exe" /c shutdow n /r /t 1 /f MD5: F3BDBE3BB6F734E357235F4D5898582D) - conhost.exe (PID: 7060 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496) - shutdown.exe (PID: 4984 cmdline:
shutdown / r /t 1 /f MD5: E2EB9CC0FE26E28406FB6F82F8E81B26)
openshot-qt.exe (PID: 6880 cmdline: "C:\Users\ Public\Doc uments\tqV XfZhGNW\op enshot-qt. exe" MD5: 29C35D09065CC6A59E2C5C88175C91ED)
- openshot-qt.exe (PID: 5508 cmdline:
"C:\Users\ Public\Doc uments\tqV XfZhGNW\op enshot-qt. exe" MD5: 29C35D09065CC6A59E2C5C88175C91ED)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
| Timestamp: | 192.168.2.354.204.22.19849716802849813 04/26/23-09:01:40.583092 |
| SID: | 2849813 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.354.204.22.19849716802849814 04/26/23-09:01:40.583092 |
| SID: | 2849814 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
| Source: | HTTPS traffic detected: | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Directory created: | Jump to behavior | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
Networking |   |
|---|
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
Key, Mouse, Clipboard, Microphone and Screen Capturing | |
|---|
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | Binary or memory string: | ||
System Summary | |
|---|
| Source: | Process created: | ||
| Source: | File deleted: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Code function: | 32_2_00305C70 | |
| Source: | Code function: | 32_2_003048C0 | |
| Source: | Code function: | 32_2_06FD0AFC | |
| Source: | Code function: | 32_2_06FD07E8 | |
| Source: | Code function: | 32_2_06FD3D11 | |
| Source: | Code function: | 32_2_06FD8A90 | |
| Source: | Code function: | 32_2_06FD2048 | |
| Source: | Code function: | 33_2_031F06A0 | |
| Source: | Code function: | 33_2_031F0692 | |
| Source: | Code function: | 33_2_031FAB51 | |
| Source: | Code function: | 33_2_031FAB60 | |
| Source: | Code function: | 33_2_031FF2D8 | |
| Source: | Code function: | 33_2_031FF2CA | |
| Source: | Code function: | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Process created: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Key value queried: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Binary string: | ||
| Source: | Classification label: | ||
| Source: | File read: | Jump to behavior | ||
| Source: | Security API names: | ||
| Source: | Security API names: | ||
| Source: | Security API names: | ||
| Source: | Security API names: | ||
| Source: | Security API names: | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | |||
| Source: | Section loaded: | |||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File written: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | File read: | |||
| Source: | File read: | |||
| Source: | Window detected: | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | Directory created: | Jump to behavior | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
Data Obfuscation | |
|---|
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | .Net Code: | ||
| Source: | Code function: | 2_2_00B90971 | |
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Code function: | 32_2_003014F0 | |
| Source: | Static PE information: | ||
Persistence and Installation Behavior | |
|---|
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | Registry value created or modified: | Jump to behavior | ||
| Source: | Registry value created or modified: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Process information set: | |||
| Source: | Thread sleep count: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | |||
| Source: | Thread sleep time: | |||
| Source: | Thread sleep time: | |||
| Source: | Thread sleep count: | |||
| Source: | Thread sleep count: | |||
| Source: | Thread sleep time: | |||
| Source: | Thread sleep time: | |||
| Source: | Thread sleep time: | |||
| Source: | Thread sleep count: | |||
| Source: | Last function: | ||
| Source: | Last function: | ||
| Source: | Last function: | ||
| Source: | Last function: | ||
| Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
| Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
| Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
| Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
| Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
| Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | |||
| Source: | Thread delayed: | |||
| Source: | Window / User API: | ||
| Source: | Window / User API: | ||
| Source: | API coverage: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | Process information queried: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | |||
| Source: | Thread delayed: | |||
| Source: | Thread delayed: | |||
| Source: | Thread delayed: | |||
| Source: | Thread delayed: | |||
| Source: | Thread delayed: | |||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | File Volume queried: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 32_2_003014F0 | |
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Code function: | 32_2_0030117C | |
| Source: | Code function: | 32_2_00301170 | |
| Source: | Code function: | 32_2_003011B3 | |
| Source: | Process created: | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | |||
| Source: | Queries volume information: | |||
| Source: | Queries volume information: | |||
| Source: | Queries volume information: | |||
| Source: | Queries volume information: | |||
| Source: | Queries volume information: | |||
| Source: | Queries volume information: | |||
| Source: | Queries volume information: | |||
| Source: | Key value queried: | Jump to behavior | ||
| Source: | WMI Queries: | ||
| Source: | Directory queried: | Jump to behavior | ||
| Source: | Directory queried: | Jump to behavior | ||
| Source: | Directory queried: | Jump to behavior | ||
| Source: | Directory queried: | Jump to behavior | ||
| Source: | Directory queried: | Jump to behavior | ||
| Source: | Directory queried: | Jump to behavior | ||
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 Replication Through Removable Media | 3 Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Disable or Modify Tools | 11 Input Capture | 11 Peripheral Device Discovery | 1 Replication Through Removable Media | 1 Archive Collected Data | Exfiltration Over Other Network Medium | 1 Ingress Tool Transfer | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | 1 System Shutdown/Reboot |
| Default Accounts | 1 Native API | 1 Registry Run Keys / Startup Folder | 12 Process Injection | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 12 File and Directory Discovery | Remote Desktop Protocol | 1 Data from Local System | Exfiltration Over Bluetooth | 11 Encrypted Channel | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
| Domain Accounts | 11 Command and Scripting Interpreter | Logon Script (Windows) | 1 Registry Run Keys / Startup Folder | 2 Obfuscated Files or Information | Security Account Manager | 33 System Information Discovery | SMB/Windows Admin Shares | 11 Input Capture | Automated Exfiltration | 3 Non-Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
| Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | 1 Software Packing | NTDS | 21 Security Software Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | 4 Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud | |
| Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 1 Timestomp | LSA Secrets | 2 Process Discovery | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
| Replication Through Removable Media | Launchd | Rc.common | Rc.common | 1 DLL Side-Loading | Cached Domain Credentials | 31 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
| External Remote Services | Scheduled Task | Startup Items | Startup Items | 1 File Deletion | DCSync | 1 Application Window Discovery | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
| Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | 23 Masquerading | Proc Filesystem | 1 Remote System Discovery | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue | |
| Exploit Public-Facing Application | PowerShell | At (Linux) | At (Linux) | 1 Modify Registry | /etc/passwd and /etc/shadow | System Network Connections Discovery | Software Deployment Tools | Data Staged | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | Web Protocols | Rogue Cellular Base Station | Data Destruction | |
| Supply Chain Compromise | AppleScript | At (Windows) | At (Windows) | 31 Virtualization/Sandbox Evasion | Network Sniffing | Process Discovery | Taint Shared Content | Local Data Staging | Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol | File Transfer Protocols | Data Encrypted for Impact | ||
| Compromise Software Dependencies and Development Tools | Windows Command Shell | Cron | Cron | 12 Process Injection | Input Capture | Permission Groups Discovery | Replication Through Removable Media | Remote Data Staging | Exfiltration Over Physical Medium | Mail Protocols | Service Stop |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe |
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs | |||
| 0% | ReversingLabs |
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | URL Reputation | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| tinyurl.com | 172.67.1.225 | true | false | high | |
| img001.prntscr.com | 104.23.139.12 | true | false | high | |
| collect.installeranalytics.com | 54.204.22.198 | true | false | high | |
| accounts.google.com | 142.250.203.109 | true | false | high | |
| cdnjs.cloudflare.com | 104.17.25.14 | true | false | high | |
| bit.ly | 67.199.248.11 | true | false | high | |
| contratoempresarial.s3.ir-tbz-sh1.arvanstorage.ir | 185.143.234.120 | true | false | unknown | |
| empresas01.page.link | 172.217.168.65 | true | false | unknown | |
| i1.wp.com | 192.0.77.2 | true | false | high | |
| clients.l.google.com | 142.250.203.110 | true | false | high | |
| mondialarqcondicetchat.com | 5.181.156.27 | true | false | unknown | |
| clients2.google.com | unknown | unknown | false | high | |
| amxx1515cabreun23.asxo | unknown | unknown | false | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | high | ||
| false |
| unknown | |
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false |
| unknown | |
| false |
| unknown | |
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false | high |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false |
| low | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| low | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| low | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false |
| low | ||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 104.23.139.12 | img001.prntscr.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 172.67.1.225 | tinyurl.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 142.250.203.110 | clients.l.google.com | United States | 15169 | GOOGLEUS | false | |
| 192.0.77.2 | i1.wp.com | United States | 2635 | AUTOMATTICUS | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 54.204.22.198 | collect.installeranalytics.com | United States | 14618 | AMAZON-AESUS | false | |
| 172.217.168.65 | empresas01.page.link | United States | 15169 | GOOGLEUS | false | |
| 185.143.234.120 | contratoempresarial.s3.ir-tbz-sh1.arvanstorage.ir | Iran (ISLAMIC Republic Of) | 202468 | ABRARVAN-ASAbrArvanCDNandIaaSIR | false | |
| 104.17.25.14 | cdnjs.cloudflare.com | United States | 13335 | CLOUDFLARENETUS | false | |
| 67.199.248.11 | bit.ly | United States | 396982 | GOOGLE-PRIVATE-CLOUDUS | false | |
| 5.181.156.27 | mondialarqcondicetchat.com | Moldova Republic of | 39798 | MIVOCLOUDMD | false | |
| 142.250.203.109 | accounts.google.com | United States | 15169 | GOOGLEUS | false |
| IP |
|---|
| 192.168.2.1 |
| 192.168.2.23 |
| Joe Sandbox Version: | 37.0.0 Beryl |
| Analysis ID: | 854202 |
| Start date and time: | 2023-04-26 08:59:14 +02:00 |
| Joe Sandbox Product: | CloudBasic |
| Overall analysis duration: | 0h 13m 6s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | urldownload.jbs |
| Sample URL: | https://tinyurl.com/2abosd8k |
| Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
| Number of analysed new started processes analysed: | 36 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Detection: | MAL |
| Classification: | mal64.rans.spyw.evad.win@60/48@12/14 |
| EGA Information: |
|
| HDC Information: |
|
| HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.203.99, 34.104.35.123, 216.58.215.234, 172.217.168.10, 172.217.168.42, 172.217.168.74, 142.250.203.106
- Excluded domains from analysis (whitelisted): fs.microsoft.com, edgedl.me.gvt1.com, update.googleapis.com, clientservices.googleapis.com, firebasestorage.googleapis.com
- Execution Graph export aborted for target unarchiver.exe, PID 8128 because it is empty
- Execution Graph export aborted for target wget.exe, PID 6876 because there are no executed function
- Not all processes where analyzed, report is missing behavior information
- Report creation exceeded maximum time and may have missing disassembly code information.
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtWriteVirtualMemory calls found.
| Time | Type | Description |
|---|---|---|
| 09:00:42 | API Interceptor | |
| 09:01:21 | Autostart | |
| 09:01:30 | Autostart | |
| 09:01:35 | API Interceptor |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1164 |
| Entropy (8bit): | 5.703231005533959 |
| Encrypted: | false |
| SSDEEP: | 12:Eg+gdR472NaXvl/Sft2zWotHzPSW/QZoTmuwrapU/bH2CYDhiDmuNQwWJiIZdHXn:2gd277vz6SzSenrpU/PYDhiSuNToic1n |
| MD5: | 32A8F208F73D03EC10F0C38B8CA8C196 |
| SHA1: | A7DC37334A5840EBF33D7A810C3F948547EB2AC5 |
| SHA-256: | 6D048E533EEC388F50E24A20ED6142D0D56AE4CF5E9E8590C014D9ACB301216B |
| SHA-512: | 7130B2DB94628B3ED0B71776EC5513B29DB466C51B591EB662EA6097D66D46D91D34486E3CFAB253B9EE66DECCCB7FD05A5546FC11F019D4C67484DD8AEE5855 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 541184 |
| Entropy (8bit): | 4.801843571739515 |
| Encrypted: | false |
| SSDEEP: | 6144:NQqqqX4CAmjqqqXP8zv3NFAcXZoZNUa5z6HVUPZOtOy+AYDLQ7:NQqqqXjjqqqXP8LLATCldoy+ |
| MD5: | DBF22A3E828A8797B8F4D3E6DF72B695 |
| SHA1: | E8B26E163A11B6B74940A4C2026EE80814D71B8E |
| SHA-256: | B6D9DB6A4A931ACA5E2B9113832B937077703F10DA3195C36FF15C88706F7342 |
| SHA-512: | 0F39FA8E1A692ACDB9CB325F1EC29A5635F7D2F43212208539A8EB186015E72B4CA95A8CB20C9D9C737A10668CE3521C2C5AEF565815D398B132C0AA52572F9B |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | low |
| Preview: |
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 330240 |
| Entropy (8bit): | 7.247242031805599 |
| Encrypted: | false |
| SSDEEP: | 6144:mv3f17Nwo7djrQNJe7a7P2BtEB2cbZblmhX:Mxt7djrQTKtc2cFpm |
| MD5: | 29C35D09065CC6A59E2C5C88175C91ED |
| SHA1: | 0EFD7BA30F3B35F4519A361D6225902A1E9844BB |
| SHA-256: | 6E64122B430C6357B483C6127D01268694A982BF1A5F442BFA7276C11FDF4DC3 |
| SHA-512: | CF6E51D5F1D1E53EE2A668093E4EFF9B5D2FF86CCFEEEE8B75B0F70F9B1AAA96BA6F56B6780B31BE0EDB5D8BD4273D72DFD41FDD2EF84623BA57E7CB89F28DC8 |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 407844 |
| Entropy (8bit): | 7.996849500832706 |
| Encrypted: | true |
| SSDEEP: | 12288:84W1yKl0/C2xdoPR7rXZS8Cj0MGy8WztHc:8TyKl0/Vxdop7rTCjJ5Fc |
| MD5: | 057D996B5FC5F269489774DB6C891EC8 |
| SHA1: | 6D2827C5DFAE7D68881767FD88BC1077495107C8 |
| SHA-256: | 50B16B94C843CC85576985DBE57EDA8E9C9F38529682DB0943EE0CC57994538D |
| SHA-512: | F71CF6E1DADE58BD23FA24DCBF97B69413F76086AF039178812D6D94CF18151B35B53171AA7838F9489A3A78936A0A4053149E4BFD40166CCD3777B7548DD6FF |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\AdvinstAnalytics\64484aa77f91fb11699f00b9\10.20.15.27\tracking.ini
Download File
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 26 |
| Entropy (8bit): | 4.0081320258334 |
| Encrypted: | false |
| SSDEEP: | 3:1EyEMyvn:1BEN |
| MD5: | 6BC190DD42A169DFA14515484427FC8E |
| SHA1: | B53BD614A834416E4A20292AA291A6D2FC221A5E |
| SHA-256: | B3395B660EB1EDB00FF91ECE4596E3ABE99FA558B149200F50AABF2CB77F5087 |
| SHA-512: | 5B7011ED628B673217695809A38A800E9C8A42CEB0C54AB6F8BC39DBA0745297A4FBD66D6B09188FCC952C08217152844DFC3ADA7CF468C3AAFCEC379C0B16B6 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Local\AdvinstAnalytics\64484aa77f91fb11699f00b9\10.20.15.27\{D7C38DEB-BD0A-46AE-9D80-25B933330C4D}.session
Download File
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 13893 |
| Entropy (8bit): | 5.385158157131199 |
| Encrypted: | false |
| SSDEEP: | 384:DkKkTkAkPkwk3kgkbk4akhgkukpkbkxkyk9kyk9YkfkdYknkhkakskQkDhk/kgkR:DHKv4rqxmjaGgBcyudCT2YmTuE7Xj2++ |
| MD5: | 345BFA7C298E33045D3776A6B726E826 |
| SHA1: | C3622ACEBF340BCF5AD870C1F55A4FFAF7DA27CA |
| SHA-256: | 08B2EDACE466813D4654E3101590266CD7F1BA6E2C72C4FFD5A1E357E2559BB3 |
| SHA-512: | EE6222C8950380606A184732CDB3332975000B44739F33B16B1575F13224952DC269B1A424368F59CD182305F0B849D6C77EC5B43C769E5467C395D2299B6EA3 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\SysWOW64\7za.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3633152 |
| Entropy (8bit): | 6.61898108021782 |
| Encrypted: | false |
| SSDEEP: | 49152:UGDxGSFVtaNXA6K8tKk5ojmrhCMz5vk3ukDln/hFRFNUEekBVWsRkn4frUMXjDt6:BxMXAWKknz5vquZsRe4frUMXjMY |
| MD5: | 98451DEFED5C115E437D695DA5CBBA42 |
| SHA1: | D23D3EB7F18245FCACE9EA50D0BD64EDDBCE6ADD |
| SHA-256: | 11C63D662DB77030B4B2A20DD92EE5907C9CAD111E4F1463133FE20F1C980AC7 |
| SHA-512: | 518B976CA0181BD8670C7364FBB06A2D36B16CE3E3929A5F12F4E5980E6121359A9FB1715CF8C93B4C6BE92BD9370CDACC49DBF7B514D9632FEFD203857590C1 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3015168 |
| Entropy (8bit): | 6.488798060334229 |
| Encrypted: | false |
| SSDEEP: | 49152:sS4Q3T9DntJVJZy+PDGffBlj+mBLZESa9cxpy4AiE6CxdNnstH/9hGwQn+rV:x4QpDnDVJZySGfX1uSa9y9evdNnstH/n |
| MD5: | 2BED2F1B8B7975B5F317813B9D2DC150 |
| SHA1: | DC9C89E36F2BC4E01907E0CE698881BB267EAE34 |
| SHA-256: | A1804D8C5127E13C27F664CDD3427C185FAE6ED2AB36108B501859C670F328BD |
| SHA-512: | 49FFB70F169198F1F60C5AB6B15AA535D6905988623DF875A976D3A0ABD5E5EA1F09969B26F50F2E6C56DFC5624BAD84E73CB4238FC9F94B9E252775C691B3EE |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1299560 |
| Entropy (8bit): | 6.717180055414863 |
| Encrypted: | false |
| SSDEEP: | 24576:MhGigXBH4snfDLhfxTdLXWVjpUVAs7ImLKrVA16yiLo+aegfNoZFag9WM1KOn:AGigXBHvfD1f3Li9UVlerVWhNcag97sY |
| MD5: | 84A28C3CF7B811847D74CE68C894FBA0 |
| SHA1: | 3140559C1BF1FF76A481C2E264808B3D094008FE |
| SHA-256: | A95C72F5B9FB9274AC9DAF554B24300E32C5E300AC92B6CE5EC8DB11F5745104 |
| SHA-512: | E1DED6FBA8FC17DAECF97E5B0004FF6064D4403E3B02086CFCB3A2F04C36E7617D96DE9CC993B12AA00B64613BC766E985CEE25F818AC214196B8D16A2BCC2B2 |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\SysWOW64\unarchiver.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1646 |
| Entropy (8bit): | 5.223691407958121 |
| Encrypted: | false |
| SSDEEP: | 48:7xQ0/G3Gb3G3GpdGvWG3GpXxdGbBG6xdGPG8G3GKG3GpGlRv0K:NRuDuV |
| MD5: | F0C07CB6002728D84280115D79543856 |
| SHA1: | 94D284A5A2297E39C6B2DD65E6968E4C8FB904FE |
| SHA-256: | 68554B6DC81DD9870174FF4DE2F77F908FAC3C321F5616EE078161110490205C |
| SHA-512: | 175F909343D75333A89440AD928366782178F624CA2B42F8D01C899516CE6A4FBAB49438171121CFB84DC70963D94D7A8C5B31439E840ECDBDA59468919C09EA |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
Download File
| Process: | C:\Windows\SysWOW64\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6656 |
| Entropy (8bit): | 4.234556881661197 |
| Encrypted: | false |
| SSDEEP: | 48:r+sPDyh4ZzJqlYXUqKquMOuXEOqulG1jBw3qupf2TDE8wWRtiadRXOmiPJAtJpkq:ZGmSM3O5qGdKV2TDEHW/JdRXOHPJZB6 |
| MD5: | 00320BF8466B803D6B8ED96BBD9ED7DC |
| SHA1: | C1ECD4E9C5FBE2335D6D34BDAB673EC1A30E90ED |
| SHA-256: | 3C31D2F2F6D0384195CE69060FEAE0EE41E865C2FE4874AC10DE11CD5F8D829F |
| SHA-512: | D7C939D54C7EBDA54C55135757E957ACD94D8AB07B84026F4C58D1FA7C2F898AED46F939C9500817CBD71DEB14FDDA17C8F9C7F2E22C920D8B40750A49288867 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\SysWOW64\cmd.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 8781 |
| Entropy (8bit): | 2.922509735804927 |
| Encrypted: | false |
| SSDEEP: | 48:cmZM5RGqG5GnCGVGnCGJXAE01paEyVVfmK0LBuFSIDSb7P7QkExjn8Eauy:IGqG5GCGVGCGBw+EcSMSbL7QkWbpy |
| MD5: | 9D65366DEB47E76885D82D88396959B3 |
| SHA1: | 3B3EAB91DB3E9B02845B92F61D3B3667FD3C2CEE |
| SHA-256: | F40D3955E9B17ABF104BD613FF8704B2B1AB71AD967C7DDB9FFE97A18EC7B079 |
| SHA-512: | DCC1D4661E537C78B679DA3028AF77CC64F9D031A80B62935ABCB292FA9C7191DEDF923DDB81F48EA78B47EF6A0185489D12929C7D51562C1ECBC28704423331 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\SysWOW64\wget.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4910763 |
| Entropy (8bit): | 5.6607708880732694 |
| Encrypted: | false |
| SSDEEP: | 49152:PRg7dAX9YXoVUUgv+pZVTS33k79MjSzUBK+sMp1tJtevajlgaVHKA8/:V |
| MD5: | 80AB72F8A28A1924AF1CBC1C8A924F1A |
| SHA1: | 275DB94D54AD467F32FCB4259D792399CE3D7525 |
| SHA-256: | 540035F8E293D5831BE75CC9EC0606AAB0857189654F3483C2244D3939A8D8F4 |
| SHA-512: | 3070BF95CE6BB2EF451E949E14E27D0AF3DD83D2663034899E7C3D69EA1E3DECAA22A6A6431B50AFDCF1E3FCAE1727A102DE6AAE5C38C9476D8BE10AAF4DCEEF |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1345672 |
| Entropy (8bit): | 7.996155845666661 |
| Encrypted: | true |
| SSDEEP: | 24576:n6kzEX6rB+oWbBEVMUCV5PfqnGIEdCwRNGxbZPrt181/i29r3do5Sc7pfIbbks:n6KusB+onVSV5PfPdCwRabZjt181/vZr |
| MD5: | F883E6E983340ED0BB50C426007A7ABC |
| SHA1: | E53D721FEB9C2CE9A6DB5B89B0585BE88C6074C4 |
| SHA-256: | 146F0DFDB5C1FC91AC749E3044BD148E515E762256613AC31E555239915527D0 |
| SHA-512: | 23AA09A0ABC423D7BF6131066D492E4886942241909EBD307F1811F4C3F30C27086E7D3324B00BF3E8DE182D22EDEBFA85058178DEAD58FA5A97EF3975C0850C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
C:\Users\user\Downloads\Or.amento - Pedido segunda-feira, 24 de abril de 2023F1nKhTNeGq3kSwMtzuiK.zip.crdownload (copy) 
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1345672 |
| Entropy (8bit): | 7.996155845666661 |
| Encrypted: | true |
| SSDEEP: | 24576:n6kzEX6rB+oWbBEVMUCV5PfqnGIEdCwRNGxbZPrt181/i29r3do5Sc7pfIbbks:n6KusB+onVSV5PfPdCwRabZjt181/vZr |
| MD5: | F883E6E983340ED0BB50C426007A7ABC |
| SHA1: | E53D721FEB9C2CE9A6DB5B89B0585BE88C6074C4 |
| SHA-256: | 146F0DFDB5C1FC91AC749E3044BD148E515E762256613AC31E555239915527D0 |
| SHA-512: | 23AA09A0ABC423D7BF6131066D492E4886942241909EBD307F1811F4C3F30C27086E7D3324B00BF3E8DE182D22EDEBFA85058178DEAD58FA5A97EF3975C0850C |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3633152 |
| Entropy (8bit): | 6.61898108021782 |
| Encrypted: | false |
| SSDEEP: | 49152:UGDxGSFVtaNXA6K8tKk5ojmrhCMz5vk3ukDln/hFRFNUEekBVWsRkn4frUMXjDt6:BxMXAWKknz5vquZsRe4frUMXjMY |
| MD5: | 98451DEFED5C115E437D695DA5CBBA42 |
| SHA1: | D23D3EB7F18245FCACE9EA50D0BD64EDDBCE6ADD |
| SHA-256: | 11C63D662DB77030B4B2A20DD92EE5907C9CAD111E4F1463133FE20F1C980AC7 |
| SHA-512: | 518B976CA0181BD8670C7364FBB06A2D36B16CE3E3929A5F12F4E5980E6121359A9FB1715CF8C93B4C6BE92BD9370CDACC49DBF7B514D9632FEFD203857590C1 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 780768 |
| Entropy (8bit): | 6.387720196228063 |
| Encrypted: | false |
| SSDEEP: | 12288:8tlNr2btWAp/wEqjh/lNKCQSZ1YVzsRiiqn6BbFAmrhymkM49+Og2Z04KHjJaI/5:8tlNrgpSZKVsRkn4frUMXjJaI/tWogPa |
| MD5: | 573F5E653258BF622AE1C0AD118880A2 |
| SHA1: | E243C761983908D14BAF6C7C0879301C8437415D |
| SHA-256: | 371D1346EC9CA236B257FED5B5A5C260114E56DFF009F515FA543E11C4BB81F7 |
| SHA-512: | DFFF15345DBF62307C3E6A4C0B363C133D1A0B8B368492F1200273407C2520B33ACB20BFF90FEAC356305990492F800844D849EE454E7124395F945DE39F39EA |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 388064 |
| Entropy (8bit): | 6.407392408414975 |
| Encrypted: | false |
| SSDEEP: | 6144:U7C5QB3/CNG2HBOqf2BLuoZSKYfuAO8DOE09VKYnyZwYW:qB3WBOG2BPDKSf9VtyZNW |
| MD5: | 20C782EB64C81AC14C83A853546A8924 |
| SHA1: | A1506933D294DE07A7A2AE1FBC6BE468F51371D6 |
| SHA-256: | 0ED6836D55180AF20F71F7852E3D728F2DEFE22AA6D2526C54CFBBB4B48CC6A1 |
| SHA-512: | AFF21E3E00B39F8983D101A0C616CA84CC3DC72D6464A0DD331965CF6BECCF9B45025A7DB2042D6E8B05221D3EB5813445C8ADA69AE96E2727A607398A3DE3D9 |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 388064 |
| Entropy (8bit): | 6.407392408414975 |
| Encrypted: | false |
| SSDEEP: | 6144:U7C5QB3/CNG2HBOqf2BLuoZSKYfuAO8DOE09VKYnyZwYW:qB3WBOG2BPDKSf9VtyZNW |
| MD5: | 20C782EB64C81AC14C83A853546A8924 |
| SHA1: | A1506933D294DE07A7A2AE1FBC6BE468F51371D6 |
| SHA-256: | 0ED6836D55180AF20F71F7852E3D728F2DEFE22AA6D2526C54CFBBB4B48CC6A1 |
| SHA-512: | AFF21E3E00B39F8983D101A0C616CA84CC3DC72D6464A0DD331965CF6BECCF9B45025A7DB2042D6E8B05221D3EB5813445C8ADA69AE96E2727A607398A3DE3D9 |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 388064 |
| Entropy (8bit): | 6.407392408414975 |
| Encrypted: | false |
| SSDEEP: | 6144:U7C5QB3/CNG2HBOqf2BLuoZSKYfuAO8DOE09VKYnyZwYW:qB3WBOG2BPDKSf9VtyZNW |
| MD5: | 20C782EB64C81AC14C83A853546A8924 |
| SHA1: | A1506933D294DE07A7A2AE1FBC6BE468F51371D6 |
| SHA-256: | 0ED6836D55180AF20F71F7852E3D728F2DEFE22AA6D2526C54CFBBB4B48CC6A1 |
| SHA-512: | AFF21E3E00B39F8983D101A0C616CA84CC3DC72D6464A0DD331965CF6BECCF9B45025A7DB2042D6E8B05221D3EB5813445C8ADA69AE96E2727A607398A3DE3D9 |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 878560 |
| Entropy (8bit): | 6.452749824306929 |
| Encrypted: | false |
| SSDEEP: | 24576:QK8S3AccKkqSojmrhCMou5vk3Y+ukDln/hFRFNUEekB:QK8tKk5ojmrhCMz5vk3ukDln/hFRFNU0 |
| MD5: | D51A7E3BCE34C74638E89366DEEE2AAB |
| SHA1: | 0E68022B52C288E8CDFFE85739DE1194253A7EF0 |
| SHA-256: | 7C6BDF16A0992DB092B7F94C374B21DE5D53E3043F5717A6EECAE614432E0DF5 |
| SHA-512: | 8ED246747CDD05CAC352919D7DED3F14B1E523CCC1F7F172DB85EED800B0C5D24475C270B34A7C25E7934467ACE7E363542A586CDEB156BFC484F7417C3A4AB0 |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 780768 |
| Entropy (8bit): | 6.387720196228063 |
| Encrypted: | false |
| SSDEEP: | 12288:8tlNr2btWAp/wEqjh/lNKCQSZ1YVzsRiiqn6BbFAmrhymkM49+Og2Z04KHjJaI/5:8tlNrgpSZKVsRkn4frUMXjJaI/tWogPa |
| MD5: | 573F5E653258BF622AE1C0AD118880A2 |
| SHA1: | E243C761983908D14BAF6C7C0879301C8437415D |
| SHA-256: | 371D1346EC9CA236B257FED5B5A5C260114E56DFF009F515FA543E11C4BB81F7 |
| SHA-512: | DFFF15345DBF62307C3E6A4C0B363C133D1A0B8B368492F1200273407C2520B33ACB20BFF90FEAC356305990492F800844D849EE454E7124395F945DE39F39EA |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 780768 |
| Entropy (8bit): | 6.387720196228063 |
| Encrypted: | false |
| SSDEEP: | 12288:8tlNr2btWAp/wEqjh/lNKCQSZ1YVzsRiiqn6BbFAmrhymkM49+Og2Z04KHjJaI/5:8tlNrgpSZKVsRkn4frUMXjJaI/tWogPa |
| MD5: | 573F5E653258BF622AE1C0AD118880A2 |
| SHA1: | E243C761983908D14BAF6C7C0879301C8437415D |
| SHA-256: | 371D1346EC9CA236B257FED5B5A5C260114E56DFF009F515FA543E11C4BB81F7 |
| SHA-512: | DFFF15345DBF62307C3E6A4C0B363C133D1A0B8B368492F1200273407C2520B33ACB20BFF90FEAC356305990492F800844D849EE454E7124395F945DE39F39EA |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 388064 |
| Entropy (8bit): | 6.407392408414975 |
| Encrypted: | false |
| SSDEEP: | 6144:U7C5QB3/CNG2HBOqf2BLuoZSKYfuAO8DOE09VKYnyZwYW:qB3WBOG2BPDKSf9VtyZNW |
| MD5: | 20C782EB64C81AC14C83A853546A8924 |
| SHA1: | A1506933D294DE07A7A2AE1FBC6BE468F51371D6 |
| SHA-256: | 0ED6836D55180AF20F71F7852E3D728F2DEFE22AA6D2526C54CFBBB4B48CC6A1 |
| SHA-512: | AFF21E3E00B39F8983D101A0C616CA84CC3DC72D6464A0DD331965CF6BECCF9B45025A7DB2042D6E8B05221D3EB5813445C8ADA69AE96E2727A607398A3DE3D9 |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 780768 |
| Entropy (8bit): | 6.387720196228063 |
| Encrypted: | false |
| SSDEEP: | 12288:8tlNr2btWAp/wEqjh/lNKCQSZ1YVzsRiiqn6BbFAmrhymkM49+Og2Z04KHjJaI/5:8tlNrgpSZKVsRkn4frUMXjJaI/tWogPa |
| MD5: | 573F5E653258BF622AE1C0AD118880A2 |
| SHA1: | E243C761983908D14BAF6C7C0879301C8437415D |
| SHA-256: | 371D1346EC9CA236B257FED5B5A5C260114E56DFF009F515FA543E11C4BB81F7 |
| SHA-512: | DFFF15345DBF62307C3E6A4C0B363C133D1A0B8B368492F1200273407C2520B33ACB20BFF90FEAC356305990492F800844D849EE454E7124395F945DE39F39EA |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1340 |
| Entropy (8bit): | 5.627061652562754 |
| Encrypted: | false |
| SSDEEP: | 24:bgd277vBu6gV5pSeY3Qa3SZpUGYDhiSrNTzLOd1/:bY2773gaJaBYD8SrNTzLOz |
| MD5: | 5CEDBAEB9602D1B1D82C6D01D74F9505 |
| SHA1: | F8B85B42E0789BF3863E8A3610BC76BFF8B9C767 |
| SHA-256: | 48DEB3B5D5B9B895E8AC36F6C0B61EB1E0C0158FDB48E286FBB163BC181F9117 |
| SHA-512: | 8840D98C428E1C86112395CE67AF419D1BF4DEE5799DF57800946CD50BCC352CEF4D8CF4EF56AE09B8D8B9CD04427AAC816CCFAEB03943D356F93C1B2844CDDE |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 780768 |
| Entropy (8bit): | 6.387720196228063 |
| Encrypted: | false |
| SSDEEP: | 12288:8tlNr2btWAp/wEqjh/lNKCQSZ1YVzsRiiqn6BbFAmrhymkM49+Og2Z04KHjJaI/5:8tlNrgpSZKVsRkn4frUMXjJaI/tWogPa |
| MD5: | 573F5E653258BF622AE1C0AD118880A2 |
| SHA1: | E243C761983908D14BAF6C7C0879301C8437415D |
| SHA-256: | 371D1346EC9CA236B257FED5B5A5C260114E56DFF009F515FA543E11C4BB81F7 |
| SHA-512: | DFFF15345DBF62307C3E6A4C0B363C133D1A0B8B368492F1200273407C2520B33ACB20BFF90FEAC356305990492F800844D849EE454E7124395F945DE39F39EA |
| Malicious: | false |
| Antivirus: |
|
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 1.1657562588185766 |
| Encrypted: | false |
| SSDEEP: | 12:JSbX72Fjc6AGiLIlHVRpFh/7777777777777777777777777vDHFBMnmSS9Lql0G:JxQI5BgmtRF |
| MD5: | 0EFF9D54EDBEA9AEDAB852B9CD7E30EA |
| SHA1: | 74C0179261C945C0D8A0C8B4108ABBD4CA1E1D5D |
| SHA-256: | 0A90D7697CA93B153A5951680780ABEE2DAC22F4916E302466BC50A6F5AB4091 |
| SHA-512: | 1E8EB74ECFD9BEA969811F48A61EEB9AD7189E19F9D6E4B01C30B1D1C31EBCCA33C56B8A7DB58088C17BD4C421B8C89E09473F77DBA7C4DE2A45F11999851E3E |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24576 |
| Entropy (8bit): | 1.838862932633631 |
| Encrypted: | false |
| SSDEEP: | 96:Jh51MnT07zNGWcGzkCnnk87K4G8GWcG05:V1cWxGWcGzrnDG8GWcG0 |
| MD5: | 5618B1C26DB67432B5805061CE39F192 |
| SHA1: | A186C7062DC48824BC1EC1336AAEFE7FDC75EDA5 |
| SHA-256: | 937583DC37362FCF60FE535DF82E66F580C85F84F311B3026C8B8E37A3D2F4DB |
| SHA-512: | 22253728EC6AEBAEF83447C1BC96A78F4CFC01877715656F4834CD7BE506D6C72879C6C3D63316844BFE84550209EAEC8F87E19C9CDDEDA5F8A9D11BB3E6E8BD |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 192827 |
| Entropy (8bit): | 5.392014326254811 |
| Encrypted: | false |
| SSDEEP: | 3072:iHHJCoX5CNWFHjkzRl1pqf5JjzH6wbxygaK8Nkv6kF8Kwu8K8uBD556GIlZZ6bFB:i0LVlAD |
| MD5: | 5FF4B9678D2539C5A992E0BBD6C4816B |
| SHA1: | 926B6A365BF3D1C71D18D0E0848A260A38829533 |
| SHA-256: | 737C04D9C0FCF30E1A5A27EFC93B1AC58B660FF371F8BD0AFF5A84907D99420E |
| SHA-512: | 16D6423C77D4D18C1DA22A55CB66593E85527CCFC0801AF615B0C3CB3D5A3E32E37E44803108886CEA3109F21FCFE1033D5D6EF9A168B1A8FBB1E6A92DD634FF |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 49152 |
| Entropy (8bit): | 1.2063072313962357 |
| Encrypted: | false |
| SSDEEP: | 96:XBOIQT58t7zNGWcGzkCnnk87K4G8GWcG05:ROIQ96xGWcGzrnDG8GWcG0 |
| MD5: | 56345E16DBFBE83381A96AC236B95160 |
| SHA1: | 2EC4F6EA539371D2936B38932246681341E4A44D |
| SHA-256: | 2316310E830A11540FD45136C5BF6A62BB391F9F2EC8239BC8A05AC730BC1993 |
| SHA-512: | B490FE1997C2BEAA744E77B64AB3653684EA090F65C166A0F65E9FEBA3B633F323FC8F0AE004F0E5D767831227AFD8D85082C6CBCF134DE24FF3F3179EA50189 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24576 |
| Entropy (8bit): | 1.838862932633631 |
| Encrypted: | false |
| SSDEEP: | 96:Jh51MnT07zNGWcGzkCnnk87K4G8GWcG05:V1cWxGWcGzrnDG8GWcG0 |
| MD5: | 5618B1C26DB67432B5805061CE39F192 |
| SHA1: | A186C7062DC48824BC1EC1336AAEFE7FDC75EDA5 |
| SHA-256: | 937583DC37362FCF60FE535DF82E66F580C85F84F311B3026C8B8E37A3D2F4DB |
| SHA-512: | 22253728EC6AEBAEF83447C1BC96A78F4CFC01877715656F4834CD7BE506D6C72879C6C3D63316844BFE84550209EAEC8F87E19C9CDDEDA5F8A9D11BB3E6E8BD |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
| SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
| SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
| SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 49152 |
| Entropy (8bit): | 1.2063072313962357 |
| Encrypted: | false |
| SSDEEP: | 96:XBOIQT58t7zNGWcGzkCnnk87K4G8GWcG05:ROIQ96xGWcGzrnDG8GWcG0 |
| MD5: | 56345E16DBFBE83381A96AC236B95160 |
| SHA1: | 2EC4F6EA539371D2936B38932246681341E4A44D |
| SHA-256: | 2316310E830A11540FD45136C5BF6A62BB391F9F2EC8239BC8A05AC730BC1993 |
| SHA-512: | B490FE1997C2BEAA744E77B64AB3653684EA090F65C166A0F65E9FEBA3B633F323FC8F0AE004F0E5D767831227AFD8D85082C6CBCF134DE24FF3F3179EA50189 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
| SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
| SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
| SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
| SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
| SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
| SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 32768 |
| Entropy (8bit): | 0.0733827427216334 |
| Encrypted: | false |
| SSDEEP: | 6:2/9LG7iVCnLG7iVrKOzPLHKOBMnX2S/hduPUwltwVky6lq:2F0i8n0itFzDHFBMnmSS9Lq |
| MD5: | F1396FC9B928021A745AFBD491BD4E74 |
| SHA1: | C51E3EECF5CAE79E8115B84228377FD248AF070F |
| SHA-256: | B4E406A5887B4173DDFAC12F751909BBC2346911CDD0CAC996E900A3614E8659 |
| SHA-512: | 743285759E5EC24373F5CFDF73754EB01BA1BDD70C61873E2213325F85AF93D339FAE2667548645E7C8EDFDC84FFA0F44E37909EEC6DACFCB3DEBE4AE654A806 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
| SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
| SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
| SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24576 |
| Entropy (8bit): | 1.838862932633631 |
| Encrypted: | false |
| SSDEEP: | 96:Jh51MnT07zNGWcGzkCnnk87K4G8GWcG05:V1cWxGWcGzrnDG8GWcG0 |
| MD5: | 5618B1C26DB67432B5805061CE39F192 |
| SHA1: | A186C7062DC48824BC1EC1336AAEFE7FDC75EDA5 |
| SHA-256: | 937583DC37362FCF60FE535DF82E66F580C85F84F311B3026C8B8E37A3D2F4DB |
| SHA-512: | 22253728EC6AEBAEF83447C1BC96A78F4CFC01877715656F4834CD7BE506D6C72879C6C3D63316844BFE84550209EAEC8F87E19C9CDDEDA5F8A9D11BB3E6E8BD |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 73728 |
| Entropy (8bit): | 0.30474998060671865 |
| Encrypted: | false |
| SSDEEP: | 48:XWDqRT2WDSDCSKWDSDtWDSDCSKWDSDwAEKgCygDTkP8xqo8x4swXGcp4ru2xBxY+:XWSGWcGUGWcGzkCnnk87K4G4L7 |
| MD5: | 251A694E192BA782E04FE03D5CBBAA1F |
| SHA1: | 38C819173E7E5F2A145F279BF0C7E9C930D07287 |
| SHA-256: | 82E53025F0D05CB758E46C88D348E440336760A0A803FF9F4E1F8F54A95840E3 |
| SHA-512: | 75DDC57A0C2D81DBBA57086F85ECE7B0C27A9DE626E71AB92FC887C9E3C8B883BF1260176198E1A9AD20ACF1C249465081ADC792DA3A6E95A2A0D1614EF39682 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 49152 |
| Entropy (8bit): | 1.2063072313962357 |
| Encrypted: | false |
| SSDEEP: | 96:XBOIQT58t7zNGWcGzkCnnk87K4G8GWcG05:ROIQ96xGWcGzrnDG8GWcG0 |
| MD5: | 56345E16DBFBE83381A96AC236B95160 |
| SHA1: | 2EC4F6EA539371D2936B38932246681341E4A44D |
| SHA-256: | 2316310E830A11540FD45136C5BF6A62BB391F9F2EC8239BC8A05AC730BC1993 |
| SHA-512: | B490FE1997C2BEAA744E77B64AB3653684EA090F65C166A0F65E9FEBA3B633F323FC8F0AE004F0E5D767831227AFD8D85082C6CBCF134DE24FF3F3179EA50189 |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Windows\System32\msiexec.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
| SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
| SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
| SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
| Malicious: | false |
| Reputation: | unknown |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 8388 |
| Entropy (8bit): | 7.919494785399262 |
| Encrypted: | false |
| SSDEEP: | 192:o5n7uQqkG1FsKUGMKhipevO8FtkEqPcOq7fxJe/0N4t52:o9t/nGM2Vhtk+db20af2 |
| MD5: | 24E67BADADA3D64FD710615A5F4F82C3 |
| SHA1: | ABF964F22FFA9EBCEFA23A807FBA31D8BB13A38C |
| SHA-256: | D17B828AFF5C9DD27D42456DC8352881C1401DF5C352FCE084809B799DC9E32C |
| SHA-512: | D870A827207568F0CC7BEBE3ABCD44FC1B56156597B829497DA344F3A08C1FFF9C33C12FFF72D9B13032748924D7C68FA785FA70C65CF23B453D3378DD661DA9 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://i1.wp.com/flevix.com/wp-content/uploads/2019/07/Focus-Loading-1.gif |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1851 |
| Entropy (8bit): | 5.1582905988481595 |
| Encrypted: | false |
| SSDEEP: | 48:Aa0SVhVeZb8pgL0UA7dBEev7N1bTQ/1xZO9I0gxzkRH:N0ch88qLJA7dBlTb0Oz |
| MD5: | 3802B1DA574FB51C12A40FB763BCD8E1 |
| SHA1: | FEE034CC7E18BE52EA8A12FFEFEBCB0EABCA95FF |
| SHA-256: | E4686A0E93C1D5BA5196E0748664BB10990C1FE115CAA50FD340AF14492C4D5C |
| SHA-512: | DD66826232BF950B8BD1D54846DD6D84B5EBF3867FE18A6991AEAEE34C84253D50BA5626F690B182E17AAFC57CE2774FE4AD3792823D855D7ECE8FDB51B80CB4 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdnjs.cloudflare.com/ajax/libs/jszip-utils/0.1.0/jszip-utils.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2749 |
| Entropy (8bit): | 5.3431938281985385 |
| Encrypted: | false |
| SSDEEP: | 48:KwdQuDYDQJ26GiQMbu3tykqyHIHoLx6Wg2qJZ3czSo/4NM/ADVU96l2veQFxmjvG:KLDQoaludS5Sx6BbJJcGR69Be4cj/tRq |
| MD5: | 349C8ACA9D3D0518362D1982D08F1A0F |
| SHA1: | 39230DC78E799B40FFEA09B3F1031DCAE953A226 |
| SHA-256: | C68874CBAA2FD1650B7D770B328680EA765FB3376023CC3608427FDE4F0D0481 |
| SHA-512: | 425BFA5522A1D600CA1A825B9F203944C5D872F9E922A84EFBE32120CD9F4AD31C193F62D93FFFB52C18165732A1144370367E4D81E91FC6B30410B286949EAB |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/FileSaver.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 99112 |
| Entropy (8bit): | 5.430201357369002 |
| Encrypted: | false |
| SSDEEP: | 1536:dQ6MMEBdUyj5HPkDonnhkJQVdHyE7286GKvq+KQwhDsG:d6pVxOwD |
| MD5: | DB117D0391191DF4CD6346CD8D7B3D49 |
| SHA1: | C1DF5C3B3207A84B827B000941DDF671C6DD1D88 |
| SHA-256: | 301F962999873267B605154AA43B886DFB3A56549D508018D55AE852613EA7C8 |
| SHA-512: | B954958C4EF362C1B3E1A8341C4CDFBA027BF281C22352A17648AF8D0AE8F0004BFCF46210EE113B0BEBA256007199E4CB4165FDB6962988A541F5AF11296244 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdnjs.cloudflare.com/ajax/libs/jszip/3.6.0/jszip.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1882 |
| Entropy (8bit): | 7.894935391827043 |
| Encrypted: | false |
| SSDEEP: | 48:/MWjgcyWpSTUxUM3JXkrkQdIFd1yNRJlMcU3FS:0Wj61wxUIJLQdIFyHJlMcb |
| MD5: | D91CD70685D61E4FA70111B1172620E0 |
| SHA1: | 6A0EE1A92B0FD056545C23668E342B343A18084C |
| SHA-256: | 282A8B17D09EAD82DD62806BEDD779CBD9A7C379A6DCFFD34770D911D08904ED |
| SHA-512: | DE5A164EAEFCA998B5984096C7B8876BEAF8D9F0EBBF399F1EE218E7EEAD70D11E7B3CCAC976B5BFE52154388DA0FEB6CD100DA5C5E25368F2174DEF7757D3CD |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://img001.prntscr.com/file/img001/LwwKUVJ1RTKn0DIWa1bTlw.png |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 89501 |
| Entropy (8bit): | 5.289893677458563 |
| Encrypted: | false |
| SSDEEP: | 1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn |
| MD5: | 8FB8FEE4FCC3CC86FF6C724154C49C42 |
| SHA1: | B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4 |
| SHA-256: | FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E |
| SHA-512: | F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31 |
| Malicious: | false |
| Reputation: | unknown |
| URL: | https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js |
| Preview: |
⊘No static file info
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|---|---|---|
| 192.168.2.354.204.22.19849716802849813 04/26/23-09:01:40.583092 | TCP | 2849813 | ETPRO MALWARE TakeMyFile Installer Checkin | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| 192.168.2.354.204.22.19849716802849814 04/26/23-09:01:40.583092 | TCP | 2849814 | ETPRO MALWARE TakeMyFile User-Agent | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Apr 26, 2023 09:00:11.054783106 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.054872036 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.055036068 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.090673923 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.090714931 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.141469002 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.141704082 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.159183025 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.159256935 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.159797907 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.164235115 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.207472086 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.678394079 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.678538084 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.678623915 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.687735081 CEST | 49696 | 443 | 192.168.2.3 | 172.67.1.225 |
| Apr 26, 2023 09:00:11.687771082 CEST | 443 | 49696 | 172.67.1.225 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.787820101 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:11.787883997 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.787960052 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:11.799180031 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:11.799211025 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.868366957 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.868491888 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:11.871213913 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:11.871241093 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.871753931 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.873740911 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:11.915416956 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.138149023 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.138259888 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.138354063 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:12.241245031 CEST | 49697 | 443 | 192.168.2.3 | 172.217.168.65 |
| Apr 26, 2023 09:00:12.241297960 CEST | 443 | 49697 | 172.217.168.65 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.643203974 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:12.643274069 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.643376112 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:12.647877932 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:12.647924900 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.804291964 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.804481983 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:12.807034016 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:12.807069063 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.807456017 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.810728073 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:12.851439953 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.366651058 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.366693020 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.366739035 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.366791964 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.366846085 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.366877079 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.366915941 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.404144049 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.404213905 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.404264927 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.404305935 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.404336929 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.404359102 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.444056034 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.444094896 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.444169044 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.444204092 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.444231987 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.444255114 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.456531048 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.456571102 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.456643105 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.456680059 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.456711054 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.456738949 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.468311071 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.468347073 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.468430996 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.468471050 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.468502045 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.468537092 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.516242981 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.516282082 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.516475916 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.516511917 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.516535997 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.516578913 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.523114920 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.523154974 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.523257971 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.523293018 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.523336887 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.523361921 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.530062914 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.530127048 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.530188084 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.530220032 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.530276060 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.530277014 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.537082911 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.537112951 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.537254095 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.537286043 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.537342072 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.544457912 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.544509888 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.544574976 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.544617891 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.544637918 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.544666052 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.553818941 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.553858995 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.553972006 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.554007053 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.554105043 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.563121080 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.563222885 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.563286066 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.563321114 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.563344955 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.563368082 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.593146086 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.593204021 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.593369961 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.593400955 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.593422890 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.593480110 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.598005056 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.598036051 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.598164082 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.598192930 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.598252058 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.603612900 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.603688955 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.603782892 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.603811026 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.603833914 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.603879929 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.608081102 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.608174086 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.608253002 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.608283997 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.608308077 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.608331919 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.610224962 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.610275030 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.610357046 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.610383987 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.610407114 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.610441923 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.610850096 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.613682032 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.613742113 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.613799095 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.613822937 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.613847017 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.613950014 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.613950014 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.616256952 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.616300106 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.616436005 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.616465092 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.616552114 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.617036104 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.618886948 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.618927956 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.619071007 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.619096994 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.619184971 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.621165037 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.621206045 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.621234894 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.621421099 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.621437073 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.621522903 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.624524117 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.624555111 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.624830961 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.624856949 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.624984026 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.627085924 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.627115011 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.627260923 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.627288103 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.627502918 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.643416882 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.643482924 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.643692970 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.651458025 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.651492119 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.651515007 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.651675940 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.669913054 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.669950008 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.670066118 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.670101881 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.670141935 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.672524929 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.672565937 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.672652960 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.672686100 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.672714949 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.674957991 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.674989939 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.675141096 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.685612917 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.685646057 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.685678959 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.685692072 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.685843945 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.685935974 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.735433102 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.735466957 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.735589981 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.743613958 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.743680954 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.743725061 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.743902922 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.743973970 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.772528887 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.772559881 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.772665977 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.775892019 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.775928020 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.775969028 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.776213884 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.828315973 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.828346968 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.828485966 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.831908941 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.831937075 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.831967115 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.832226038 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.869448900 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.869477034 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.869612932 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.880798101 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.880851030 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.880889893 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.881175995 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.959479094 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.959502935 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.959615946 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.971926928 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.971951962 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.971993923 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.972177982 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.972261906 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.994764090 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:13.994798899 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:13.994946003 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.003078938 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.003109932 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.003146887 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.003345966 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.003443003 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.014183044 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.014225006 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.014372110 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.015678883 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.015712023 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.015748978 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.015904903 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.015999079 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.039107084 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.039139032 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.039254904 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.040252924 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.040271997 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.040302992 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.040453911 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.040534973 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.051105976 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.051129103 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.051218987 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.052129030 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.052144051 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.052170038 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.052352905 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.057923079 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.057950974 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.058037043 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.059012890 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.059027910 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.059052944 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.059179068 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.059252024 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.065063000 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.065098047 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.065118074 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.065191031 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.066298008 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.066315889 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.066359043 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.066466093 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.066548109 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.074888945 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.074914932 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.074932098 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.075016975 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.076477051 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.076498032 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.076530933 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.076802015 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.083945990 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.083973885 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.084104061 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.085377932 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.085392952 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.085417986 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.085635900 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.092211008 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.092252016 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.092375040 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.093287945 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.093307018 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.093332052 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.093518019 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.138478994 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.138515949 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.138811111 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.139636993 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.139653921 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.139678001 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.140068054 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.148803949 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.148832083 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.148973942 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.168124914 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.168152094 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.168183088 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.168387890 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.168476105 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.175487995 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.175553083 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.175705910 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.176632881 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.176661968 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.176691055 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.176902056 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.177042007 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.186039925 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.186079025 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.186264038 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.187531948 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.187550068 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.187571049 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.187822104 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.194113016 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.194153070 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.194303989 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.199047089 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.199100971 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.199131966 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.199259043 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.199429035 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.207149982 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.207210064 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.207384109 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.209369898 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.209404945 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.209434032 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.209572077 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.209691048 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.216382980 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.216414928 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.216583014 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.218832970 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.218863010 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.218887091 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.219033957 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.219127893 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.225455999 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.225497961 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.225662947 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.228214025 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.228243113 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.228269100 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.228408098 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.228483915 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.234147072 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.234183073 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.234386921 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.238657951 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.238686085 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.238713026 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.238831997 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.238957882 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.246234894 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.246263981 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.246468067 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.249389887 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.249408960 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.249425888 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.249558926 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.249636889 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.254594088 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.254621029 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.254796982 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.257328987 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.257349968 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.257369041 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.257502079 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.257572889 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.290867090 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.290901899 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.291042089 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.292651892 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.292666912 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.292689085 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.292768955 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.292862892 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.297102928 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.297127008 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.297277927 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.300510883 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.300533056 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.300553083 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.300663948 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.300767899 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.305392981 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.305421114 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.305599928 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.308248043 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.308274031 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.308293104 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.308412075 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.308491945 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.312803984 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.312830925 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.312988043 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.314940929 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.314975977 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.314997911 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.315108061 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.315205097 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.319303989 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.319334984 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.319530010 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.322526932 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.322551966 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.322568893 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.322670937 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.322774887 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.326662064 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.326689959 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.326858997 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.329843998 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.329873085 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.329890013 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.329986095 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.330065012 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.334434032 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.334465027 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.334656000 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.337357998 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.337384939 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.337410927 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.337527037 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.337639093 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.341284037 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.341304064 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.341489077 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.345259905 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.345284939 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.345319033 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.345400095 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.345483065 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.348562002 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.348593950 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.348802090 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.352754116 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.352772951 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.352788925 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.352847099 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.352930069 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.356714964 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.356734991 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.356935024 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.360884905 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.360913038 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.361115932 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.381558895 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.381589890 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.381802082 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.385488987 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.385512114 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.385701895 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.388935089 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.388952971 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.389132023 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.395872116 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.395908117 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.396094084 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.404717922 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.404741049 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.404947042 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.407270908 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.407286882 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.407438040 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.410940886 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.410959005 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.411128998 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.414166927 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.414185047 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.414343119 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.417916059 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.417943001 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.418118954 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.424021006 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.424052000 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.424299955 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.431098938 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.431123018 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.431379080 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.434367895 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.434389114 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.434619904 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.437912941 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.437931061 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.438124895 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.441560030 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.441576958 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.441762924 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.444660902 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.444679976 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.444875956 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.448540926 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.448558092 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.448755026 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.451440096 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.451458931 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.451626062 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.455111027 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.455140114 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.455328941 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.458862066 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.458888054 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.459075928 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.462632895 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.462652922 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.462841034 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.465837002 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.465859890 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.466067076 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.470997095 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.471020937 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.471244097 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.494476080 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.494525909 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.494760036 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.499629021 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.499660015 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.499834061 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.503365040 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.503417969 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.503607988 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.506531000 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.506556988 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.506726980 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.512887955 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.512928009 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.513093948 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.517390013 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.517417908 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.517616987 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.521806955 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.521861076 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.522089005 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.527348042 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.527375937 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.527558088 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.532219887 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.532248020 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.532455921 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.536597967 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.536626101 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.536804914 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.540539980 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.540558100 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.540771961 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.544970989 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.545007944 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.545208931 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.549493074 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.549510956 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.549722910 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.553790092 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.553812981 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.553972006 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.557827950 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.557861090 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.558078051 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.562534094 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.562562943 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.562763929 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.567004919 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.567034006 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.567272902 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.571042061 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.571070910 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.571275949 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.575989008 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.576018095 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.576210022 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.580683947 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.580717087 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.581140995 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.588413954 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.588450909 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.588640928 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.615747929 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.615792036 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.615979910 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.628526926 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.628576994 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.628755093 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.631603956 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.631630898 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.631829023 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.635405064 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.635420084 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.635606050 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.638917923 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.638937950 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.639098883 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.641946077 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.641966105 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.642134905 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.645417929 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.645437956 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.645600080 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.648719072 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.648744106 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.648902893 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.663228989 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.663278103 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.663523912 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.667507887 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.667547941 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.667845011 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.671472073 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.671506882 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.671668053 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.674587965 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.674623966 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.674797058 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.678502083 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.678531885 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.678724051 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.682621002 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.682643890 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.682821989 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.685570002 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.685611963 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.685794115 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.689138889 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.689173937 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.689358950 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.709408998 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.709471941 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.709690094 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.713911057 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.713960886 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.714191914 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.717864037 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.717925072 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.718148947 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.721404076 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.721429110 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.721609116 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.724997997 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.725025892 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.725194931 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.728683949 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.728723049 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.728938103 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.731894970 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.731920004 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.732115984 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.738115072 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.738137007 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.738295078 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.741997004 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.742019892 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:14.742141962 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.745949984 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.748630047 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.758101940 CEST | 49698 | 443 | 192.168.2.3 | 185.143.234.120 |
| Apr 26, 2023 09:00:14.758146048 CEST | 443 | 49698 | 185.143.234.120 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.147988081 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.148049116 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.148158073 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.148626089 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.148683071 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.148765087 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.151472092 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.151523113 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.151614904 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.152287960 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.152331114 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.152421951 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.152971029 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.153017998 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.153090000 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.153496027 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.153522968 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.153587103 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.155116081 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.155145884 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.155718088 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.155750036 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.156167030 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.156191111 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.156639099 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.156666040 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.158476114 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.158510923 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.159091949 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.159115076 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.276190996 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.276837111 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.276879072 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.277775049 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.278150082 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.278182983 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.278220892 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.278297901 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.280685902 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.281718016 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.281752110 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.283046007 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.283126116 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.283230066 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.283291101 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.296905994 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.314182043 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.325942039 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.346549034 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.346584082 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.346750021 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.346766949 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.347007036 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.347043991 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.347881079 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.348007917 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.348481894 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.348587990 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.348615885 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.348664999 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.349389076 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.349478960 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.737831116 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.737998009 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.738157988 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.738178968 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.738457918 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.738640070 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.738652945 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.738828897 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.738852024 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.739025116 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.739074945 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.739164114 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.739592075 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.739738941 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.740228891 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.740251064 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.740384102 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.740420103 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.740529060 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.740545034 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.740792990 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.740817070 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.741022110 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.741035938 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.770591974 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.770637989 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.770658016 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.770665884 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.770694017 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.770721912 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.770728111 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.770766020 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.770863056 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.771522999 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.771583080 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.771584034 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.771600008 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.771639109 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.771646023 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.772284985 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.772330999 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.772351027 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.772361040 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.772399902 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.772406101 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773158073 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773200035 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773215055 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.773221970 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773257017 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.773262024 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773525000 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773600101 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.773624897 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773699045 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773757935 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.773945093 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.773988962 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.774000883 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.774009943 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.774074078 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.774079084 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.774976015 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.775016069 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.775041103 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.775053024 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.775104046 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.775474072 CEST | 49701 | 443 | 192.168.2.3 | 142.250.203.110 |
| Apr 26, 2023 09:00:20.775504112 CEST | 443 | 49701 | 142.250.203.110 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.788254976 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.788291931 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.788295984 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.788291931 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.788986921 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789079905 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789119959 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789139986 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.789146900 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789185047 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.789264917 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789345980 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789381981 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789388895 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.789395094 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.789434910 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.790150881 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790221930 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790267944 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.790273905 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790725946 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790776968 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790785074 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.790791035 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790846109 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.790851116 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790894985 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.790951014 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.790956974 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.791610956 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.791690111 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.791695118 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.791743994 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.792381048 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.792467117 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.793042898 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.793112993 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.794034958 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.794115067 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.794117928 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.794156075 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.794167995 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.794198990 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.794661999 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.794711113 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.794804096 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.794809103 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.794848919 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.796050072 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.796128035 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.796133041 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.796169043 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.796215057 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.796253920 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.798989058 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.799788952 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.799882889 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.801896095 CEST | 49702 | 443 | 192.168.2.3 | 142.250.203.109 |
| Apr 26, 2023 09:00:20.801928997 CEST | 443 | 49702 | 142.250.203.109 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.821669102 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.821743011 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.821787119 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.821818113 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.821839094 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.821865082 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.821878910 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.822098970 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822139025 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822155952 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.822170019 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822208881 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.822298050 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822376013 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822427034 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.822437048 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822688103 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822757959 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822762966 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.822772026 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.822824001 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.822833061 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.823311090 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.823354006 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.823373079 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.823386908 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.823431015 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.825381994 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.825470924 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.825526953 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.825531006 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.825560093 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.825613976 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.826091051 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.826162100 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.826198101 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.826220989 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.826240063 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.826293945 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.828313112 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.828510046 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.828588009 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.828612089 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.828654051 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.828715086 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.832807064 CEST | 49705 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.832844019 CEST | 443 | 49705 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.834806919 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.834892035 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.835094929 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.835118055 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.835169077 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.835491896 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.839021921 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.839096069 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.839133978 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.839236021 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.839293003 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.839363098 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.839692116 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.839756012 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.839849949 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.839876890 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.840388060 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.840431929 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.840467930 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.840513945 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.840513945 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.840539932 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.841224909 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.841285944 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.841332912 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.841335058 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.841423035 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.841465950 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.842197895 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.842297077 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.842322111 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.843329906 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.843384981 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.843441963 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.843470097 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.843516111 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.843755960 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.843830109 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.843852997 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.843910933 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.844475985 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.844598055 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.845393896 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.845505953 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.845747948 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.845827103 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.847018003 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.847131014 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.848320007 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.848440886 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.858894110 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.858985901 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.859091997 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.859128952 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.859148979 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.859210014 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.859261990 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.859280109 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.859383106 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.859462976 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.879765034 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.880258083 CEST | 49703 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.880311966 CEST | 443 | 49703 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.880929947 CEST | 49704 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.880987883 CEST | 443 | 49704 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.885662079 CEST | 49706 | 443 | 192.168.2.3 | 104.17.25.14 |
| Apr 26, 2023 09:00:20.885727882 CEST | 443 | 49706 | 104.17.25.14 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.125828028 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.125894070 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.125963926 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.125988007 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.125998974 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.126079082 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.126301050 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.126316071 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.126597881 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.126617908 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.199508905 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.199940920 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.199975967 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.202151060 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.202305079 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.204102993 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.204684019 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.204893112 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.204962015 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.205367088 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.205394983 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.207467079 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.207592010 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.221256018 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.221496105 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.221599102 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.221613884 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.247426987 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.281847954 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.281965971 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.282042980 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.282094002 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.296561003 CEST | 49709 | 443 | 192.168.2.3 | 104.23.139.12 |
| Apr 26, 2023 09:00:21.296626091 CEST | 443 | 49709 | 104.23.139.12 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.329868078 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.329901934 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.342658043 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.342817068 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.343868017 CEST | 49708 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:21.343894005 CEST | 443 | 49708 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.842080116 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.842166901 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.842251062 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.842685938 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.842720985 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.897885084 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.899561882 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.899597883 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.900994062 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.901078939 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.903170109 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.903340101 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.903362036 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.903413057 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.921855927 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.921932936 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.921973944 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.922004938 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.922039986 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.922066927 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.922095060 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.922144890 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.922147036 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.922164917 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.922208071 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:21.922221899 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.922264099 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.922314882 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:22.060190916 CEST | 49711 | 443 | 192.168.2.3 | 192.0.77.2 |
| Apr 26, 2023 09:00:22.060250044 CEST | 443 | 49711 | 192.0.77.2 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.204519033 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.204592943 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.204721928 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.205115080 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.205158949 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.266109943 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.266612053 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.266675949 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.267369032 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.267841101 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.267955065 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.267986059 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.311419010 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.388083935 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.424302101 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.424408913 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:00:24.424585104 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.434847116 CEST | 49712 | 443 | 192.168.2.3 | 67.199.248.11 |
| Apr 26, 2023 09:00:24.434879065 CEST | 443 | 49712 | 67.199.248.11 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.491074085 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.637969971 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.638369083 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.642728090 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.642831087 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.789890051 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.789958000 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.794243097 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.794404984 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.810074091 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.810260057 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.957072020 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.960452080 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.960565090 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.962099075 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:32.962150097 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.109433889 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.112632036 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.112840891 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.114609957 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.116610050 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.266645908 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.269185066 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.269298077 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.270638943 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.270678997 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.417445898 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.420056105 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.420259953 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.421744108 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.421744108 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.568749905 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.980140924 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:33.981352091 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.982865095 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:33.982945919 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.129827023 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.132220984 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.132386923 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.133728027 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.136765003 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.283617973 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.285995960 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.286144972 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.294802904 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.294950962 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.441772938 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.444622993 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.444739103 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.447314978 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.447355986 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.594291925 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.597918987 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.598153114 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.599622965 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.599680901 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.746520996 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.749092102 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.749186039 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.750492096 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.750492096 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.897594929 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.902401924 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:34.902520895 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.904405117 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:34.904526949 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.051372051 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.289380074 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.289479017 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.291110992 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.291177988 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.437958002 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.440589905 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.440695047 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.443013906 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.443042994 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.591219902 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.593828917 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.593993902 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.597026110 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.597089052 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.744035959 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.746344090 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.746439934 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.748223066 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.748223066 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.895255089 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.897701979 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:35.898536921 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.905711889 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:35.905798912 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.052627087 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.055690050 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.056961060 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.059612989 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.059612989 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.208966017 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.214426041 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.214669943 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.217072964 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.217145920 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.363873005 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.366777897 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.368374109 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.391988039 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.391988039 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.538980007 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.541862011 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.544291019 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.546025038 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.546046019 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.692862034 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.696635008 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.696832895 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.699017048 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.699060917 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.771835089 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:36.771894932 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.771995068 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:36.813711882 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:36.813754082 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.845864058 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.848640919 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.850477934 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.851660013 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.851691961 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:36.933659077 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.933794975 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:36.936851025 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:36.936872005 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.937495947 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.978404045 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:36.998442888 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.001262903 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.001396894 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.011219025 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.011219025 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.158421993 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.161623955 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.165066957 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.174132109 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.174132109 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.304580927 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:37.322464943 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.325963020 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.328079939 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.331161976 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.331204891 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.351418972 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.478514910 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.482691050 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.482790947 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.485013962 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.485070944 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:37.487101078 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.487212896 CEST | 443 | 49717 | 5.181.156.27 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.487284899 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:37.488363028 CEST | 49717 | 443 | 192.168.2.3 | 5.181.156.27 |
| Apr 26, 2023 09:01:37.632030964 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.996436119 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.996637106 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.243671894 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.243673086 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.390702009 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:38.394639969 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:38.394865036 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.450011969 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.453090906 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.601695061 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:38.604259968 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:38.604396105 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.992100954 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:38.993176937 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.139877081 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.142348051 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.142514944 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.168019056 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.169189930 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.315891981 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.319140911 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.319377899 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.322227955 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.322319984 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.470242977 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.472908974 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.473036051 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.488818884 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.488877058 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.635658979 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.638633013 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.638746977 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.644784927 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.644785881 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.791721106 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.794539928 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.794734001 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.805903912 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.805903912 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.952882051 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.955837011 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:39.956065893 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.957730055 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:39.959481955 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.106242895 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.108752966 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.108942986 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.110811949 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.110862017 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.257780075 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.260902882 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.261125088 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.275237083 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.275237083 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.422367096 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.425354004 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.425517082 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.427639961 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.427639961 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.574606895 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.577438116 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.577613115 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.583091974 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.583138943 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.733936071 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.744373083 CEST | 80 | 49716 | 54.204.22.198 | 192.168.2.3 |
| Apr 26, 2023 09:01:40.744566917 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Apr 26, 2023 09:01:40.944314003 CEST | 49716 | 80 | 192.168.2.3 | 54.204.22.198 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Apr 26, 2023 09:00:11.008738041 CEST | 58921 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:11.035623074 CEST | 53 | 58921 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:11.748316050 CEST | 62704 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:11.782228947 CEST | 53 | 62704 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:12.451270103 CEST | 49977 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:12.583501101 CEST | 53 | 49977 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.068454027 CEST | 52387 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:20.068696976 CEST | 56924 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:20.069679022 CEST | 60625 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:20.101803064 CEST | 53 | 56924 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.104892969 CEST | 53 | 60625 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.112473011 CEST | 53 | 52387 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.959626913 CEST | 51139 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:20.959928036 CEST | 52955 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:20.984810114 CEST | 53 | 52955 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:20.985518932 CEST | 53 | 51139 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:00:21.782541990 CEST | 57134 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:00:21.798477888 CEST | 53 | 57134 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:01:32.453900099 CEST | 53848 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:01:32.489891052 CEST | 53 | 53848 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:01:36.611017942 CEST | 57571 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:01:36.753401041 CEST | 53 | 57571 | 8.8.8.8 | 192.168.2.3 |
| Apr 26, 2023 09:01:37.534423113 CEST | 58691 | 53 | 192.168.2.3 | 8.8.8.8 |
| Apr 26, 2023 09:01:37.564975023 CEST | 53 | 58691 | 8.8.8.8 | 192.168.2.3 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Apr 26, 2023 09:00:11.008738041 CEST | 192.168.2.3 | 8.8.8.8 | 0x81d5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:11.748316050 CEST | 192.168.2.3 | 8.8.8.8 | 0xe8fc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:12.451270103 CEST | 192.168.2.3 | 8.8.8.8 | 0x5ae9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:20.068454027 CEST | 192.168.2.3 | 8.8.8.8 | 0xd87e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:20.068696976 CEST | 192.168.2.3 | 8.8.8.8 | 0xfb90 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:20.069679022 CEST | 192.168.2.3 | 8.8.8.8 | 0x3bb6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:20.959626913 CEST | 192.168.2.3 | 8.8.8.8 | 0xd49a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:20.959928036 CEST | 192.168.2.3 | 8.8.8.8 | 0xea69 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:00:21.782541990 CEST | 192.168.2.3 | 8.8.8.8 | 0xb09c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:01:32.453900099 CEST | 192.168.2.3 | 8.8.8.8 | 0x8610 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:01:36.611017942 CEST | 192.168.2.3 | 8.8.8.8 | 0x5c4c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 26, 2023 09:01:37.534423113 CEST | 192.168.2.3 | 8.8.8.8 | 0xa7d6 | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Apr 26, 2023 09:00:11.035623074 CEST | 8.8.8.8 | 192.168.2.3 | 0x81d5 | No error (0) | 172.67.1.225 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:11.035623074 CEST | 8.8.8.8 | 192.168.2.3 | 0x81d5 | No error (0) | 104.20.139.65 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:11.035623074 CEST | 8.8.8.8 | 192.168.2.3 | 0x81d5 | No error (0) | 104.20.138.65 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:11.782228947 CEST | 8.8.8.8 | 192.168.2.3 | 0xe8fc | No error (0) | 172.217.168.65 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:12.583501101 CEST | 8.8.8.8 | 192.168.2.3 | 0x5ae9 | No error (0) | 185.143.234.120 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:12.583501101 CEST | 8.8.8.8 | 192.168.2.3 | 0x5ae9 | No error (0) | 185.143.233.120 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.101803064 CEST | 8.8.8.8 | 192.168.2.3 | 0xfb90 | No error (0) | 142.250.203.109 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.104892969 CEST | 8.8.8.8 | 192.168.2.3 | 0x3bb6 | No error (0) | 104.17.25.14 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.104892969 CEST | 8.8.8.8 | 192.168.2.3 | 0x3bb6 | No error (0) | 104.17.24.14 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.112473011 CEST | 8.8.8.8 | 192.168.2.3 | 0xd87e | No error (0) | clients.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.112473011 CEST | 8.8.8.8 | 192.168.2.3 | 0xd87e | No error (0) | 142.250.203.110 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.984810114 CEST | 8.8.8.8 | 192.168.2.3 | 0xea69 | No error (0) | 67.199.248.11 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.984810114 CEST | 8.8.8.8 | 192.168.2.3 | 0xea69 | No error (0) | 67.199.248.10 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.985518932 CEST | 8.8.8.8 | 192.168.2.3 | 0xd49a | No error (0) | 104.23.139.12 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:20.985518932 CEST | 8.8.8.8 | 192.168.2.3 | 0xd49a | No error (0) | 104.23.140.12 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:00:21.798477888 CEST | 8.8.8.8 | 192.168.2.3 | 0xb09c | No error (0) | 192.0.77.2 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:01:32.489891052 CEST | 8.8.8.8 | 192.168.2.3 | 0x8610 | No error (0) | 54.204.22.198 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:01:32.489891052 CEST | 8.8.8.8 | 192.168.2.3 | 0x8610 | No error (0) | 3.222.139.61 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:01:36.753401041 CEST | 8.8.8.8 | 192.168.2.3 | 0x5c4c | No error (0) | 5.181.156.27 | A (IP address) | IN (0x0001) | false | ||
| Apr 26, 2023 09:01:37.564975023 CEST | 8.8.8.8 | 192.168.2.3 | 0xa7d6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 0 | 192.168.2.3 | 49696 | 172.67.1.225 | 443 | C:\Windows\SysWOW64\wget.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 1 | 192.168.2.3 | 49697 | 172.217.168.65 | 443 | C:\Windows\SysWOW64\wget.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 10 | 192.168.2.3 | 49709 | 104.23.139.12 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 11 | 192.168.2.3 | 49711 | 192.0.77.2 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 12 | 192.168.2.3 | 49712 | 67.199.248.11 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 13 | 192.168.2.3 | 49717 | 5.181.156.27 | 443 | C:\Users\Public\Documents\tqVXfZhGNW\openshot-qt.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 14 | 192.168.2.3 | 49716 | 54.204.22.198 | 80 | C:\Windows\SysWOW64\msiexec.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| Apr 26, 2023 09:01:32.642728090 CEST | 6125 | OUT | |
| Apr 26, 2023 09:01:32.642831087 CEST | 6125 | OUT | |
| Apr 26, 2023 09:01:32.794243097 CEST | 6126 | IN | |
| Apr 26, 2023 09:01:32.810074091 CEST | 6126 | OUT | |
| Apr 26, 2023 09:01:32.810260057 CEST | 6126 | OUT | |
| Apr 26, 2023 09:01:32.960452080 CEST | 6127 | IN | |
| Apr 26, 2023 09:01:32.962099075 CEST | 6127 | OUT | |
| Apr 26, 2023 09:01:32.962150097 CEST | 6127 | OUT | |
| Apr 26, 2023 09:01:33.112632036 CEST | 6127 | IN | |
| Apr 26, 2023 09:01:33.114609957 CEST | 6128 | OUT | |
| Apr 26, 2023 09:01:33.116610050 CEST | 6128 | OUT | |
| Apr 26, 2023 09:01:33.269185066 CEST | 6128 | IN | |
| Apr 26, 2023 09:01:33.270638943 CEST | 6129 | OUT | |
| Apr 26, 2023 09:01:33.270678997 CEST | 6129 | OUT | |
| Apr 26, 2023 09:01:33.420056105 CEST | 6129 | IN | |
| Apr 26, 2023 09:01:33.421744108 CEST | 6130 | OUT | |
| Apr 26, 2023 09:01:33.421744108 CEST | 6130 | OUT | |
| Apr 26, 2023 09:01:33.980140924 CEST | 6131 | IN | |
| Apr 26, 2023 09:01:33.982865095 CEST | 6131 | OUT | |
| Apr 26, 2023 09:01:33.982945919 CEST | 6132 | OUT | |
| Apr 26, 2023 09:01:34.132220984 CEST | 6137 | IN | |
| Apr 26, 2023 09:01:34.133728027 CEST | 6137 | OUT | |
| Apr 26, 2023 09:01:34.136765003 CEST | 6138 | OUT | |
| Apr 26, 2023 09:01:34.285995960 CEST | 6138 | IN | |
| Apr 26, 2023 09:01:34.294802904 CEST | 6138 | OUT | |
| Apr 26, 2023 09:01:34.294950962 CEST | 6139 | OUT | |
| Apr 26, 2023 09:01:34.444622993 CEST | 6139 | IN | |
| Apr 26, 2023 09:01:34.447314978 CEST | 6139 | OUT | |
| Apr 26, 2023 09:01:34.447355986 CEST | 6140 | OUT | |
| Apr 26, 2023 09:01:34.597918987 CEST | 6140 | IN | |
| Apr 26, 2023 09:01:34.599622965 CEST | 6140 | OUT | |
| Apr 26, 2023 09:01:34.749092102 CEST | 6141 | IN | |
| Apr 26, 2023 09:01:34.750492096 CEST | 6141 | OUT | |
| Apr 26, 2023 09:01:34.902401924 CEST | 6142 | IN | |
| Apr 26, 2023 09:01:34.904405117 CEST | 6142 | OUT | |
| Apr 26, 2023 09:01:35.289380074 CEST | 6145 | IN | |
| Apr 26, 2023 09:01:35.291110992 CEST | 6145 | OUT | |
| Apr 26, 2023 09:01:35.440589905 CEST | 6146 | IN | |
| Apr 26, 2023 09:01:35.443013906 CEST | 6146 | OUT | |
| Apr 26, 2023 09:01:35.593828917 CEST | 6147 | IN | |
| Apr 26, 2023 09:01:35.597026110 CEST | 6147 | OUT | |
| Apr 26, 2023 09:01:35.746344090 CEST | 6148 | IN | |
| Apr 26, 2023 09:01:35.748223066 CEST | 6148 | OUT | |
| Apr 26, 2023 09:01:35.897701979 CEST | 6149 | IN | |
| Apr 26, 2023 09:01:35.905711889 CEST | 6149 | OUT | |
| Apr 26, 2023 09:01:36.055690050 CEST | 6150 | IN | |
| Apr 26, 2023 09:01:36.059612989 CEST | 6150 | OUT | |
| Apr 26, 2023 09:01:36.214426041 CEST | 6151 | IN | |
| Apr 26, 2023 09:01:36.217072964 CEST | 6151 | OUT | |
| Apr 26, 2023 09:01:36.366777897 CEST | 6152 | IN | |
| Apr 26, 2023 09:01:36.391988039 CEST | 6152 | OUT | |
| Apr 26, 2023 09:01:36.541862011 CEST | 6153 | IN | |
| Apr 26, 2023 09:01:36.546025038 CEST | 6153 | OUT | |
| Apr 26, 2023 09:01:36.696635008 CEST | 6154 | IN | |
| Apr 26, 2023 09:01:36.699017048 CEST | 6154 | OUT | |
| Apr 26, 2023 09:01:36.848640919 CEST | 6155 | IN | |
| Apr 26, 2023 09:01:36.851660013 CEST | 6156 | OUT | |
| Apr 26, 2023 09:01:37.001262903 CEST | 6160 | IN | |
| Apr 26, 2023 09:01:37.011219025 CEST | 6161 | OUT | |
| Apr 26, 2023 09:01:37.161623955 CEST | 6161 | IN | |
| Apr 26, 2023 09:01:37.174132109 CEST | 6162 | OUT | |
| Apr 26, 2023 09:01:37.325963020 CEST | 6162 | IN | |
| Apr 26, 2023 09:01:37.331161976 CEST | 6163 | OUT | |
| Apr 26, 2023 09:01:37.482691050 CEST | 6163 | IN | |
| Apr 26, 2023 09:01:37.485013962 CEST | 6164 | OUT | |
| Apr 26, 2023 09:01:37.996436119 CEST | 6165 | IN | |
| Apr 26, 2023 09:01:38.243671894 CEST | 6166 | OUT | |
| Apr 26, 2023 09:01:38.394639969 CEST | 6166 | IN | |
| Apr 26, 2023 09:01:38.450011969 CEST | 6167 | OUT | |
| Apr 26, 2023 09:01:38.604259968 CEST | 6167 | IN | |
| Apr 26, 2023 09:01:38.992100954 CEST | 6168 | OUT | |
| Apr 26, 2023 09:01:39.142348051 CEST | 6168 | IN | |
| Apr 26, 2023 09:01:39.168019056 CEST | 6169 | OUT | |
| Apr 26, 2023 09:01:39.319140911 CEST | 6186 | IN | |
| Apr 26, 2023 09:01:39.322227955 CEST | 6186 | OUT | |
| Apr 26, 2023 09:01:39.472908974 CEST | 6187 | IN | |
| Apr 26, 2023 09:01:39.488818884 CEST | 6187 | OUT | |
| Apr 26, 2023 09:01:39.638633013 CEST | 6187 | IN | |
| Apr 26, 2023 09:01:39.644784927 CEST | 6188 | OUT | |
| Apr 26, 2023 09:01:39.794539928 CEST | 6188 | IN | |
| Apr 26, 2023 09:01:39.805903912 CEST | 6189 | OUT | |
| Apr 26, 2023 09:01:39.955837011 CEST | 6189 | IN | |
| Apr 26, 2023 09:01:39.957730055 CEST | 6190 | OUT | |
| Apr 26, 2023 09:01:40.108752966 CEST | 6190 | IN | |
| Apr 26, 2023 09:01:40.110811949 CEST | 6191 | OUT | |
| Apr 26, 2023 09:01:40.260902882 CEST | 6212 | IN | |
| Apr 26, 2023 09:01:40.275237083 CEST | 6212 | OUT | |
| Apr 26, 2023 09:01:40.425354004 CEST | 6213 | IN | |
| Apr 26, 2023 09:01:40.427639961 CEST | 6213 | OUT | |
| Apr 26, 2023 09:01:40.577438116 CEST | 6214 | IN | |
| Apr 26, 2023 09:01:40.583091974 CEST | 6214 | OUT | |
| Apr 26, 2023 09:01:40.744373083 CEST | 6215 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 2 | 192.168.2.3 | 49698 | 185.143.234.120 | 443 | C:\Windows\SysWOW64\wget.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 3 | 192.168.2.3 | 49701 | 142.250.203.110 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 4 | 192.168.2.3 | 49705 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 5 | 192.168.2.3 | 49703 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 6 | 192.168.2.3 | 49706 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 7 | 192.168.2.3 | 49704 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 8 | 192.168.2.3 | 49702 | 142.250.203.109 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 9 | 192.168.2.3 | 49708 | 67.199.248.11 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 0 | 192.168.2.3 | 49696 | 172.67.1.225 | 443 | C:\Windows\SysWOW64\wget.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:11 UTC | 0 | OUT | |
| 2023-04-26 07:00:11 UTC | 0 | IN | |
| 2023-04-26 07:00:11 UTC | 0 | IN | |
| 2023-04-26 07:00:11 UTC | 1 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 1 | 192.168.2.3 | 49697 | 172.217.168.65 | 443 | C:\Windows\SysWOW64\wget.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:11 UTC | 1 | OUT | |
| 2023-04-26 07:00:12 UTC | 1 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 10 | 192.168.2.3 | 49709 | 104.23.139.12 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:21 UTC | 4998 | OUT | |
| 2023-04-26 07:00:21 UTC | 4999 | IN | |
| 2023-04-26 07:00:21 UTC | 5000 | IN | |
| 2023-04-26 07:00:21 UTC | 5000 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 11 | 192.168.2.3 | 49711 | 192.0.77.2 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:21 UTC | 5002 | OUT | |
| 2023-04-26 07:00:21 UTC | 5003 | IN | |
| 2023-04-26 07:00:21 UTC | 5003 | IN | |
| 2023-04-26 07:00:21 UTC | 5004 | IN | |
| 2023-04-26 07:00:21 UTC | 5005 | IN | |
| 2023-04-26 07:00:21 UTC | 5007 | IN | |
| 2023-04-26 07:00:21 UTC | 5008 | IN | |
| 2023-04-26 07:00:21 UTC | 5009 | IN | |
| 2023-04-26 07:00:21 UTC | 5011 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 12 | 192.168.2.3 | 49712 | 67.199.248.11 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:24 UTC | 5012 | OUT | |
| 2023-04-26 07:00:24 UTC | 5012 | IN | |
| 2023-04-26 07:00:24 UTC | 5013 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 13 | 192.168.2.3 | 49717 | 5.181.156.27 | 443 | C:\Users\Public\Documents\tqVXfZhGNW\openshot-qt.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:01:37 UTC | 5013 | OUT | |
| 2023-04-26 07:01:37 UTC | 5013 | IN | |
| 2023-04-26 07:01:37 UTC | 5013 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 2 | 192.168.2.3 | 49698 | 185.143.234.120 | 443 | C:\Windows\SysWOW64\wget.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:12 UTC | 3 | OUT | |
| 2023-04-26 07:00:13 UTC | 3 | IN | |
| 2023-04-26 07:00:13 UTC | 3 | IN | |
| 2023-04-26 07:00:13 UTC | 19 | IN | |
| 2023-04-26 07:00:13 UTC | 19 | IN | |
| 2023-04-26 07:00:13 UTC | 34 | IN | |
| 2023-04-26 07:00:13 UTC | 50 | IN | |
| 2023-04-26 07:00:13 UTC | 66 | IN | |
| 2023-04-26 07:00:13 UTC | 82 | IN | |
| 2023-04-26 07:00:13 UTC | 98 | IN | |
| 2023-04-26 07:00:13 UTC | 114 | IN | |
| 2023-04-26 07:00:13 UTC | 129 | IN | |
| 2023-04-26 07:00:13 UTC | 145 | IN | |
| 2023-04-26 07:00:13 UTC | 161 | IN | |
| 2023-04-26 07:00:13 UTC | 177 | IN | |
| 2023-04-26 07:00:13 UTC | 193 | IN | |
| 2023-04-26 07:00:13 UTC | 209 | IN | |
| 2023-04-26 07:00:13 UTC | 225 | IN | |
| 2023-04-26 07:00:13 UTC | 241 | IN | |
| 2023-04-26 07:00:13 UTC | 257 | IN | |
| 2023-04-26 07:00:13 UTC | 273 | IN | |
| 2023-04-26 07:00:13 UTC | 289 | IN | |
| 2023-04-26 07:00:13 UTC | 305 | IN | |
| 2023-04-26 07:00:13 UTC | 321 | IN | |
| 2023-04-26 07:00:13 UTC | 337 | IN | |
| 2023-04-26 07:00:13 UTC | 353 | IN | |
| 2023-04-26 07:00:13 UTC | 369 | IN | |
| 2023-04-26 07:00:13 UTC | 385 | IN | |
| 2023-04-26 07:00:13 UTC | 400 | IN | |
| 2023-04-26 07:00:13 UTC | 416 | IN | |
| 2023-04-26 07:00:13 UTC | 432 | IN | |
| 2023-04-26 07:00:13 UTC | 448 | IN | |
| 2023-04-26 07:00:13 UTC | 464 | IN | |
| 2023-04-26 07:00:13 UTC | 480 | IN | |
| 2023-04-26 07:00:13 UTC | 496 | IN | |
| 2023-04-26 07:00:13 UTC | 512 | IN | |
| 2023-04-26 07:00:13 UTC | 528 | IN | |
| 2023-04-26 07:00:13 UTC | 544 | IN | |
| 2023-04-26 07:00:13 UTC | 560 | IN | |
| 2023-04-26 07:00:13 UTC | 576 | IN | |
| 2023-04-26 07:00:13 UTC | 592 | IN | |
| 2023-04-26 07:00:13 UTC | 608 | IN | |
| 2023-04-26 07:00:13 UTC | 624 | IN | |
| 2023-04-26 07:00:13 UTC | 640 | IN | |
| 2023-04-26 07:00:13 UTC | 656 | IN | |
| 2023-04-26 07:00:13 UTC | 672 | IN | |
| 2023-04-26 07:00:13 UTC | 688 | IN | |
| 2023-04-26 07:00:13 UTC | 704 | IN | |
| 2023-04-26 07:00:13 UTC | 720 | IN | |
| 2023-04-26 07:00:13 UTC | 736 | IN | |
| 2023-04-26 07:00:13 UTC | 752 | IN | |
| 2023-04-26 07:00:13 UTC | 768 | IN | |
| 2023-04-26 07:00:13 UTC | 784 | IN | |
| 2023-04-26 07:00:13 UTC | 800 | IN | |
| 2023-04-26 07:00:13 UTC | 816 | IN | |
| 2023-04-26 07:00:13 UTC | 831 | IN | |
| 2023-04-26 07:00:13 UTC | 847 | IN | |
| 2023-04-26 07:00:13 UTC | 863 | IN | |
| 2023-04-26 07:00:13 UTC | 879 | IN | |
| 2023-04-26 07:00:13 UTC | 895 | IN | |
| 2023-04-26 07:00:13 UTC | 911 | IN | |
| 2023-04-26 07:00:13 UTC | 927 | IN | |
| 2023-04-26 07:00:13 UTC | 943 | IN | |
| 2023-04-26 07:00:13 UTC | 959 | IN | |
| 2023-04-26 07:00:13 UTC | 975 | IN | |
| 2023-04-26 07:00:13 UTC | 991 | IN | |
| 2023-04-26 07:00:13 UTC | 1007 | IN | |
| 2023-04-26 07:00:13 UTC | 1023 | IN | |
| 2023-04-26 07:00:13 UTC | 1039 | IN | |
| 2023-04-26 07:00:13 UTC | 1055 | IN | |
| 2023-04-26 07:00:13 UTC | 1071 | IN | |
| 2023-04-26 07:00:13 UTC | 1087 | IN | |
| 2023-04-26 07:00:13 UTC | 1103 | IN | |
| 2023-04-26 07:00:13 UTC | 1119 | IN | |
| 2023-04-26 07:00:13 UTC | 1135 | IN | |
| 2023-04-26 07:00:13 UTC | 1151 | IN | |
| 2023-04-26 07:00:13 UTC | 1167 | IN | |
| 2023-04-26 07:00:13 UTC | 1183 | IN | |
| 2023-04-26 07:00:13 UTC | 1199 | IN | |
| 2023-04-26 07:00:13 UTC | 1215 | IN | |
| 2023-04-26 07:00:13 UTC | 1231 | IN | |
| 2023-04-26 07:00:13 UTC | 1247 | IN | |
| 2023-04-26 07:00:13 UTC | 1263 | IN | |
| 2023-04-26 07:00:13 UTC | 1279 | IN | |
| 2023-04-26 07:00:13 UTC | 1295 | IN | |
| 2023-04-26 07:00:13 UTC | 1311 | IN | |
| 2023-04-26 07:00:13 UTC | 1327 | IN | |
| 2023-04-26 07:00:13 UTC | 1343 | IN | |
| 2023-04-26 07:00:13 UTC | 1359 | IN | |
| 2023-04-26 07:00:13 UTC | 1375 | IN | |
| 2023-04-26 07:00:13 UTC | 1391 | IN | |
| 2023-04-26 07:00:13 UTC | 1407 | IN | |
| 2023-04-26 07:00:13 UTC | 1423 | IN | |
| 2023-04-26 07:00:13 UTC | 1439 | IN | |
| 2023-04-26 07:00:13 UTC | 1455 | IN | |
| 2023-04-26 07:00:13 UTC | 1471 | IN | |
| 2023-04-26 07:00:13 UTC | 1487 | IN | |
| 2023-04-26 07:00:13 UTC | 1503 | IN | |
| 2023-04-26 07:00:14 UTC | 1519 | IN | |
| 2023-04-26 07:00:14 UTC | 1535 | IN | |
| 2023-04-26 07:00:14 UTC | 1551 | IN | |
| 2023-04-26 07:00:14 UTC | 1567 | IN | |
| 2023-04-26 07:00:14 UTC | 1583 | IN | |
| 2023-04-26 07:00:14 UTC | 1599 | IN | |
| 2023-04-26 07:00:14 UTC | 1615 | IN | |
| 2023-04-26 07:00:14 UTC | 1631 | IN | |
| 2023-04-26 07:00:14 UTC | 1643 | IN | |
| 2023-04-26 07:00:14 UTC | 1659 | IN | |
| 2023-04-26 07:00:14 UTC | 1675 | IN | |
| 2023-04-26 07:00:14 UTC | 1691 | IN | |
| 2023-04-26 07:00:14 UTC | 1707 | IN | |
| 2023-04-26 07:00:14 UTC | 1723 | IN | |
| 2023-04-26 07:00:14 UTC | 1739 | IN | |
| 2023-04-26 07:00:14 UTC | 1755 | IN | |
| 2023-04-26 07:00:14 UTC | 1771 | IN | |
| 2023-04-26 07:00:14 UTC | 1787 | IN | |
| 2023-04-26 07:00:14 UTC | 1803 | IN | |
| 2023-04-26 07:00:14 UTC | 1819 | IN | |
| 2023-04-26 07:00:14 UTC | 1835 | IN | |
| 2023-04-26 07:00:14 UTC | 1851 | IN | |
| 2023-04-26 07:00:14 UTC | 1867 | IN | |
| 2023-04-26 07:00:14 UTC | 1883 | IN | |
| 2023-04-26 07:00:14 UTC | 1899 | IN | |
| 2023-04-26 07:00:14 UTC | 1915 | IN | |
| 2023-04-26 07:00:14 UTC | 1931 | IN | |
| 2023-04-26 07:00:14 UTC | 1947 | IN | |
| 2023-04-26 07:00:14 UTC | 1963 | IN | |
| 2023-04-26 07:00:14 UTC | 1979 | IN | |
| 2023-04-26 07:00:14 UTC | 1995 | IN | |
| 2023-04-26 07:00:14 UTC | 2011 | IN | |
| 2023-04-26 07:00:14 UTC | 2027 | IN | |
| 2023-04-26 07:00:14 UTC | 2043 | IN | |
| 2023-04-26 07:00:14 UTC | 2059 | IN | |
| 2023-04-26 07:00:14 UTC | 2075 | IN | |
| 2023-04-26 07:00:14 UTC | 2090 | IN | |
| 2023-04-26 07:00:14 UTC | 2106 | IN | |
| 2023-04-26 07:00:14 UTC | 2122 | IN | |
| 2023-04-26 07:00:14 UTC | 2138 | IN | |
| 2023-04-26 07:00:14 UTC | 2153 | IN | |
| 2023-04-26 07:00:14 UTC | 2169 | IN | |
| 2023-04-26 07:00:14 UTC | 2185 | IN | |
| 2023-04-26 07:00:14 UTC | 2201 | IN | |
| 2023-04-26 07:00:14 UTC | 2217 | IN | |
| 2023-04-26 07:00:14 UTC | 2233 | IN | |
| 2023-04-26 07:00:14 UTC | 2249 | IN | |
| 2023-04-26 07:00:14 UTC | 2265 | IN | |
| 2023-04-26 07:00:14 UTC | 2281 | IN | |
| 2023-04-26 07:00:14 UTC | 2297 | IN | |
| 2023-04-26 07:00:14 UTC | 2313 | IN | |
| 2023-04-26 07:00:14 UTC | 2329 | IN | |
| 2023-04-26 07:00:14 UTC | 2345 | IN | |
| 2023-04-26 07:00:14 UTC | 2361 | IN | |
| 2023-04-26 07:00:14 UTC | 2377 | IN | |
| 2023-04-26 07:00:14 UTC | 2393 | IN | |
| 2023-04-26 07:00:14 UTC | 2409 | IN | |
| 2023-04-26 07:00:14 UTC | 2425 | IN | |
| 2023-04-26 07:00:14 UTC | 2441 | IN | |
| 2023-04-26 07:00:14 UTC | 2457 | IN | |
| 2023-04-26 07:00:14 UTC | 2473 | IN | |
| 2023-04-26 07:00:14 UTC | 2489 | IN | |
| 2023-04-26 07:00:14 UTC | 2505 | IN | |
| 2023-04-26 07:00:14 UTC | 2521 | IN | |
| 2023-04-26 07:00:14 UTC | 2537 | IN | |
| 2023-04-26 07:00:14 UTC | 2553 | IN | |
| 2023-04-26 07:00:14 UTC | 2569 | IN | |
| 2023-04-26 07:00:14 UTC | 2585 | IN | |
| 2023-04-26 07:00:14 UTC | 2601 | IN | |
| 2023-04-26 07:00:14 UTC | 2617 | IN | |
| 2023-04-26 07:00:14 UTC | 2633 | IN | |
| 2023-04-26 07:00:14 UTC | 2649 | IN | |
| 2023-04-26 07:00:14 UTC | 2665 | IN | |
| 2023-04-26 07:00:14 UTC | 2681 | IN | |
| 2023-04-26 07:00:14 UTC | 2697 | IN | |
| 2023-04-26 07:00:14 UTC | 2713 | IN | |
| 2023-04-26 07:00:14 UTC | 2729 | IN | |
| 2023-04-26 07:00:14 UTC | 2745 | IN | |
| 2023-04-26 07:00:14 UTC | 2761 | IN | |
| 2023-04-26 07:00:14 UTC | 2777 | IN | |
| 2023-04-26 07:00:14 UTC | 2793 | IN | |
| 2023-04-26 07:00:14 UTC | 2809 | IN | |
| 2023-04-26 07:00:14 UTC | 2825 | IN | |
| 2023-04-26 07:00:14 UTC | 2841 | IN | |
| 2023-04-26 07:00:14 UTC | 2857 | IN | |
| 2023-04-26 07:00:14 UTC | 2873 | IN | |
| 2023-04-26 07:00:14 UTC | 2889 | IN | |
| 2023-04-26 07:00:14 UTC | 2905 | IN | |
| 2023-04-26 07:00:14 UTC | 2921 | IN | |
| 2023-04-26 07:00:14 UTC | 2937 | IN | |
| 2023-04-26 07:00:14 UTC | 2953 | IN | |
| 2023-04-26 07:00:14 UTC | 2969 | IN | |
| 2023-04-26 07:00:14 UTC | 2985 | IN | |
| 2023-04-26 07:00:14 UTC | 3001 | IN | |
| 2023-04-26 07:00:14 UTC | 3017 | IN | |
| 2023-04-26 07:00:14 UTC | 3033 | IN | |
| 2023-04-26 07:00:14 UTC | 3046 | IN | |
| 2023-04-26 07:00:14 UTC | 3062 | IN | |
| 2023-04-26 07:00:14 UTC | 3078 | IN | |
| 2023-04-26 07:00:14 UTC | 3094 | IN | |
| 2023-04-26 07:00:14 UTC | 3110 | IN | |
| 2023-04-26 07:00:14 UTC | 3126 | IN | |
| 2023-04-26 07:00:14 UTC | 3142 | IN | |
| 2023-04-26 07:00:14 UTC | 3158 | IN | |
| 2023-04-26 07:00:14 UTC | 3174 | IN | |
| 2023-04-26 07:00:14 UTC | 3190 | IN | |
| 2023-04-26 07:00:14 UTC | 3206 | IN | |
| 2023-04-26 07:00:14 UTC | 3222 | IN | |
| 2023-04-26 07:00:14 UTC | 3238 | IN | |
| 2023-04-26 07:00:14 UTC | 3254 | IN | |
| 2023-04-26 07:00:14 UTC | 3270 | IN | |
| 2023-04-26 07:00:14 UTC | 3286 | IN | |
| 2023-04-26 07:00:14 UTC | 3302 | IN | |
| 2023-04-26 07:00:14 UTC | 3317 | IN | |
| 2023-04-26 07:00:14 UTC | 3333 | IN | |
| 2023-04-26 07:00:14 UTC | 3349 | IN | |
| 2023-04-26 07:00:14 UTC | 3365 | IN | |
| 2023-04-26 07:00:14 UTC | 3381 | IN | |
| 2023-04-26 07:00:14 UTC | 3397 | IN | |
| 2023-04-26 07:00:14 UTC | 3413 | IN | |
| 2023-04-26 07:00:14 UTC | 3429 | IN | |
| 2023-04-26 07:00:14 UTC | 3444 | IN | |
| 2023-04-26 07:00:14 UTC | 3460 | IN | |
| 2023-04-26 07:00:14 UTC | 3476 | IN | |
| 2023-04-26 07:00:14 UTC | 3492 | IN | |
| 2023-04-26 07:00:14 UTC | 3508 | IN | |
| 2023-04-26 07:00:14 UTC | 3524 | IN | |
| 2023-04-26 07:00:14 UTC | 3540 | IN | |
| 2023-04-26 07:00:14 UTC | 3556 | IN | |
| 2023-04-26 07:00:14 UTC | 3572 | IN | |
| 2023-04-26 07:00:14 UTC | 3588 | IN | |
| 2023-04-26 07:00:14 UTC | 3604 | IN | |
| 2023-04-26 07:00:14 UTC | 3620 | IN | |
| 2023-04-26 07:00:14 UTC | 3636 | IN | |
| 2023-04-26 07:00:14 UTC | 3652 | IN | |
| 2023-04-26 07:00:14 UTC | 3668 | IN | |
| 2023-04-26 07:00:14 UTC | 3684 | IN | |
| 2023-04-26 07:00:14 UTC | 3700 | IN | |
| 2023-04-26 07:00:14 UTC | 3716 | IN | |
| 2023-04-26 07:00:14 UTC | 3732 | IN | |
| 2023-04-26 07:00:14 UTC | 3748 | IN | |
| 2023-04-26 07:00:14 UTC | 3764 | IN | |
| 2023-04-26 07:00:14 UTC | 3780 | IN | |
| 2023-04-26 07:00:14 UTC | 3796 | IN | |
| 2023-04-26 07:00:14 UTC | 3812 | IN | |
| 2023-04-26 07:00:14 UTC | 3828 | IN | |
| 2023-04-26 07:00:14 UTC | 3844 | IN | |
| 2023-04-26 07:00:14 UTC | 3860 | IN | |
| 2023-04-26 07:00:14 UTC | 3876 | IN | |
| 2023-04-26 07:00:14 UTC | 3892 | IN | |
| 2023-04-26 07:00:14 UTC | 3908 | IN | |
| 2023-04-26 07:00:14 UTC | 3924 | IN | |
| 2023-04-26 07:00:14 UTC | 3940 | IN | |
| 2023-04-26 07:00:14 UTC | 3956 | IN | |
| 2023-04-26 07:00:14 UTC | 3972 | IN | |
| 2023-04-26 07:00:14 UTC | 3988 | IN | |
| 2023-04-26 07:00:14 UTC | 4004 | IN | |
| 2023-04-26 07:00:14 UTC | 4020 | IN | |
| 2023-04-26 07:00:14 UTC | 4036 | IN | |
| 2023-04-26 07:00:14 UTC | 4052 | IN | |
| 2023-04-26 07:00:14 UTC | 4068 | IN | |
| 2023-04-26 07:00:14 UTC | 4084 | IN | |
| 2023-04-26 07:00:14 UTC | 4100 | IN | |
| 2023-04-26 07:00:14 UTC | 4116 | IN | |
| 2023-04-26 07:00:14 UTC | 4132 | IN | |
| 2023-04-26 07:00:14 UTC | 4146 | IN | |
| 2023-04-26 07:00:14 UTC | 4162 | IN | |
| 2023-04-26 07:00:14 UTC | 4178 | IN | |
| 2023-04-26 07:00:14 UTC | 4194 | IN | |
| 2023-04-26 07:00:14 UTC | 4210 | IN | |
| 2023-04-26 07:00:14 UTC | 4226 | IN | |
| 2023-04-26 07:00:14 UTC | 4242 | IN | |
| 2023-04-26 07:00:14 UTC | 4258 | IN | |
| 2023-04-26 07:00:14 UTC | 4274 | IN | |
| 2023-04-26 07:00:14 UTC | 4289 | IN | |
| 2023-04-26 07:00:14 UTC | 4305 | IN | |
| 2023-04-26 07:00:14 UTC | 4321 | IN | |
| 2023-04-26 07:00:14 UTC | 4337 | IN | |
| 2023-04-26 07:00:14 UTC | 4353 | IN | |
| 2023-04-26 07:00:14 UTC | 4369 | IN | |
| 2023-04-26 07:00:14 UTC | 4385 | IN | |
| 2023-04-26 07:00:14 UTC | 4401 | IN | |
| 2023-04-26 07:00:14 UTC | 4417 | IN | |
| 2023-04-26 07:00:14 UTC | 4433 | IN | |
| 2023-04-26 07:00:14 UTC | 4449 | IN | |
| 2023-04-26 07:00:14 UTC | 4465 | IN | |
| 2023-04-26 07:00:14 UTC | 4481 | IN | |
| 2023-04-26 07:00:14 UTC | 4497 | IN | |
| 2023-04-26 07:00:14 UTC | 4513 | IN | |
| 2023-04-26 07:00:14 UTC | 4529 | IN | |
| 2023-04-26 07:00:14 UTC | 4545 | IN | |
| 2023-04-26 07:00:14 UTC | 4561 | IN | |
| 2023-04-26 07:00:14 UTC | 4577 | IN | |
| 2023-04-26 07:00:14 UTC | 4593 | IN | |
| 2023-04-26 07:00:14 UTC | 4609 | IN | |
| 2023-04-26 07:00:14 UTC | 4625 | IN | |
| 2023-04-26 07:00:14 UTC | 4641 | IN | |
| 2023-04-26 07:00:14 UTC | 4657 | IN | |
| 2023-04-26 07:00:14 UTC | 4673 | IN | |
| 2023-04-26 07:00:14 UTC | 4689 | IN | |
| 2023-04-26 07:00:14 UTC | 4705 | IN | |
| 2023-04-26 07:00:14 UTC | 4721 | IN | |
| 2023-04-26 07:00:14 UTC | 4737 | IN | |
| 2023-04-26 07:00:14 UTC | 4753 | IN | |
| 2023-04-26 07:00:14 UTC | 4769 | IN | |
| 2023-04-26 07:00:14 UTC | 4785 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 3 | 192.168.2.3 | 49701 | 142.250.203.110 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:20 UTC | 4799 | OUT | |
| 2023-04-26 07:00:20 UTC | 4826 | IN | |
| 2023-04-26 07:00:20 UTC | 4826 | IN | |
| 2023-04-26 07:00:20 UTC | 4827 | IN | |
| 2023-04-26 07:00:20 UTC | 4827 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 4 | 192.168.2.3 | 49705 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:20 UTC | 4800 | OUT | |
| 2023-04-26 07:00:20 UTC | 4802 | IN | |
| 2023-04-26 07:00:20 UTC | 4803 | IN | |
| 2023-04-26 07:00:20 UTC | 4804 | IN | |
| 2023-04-26 07:00:20 UTC | 4805 | IN | |
| 2023-04-26 07:00:20 UTC | 4806 | IN | |
| 2023-04-26 07:00:20 UTC | 4808 | IN | |
| 2023-04-26 07:00:20 UTC | 4809 | IN | |
| 2023-04-26 07:00:20 UTC | 4810 | IN | |
| 2023-04-26 07:00:20 UTC | 4812 | IN | |
| 2023-04-26 07:00:20 UTC | 4813 | IN | |
| 2023-04-26 07:00:20 UTC | 4814 | IN | |
| 2023-04-26 07:00:20 UTC | 4816 | IN | |
| 2023-04-26 07:00:20 UTC | 4817 | IN | |
| 2023-04-26 07:00:20 UTC | 4818 | IN | |
| 2023-04-26 07:00:20 UTC | 4819 | IN | |
| 2023-04-26 07:00:20 UTC | 4820 | IN | |
| 2023-04-26 07:00:20 UTC | 4822 | IN | |
| 2023-04-26 07:00:20 UTC | 4823 | IN | |
| 2023-04-26 07:00:20 UTC | 4824 | IN | |
| 2023-04-26 07:00:20 UTC | 4827 | IN | |
| 2023-04-26 07:00:20 UTC | 4828 | IN | |
| 2023-04-26 07:00:20 UTC | 4830 | IN | |
| 2023-04-26 07:00:20 UTC | 4831 | IN | |
| 2023-04-26 07:00:20 UTC | 4832 | IN | |
| 2023-04-26 07:00:20 UTC | 4834 | IN | |
| 2023-04-26 07:00:20 UTC | 4835 | IN | |
| 2023-04-26 07:00:20 UTC | 4836 | IN | |
| 2023-04-26 07:00:20 UTC | 4838 | IN | |
| 2023-04-26 07:00:20 UTC | 4839 | IN | |
| 2023-04-26 07:00:20 UTC | 4840 | IN | |
| 2023-04-26 07:00:20 UTC | 4842 | IN | |
| 2023-04-26 07:00:20 UTC | 4843 | IN | |
| 2023-04-26 07:00:20 UTC | 4844 | IN | |
| 2023-04-26 07:00:20 UTC | 4846 | IN | |
| 2023-04-26 07:00:20 UTC | 4847 | IN | |
| 2023-04-26 07:00:20 UTC | 4848 | IN | |
| 2023-04-26 07:00:20 UTC | 4850 | IN | |
| 2023-04-26 07:00:20 UTC | 4851 | IN | |
| 2023-04-26 07:00:20 UTC | 4852 | IN | |
| 2023-04-26 07:00:20 UTC | 4854 | IN | |
| 2023-04-26 07:00:20 UTC | 4855 | IN | |
| 2023-04-26 07:00:20 UTC | 4856 | IN | |
| 2023-04-26 07:00:20 UTC | 4858 | IN | |
| 2023-04-26 07:00:20 UTC | 4862 | IN | |
| 2023-04-26 07:00:20 UTC | 4866 | IN | |
| 2023-04-26 07:00:20 UTC | 4870 | IN | |
| 2023-04-26 07:00:20 UTC | 4874 | IN | |
| 2023-04-26 07:00:20 UTC | 4878 | IN | |
| 2023-04-26 07:00:20 UTC | 4883 | IN | |
| 2023-04-26 07:00:20 UTC | 4883 | IN | |
| 2023-04-26 07:00:20 UTC | 4887 | IN | |
| 2023-04-26 07:00:20 UTC | 4891 | IN | |
| 2023-04-26 07:00:20 UTC | 4892 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 5 | 192.168.2.3 | 49703 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:20 UTC | 4800 | OUT | |
| 2023-04-26 07:00:20 UTC | 4927 | IN | |
| 2023-04-26 07:00:20 UTC | 4928 | IN | |
| 2023-04-26 07:00:20 UTC | 4928 | IN | |
| 2023-04-26 07:00:20 UTC | 4930 | IN | |
| 2023-04-26 07:00:20 UTC | 4930 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 6 | 192.168.2.3 | 49706 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:20 UTC | 4801 | OUT | |
| 2023-04-26 07:00:20 UTC | 4894 | IN | |
| 2023-04-26 07:00:20 UTC | 4895 | IN | |
| 2023-04-26 07:00:20 UTC | 4895 | IN | |
| 2023-04-26 07:00:20 UTC | 4896 | IN | |
| 2023-04-26 07:00:20 UTC | 4898 | IN | |
| 2023-04-26 07:00:20 UTC | 4899 | IN | |
| 2023-04-26 07:00:20 UTC | 4900 | IN | |
| 2023-04-26 07:00:20 UTC | 4902 | IN | |
| 2023-04-26 07:00:20 UTC | 4903 | IN | |
| 2023-04-26 07:00:20 UTC | 4904 | IN | |
| 2023-04-26 07:00:20 UTC | 4906 | IN | |
| 2023-04-26 07:00:20 UTC | 4907 | IN | |
| 2023-04-26 07:00:20 UTC | 4908 | IN | |
| 2023-04-26 07:00:20 UTC | 4910 | IN | |
| 2023-04-26 07:00:20 UTC | 4911 | IN | |
| 2023-04-26 07:00:20 UTC | 4912 | IN | |
| 2023-04-26 07:00:20 UTC | 4914 | IN | |
| 2023-04-26 07:00:20 UTC | 4915 | IN | |
| 2023-04-26 07:00:20 UTC | 4916 | IN | |
| 2023-04-26 07:00:20 UTC | 4918 | IN | |
| 2023-04-26 07:00:20 UTC | 4919 | IN | |
| 2023-04-26 07:00:20 UTC | 4920 | IN | |
| 2023-04-26 07:00:20 UTC | 4922 | IN | |
| 2023-04-26 07:00:20 UTC | 4923 | IN | |
| 2023-04-26 07:00:20 UTC | 4924 | IN | |
| 2023-04-26 07:00:20 UTC | 4926 | IN | |
| 2023-04-26 07:00:20 UTC | 4933 | IN | |
| 2023-04-26 07:00:20 UTC | 4935 | IN | |
| 2023-04-26 07:00:20 UTC | 4936 | IN | |
| 2023-04-26 07:00:20 UTC | 4937 | IN | |
| 2023-04-26 07:00:20 UTC | 4939 | IN | |
| 2023-04-26 07:00:20 UTC | 4940 | IN | |
| 2023-04-26 07:00:20 UTC | 4941 | IN | |
| 2023-04-26 07:00:20 UTC | 4943 | IN | |
| 2023-04-26 07:00:20 UTC | 4944 | IN | |
| 2023-04-26 07:00:20 UTC | 4945 | IN | |
| 2023-04-26 07:00:20 UTC | 4947 | IN | |
| 2023-04-26 07:00:20 UTC | 4948 | IN | |
| 2023-04-26 07:00:20 UTC | 4949 | IN | |
| 2023-04-26 07:00:20 UTC | 4951 | IN | |
| 2023-04-26 07:00:20 UTC | 4952 | IN | |
| 2023-04-26 07:00:20 UTC | 4953 | IN | |
| 2023-04-26 07:00:20 UTC | 4955 | IN | |
| 2023-04-26 07:00:20 UTC | 4959 | IN | |
| 2023-04-26 07:00:20 UTC | 4963 | IN | |
| 2023-04-26 07:00:20 UTC | 4964 | IN | |
| 2023-04-26 07:00:20 UTC | 4968 | IN | |
| 2023-04-26 07:00:20 UTC | 4972 | IN | |
| 2023-04-26 07:00:20 UTC | 4976 | IN | |
| 2023-04-26 07:00:20 UTC | 4981 | IN | |
| 2023-04-26 07:00:20 UTC | 4985 | IN | |
| 2023-04-26 07:00:20 UTC | 4989 | IN | |
| 2023-04-26 07:00:20 UTC | 4993 | IN | |
| 2023-04-26 07:00:20 UTC | 4996 | IN | |
| 2023-04-26 07:00:20 UTC | 4998 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 7 | 192.168.2.3 | 49704 | 104.17.25.14 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:20 UTC | 4801 | OUT | |
| 2023-04-26 07:00:20 UTC | 4930 | IN | |
| 2023-04-26 07:00:20 UTC | 4931 | IN | |
| 2023-04-26 07:00:20 UTC | 4931 | IN | |
| 2023-04-26 07:00:20 UTC | 4932 | IN | |
| 2023-04-26 07:00:20 UTC | 4933 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 8 | 192.168.2.3 | 49702 | 142.250.203.109 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:20 UTC | 4802 | OUT | |
| 2023-04-26 07:00:20 UTC | 4802 | OUT | |
| 2023-04-26 07:00:20 UTC | 4892 | IN | |
| 2023-04-26 07:00:20 UTC | 4894 | IN | |
| 2023-04-26 07:00:20 UTC | 4894 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
|---|---|---|---|---|---|
| 9 | 192.168.2.3 | 49708 | 67.199.248.11 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | kBytes transferred | Direction | Data |
|---|---|---|---|
| 2023-04-26 07:00:21 UTC | 4998 | OUT | |
| 2023-04-26 07:00:21 UTC | 5002 | IN | |
| 2023-04-26 07:00:21 UTC | 5002 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 09:00:09 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xb0000 |
| File size: | 232960 bytes |
| MD5 hash: | F3BDBE3BB6F734E357235F4D5898582D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 1 |
| Start time: | 09:00:09 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff745070000 |
| File size: | 625664 bytes |
| MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 2 |
| Start time: | 09:00:09 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\wget.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x400000 |
| File size: | 3895184 bytes |
| MD5 hash: | 3DADB6E2ECE9C4B3E1E322E617658B60 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 3 |
| Start time: | 09:00:16 |
| Start date: | 26/04/2023 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff614650000 |
| File size: | 2851656 bytes |
| MD5 hash: | 0FEC2748F363150DC54C1CAFFB1A9408 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 4 |
| Start time: | 09:00:17 |
| Start date: | 26/04/2023 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff614650000 |
| File size: | 2851656 bytes |
| MD5 hash: | 0FEC2748F363150DC54C1CAFFB1A9408 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 7 |
| Start time: | 09:00:32 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\unarchiver.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x2e0000 |
| File size: | 12800 bytes |
| MD5 hash: | 16FF3CC6CC330A08EED70CBC1D35F5D2 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | .Net C# or VB.NET |
| Reputation: | low |
| Target ID: | 8 |
| Start time: | 09:00:32 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\7za.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xb00000 |
| File size: | 289792 bytes |
| MD5 hash: | 77E556CDFDC5C592F5C46DB4127C6F4C |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 10 |
| Start time: | 09:00:32 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff745070000 |
| File size: | 625664 bytes |
| MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 12 |
| Start time: | 09:00:33 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xb0000 |
| File size: | 232960 bytes |
| MD5 hash: | F3BDBE3BB6F734E357235F4D5898582D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 13 |
| Start time: | 09:00:34 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff745070000 |
| File size: | 625664 bytes |
| MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 14 |
| Start time: | 09:00:34 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\msiexec.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x1320000 |
| File size: | 59904 bytes |
| MD5 hash: | 12C17B5A5C2A7B97342C362CA467E9A2 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 15 |
| Start time: | 09:00:35 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\msiexec.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6ca150000 |
| File size: | 66048 bytes |
| MD5 hash: | 4767B71A318E201188A0D0A420C8B608 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 17 |
| Start time: | 09:00:37 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\msiexec.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x1320000 |
| File size: | 59904 bytes |
| MD5 hash: | 12C17B5A5C2A7B97342C362CA467E9A2 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 22 |
| Start time: | 09:01:14 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xb0000 |
| File size: | 232960 bytes |
| MD5 hash: | F3BDBE3BB6F734E357235F4D5898582D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 23 |
| Start time: | 09:01:15 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff745070000 |
| File size: | 625664 bytes |
| MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 24 |
| Start time: | 09:01:15 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\reg.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xa90000 |
| File size: | 59392 bytes |
| MD5 hash: | CEE2A7E57DF2A159A065A34913A055C2 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 25 |
| Start time: | 09:01:16 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff745070000 |
| File size: | 625664 bytes |
| MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 26 |
| Start time: | 09:01:21 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xb0000 |
| File size: | 232960 bytes |
| MD5 hash: | F3BDBE3BB6F734E357235F4D5898582D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 27 |
| Start time: | 09:01:21 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff745070000 |
| File size: | 625664 bytes |
| MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 28 |
| Start time: | 09:01:22 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\shutdown.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xe70000 |
| File size: | 23552 bytes |
| MD5 hash: | E2EB9CC0FE26E28406FB6F82F8E81B26 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 29 |
| Start time: | 09:01:27 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xb0000 |
| File size: | 232960 bytes |
| MD5 hash: | F3BDBE3BB6F734E357235F4D5898582D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 30 |
| Start time: | 09:01:27 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff745070000 |
| File size: | 625664 bytes |
| MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 31 |
| Start time: | 09:01:28 |
| Start date: | 26/04/2023 |
| Path: | C:\Windows\SysWOW64\shutdown.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xe70000 |
| File size: | 23552 bytes |
| MD5 hash: | E2EB9CC0FE26E28406FB6F82F8E81B26 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Target ID: | 32 |
| Start time: | 09:01:30 |
| Start date: | 26/04/2023 |
| Path: | C:\Users\Public\Documents\tqVXfZhGNW\openshot-qt.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x300000 |
| File size: | 330240 bytes |
| MD5 hash: | 29C35D09065CC6A59E2C5C88175C91ED |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | .Net C# or VB.NET |
| Antivirus matches: |
|
| Reputation: | low |
| Target ID: | 33 |
| Start time: | 09:01:38 |
| Start date: | 26/04/2023 |
| Path: | C:\Users\Public\Documents\tqVXfZhGNW\openshot-qt.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x300000 |
| File size: | 330240 bytes |
| MD5 hash: | 29C35D09065CC6A59E2C5C88175C91ED |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | .Net C# or VB.NET |
| Reputation: | low |
Function 02600870 Relevance: 1.0, Instructions: 976COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A02C0 Relevance: .3, Instructions: 285COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A07A8 Relevance: .3, Instructions: 278COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0798 Relevance: .2, Instructions: 227COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0C99 Relevance: .1, Instructions: 88COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0CA8 Relevance: .1, Instructions: 82COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 026007F8 Relevance: .1, Instructions: 79COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0B8F Relevance: .1, Instructions: 65COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0BA0 Relevance: .1, Instructions: 60COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 026005CF Relevance: .0, Instructions: 44COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0260081E Relevance: .0, Instructions: 34COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0C50 Relevance: .0, Instructions: 27COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 026005F6 Relevance: .0, Instructions: 27COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0C60 Relevance: .0, Instructions: 22COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0DD1 Relevance: .0, Instructions: 18COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 025A0DE0 Relevance: .0, Instructions: 12COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
| Execution Coverage: | 4.9% |
| Dynamic/Decrypted Code Coverage: | 22.5% |
| Signature Coverage: | 8.2% |
| Total number of Nodes: | 280 |
| Total number of Limit Nodes: | 5 |
Graph
Function 0030117C Relevance: 24.7, APIs: 12, Strings: 2, Instructions: 206sleepCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003011B3 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 119sleepCOMMON
Download Yara Rule
Control-flow Graph
| C-Code - Quality: 21% |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301170 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 135sleepCOMMON
Download Yara Rule
Control-flow Graph
| C-Code - Quality: 31% |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD0AFC Relevance: .2, Instructions: 233COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD3D11 Relevance: .2, Instructions: 197COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301D80 Relevance: 52.6, APIs: 21, Strings: 9, Instructions: 140windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
| C-Code - Quality: 100% |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD3A0C Relevance: 1.6, APIs: 1, Instructions: 120COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD3A18 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD4A7C Relevance: 1.6, APIs: 1, Instructions: 97COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003AD01C Relevance: 1.6, APIs: 1, Instructions: 65COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003AD006 Relevance: 1.6, APIs: 1, Instructions: 56COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD0970 Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD1DC2 Relevance: 1.6, APIs: 1, Instructions: 54libraryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD1B60 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0039D558 Relevance: .1, Instructions: 75COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0039D644 Relevance: .1, Instructions: 75COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0039D63F Relevance: .1, Instructions: 56COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0039D553 Relevance: .1, Instructions: 56COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0039301C Relevance: .1, Instructions: 53COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 02710712 Relevance: .1, Instructions: 51COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00393018 Relevance: .0, Instructions: 46COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 02710B36 Relevance: .0, Instructions: 40COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 027108A2 Relevance: .0, Instructions: 29COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 027108FA Relevance: .0, Instructions: 27COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 02710592 Relevance: .0, Instructions: 27COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 02710B50 Relevance: .0, Instructions: 20COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 027108C0 Relevance: .0, Instructions: 20COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 02710730 Relevance: .0, Instructions: 18COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 027105B0 Relevance: .0, Instructions: 16COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 02710918 Relevance: .0, Instructions: 13COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003014F0 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 43libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00305C70 Relevance: 10.5, APIs: 1, Strings: 5, Instructions: 1456COMMONCrypto
Download Yara Rule
| C-Code - Quality: 31% |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| C-Code - Quality: 75% |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD8A90 Relevance: 1.9, APIs: 1, Instructions: 396COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD07E8 Relevance: 1.5, Strings: 1, Instructions: 265COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 06FD2048 Relevance: .5, Instructions: 526COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| C-Code - Quality: 75% |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301600 Relevance: 52.7, APIs: 21, Strings: 9, Instructions: 154windowstringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003018D0 Relevance: 43.8, APIs: 18, Strings: 7, Instructions: 100windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301B91 Relevance: 24.6, APIs: 9, Strings: 5, Instructions: 62windowCOMMON
Download Yara Rule
| C-Code - Quality: 96% |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00302380 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 129fileCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003019B1 Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 23windowCOMMON
Download Yara Rule
| C-Code - Quality: 16% |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| C-Code - Quality: 19% |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00302830 Relevance: 12.1, APIs: 8, Instructions: 90COMMON
Download Yara Rule
| C-Code - Quality: 67% |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00308830 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 36libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301B51 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 27windowCOMMON
Download Yara Rule
| C-Code - Quality: 72% |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0030174B Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 43windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301FA7 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 20windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003087E8 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 19stringCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301766 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16windowCOMMON
Download Yara Rule
| C-Code - Quality: 100% |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301887 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 10windowCOMMON
Download Yara Rule
| C-Code - Quality: 100% |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00308400 Relevance: 6.1, APIs: 4, Instructions: 102COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00301001 Relevance: 6.1, APIs: 4, Instructions: 60COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| C-Code - Quality: 39% |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 00307510 Relevance: 5.1, APIs: 4, Instructions: 55sleepCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 003029E0 Relevance: 5.0, APIs: 4, Instructions: 39COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
| Execution Coverage: | 12.5% |
| Dynamic/Decrypted Code Coverage: | 100% |
| Signature Coverage: | 0% |
| Total number of Nodes: | 6 |
| Total number of Limit Nodes: | 1 |
Graph
Function 031F6795 Relevance: 1.6, APIs: 1, Instructions: 97COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 031F53A4 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0310D66C Relevance: .1, Instructions: 75COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0311D0DC Relevance: .1, Instructions: 72COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0311D01C Relevance: .1, Instructions: 65COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0310D667 Relevance: .1, Instructions: 56COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 03103007 Relevance: .1, Instructions: 54COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0311D0D7 Relevance: .1, Instructions: 53COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0310301C Relevance: .1, Instructions: 53COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |
Function 0311D007 Relevance: .1, Instructions: 52COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Uniqueness |
Uniqueness Score: -1.00% |