Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

Overview

General Information

Sample URL:	https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com
Analysis ID:	1430557
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Stores files to the Windows start menu directory

Suspicious form URL found

URL contains potential PII (phishing indication)

Uses insecure TLS / SSL version for HTTPS connection

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 348 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5376 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 --field-trial-handle=2236,i,4940320550483537317,12252077527601305955,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2700 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Source: https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

HTTP Parser: Form action: put.php

Source: https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

Sample URL: PII: kaylen@virtualintelligencebriefing.com

Source: https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

HTTP Parser: <input type="password" .../> found

Source: https://webmail.cmxserver.com/resetpass?start=1	HTTP Parser: No favicon
Source: https://webmail.cmxserver.com/?locale=en	HTTP Parser: No favicon

Source: https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

HTTP Parser: No <meta name="author".. found

Source: https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49746 version: TLS 1.0

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49726 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49746 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /authsecure/index.php?email=kaylen@virtualintelligencebriefing.com HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /resetpass?start=1 HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://webmail.cmxserver.com/resetpass?start=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=en HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=ar HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=bg HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=bn HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=cs HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=da HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=de HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin
Source: global traffic	HTTP traffic detected: GET /?locale=el HTTP/1.1Host: webmail.cmxserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: timezone=Europe/Berlin

Source: unknown

DNS traffic detected: queries for: webmail.cmxserver.com

Source: unknown

HTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A410900D492X-BM-CBT: 1696428841X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A410900D492X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticshX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 2484Connection: Keep-AliveCache-Control: no-cacheCookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1713901541037&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:46:10 GMTServer: Apache/2Content-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 19:46:11 GMTServer: Apache/2Content-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1

Source: chromecache_90.2.dr	String found in binary or memory: https://go.cpanel.net/privacy
Source: chromecache_90.2.dr	String found in binary or memory: https://technonace.com:2096/cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/open
Source: chromecache_90.2.dr	String found in binary or memory: https://technonace.com:2096/cPanel_magic_revision_1468619317/unprotected/cpanel/images/webmail-logo.
Source: chromecache_90.2.dr	String found in binary or memory: https://technonace.com:2096/cPanel_magic_revision_1595982703/unprotected/cpanel/style_v2_optimized.c

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49726 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@25/61@8/7

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 --field-trial-handle=2236,i,4940320550483537317,12252077527601305955,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 --field-trial-handle=2236,i,4940320550483537317,12252077527601305955,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com	0%	Avira URL Cloud	safe
https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://technonace.com:2096/cPanel_magic_revision_1595982703/unprotected/cpanel/style_v2_optimized.c	0%	Avira URL Cloud	safe
https://webmail.cmxserver.com/favicon.ico	0%	Avira URL Cloud	safe
https://technonace.com:2096/cPanel_magic_revision_1468619317/unprotected/cpanel/images/webmail-logo.	0%	Avira URL Cloud	safe
https://technonace.com:2096/cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/open	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.214.172	true	false		unknown
webmail.cmxserver.com	185.38.249.30	true	false		unknown
technonace.com	136.243.80.35	true	false		unknown
www.google.com	172.253.124.106	true	false		high
fp2e7a.wpc.phicdn.net	192.229.211.108	true	false		unknown
_2096._https.technonace.com	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://webmail.cmxserver.com/?locale=bn	false		unknown
https://webmail.cmxserver.com/?locale=en	false		unknown
https://webmail.cmxserver.com/?locale=el	false		unknown
https://webmail.cmxserver.com/?locale=bg	false		unknown
https://webmail.cmxserver.com/resetpass?start=1	false		unknown
https://webmail.cmxserver.com/?locale=de	false		unknown
https://webmail.cmxserver.com/?locale=da	false		unknown
https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com	true		unknown
https://webmail.cmxserver.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://webmail.cmxserver.com/?locale=ar	false		unknown
https://webmail.cmxserver.com/?locale=cs	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://technonace.com:2096/cPanel_magic_revision_1468619317/unprotected/cpanel/images/webmail-logo.	chromecache_90.2.dr	false	Avira URL Cloud: safe	unknown
https://technonace.com:2096/cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/open	chromecache_90.2.dr	false	Avira URL Cloud: safe	unknown
https://go.cpanel.net/privacy	chromecache_90.2.dr	false		high
https://technonace.com:2096/cPanel_magic_revision_1595982703/unprotected/cpanel/style_v2_optimized.c	chromecache_90.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
136.243.80.35	technonace.com	Germany		24940	HETZNER-ASDE	false
172.253.124.106	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
185.38.249.30	webmail.cmxserver.com	Poland		197226	SPRINT-SDCPL	false

Private

IP
192.168.2.17
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1430557
Start date and time:	2024-04-23 21:45:07 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 22s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@25/61@8/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://webmail.cmxserver.com/resetpass?start=1 Browse: https://webmail.cmxserver.com/?locale=en Browse: https://webmail.cmxserver.com/?locale=ar Browse: https://webmail.cmxserver.com/?locale=bg Browse: https://webmail.cmxserver.com/?locale=bn Browse: https://webmail.cmxserver.com/?locale=cs Browse: https://webmail.cmxserver.com/?locale=da Browse: https://webmail.cmxserver.com/?locale=de Browse: https://webmail.cmxserver.com/?locale=el

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.251.15.94, 142.250.105.84, 142.250.105.139, 142.250.105.100, 142.250.105.138, 142.250.105.102, 142.250.105.101, 142.250.105.113, 34.104.35.123, 64.233.177.95, 142.250.9.95, 172.217.215.95, 142.250.105.95, 74.125.136.95, 173.194.219.95, 64.233.185.95, 142.251.15.95, 74.125.138.95, 64.233.176.95, 172.253.124.95, 108.177.122.113, 108.177.122.100, 108.177.122.102, 108.177.122.138, 108.177.122.139, 108.177.122.101, 40.68.123.157, 199.232.210.172, 199.232.214.172, 192.229.211.108, 20.3.187.198, 20.242.39.171, 172.217.215.94, 23.45.182.78, 23.45.182.77, 23.45.182.100, 23.45.182.70, 23.45.182.103, 23.45.182.68, 23.45.182.73, 23.45.182.104, 23.45.182.76
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:45:58 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.98529889298513
Encrypted:	false
SSDEEP:	48:8ydooTIs1tcHPeidAKZdA19ehwiZUklqehSy+3:8Do8Gj1y
MD5:	45479779D7CDB151A31F3BAD869EE7C0
SHA1:	15C64AC2E711CB2A94DE7AB3D062105F92F27907
SHA-256:	7D8C3127D02C1B360C8362B45456BFC083177A22C9216ACB7C1C8813A5368796
SHA-512:	3C1DA88E69EADB70C57119ED16E27D90B8F7B8E73C30EF4C62CFCDA0D4D8A655FA66FCA6685833C489E5B8AF2ACBA53CE4D254563E105AF89C3C866BDD33233A
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....y......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:45:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.001252075357182
Encrypted:	false
SSDEEP:	48:89dooTIs1tcHPeidAKZdA1weh/iZUkAQkqehly+2:84o8GR9Q0y
MD5:	2A972A0D315C6895CC1723914942B994
SHA1:	1DFF05E212AD019A0809F39C7F3D54AE5ED987D4
SHA-256:	71A0026ABB2EF9C5144ABD238F077CC85A84CC816509DA488BF389E298F83231
SHA-512:	D972F59384F167125401D1A7B365420D8560F84CC7A0BB416DE61CC0214595A0B3EF8223383FAB3934EB928CBBE6B90EC4EFACD7F4F1D3D00B4FC07A561E6C4F
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....W.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.010767940359884
Encrypted:	false
SSDEEP:	48:8xudooTIs1sHPeidAKZdA14tseh7sFiZUkmgqeh7svy+BX:8x/o8Gfnhy
MD5:	E9060CED0118F638044A2FA52DE06E1C
SHA1:	1AC828F742D26613F69F810ABD6AE915DBD2D895
SHA-256:	6E42326509F47AACDB9140C78418F94982F785AD1F55E4FCAE8835E0A3B40E0C
SHA-512:	5EE5F9D5CE6F8246B268B7B6F9EDD3DEF6B0BB08DFB2EFECDF1D0D58F0873BEC014456CE03ACB1569D2E22A0DE49476A42C6F260F652E0F6160735FEE3DC5CE9
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:45:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.000471074896852
Encrypted:	false
SSDEEP:	48:8ddooTIs1tcHPeidAKZdA1vehDiZUkwqehZy+R:8Yo8GSny
MD5:	24FBF0A3538D0A54DE88B467E8B57133
SHA1:	AA18CE7A993BAD93552EC622EB3ECE46615CCA53
SHA-256:	99F8E6F0B70B7EFA33573AC5BEB8E4999C77A2D257F0E38505072ECD14FA2557
SHA-512:	4DD1430609CA6C87CFCDEF4F9486C27DACD3DEE85CFE1D3F4AF91637FBA977B94F6031A371BAD22D0C7E05C162FE5FE21F8674534443EECEE18E186801688F47
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....O......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:45:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9901214081754004
Encrypted:	false
SSDEEP:	48:87dooTIs1tcHPeidAKZdA1hehBiZUk1W1qehry+C:8Wo8Gi9Ly
MD5:	A98155D12265682FD77CF640B781EA18
SHA1:	72F8A9020280175B48D0083BD675CAE5D0007303
SHA-256:	DF150D7AC04B03865FDE0DFE96F357A145D15D7AF1210B46619D50A4BC72F734
SHA-512:	00D701381D3701A6768CEBEF467C346D138E471DF7E1521965A87D177CB08AED9262866B4F18215A97051CDF3B9D2E2D9D1C89878CC4B1D040F4CB010418619F
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 18:45:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	4.002458893845396
Encrypted:	false
SSDEEP:	48:8HUdooTIs1tcHPeidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbhy+yT+:8Hlo8GcT/TbxWOvTbhy7T
MD5:	6E677F13269247BA39F0FA4F198F5815
SHA1:	6A30A16ABDA124648AEA89512618209948B9089A
SHA-256:	15B18A18E53A21905616F91CC7E8484D4B8139D32F80C09CC6E64F89021EF735
SHA-512:	24B34878C573F21C3B51727E1936688522C88C16D46A2F652EE268F5CAB7E5AB447F0B9CAB027D1920CF2C64E712575F6C023057A13A8C3BB2BAEA04D64808D3
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 64

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	320
Entropy (8bit):	6.576768235681036
Encrypted:	false
SSDEEP:	6:6v/lhPUygsQynDi3U/Mk1AQkhcFBDhGQN9dEVhx/3GvnC92op:6v/7KM/SgJdEVhKpC
MD5:	07FF84F8C855E5FE9D510FF5C9A4B1E4
SHA1:	11C262053E2B9BE57D1DBA7CB3D916EF041A0E50
SHA-256:	05CE0F813E6236158FA1D115FABA62CD2041AAB1878CAC0960A0F45575CECE1E
SHA-512:	4CEE86A25E66E5A4FF1E8135E12D47CE697B86598A5E47D63777DC14536472944B64CA859FEDEE2C53B2830374CB4932EFAF51D6E493E61CB8C9535680320580
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1605241138/unprotected/cpanel/images/icon-username.png
Preview:	.PNG........IHDR.....................sBIT....\|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS4.......tEXtCreation Time.6/29/11.k.M....IDAT8.c...?.51....l<......J..A.....5....k`1.<...j2.g H.T....hE..*x.......\.Mn..#%j....l .WZQj.?...$....G N...qP...5..@..!.x.g.e .........b..H...Z...F.@......IEND.B`.

Chrome Cache Entry: 65

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1026
Entropy (8bit):	7.645487632157646
Encrypted:	false
SSDEEP:	24:gVS3VJKhiEjUmeu9VLyCMb33wqT5VZwKu:gV0KkEjCu9XkgqdVZxu
MD5:	A3265CC598AE28633C060889E790F80C
SHA1:	57530D6996C8F36711EF05681474B8F63D4184B3
SHA-256:	BCAF01928E5C7246AB0BB7E83F609B485A67A5E442D3DD94539A883C11FB70CD
SHA-512:	41C2A7085B287D3F3CF6AFAAF7BBA0C2C42EED1A28F4FBEBF2A3E5628E41AAEA2C929697DE97B939DF18221DCD83A477CE3C8B1CDBF499AB64A5FBCBD3689B3E
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1605241138/unprotected/cpanel/images/notice-error.png
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4......>IDATHK...K.Q....0/Bp.Q.."..&t1....+....".. .....4.......7....B.w#.C....1...;.+gg...<..y.....<..m.V.M.3j0..c}}..P(....>C.K..1G.\|.f^5.....\|.R.4@T...Z.......{F.V......H...U..T.....x`ef7O/.....t...,.L~_]]....r...T.v......R)1>>..E.]]]..l6kR...r..^.S.'.zz"........P.kkk....g...g...n.......?..222.B.......+++.U........N...q.........q}.q..8....F.T.z#...].b...aC?...h.f\|..3...#5E....nmm5,...s.@.Y.moo.-..c...........F>.9..m...TL.....x.\.O.y@G....c.\ZZz).I..-.H.....{@.i.\7.r}/F".7.3..v....0hi.#.>...\|...!..n....G..d2.U...dXk....@x(....). kT.z.M....!U......^.....S....e..Co..E;......c.......P._D.:.Ua..7.n.s........Fzf..,OOzs...e{...b..Z.n.^...u.7.Z.......:z.3(:.....c\x.......?..Z..Cx.n%=......Wh..v..F.L>..;.ZB...........ozp.1G......_.4(.;.......C<B......s.P....S.G..e0.........k.1G.?....

Chrome Cache Entry: 66

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=bn
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 67

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Tue Apr 23 19:46:04 2024, from Unix, original size modulo 2^32 5360
Category:	dropped
Size (bytes):	2399
Entropy (8bit):	7.9233644706195845
Encrypted:	false
SSDEEP:	48:XKr7wRjSqfAFjP0qqgPMJHQQMGQwXZw1smgtR682K/HJJXnkNp:L8qYJqgPMJw1HwXZw1s/X68T03
MD5:	04362DA76E5765691B9225AEBF2B5539
SHA1:	5D35780F58177FB1F8002915F6874D1CBFEFA24C
SHA-256:	5BE89AFAAD73200E24D05B40FB6BA5C0BDE8006F0EC28769CF37C3D12EE403A1
SHA-512:	18035063F020DF2CEF0F8CC08F80EFADE5EF51C83BBA030C2649B739723A124009A0E1C1EEFDC70C0CB3ED4F30F1E83B5E055FA620507A1E0E2FB2C2D0591AF0
Malicious:	false
Reputation:	low
Preview:	......(f....Os.......[.%9.r...D....bU.....V...bD.?}....X.......7....../_....?..........77....s^~...&..n4.0=?~x:..bY...t...pz.=...........C...).px....O_.9..?....iz.p{x..?.F....6.SLi).....2...on.Oj8..>......~.K^R(S\...sZ....y.8...94./.\yp.2...).~[.F),-..-u.K.c]z.S.K.iNu.z..9oK..[...Oe.s..w.....eS$Y.....v.........j.Z..ajz9.D..4=..#U`.....)-I....UM.......h...N....am..c....c.`.,.....\|,..1$.........E.Ld}...:......3..kU0z....C.+&..T..u..).).......,.._.,.r../'c.....~,......3..xM..x.B^...XYu.R..%x.XRL..S..7....L5.gA$.f.9(..m...f.b.~~....L<......q.....o.XA..0+7....(..3vT.....N....v....B....c.6.$...J..h.H.....g....$Js#."...s..4(0...}.....+....]M.n.Qf6I:X.+..[!j.....Q.(......E.N..M.V8......[..^...v.:...N.s+.v..f...3ed$9.... .S.K..$3M...@..6..j..Fy..IY<.Z..V>.....O.F..j.`..R.6....2(.4.K.4o...+.....7.^T......}X.._.B.K9!.4.w.i.#..P..B."U'.#..>Hr41...J.f.X...4.DD.@...=>.U(.g8.DP.ba...~...<.YV..>Q..=.i.d..G.8V. R\e....B....-....._6}...h..R..

Chrome Cache Entry: 68

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Tue Apr 23 19:46:01 2024, from Unix, original size modulo 2^32 5360
Category:	downloaded
Size (bytes):	2399
Entropy (8bit):	7.92322214448774
Encrypted:	false
SSDEEP:	48:XNr7wRjSqfAFjP0qqgPMJHQQMGQwXZw1smgtR682K/HJJXnkNp:a8qYJqgPMJw1HwXZw1s/X68T03
MD5:	9E047C0EBE4F08921F19E326A5D0295F
SHA1:	9616B41872772786C11305F03638E2BDF26ADA5D
SHA-256:	3FF6B7A714E2DEABA161B6BC768110BCAB3396CA26E8F7D3A3601A91E15D35FD
SHA-512:	9F51CB511FC8F0400F8EA22BE6AE1206D38FDE0BFC95F580FB97586CF92A07632F7D9BD6C0BB269C929518BCA46CC2FD35432DFC3D541B5EC587C7A42D567C04
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1468619317/unprotected/cpanel/images/webmail-logo.svg
Preview:	......(f....Os.......[.%9.r...D....bU.....V...bD.?}....X.......7....../_....?..........77....s^~...&..n4.0=?~x:..bY...t...pz.=...........C...).px....O_.9..?....iz.p{x..?.F....6.SLi).....2...on.Oj8..>......~.K^R(S\...sZ....y.8...94./.\yp.2...).~[.F),-..-u.K.c]z.S.K.iNu.z..9oK..[...Oe.s..w.....eS$Y.....v.........j.Z..ajz9.D..4=..#U`.....)-I....UM.......h...N....am..c....c.`.,.....\|,..1$.........E.Ld}...:......3..kU0z....C.+&..T..u..).).......,.._.,.r../'c.....~,......3..xM..x.B^...XYu.R..%x.XRL..S..7....L5.gA$.f.9(..m...f.b.~~....L<......q.....o.XA..0+7....(..3vT.....N....v....B....c.6.$...J..h.H.....g....$Js#."...s..4(0...}.....+....]M.n.Qf6I:X.+..[!j.....Q.(......E.N..M.V8......[..^...v.:...N.s+.v..f...3ed$9.... .S.K..$3M...@..6..j..Fy..IY<.Z..V>.....O.F..j.`..R.6....2(.4.K.4o...+.....7.^T......}X.._.B.K9!.4.w.i.#..P..B."U'.#..>Hr41...J.f.X...4.DD.@...=>.U(.g8.DP.ba...~...<.YV..>Q..=.i.d..G.8V. R\e....B....-....._6}...h..R..

Chrome Cache Entry: 69

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1060
Entropy (8bit):	7.631938949729023
Encrypted:	false
SSDEEP:	24:gVS3DYqTBWybne4jgplfs+3Gk8Nl6qat2iacDI3k99t:gV0NJe48fH3Gk8/6qPibikXt
MD5:	A64B8C7407BF94CC4448CB210BB882E7
SHA1:	A526CF52B2C5B6C2D0409B886DE4AA968000FCD8
SHA-256:	7ECB82019606D891C5197D2F8BA24EC323D9B10A089FACC82D089FF1EC3D399B
SHA-512:	AEEA5E9418C62BA9BB896DB6AD89B2E8C13F174B10D3960C4D67878BA8C0FB3CE8524515716C120548876131D1F8192C36CB52E48CFD801F8F037A3ABE65D179
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4......`IDATHK..KH.Q....j.4mc....>V.6....)VR..c.UA.#....b.R.....I..d.FDE\|..A.......Q.m.......%.?..{...sH...QL4.U.........E....+++.......).&....).....^...Pp......xN..T....K..._...966f.j...........b...........\|$...)..833.`......&.)....T.P.....d.....0;;.....B...W....a....Cjjj.Y....HY^^..DSQQ.NKK...jKaa..f}uu........aff.....@....`....`0..{}}}.X\...566.oooW.........y<.<r..655i......X,ISSSe.B...60...ZSSS........J-.0...K.m888...a.d...&.....p&...p@..t>Z\\........D"..f7....s.YZZr.\.'.(9.J.R......j.....<.."........`.@..T1.%.PTWW..](.....l6.rss.MNN.....N%L.t...w6....kzz.D......~h.....o.b'~c.,..{NN.m&.l`lkk...%...1.g..(...7\...^X\|....@.JY....g.{....L&{+...^o.....gII.}....544.1].....f...Z......'..P.......H..>V......M....g.....WH.L..gA...@Os.=u:....$.T}..h.JKK....U.:.....`....G..BO.V.PL..W.@OAZ.GP..

Chrome Cache Entry: 70

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/favicon.ico
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 71

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 19 tables, 1st "FFTM"
Category:	downloaded
Size (bytes):	3851
Entropy (8bit):	5.458536317504327
Encrypted:	false
SSDEEP:	96:EHXrMmcrhOhOhOwHjyrL/se7UpxUwN4tsPyUfjpxUfPGab13VQkjKf33Plp5N5:E7MJrcccwD2tCbaP9b1lxGnD5n
MD5:	D146F4491C122779E24AFD2BDF6D8FC6
SHA1:	744617646183F45B6EE50EE802ABFAFEB8E572B5
SHA-256:	5DF86543DE98DF3F521951653DA148DF90620F5F95D195D487C4F46EE248D60A
SHA-512:	918B9CCAAD6F427EC022FA2C0389456BFDB46561C4EAA71E865F427AF78C2A8E89423A2A3E96E42FF2167165ECE41EEF19194E04CA66060B625AC63577D36C42
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.ttf
Preview:	...........0FFTMcT.N...<....GDEF.......X... GPOS-r.B...x....GSUB.b..........OS/2.I.........`cmap.ol.... ....cvt +s.....$...<fpgm..zA...`....gasp............glyf.xY.......pXhead.c.....T...6hhea...........$hmtx1.L.........loca}O.....l....maxp.!.<...L... nameg.h...l...0post............prep.D".........webfh_Q....,.............=.......B.................................................T.b..DFLT..cyrl.&grek.2latn.>..................................................kern.......................r.....`...............X...X.........X.~.X...................(.R.(.d...v.....(.(...R.:.:.v.:...........................X.X.X.X.X.X.X...........~.............(.(.(.(.(.(.(.(.`.(.:.(.:...................1.$.q.7.).9.).:.).<...D...F...G...H...J...P...Q...R...S...T...U...V...X.....q...q...q...q...q...q.......................................................................................................-.....&...*...2...4...7.q.8...9...:...<.............................................................7.......q..

Chrome Cache Entry: 72

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=de
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	7.645487632157646
Encrypted:	false
SSDEEP:	24:gVS3VJKhiEjUmeu9VLyCMb33wqT5VZwKu:gV0KkEjCu9XkgqdVZxu
MD5:	A3265CC598AE28633C060889E790F80C
SHA1:	57530D6996C8F36711EF05681474B8F63D4184B3
SHA-256:	BCAF01928E5C7246AB0BB7E83F609B485A67A5E442D3DD94539A883C11FB70CD
SHA-512:	41C2A7085B287D3F3CF6AFAAF7BBA0C2C42EED1A28F4FBEBF2A3E5628E41AAEA2C929697DE97B939DF18221DCD83A477CE3C8B1CDBF499AB64A5FBCBD3689B3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4......>IDATHK...K.Q....0/Bp.Q.."..&t1....+....".. .....4.......7....B.w#.C....1...;.+gg...<..y.....<..m.V.M.3j0..c}}..P(....>C.K..1G.\|.f^5.....\|.R.4@T...Z.......{F.V......H...U..T.....x`ef7O/.....t...,.L~_]]....r...T.v......R)1>>..E.]]]..l6kR...r..^.S.'.zz"........P.kkk....g...g...n.......?..222.B.......+++.U........N...q.........q}.q..8....F.T.z#...].b...aC?...h.f\|..3...#5E....nmm5,...s.@.Y.moo.-..c...........F>.9..m...TL.....x.\.O.y@G....c.\ZZz).I..-.H.....{@.i.\7.r}/F".7.3..v....0hi.#.>...\|...!..n....G..d2.U...dXk....@x(....). kT.z.M....!U......^.....S....e..Co..E;......c.......P._D.:.Ua..7.n.s........Fzf..,OOzs...e{...b..Z.n.^...u.7.Z.......:z.3(:.....c\x.......?..Z..Cx.n%=......Wh..v..F.L>..;.ZB...........ozp.1G......_.4(.;.......C<B......s.P....S.G..e0.........k.1G.?....

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Tue Apr 23 19:46:01 2024, from Unix, original size modulo 2^32 144905
Category:	downloaded
Size (bytes):	33186
Entropy (8bit):	7.992888179282511
Encrypted:	true
SSDEEP:	768:fRLCDd/7OJ+Pc6ii+11y8wnCV7sjKTLVbUApGFsUKSw57gVw:JLCDd/7q+xn+Pwesj+VIjFf28Vw
MD5:	2D95B19E043A02054C1692E9EF8687F6
SHA1:	23D827AD6CFF950DC2847503FECDE518B1BFFF5E
SHA-256:	CD855F70350349391C0FD7E3C560F7032F7EA8963B548FC4FBB5301D65ABC155
SHA-512:	E68481D0F3930DE015076D4D11E5B41FCABD2DC90ABDC14B3840A76924AE558B38CA6A0D3099EA968896F47A34372440A520A1037533A3A3E4DD378951DF8F4C
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1595982703/unprotected/cpanel/style_v2_optimized.css
Preview:	......(f...i...6.}~E..qb..J\E..sU...wNtP\$.(..E...}..I.dBU.c.;.....X..Df"..=..?4..9t.......0...{.9..?...8...g..;S/...o.#.&.j...Q....:v.(...........a....??.......h.IfYN...2gf.x....%../%.~6.I.g...5.\|/]\|.y..._\|.M?.d.....B{........_\|.."r...3H~.4r..C.l~2c..?%.i+qb.......a..w.u..?......&.@....jj&..w9...+9.+..ml..e..y....8...\|....d.7...z...Q..b..C/...}.R..~...M.[.R..(.:r..(..S..7.....+..Wj.."./~<.[......K..dJ..IK..?.nV.F...F..n$V......)..4.6.0Kd....,..t>+z4.0.4..5#.O..T.wF8.o:....A..a..f..2._...e....e...........'.3......Ro....-...d.'...\|9..N.8.g..N.J.......i8v....3&L."MH..g.t...p+!..%.~e...7.>.D.2..t.....U..........\|.._&.e..Z...V.XYL$..Q.{.b.^..l.....\.../.m.T..j^...JycK.Ff.I..wV.'......L.......6J'...^._.........w..:.&(m...c.....a.5m..y2.d...).F....l.A...j...B}.....8).1_..L..5.....4.0.I....@..(....#.i...'l.....80.....1^.$.......Y..e..NTj..T)S.\.b....h...(...j...Ff.f-FHq.5..u.C...d.'..LC..R..}5.H....A.9-.s...'_.>......b.*.P...'B8..-

Chrome Cache Entry: 75

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 19 tables, 1st "FFTM"
Category:	downloaded
Size (bytes):	3851
Entropy (8bit):	5.452579998544481
Encrypted:	false
SSDEEP:	96:JIkx+rhOhOhOwHjyrL/se7UpxUwN4tsPyUfjpxUfPGab13qBkjFf33PHHO:JFx+rcccwD2tCbaP9b1aShnHHO
MD5:	D817660519E8800D33EAC16FD88B863D
SHA1:	F03186EC63D1CCD7E3ECB69879A6ACF48F6B217B
SHA-256:	A333662D426FD6564FFD1A03021EDDBC5D98FC1B38A083C8BD05A2710AAFC514
SHA-512:	B57555550369EB58E1234C7553B3996F573ABEE0BBCF570C1828265135E8C0B00713BE4914E4902517A5DF1CD891DE0760E6FCE09445DAFCD8C3F2786F1F5FE3
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.ttf
Preview:	...........0FFTMcG....<....GDEF.......X... GPOS-r.B...x....GSUB.c..........OS/2..........`cmap..4Q... ....cvt )..;...,...<fpgm..zA...h....gasp............glyfRj.-......ophead.......t...6hhea...........$hmtx..Y.........loca.U.f........maxp.......t... nameg..:.......(post..........prep.D".........webfg.Q....P.............=.......51........4.......................................T.b..DFLT..cyrl.&grek.2latn.>..................................................kern.......................r.....`...............X...X.........X.~.X...................(.R.(.d...v.....(.(...R.:.:.v.:...........................X.X.X.X.X.X.X...........~.............(.(.(.(.(.(.(.(.`.(.:.(.:...................1.$.q.7.).9.).:.).<...D...F...G...H...J...P...Q...R...S...T...U...V...X.....q...q...q...q...q...q.......................................................................................................-.....&...*...2...4...7.q.8...9...:...<.............................................................7.......q..

Chrome Cache Entry: 76

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=bg
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 77

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	962
Entropy (8bit):	7.617612425172983
Encrypted:	false
SSDEEP:	24:gVS3AeUG228Go4EJ/Wvb8NtvpbnVgBAL16Kw1Pi:gV0NLo4EdsStRDVgBALexi
MD5:	0A0EC2A6468D4D1AA3FC2BAA70271AC8
SHA1:	A31FB01790ACA8DC1976450E4234CB6CCC328956
SHA-256:	CAFBE3036533FE094931F5745F8CB9962A34409522E93D63AC8427ACB9A02C79
SHA-512:	A07EDCF33DB65397902DDFA9FD32B1D12E8EB7FA5A05EF38A0C65C372CD51CB9A03FB2364A6F712FCA70AB09A923C2A56EEEFFB7BCFF63BF772938821402DBD0
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1605241138/unprotected/cpanel/images/notice-success.png
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4.......IDATHK..Mh.q....E......V....V]..p.B..C...........Pl......'..;.d...0v....../..~.y.y.=oN./>...........~...j.3yl{{{s.ju...\|E._.X.:...f.5`..m...7...1...g,s..F@....K=c.r..jW.V.H.;3S.zz..Z@.....33....C.@[&...jf5......GGG.V..q.Hdmvv.3..:...Nr>.@[:.~p.X.X..+....aiww..........y?...p..Oav.r...j.....w.B...>0......t.:W..Z..F. .N.....>......t.+.T-.y ...I......J8....\|>...<...t..B.p.lt.G..8...9r.\/.\|.z.._g...{-.=..z..n....c ......<./@.........Y..j.c=b.@o.R.le.......C..%....I...zH.0G_.ZJh6...$~~.SV.M.z...px.hh...6aV.M.7.......r..).n....z.....LOzC...a.B....0J.=...8.P6X...d26..Q,..)z+.o..K...O..Pz.K...u......Z0.......B.K..kx......@.......`.2G........%(....\|qq.S*....g....X1.../Q..r..x.qY?.^Ao!.<..,c.c......Q.%(...}.c...E.e.c.X.a9t.w.L.?....~..\|....IEND.B`.

Chrome Cache Entry: 78

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	976
Entropy (8bit):	7.628342751113836
Encrypted:	false
SSDEEP:	24:gVS3vcu+1WBbFb6isJhKTZQFt2smTN2kTAsJuw:gV0vT3hb6isJhKuL2JRrTmw
MD5:	14146CF832470D9BECA95A708A1D6F8D
SHA1:	D4B506F92876BAEA69409F3A78C4718757A53B33
SHA-256:	95F8A142DD96C310AFEB75329EF504F162AB3102A81FC07F20B268361990F526
SHA-512:	69F28FF8E02B199CC9D42BA75EC305DBFDF95C0477CBEC88A4C09DA21D126E1F8063D45415EE9701013FF0546BE2203745620EE794F3CE5DC21BE4C0A744DA67
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1605241138/unprotected/cpanel/images/notice-info.png
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4.......IDATHK..]hRa....A..u#.x.$..W.m....c...L...B7.....CIW...z.w..b2DPPt.....a..^..s..t>^.$<..}...y.....`.......T..f....z_)..0.>.F.k.R.j677.v... b(..\h..J@....c9c.vh...W+..lI.T...b..P....T.L._(.V3.LTJ./!T..$..q`.t:B.n...p..............q.f..s5Mq.......I...I$.w.!.d2.&.] ..F+.....R........k.....g.~......0!P.n........J..lEb.x.P/..Xa4'k...G.K.ry.UG.`..4FV...{Gb.%...Yu...1..".f...w(.SL.r..,:.P>..@....\|..zo.....f.I...FCq.-.....E?..Q.M.R.`....[..o.......766VvvvB.`..V..92.R.T"....../....q+.[....:wjL....f...t:.j@x.....n.....x<..i.8Eqaaaa...H...~.<.-...O}.n.{.v}}..w..4..jU....7...F....F4..,gV...T.7V....y.....JT0K'...T.....<.w..>.;~...(."..s%b(.....R@!t.j..a.g<...p...G.5r@.....?t8..c.XX..6.!....Z.K.?..w,$.0,.{.O(^P`.!..6.!...H.O....1.)N.......<..}.9.EX.=.3*../$.;;..t.....IEND.B`.

Chrome Cache Entry: 79

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/resetpass?start=1
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 80

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Tue Apr 23 19:46:00 2024, from Unix, original size modulo 2^32 6358
Category:	downloaded
Size (bytes):	522
Entropy (8bit):	7.527902089843292
Encrypted:	false
SSDEEP:	12:Xn7EWJhKbl7gBmdh8lZLZPgq6C6nIX5sD:X7EWJK7gUzwpOqc
MD5:	31BF6ED4044F2D9A3F89AE1C7A5385DE
SHA1:	48A4BD5D8FC634EF1D8D1EE16D61A9D650427A3A
SHA-256:	21AEA3B4E4506DD89C576F0D089139024278EC021D29F724F78E2A9D2D32A147
SHA-512:	C41E90D0CF5C6A86093D333BD460920D5F3A599EB21DE99EDB4382430FA0FCA6CF62B80250144AF3FEF3855BB5D337B3B0218C38F1A91437745B0CA3FAA3426B
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Preview:	......(f.....j.@...W.....(...E..B..>@....l.l....^.s21.@v.S7...>f..Q(.....S..zh\|..6&N...D...-..rB.v..k.X..E......n...h..XD.\.....aK].X..6;..f.{...{.%L....ISS.K...Vf.D.....<.........6....P....,R.9..j~E..5..N7'...a..`...0.......6...N.oL..]:.....4Bi.f4z.$.V..C.l.}.....!.....N.......h.K..e)}..........R..q$.C.ix).:.Es.(..p$......'.q.QX._...z..>T.:.. "g.>41K..R..I!...X.} 7..M..p..7...].^.....VI!~.l....aN...l'..ecK......a...*.............E$......-e.U..%..\u..m.r..^......Db.4{.B.U.....d...h.........

Chrome Cache Entry: 81

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=da
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 82

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=cs
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 83

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	976
Entropy (8bit):	7.628342751113836
Encrypted:	false
SSDEEP:	24:gVS3vcu+1WBbFb6isJhKTZQFt2smTN2kTAsJuw:gV0vT3hb6isJhKuL2JRrTmw
MD5:	14146CF832470D9BECA95A708A1D6F8D
SHA1:	D4B506F92876BAEA69409F3A78C4718757A53B33
SHA-256:	95F8A142DD96C310AFEB75329EF504F162AB3102A81FC07F20B268361990F526
SHA-512:	69F28FF8E02B199CC9D42BA75EC305DBFDF95C0477CBEC88A4C09DA21D126E1F8063D45415EE9701013FF0546BE2203745620EE794F3CE5DC21BE4C0A744DA67
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4.......IDATHK..]hRa....A..u#.x.$..W.m....c...L...B7.....CIW...z.w..b2DPPt.....a..^..s..t>^.$<..}...y.....`.......T..f....z_)..0.>.F.k.R.j677.v... b(..\h..J@....c9c.vh...W+..lI.T...b..P....T.L._(.V3.LTJ./!T..$..q`.t:B.n...p..............q.f..s5Mq.......I...I$.w.!.d2.&.] ..F+.....R........k.....g.~......0!P.n........J..lEb.x.P/..Xa4'k...G.K.ry.UG.`..4FV...{Gb.%...Yu...1..".f...w(.SL.r..,:.P>..@....\|..zo.....f.I...FCq.-.....E?..Q.M.R.`....[..o.......766VvvvB.`..V..92.R.T"....../....q+.[....:wjL....f...t:.j@x.....n.....x<..i.8Eqaaaa...H...~.<.-...O}.n.{.v}}..w..4..jU....7...F....F4..,gV...T.7V....y.....JT0K'...T.....<.w..>.;~...(."..s%b(.....R@!t.j..a.g<...p...G.5r@.....?t8..c.XX..6.!....Z.K.?..w,$.0,.{.O(^P`.!..6.!...H.O....1.)N.......<..}.9.EX.=.3*../$.;;..t.....IEND.B`.

Chrome Cache Entry: 84

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=en
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 85

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=ar
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 86

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.066108939837481
Encrypted:	false
SSDEEP:	3:C0NY:u
MD5:	D59DE2F2B1F18AFAAB6EFBB5E8D7DB42
SHA1:	77587B981A047955407905358D39950877368CC9
SHA-256:	E5D91D35F7D93D22881F28575657D7928D6A63A6381EB58B9759935171CD6A0D
SHA-512:	8D1BFAB6D22907F036BA0B8B5AF1B8FA1738C2F761B7373B93DBEF8790131844379206060CEA0CB059AA6D566A2FCDA102D391B0740F4618A573047BE660808A
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlhEjskXqsMbhIFDQiEZ_ESBQ3Fk8Qk?alt=proto
Preview:	ChIKBw0IhGfxGgAKBw3Fk8QkGgA=

Chrome Cache Entry: 87

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	320
Entropy (8bit):	6.576768235681036
Encrypted:	false
SSDEEP:	6:6v/lhPUygsQynDi3U/Mk1AQkhcFBDhGQN9dEVhx/3GvnC92op:6v/7KM/SgJdEVhKpC
MD5:	07FF84F8C855E5FE9D510FF5C9A4B1E4
SHA1:	11C262053E2B9BE57D1DBA7CB3D916EF041A0E50
SHA-256:	05CE0F813E6236158FA1D115FABA62CD2041AAB1878CAC0960A0F45575CECE1E
SHA-512:	4CEE86A25E66E5A4FF1E8135E12D47CE697B86598A5E47D63777DC14536472944B64CA859FEDEE2C53B2830374CB4932EFAF51D6E493E61CB8C9535680320580
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................sBIT....\|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS4.......tEXtCreation Time.6/29/11.k.M....IDAT8.c...?.51....l<......J..A.....5....k`1.<...j2.g H.T....hE..*x.......\.Mn..#%j....l .WZQj.?...$....G N...qP...5..@..!.x.g.e .........b..H...Z...F.@......IEND.B`.

Chrome Cache Entry: 88

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	962
Entropy (8bit):	7.617612425172983
Encrypted:	false
SSDEEP:	24:gVS3AeUG228Go4EJ/Wvb8NtvpbnVgBAL16Kw1Pi:gV0NLo4EdsStRDVgBALexi
MD5:	0A0EC2A6468D4D1AA3FC2BAA70271AC8
SHA1:	A31FB01790ACA8DC1976450E4234CB6CCC328956
SHA-256:	CAFBE3036533FE094931F5745F8CB9962A34409522E93D63AC8427ACB9A02C79
SHA-512:	A07EDCF33DB65397902DDFA9FD32B1D12E8EB7FA5A05EF38A0C65C372CD51CB9A03FB2364A6F712FCA70AB09A923C2A56EEEFFB7BCFF63BF772938821402DBD0
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4.......IDATHK..Mh.q....E......V....V]..p.B..C...........Pl......'..;.d...0v....../..~.y.y.=oN./>...........~...j.3yl{{{s.ju...\|E._.X.:...f.5`..m...7...1...g,s..F@....K=c.r..jW.V.H.;3S.zz..Z@.....33....C.@[&...jf5......GGG.V..q.Hdmvv.3..:...Nr>.@[:.~p.X.X..+....aiww..........y?...p..Oav.r...j.....w.B...>0......t.:W..Z..F. .N.....>......t.+.T-.y ...I......J8....\|>...<...t..B.p.lt.G..8...9r.\/.\|.z.._g...{-.=..z..n....c ......<./@.........Y..j.c=b.@o.R.le.......C..%....I...zH.0G_.ZJh6...$~~.SV.M.z...px.hh...6aV.M.7.......r..).n....z.....LOzC...a.B....0J.=...8.P6X...d26..Q,..)z+.o..K...O..Pz.K...u......Z0.......B.K..kx......@.......`.2G........%(....\|qq.S*....g....X1.../Q..r..x.qY?.^Ao!.<..,c.c......Q.%(...}.c...E.e.c.X.a9t.w.L.?....~..\|....IEND.B`.

Chrome Cache Entry: 89

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	450
Entropy (8bit):	7.006606811708329
Encrypted:	false
SSDEEP:	6:6v/lhPUygsQynDi3U/MkzWi2fGt54ZxMdai9TMiMsvocojLvcNrkUV5vPykuGFaz:6v/7KM/92fnWki9/MswcRrgBGFKJX
MD5:	7AC1CEFCB7EAB93C6D6981ECDE6C1635
SHA1:	1523F8CB80AB19108549D0B7DB31A58B71C05D39
SHA-256:	A02998DF88A6EFB0BAA526796B2B682CE9FDD6471CEB19170B326320F22F7053
SHA-512:	0005559A3EDF6AA149F47C0D2C7C6C385257AC5168FD57951497CFA244B155EEFF3955538DB93FC40F6622B9B216F030B27AD73DF53DBE8BCC9874148A383D3A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................sBIT....\|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS4.......tEXtCreation Time.6/29/11.k.M....IDAT8.c...?.51....x.......q1....@.$..2...+.d..K`.~L.+.....@..'.@.[/G.F..2+..0..@. H.j..).,......q2....B`L ..w.Q......h.Y...x.Vk@])..@..G.;.x.b.{.......pBh+\|....I6P.#4.../..Z..9.bw..R@/.Ql P.......!1..,,.s;..Sl 0...i1 .@.H.H..z7.j...X.....b (...4.j.$;a.Jg.. .x.i ....8.X....c............IEND.B`.

Chrome Cache Entry: 90

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (10631)
Category:	downloaded
Size (bytes):	37940
Entropy (8bit):	5.475511224374253
Encrypted:	false
SSDEEP:	768:PuTZmXg84VNEvWNnCsqooaJuk8IrF0r5e/Zx:2TZmXZ4VNEv4O7k8IrF0r5e/Zx
MD5:	250F1C08B67CF8236CE277A653872E09
SHA1:	EB7C5B6358594994E6A065EAD12F0FF3914D327E
SHA-256:	CBD374103FAFD93EF201D244B0AF3B0654FE6EB5A856C9BBDA1C2B8F0D694D6E
SHA-512:	D28783815CE88CCDA8243042391FC9E016616942B91D10AE536AB452DDD022C77D96B55FF948895F65E7C8FF411E3B532F735F9E0E47056880AD5C5B4A9044AD
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com
Preview:	..<!DOCTYPE html>.<html lang="en" dir="ltr">.<head>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />. <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=1">. <meta name="google" content="notranslate" />. <meta name="apple-itunes-app" content="app-id=1188352635" />. <title>Webmail Login</title>. <link rel="shortcut icon" href="data:image/x-icon;base64,AAABAAEAICAAAAEAIADSAgAAFgAAAIlQTkcNChoKAAAADUlIRFIAAAAgAAAAIAgGAAAAc3p69AAAAplJREFUWIXt1j2IHGUYB/DfOzdnjIKFkECIVWIKvUFsIkRExa9KJCLaWAgWJx4DilZWgpDDiI0wiViIoGATP1CCEDYHSeCwUBBkgiiKURQJFiLo4d0eOxYzC8nsO9m9XcXC+8MW+3z+9/l6l2383xH+iSBpElyTdoda26xsDqp/h0CVZ3vwKm7tMBngAs7h7eRYebG6hMtMBHbMBX89vfARHprQ5U8cwdFQlIOZCVR5di1+w/wWXT/EY6EoN5NZCODuKZLDwzgSMCuBe2fwfX6QZwtpWzqfBBtLC3txF/ZhxKbBGx0EfsTJS77vwmGjlZrD4mUzUOXZjVjGI65cnTXchB8iupdDUb7QinsQZ7GzZftdQj2JVZ49iC/w6JjksIo7OnS9tiA5Vn6GtyK2+1MY5NkhfGDygVrBAxH5WkPuMjR7/3UsUFLl2Q68s4XkA3ws3v9zoSjX28Kr5wL1xrTxa6ou+

Chrome Cache Entry: 91

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 19 tables, 1st "FFTM"
Category:	downloaded
Size (bytes):	3851
Entropy (8bit):	5.451796267409171
Encrypted:	false
SSDEEP:	96:THXaAA7hOhOhOwHjyrL/se7UpxUwN4tsPyUfjpxUfPGab139EkjKf33PPN5:TKAocccwD2tCbaP9b1NNGnPn
MD5:	4CBACA3B666D372A5634234FBFAB99F2
SHA1:	7F970F97ECB06E21F2080BF3D098B7C20AF9997F
SHA-256:	4CB68E6FD1DDA685EFEA859E1484186088E90C5C87166D0890CF84C852680605
SHA-512:	47023B541BCAD8DD6C0F2C794F6F30195AC1A0459D5CC6E795B62FFCDF3D3AAF28D7E68BE1D3FD890F9A0D24C342C50485A2CC59C198A2AB3910914B84C492AD
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.ttf
Preview:	...........0FFTMc_.....<....GDEF.......X... GPOS-r.B...x....GSUB.b..........OS/2..........`cmap.ol.... ....cvt r.....$...<fpgm..zA...`....gasp............glyf../.......s.head...0.......6hhea...........$hmtx..R....@....loca.U.b........maxp........... namex..d........post............prep.D".........webfh.Q....,.............=.......L.}...............................................T.b..DFLT..cyrl.&grek.2latn.>..................................................kern.......................r.....`...............X...X.........X.~.X...................(.R.(.d...v.....(.(...R.:.:.v.:...........................X.X.X.X.X.X.X...........~.............(.(.(.(.(.(.(.(.`.(.:.(.:...................1.$.q.7.).9.).:.).<...D...F...G...H...J...P...Q...R...S...T...U...V...X.....q...q...q...q...q...q.......................................................................................................-.....&......2...4...7.q.8...9...:...<.............................................................7.......q..

Chrome Cache Entry: 92

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	450
Entropy (8bit):	7.006606811708329
Encrypted:	false
SSDEEP:	6:6v/lhPUygsQynDi3U/MkzWi2fGt54ZxMdai9TMiMsvocojLvcNrkUV5vPykuGFaz:6v/7KM/92fnWki9/MswcRrgBGFKJX
MD5:	7AC1CEFCB7EAB93C6D6981ECDE6C1635
SHA1:	1523F8CB80AB19108549D0B7DB31A58B71C05D39
SHA-256:	A02998DF88A6EFB0BAA526796B2B682CE9FDD6471CEB19170B326320F22F7053
SHA-512:	0005559A3EDF6AA149F47C0D2C7C6C385257AC5168FD57951497CFA244B155EEFF3955538DB93FC40F6622B9B216F030B27AD73DF53DBE8BCC9874148A383D3A
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1605241138/unprotected/cpanel/images/icon-password.png
Preview:	.PNG........IHDR.....................sBIT....\|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS4.......tEXtCreation Time.6/29/11.k.M....IDAT8.c...?.51....x.......q1....@.$..2...+.d..K`.~L.+.....@..'.@.[/G.F..2+..0..@. H.j..).,......q2....B`L ..w.Q......h.Y...x.Vk@])..@..G.;.x.b.{.......pBh+\|....I6P.#4.../..Z..9.bw..R@/.Ql P.......!1..,,.s;..Sl 0...i1 .@.H.H..z7.j...X.....b (...4.j.$;a.Jg.. .x.i ....8.X....c............IEND.B`.

Chrome Cache Entry: 93

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	403
Entropy (8bit):	4.849465777245921
Encrypted:	false
SSDEEP:	12:KIPVCSzEzZHpmMMBX464x0AqDatnVJiabQb:KIP9z6ILB//Ak8nrg
MD5:	0019042590083258AD295A3D28DF1640
SHA1:	82FF6F61EFD1E4D636DB3324FB8606D0F7046F5F
SHA-256:	90EAF13372E5E61D3A8D9D332707405E233C5A1051E621228DAE483696AEFA0C
SHA-512:	877824AAF0764B0F90E44D0BBED33EFEA1D8121C204ED60EC7C31F8587394EBDD4B9C682BB497556BD7F6310BF6245439217B1050678701A28459F4690746D46
Malicious:	false
Reputation:	low
URL:	https://webmail.cmxserver.com/?locale=el
Preview:	<html>.<head>.<title>.webmail.cmxserver.com</title>.<style>.* { font-family: verdana; font-size: 10pt; COLOR: gray; }.b { font-weight: bold; }.table { border: 1px solid gray;}.td { text-align: center; padding: 25;}.</style>.</head>.<body>.<center>.<br><br><br><br>.<table>.<tr><td>This is a placeholder for the subdomain <b>webmail.cmxserver.com</b></td></tr>.</table>.<br><br>.</center>.</body>.</html>

Chrome Cache Entry: 94

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1060
Entropy (8bit):	7.631938949729023
Encrypted:	false
SSDEEP:	24:gVS3DYqTBWybne4jgplfs+3Gk8Nl6qat2iacDI3k99t:gV0NJe48fH3Gk8/6qPibikXt
MD5:	A64B8C7407BF94CC4448CB210BB882E7
SHA1:	A526CF52B2C5B6C2D0409B886DE4AA968000FCD8
SHA-256:	7ECB82019606D891C5197D2F8BA24EC323D9B10A089FACC82D089FF1EC3D399B
SHA-512:	AEEA5E9418C62BA9BB896DB6AD89B2E8C13F174B10D3960C4D67878BA8C0FB3CE8524515716C120548876131D1F8192C36CB52E48CFD801F8F037A3ABE65D179
Malicious:	false
Reputation:	low
URL:	https://technonace.com:2096/cPanel_magic_revision_1605241138/unprotected/cpanel/images/warning.png
Preview:	.PNG........IHDR.............r......sBIT....\|.d.....sRGB.........gAMA......a.....pHYs..........d_.....tEXtCreation Time.7/25/12f.......tEXtSoftware.Adobe Fireworks CS4......`IDATHK..KH.Q....j.4mc....>V.6....)VR..c.UA.#....b.R.....I..d.FDE\|..A.......Q.m.......%.?..{...sH...QL4.U.........E....+++.......).&....).....^...Pp......xN..T....K..._...966f.j...........b...........\|$...)..833.`......&.)....T.P.....d.....0;;.....B...W....a....Cjjj.Y....HY^^..DSQQ.NKK...jKaa..f}uu........aff.....@....`....`0..{}}}.X\...566.oooW.........y<.<r..655i......X,ISSSe.B...60...ZSSS........J-.0...K.m888...a.d...&.....p&...p@..t>Z\\........D"..f7....s.YZZr.\.'.(9.J.R......j.....<.."........`.@..T1.%.PTWW..](.....l6.rss.MNN.....N%L.t...w6....kzz.D......~h.....o.b'~c.,..{NN.m&.l`lkk...%...1.g..(...7\...^X\|....@.JY....g.{....L&{+...^o.....gII.}....544.1].....f...Z......'..P.......H..>V......M....g.....WH.L..gA...@Os.=u:....$.T}..h.JKK....U.:.....`....G..BO.V.PL..W.@OAZ.GP..

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 23, 2024 21:45:50.891544104 CEST	49674	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:45:50.891550064 CEST	49675	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:45:51.016560078 CEST	49673	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:45:57.988698959 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:57.988764048 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:57.988841057 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:57.989428997 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:57.989475012 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:57.989532948 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:57.989644051 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:57.989660978 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:57.989867926 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:57.989886045 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.647023916 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.647133112 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.647398949 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.647418022 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.647521973 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.647586107 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.648359060 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.648423910 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.648483038 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.648538113 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.649929047 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.650015116 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.651005983 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.651020050 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.651146889 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.651252985 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.704204082 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.704205990 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.704250097 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.750855923 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.961123943 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.961157084 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.961164951 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.961206913 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.961239100 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:58.961272955 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:58.961294889 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.006865978 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.175654888 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175669909 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175705910 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175749063 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175755978 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175767899 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.175792933 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175807953 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175822020 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175831079 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175893068 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175956011 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.175956011 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.175956011 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.175956011 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.175971985 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.175982952 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.176008940 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.176008940 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.176047087 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.178241014 CEST	49710	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:45:59.178256989 CEST	443	49710	185.38.249.30	192.168.2.5
Apr 23, 2024 21:45:59.390513897 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.417164087 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.417788982 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.503330946 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.599127054 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.599224091 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.600033045 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.625684023 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.625771999 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.626455069 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.626512051 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.628226995 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.628703117 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.713596106 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.713664055 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.714209080 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.808689117 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.812422037 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.812453985 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.812483072 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.812515020 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.812525988 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.812608004 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.819307089 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:45:59.819359064 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:45:59.819428921 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:45:59.820063114 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:45:59.820080996 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:45:59.836947918 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.837038994 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.839365959 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.839380980 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.839391947 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.839402914 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.839498043 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.840342045 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.840357065 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.840368986 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.840382099 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.840409994 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.840461016 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:45:59.925149918 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.928307056 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.928325891 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.928338051 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.928354025 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:45:59.928436041 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.021177053 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.022465944 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.037056923 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:00.038841009 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:00.038908005 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:00.039815903 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:00.039897919 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:00.042226076 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:00.042300940 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:00.048022032 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.049184084 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.050268888 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.050559998 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.092906952 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:00.092931986 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:00.138849974 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.138963938 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:00.146161079 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.231369019 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.232333899 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.259759903 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.260152102 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.260376930 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.260782957 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.356559038 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.397382975 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.444063902 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474402905 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474432945 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474457979 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474500895 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.474653959 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474728107 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474745989 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474762917 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474781990 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474792957 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.474801064 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474818945 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474823952 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.474837065 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474841118 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.474854946 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474868059 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.474870920 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.474911928 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.487245083 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.503263950 CEST	49674	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:00.503523111 CEST	49675	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:00.615725994 CEST	49673	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:00.683478117 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683512926 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683530092 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683548927 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683567047 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683584929 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683588982 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.683604002 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683624983 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683633089 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.683640957 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683660030 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683676958 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683690071 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.683693886 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683712959 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683722019 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.683729887 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683741093 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.683748960 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683764935 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683769941 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.683782101 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:00.683815956 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.725236893 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.882374048 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:00.882435083 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:00.882534981 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:00.897882938 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:00.897900105 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:00.929683924 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.929908991 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:00.930628061 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.138962984 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.139086962 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.139615059 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.152439117 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.152560949 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.191203117 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.191205978 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.191395998 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.368426085 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.368455887 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.368859053 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.400892973 CEST	49720	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.401537895 CEST	49721	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.402019978 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.402422905 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.402914047 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.414613962 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.420474052 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.520580053 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.520766020 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.609519005 CEST	2096	49720	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.609607935 CEST	49720	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.609972000 CEST	49720	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.610205889 CEST	2096	49721	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.610671997 CEST	49721	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.610688925 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.610760927 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.610969067 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.610990047 CEST	49721	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.611030102 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.611285925 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.611423969 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.611551046 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.611614943 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.611741066 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.626467943 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.632426023 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.670622110 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.680110931 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.729825020 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.730084896 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.730103970 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.730155945 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.772504091 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.772576094 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.772685051 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.773353100 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.773367882 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.773384094 CEST	49719	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.773390055 CEST	443	49719	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.774530888 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.818504095 CEST	2096	49720	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.819629908 CEST	2096	49721	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.819792032 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.820168972 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.820312977 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.821712017 CEST	2096	49720	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.822899103 CEST	2096	49721	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.825097084 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.825136900 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.825154066 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.825172901 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.825207949 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.825249910 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.826076984 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.826122999 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.826142073 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.826158047 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.826199055 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.826220036 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.827126026 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.827148914 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.827166080 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.827182055 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:01.827198982 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.827227116 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.840969086 CEST	49721	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.841156960 CEST	49720	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:01.974441051 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.974474907 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.974529028 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.974900961 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:01.974912882 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:01.995803118 CEST	443	49703	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:01.995891094 CEST	49703	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:02.034048080 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.034523010 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.034795046 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.035157919 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.035788059 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.036217928 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.088928938 CEST	2096	49721	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.089673042 CEST	2096	49720	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.220648050 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.220722914 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:02.222944975 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:02.222955942 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.223297119 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.224781036 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:02.244043112 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.244307041 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.244443893 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.244573116 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.245096922 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.245405912 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.268125057 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.455955982 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456012011 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456053019 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456091881 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456123114 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456173897 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456182957 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456221104 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456259012 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456264973 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456299067 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456341028 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456345081 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456383944 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456428051 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456713915 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456758976 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456798077 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456835032 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456846952 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456871986 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456881046 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456912041 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456950903 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.456960917 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.456988096 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.457026958 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.457036018 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.457063913 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.457107067 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.460093975 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460149050 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460186958 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460205078 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.460227966 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460266113 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460270882 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.460306883 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460345030 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460351944 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.460385084 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460423946 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460443974 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.460460901 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.460510015 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.468730927 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.468844891 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.469269991 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:02.470670938 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:02.470712900 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.470742941 CEST	49726	443	192.168.2.5	23.46.214.6
Apr 23, 2024 21:46:02.470757961 CEST	443	49726	23.46.214.6	192.168.2.5
Apr 23, 2024 21:46:02.622843027 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.623022079 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.624187946 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.624387026 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.625890017 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.626566887 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665316105 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665347099 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665365934 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665384054 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665404081 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665411949 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665422916 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665436983 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665441036 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665458918 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665471077 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665477037 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665508032 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665707111 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665728092 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665745974 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665765047 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665777922 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665805101 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665807962 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665822029 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665839911 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665857077 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.665859938 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.665908098 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.669157028 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669178009 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669194937 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669213057 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669229984 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669229984 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.669249058 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669262886 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.669269085 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669285059 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.669286966 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.669336081 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.709327936 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.718540907 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.731812954 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.742031097 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.779359102 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.785268068 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.786072969 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.831899881 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.831979036 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.832505941 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.832559109 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.832961082 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.833008051 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.833036900 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.833267927 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.833326101 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.833857059 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.834165096 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.834563017 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.834621906 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.835103035 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.835130930 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.835159063 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.835447073 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.836141109 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.927402020 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.927464008 CEST	2096	49724	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.927465916 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.927521944 CEST	49724	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.940874100 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.940947056 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.940968990 CEST	2096	49722	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.941020966 CEST	49722	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.950998068 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.951034069 CEST	2096	49723	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.951086044 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.951119900 CEST	49723	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.988290071 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.988379955 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.989057064 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.993822098 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.993907928 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.994512081 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.994714975 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:02.995111942 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:02.995553970 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.041846037 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.042221069 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.043622017 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.043934107 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.044481039 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.044848919 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.044903994 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.044941902 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.044991970 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.045042992 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.045058966 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.045123100 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.047040939 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047080040 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047117949 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047152042 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047173977 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.047441006 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.047780037 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047820091 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047861099 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047894955 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.047894955 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.047957897 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.050959110 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.051029921 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.051068068 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.051101923 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.051146984 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.051146984 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.052258968 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.052297115 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.052334070 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.052367926 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.052396059 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.052458048 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.053004026 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.053085089 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.053138018 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.053172112 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.053216934 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.053217888 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.198018074 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.201153994 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.201669931 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.201869965 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.203339100 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.204216957 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.206300974 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.206795931 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.207137108 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.208745003 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.209012032 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.209146976 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.253984928 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.254805088 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.255888939 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.256495953 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.256499052 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.257141113 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.260085106 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.261054993 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.261099100 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.262034893 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.263576031 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.264077902 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.410670996 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.413887978 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.413994074 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414032936 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414068937 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414088964 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.414108038 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414132118 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.414148092 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414186001 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414226055 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414241076 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.414263010 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414268970 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.414300919 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.414531946 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.415900946 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.417802095 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.417916059 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.417956114 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.417992115 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418030024 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418059111 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.418067932 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418103933 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418121099 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.418143034 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418195963 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418232918 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418246984 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.418270111 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.418272018 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.418323994 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.419693947 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.419760942 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.419796944 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.419835091 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.419864893 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.419872046 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.419909954 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.419918060 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.419945002 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.419971943 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.420005083 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.420042038 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.420078039 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.420095921 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.420150042 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.465112925 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.465610981 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.465915918 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.466294050 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.466579914 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.466840982 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.472644091 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.473033905 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.473169088 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.473576069 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.476047039 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.477421999 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623162031 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623220921 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623261929 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623301029 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623307943 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623339891 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623346090 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623378038 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623413086 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623445988 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623449087 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623486996 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623496056 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623524904 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623562098 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623579979 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623617887 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623656034 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623692989 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623693943 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623729944 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623738050 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623766899 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623804092 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623841047 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623848915 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623877048 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.623887062 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.623914003 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.624130964 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.626280069 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.626848936 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.626889944 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.626928091 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.626961946 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.626967907 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627006054 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627042055 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627054930 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627118111 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627152920 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627187967 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627190113 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627229929 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627230883 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627268076 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627304077 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627321005 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627341032 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627377987 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627392054 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627422094 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627458096 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627474070 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627496004 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627517939 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627533913 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627584934 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.627589941 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627629042 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.627682924 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.628734112 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.628794909 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.628833055 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.628869057 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.628869057 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.628906012 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.628942966 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.628978014 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.628983021 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629020929 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629071951 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629111052 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629126072 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629147053 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629184008 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629220009 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629230022 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629256010 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629265070 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629293919 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629332066 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629368067 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629383087 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629405022 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629417896 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629442930 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629479885 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629515886 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.629532099 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.629576921 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.640876055 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.641515970 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.676460028 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.676693916 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.676745892 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.676780939 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.676810980 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.677206993 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.683244944 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.684196949 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.689024925 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.690263987 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.727168083 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.727185965 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.727190971 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.727191925 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.738501072 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.832602978 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.834686995 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.835278034 CEST	2096	49733	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.835443974 CEST	49733	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.837663889 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.837758064 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.849567890 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.849678993 CEST	2096	49734	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.849771023 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.849771023 CEST	49734	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.850343943 CEST	2096	49735	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.850393057 CEST	49735	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:03.899916887 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.899945974 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:03.900016069 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:04.139349937 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.139398098 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.139460087 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:04.194152117 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:04.194183111 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:04.402931929 CEST	2096	49715	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.402980089 CEST	49715	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:04.627067089 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.627249956 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.627307892 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:04.730456114 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.730487108 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.730503082 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.730545998 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:04.730629921 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:04.730674982 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:06.677181005 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.677267075 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.677347898 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:06.677434921 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.677448034 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.677488089 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:06.683665991 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.683707952 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.683779955 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:06.684650898 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.684724092 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.684783936 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:06.689502954 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.689542055 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.689629078 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:06.900230885 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.900316000 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:06.900460005 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.444827080 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445116043 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445280075 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445316076 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445369005 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445369005 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445544958 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445544958 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445616961 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445617914 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445727110 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445754051 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445889950 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445945978 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.445950985 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.446168900 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.446204901 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.446222067 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.654000998 CEST	2096	49728	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.654033899 CEST	2096	49729	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.654062986 CEST	49728	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.654093981 CEST	49729	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.654494047 CEST	2096	49731	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.654557943 CEST	49731	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.654623032 CEST	2096	49732	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.654675007 CEST	49732	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.654748917 CEST	2096	49714	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.654766083 CEST	2096	49730	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.654795885 CEST	49714	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.654824972 CEST	49730	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.654942036 CEST	2096	49716	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.654982090 CEST	49716	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.656315088 CEST	2096	49717	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.656368971 CEST	49717	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:09.656390905 CEST	2096	49727	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:09.656439066 CEST	49727	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:10.031496048 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:10.031573057 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:10.031636000 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:10.503144979 CEST	49718	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:10.503185034 CEST	443	49718	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:10.553117990 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:10.559111118 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:10.559156895 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:10.559226036 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:10.560317993 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:10.560336113 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:10.600123882 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:10.769309998 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:10.769418955 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:10.769551992 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:10.771060944 CEST	49711	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:10.771081924 CEST	443	49711	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:10.992933989 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:11.018802881 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:11.018830061 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:11.019354105 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:11.039628983 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:11.039877892 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:11.134102106 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:11.184077978 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:11.228116989 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:11.462544918 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:11.462655067 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:11.462825060 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:11.493758917 CEST	49741	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:11.493803978 CEST	443	49741	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:12.558202982 CEST	49703	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:12.558202982 CEST	49703	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:12.559071064 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:12.559120893 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:12.559181929 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:12.559650898 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:12.559669971 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:12.710658073 CEST	443	49703	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:12.710676908 CEST	443	49703	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:12.835180998 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:12.835280895 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:12.835361004 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:12.838017941 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:12.838057041 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:12.838113070 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:12.877228975 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:12.877315044 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:12.903810024 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:12.903834105 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:12.904000044 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:12.904036045 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.335954905 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.337462902 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.409740925 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.409765959 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.410207033 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.410231113 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.410470963 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.410712004 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.418801069 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.419002056 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.419745922 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.419861078 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.421004057 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.468107939 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.540693045 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:13.540730000 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:13.541168928 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:13.541248083 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:13.632124901 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.632200003 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.808779955 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.808914900 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:13.808983088 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.854821920 CEST	49747	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:13.854870081 CEST	443	49747	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:14.011858940 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:14.011969090 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:14.013446093 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:14.013477087 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:14.386691093 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:14.386781931 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:14.386878014 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:14.386917114 CEST	443	49746	23.1.237.91	192.168.2.5
Apr 23, 2024 21:46:14.386964083 CEST	49746	443	192.168.2.5	23.1.237.91
Apr 23, 2024 21:46:14.646549940 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:14.646656990 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:14.646730900 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:14.647727013 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:14.647777081 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:14.667135954 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:14.708122969 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:14.886791945 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:14.886890888 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:14.886946917 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:14.888349056 CEST	49748	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:14.888365984 CEST	443	49748	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:15.079710960 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:15.144061089 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:15.144144058 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:15.144776106 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:15.150701046 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:15.150902987 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:15.231125116 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.565454960 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.565560102 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.565663099 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.566613913 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.566633940 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.600781918 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.648118973 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.817259073 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.817362070 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.817413092 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.819891930 CEST	49751	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.819911003 CEST	443	49751	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.998415947 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.998754025 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.998786926 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.999128103 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:16.999739885 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:16.999835014 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:17.139416933 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.537614107 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.537663937 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.537790060 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.538125038 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.538141966 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.551528931 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.592128992 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.767862082 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.767944098 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.768173933 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.769550085 CEST	49752	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.769576073 CEST	443	49752	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.970616102 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.971188068 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.971201897 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.971631050 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:18.980345964 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:18.980464935 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:19.032016993 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:20.586312056 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:20.586355925 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:20.586419106 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:20.589828968 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:20.589842081 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:20.622158051 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:20.664124966 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:20.838598013 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:20.838694096 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:20.838829041 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:20.841093063 CEST	49753	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:20.841110945 CEST	443	49753	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:21.021671057 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:21.045509100 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:21.045536995 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:21.046051979 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:21.047154903 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:21.047229052 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:21.093899012 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:22.551372051 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:22.551429033 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:22.551484108 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:22.552026987 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:22.552038908 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:22.603046894 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:22.644153118 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:22.819441080 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:22.819535017 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:22.819582939 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:22.856817961 CEST	49754	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:22.856848001 CEST	443	49754	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:22.983789921 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:23.011061907 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:23.011101007 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:23.011662006 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:23.014035940 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:23.014116049 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:23.063345909 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:25.804028034 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:25.848124981 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:25.860809088 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:25.860858917 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:25.860919952 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:25.862129927 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:25.862138033 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.020848989 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.020967007 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.021033049 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:26.023333073 CEST	49755	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:26.023355007 CEST	443	49755	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.293458939 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.293816090 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:26.293833971 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.294188023 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.294517994 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:26.294576883 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:26.341331005 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:28.573776960 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:28.573807955 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:28.573874950 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:28.574346066 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:28.574362993 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:28.576139927 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:28.620117903 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:28.792300940 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:28.792501926 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:28.792574883 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:28.793323040 CEST	49756	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:28.793353081 CEST	443	49756	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:29.006256104 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:29.006550074 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:29.006567955 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:29.006918907 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:29.007246971 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:29.007311106 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:29.046746969 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:31.823393106 CEST	2096	49720	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:31.823550940 CEST	2096	49720	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:31.823645115 CEST	49720	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:31.825176001 CEST	2096	49721	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:31.825531006 CEST	2096	49721	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:31.825592995 CEST	49721	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:32.504745960 CEST	49721	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:32.504813910 CEST	49720	2096	192.168.2.5	136.243.80.35
Apr 23, 2024 21:46:32.713363886 CEST	2096	49720	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:32.713458061 CEST	2096	49721	136.243.80.35	192.168.2.5
Apr 23, 2024 21:46:49.240287066 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:49.240392923 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:49.240458965 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:50.502616882 CEST	49757	443	192.168.2.5	185.38.249.30
Apr 23, 2024 21:46:50.502655983 CEST	443	49757	185.38.249.30	192.168.2.5
Apr 23, 2024 21:46:59.766515970 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:59.766573906 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:59.766648054 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:59.766876936 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:59.766896963 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:59.980375051 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:59.980700970 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:59.980725050 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:59.981082916 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:46:59.981432915 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:46:59.981497049 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:47:00.030523062 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:47:09.982563019 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:47:09.982728004 CEST	443	49760	172.253.124.106	192.168.2.5
Apr 23, 2024 21:47:09.982837915 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:47:10.506987095 CEST	49760	443	192.168.2.5	172.253.124.106
Apr 23, 2024 21:47:10.507031918 CEST	443	49760	172.253.124.106	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 23, 2024 21:45:56.205852032 CEST	53	60290	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:56.270157099 CEST	53	56767	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:56.869019985 CEST	53	58788	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:57.641066074 CEST	54027	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:45:57.641206980 CEST	50326	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:45:57.975043058 CEST	53	50326	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:57.987910032 CEST	53	54027	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:58.979618073 CEST	61391	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:45:58.979768038 CEST	63957	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:45:59.327254057 CEST	53	61391	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:59.445981026 CEST	53	63957	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:59.709557056 CEST	50062	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:45:59.710055113 CEST	53656	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:45:59.814652920 CEST	53	50062	1.1.1.1	192.168.2.5
Apr 23, 2024 21:45:59.814734936 CEST	53	53656	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:01.512634039 CEST	53	59961	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:01.520163059 CEST	53	58725	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:02.442629099 CEST	62058	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:46:02.443285942 CEST	51201	53	192.168.2.5	1.1.1.1
Apr 23, 2024 21:46:02.549110889 CEST	53	62058	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:02.922890902 CEST	53	51201	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:15.255728006 CEST	53	51539	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:34.145915031 CEST	53	59479	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:55.547172070 CEST	53	59511	1.1.1.1	192.168.2.5
Apr 23, 2024 21:46:56.939085007 CEST	53	62167	1.1.1.1	192.168.2.5

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Apr 23, 2024 21:45:59.446046114 CEST	192.168.2.5	1.1.1.1	c22f	(Port unreachable)	Destination Unreachable
Apr 23, 2024 21:46:02.922975063 CEST	192.168.2.5	1.1.1.1	c22f	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 23, 2024 21:45:57.641066074 CEST	192.168.2.5	1.1.1.1	0xe689	Standard query (0)	webmail.cmxserver.com	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:57.641206980 CEST	192.168.2.5	1.1.1.1	0x855a	Standard query (0)	webmail.cmxserver.com	65	IN (0x0001)	false
Apr 23, 2024 21:45:58.979618073 CEST	192.168.2.5	1.1.1.1	0xb832	Standard query (0)	technonace.com	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:58.979768038 CEST	192.168.2.5	1.1.1.1	0x8596	Standard query (0)	_2096._https.technonace.com	65	IN (0x0001)	false
Apr 23, 2024 21:45:59.709557056 CEST	192.168.2.5	1.1.1.1	0xabfb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.710055113 CEST	192.168.2.5	1.1.1.1	0xf87e	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 23, 2024 21:46:02.442629099 CEST	192.168.2.5	1.1.1.1	0x8e9f	Standard query (0)	technonace.com	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:46:02.443285942 CEST	192.168.2.5	1.1.1.1	0x8eb2	Standard query (0)	_2096._https.technonace.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Apr 23, 2024 21:45:57.987910032 CEST	1.1.1.1	192.168.2.5	0xe689	No error (0)	webmail.cmxserver.com		185.38.249.30	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.327254057 CEST	1.1.1.1	192.168.2.5	0xb832	No error (0)	technonace.com		136.243.80.35	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.445981026 CEST	1.1.1.1	192.168.2.5	0x8596	Name error (3)	_2096._https.technonace.com	none	none	65	IN (0x0001)	false
Apr 23, 2024 21:45:59.814652920 CEST	1.1.1.1	192.168.2.5	0xabfb	No error (0)	www.google.com		172.253.124.106	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.814652920 CEST	1.1.1.1	192.168.2.5	0xabfb	No error (0)	www.google.com		172.253.124.105	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.814652920 CEST	1.1.1.1	192.168.2.5	0xabfb	No error (0)	www.google.com		172.253.124.99	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.814652920 CEST	1.1.1.1	192.168.2.5	0xabfb	No error (0)	www.google.com		172.253.124.147	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.814652920 CEST	1.1.1.1	192.168.2.5	0xabfb	No error (0)	www.google.com		172.253.124.104	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.814652920 CEST	1.1.1.1	192.168.2.5	0xabfb	No error (0)	www.google.com		172.253.124.103	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:45:59.814734936 CEST	1.1.1.1	192.168.2.5	0xf87e	No error (0)	www.google.com			65	IN (0x0001)	false
Apr 23, 2024 21:46:02.549110889 CEST	1.1.1.1	192.168.2.5	0x8e9f	No error (0)	technonace.com		136.243.80.35	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:46:02.922890902 CEST	1.1.1.1	192.168.2.5	0x8eb2	Name error (3)	_2096._https.technonace.com	none	none	65	IN (0x0001)	false
Apr 23, 2024 21:46:12.210781097 CEST	1.1.1.1	192.168.2.5	0x181f	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:46:12.210781097 CEST	1.1.1.1	192.168.2.5	0x181f	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:46:12.322287083 CEST	1.1.1.1	192.168.2.5	0xf068	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 21:46:12.322287083 CEST	1.1.1.1	192.168.2.5	0xf068	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:46:26.279673100 CEST	1.1.1.1	192.168.2.5	0x7541	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 21:46:26.279673100 CEST	1.1.1.1	192.168.2.5	0x7541	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:46:49.262855053 CEST	1.1.1.1	192.168.2.5	0x3710	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 21:46:49.262855053 CEST	1.1.1.1	192.168.2.5	0x3710	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 23, 2024 21:47:08.325058937 CEST	1.1.1.1	192.168.2.5	0xe551	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 21:47:08.325058937 CEST	1.1.1.1	192.168.2.5	0xe551	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

webmail.cmxserver.com

fs.microsoft.com

https:

www.bing.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49710	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:45:58 UTC	729	OUT	GET /authsecure/index.php?email=kaylen@virtualintelligencebriefing.com HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 19:45:58 UTC	247	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:45:58 GMT Server: Apache/2 X-Powered-By: PHP/8.1.14 Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding,User-Agent Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-04-23 19:45:58 UTC	7945	IN	Data Raw: 39 34 33 34 0d 0a ef bb bf 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 31 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 Data Ascii: 9434<!DOCTYPE html><html lang="en" dir="ltr"><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=1"> <meta
2024-04-23 19:45:58 UTC	177	IN	Data Raw: 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 63 61 6c 65 2d 63 65 6c 6c 22 3e 3c 61 20 68 72 65 66 3d 22 3f 6c 6f 63 61 6c 65 3d 66 69 6c 22 3e 46 69 6c 69 70 69 6e 6f 3c 2f 61 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 63 61 6c 65 2d 63 65 6c 6c 22 3e 3c 61 20 68 72 65 66 3d 22 3f 6c 6f 63 61 6c 65 3d 66 72 22 3e 66 72 61 6e c3 a7 61 Data Ascii: <div class="locale-cell"><a href="?locale=fil">Filipino</a></div> <div class="locale-cell"><a href="?locale=fr">frana
2024-04-23 19:45:59 UTC	4675	IN	Data Raw: 69 73 3c 2f 61 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 63 61 6c 65 2d 63 65 6c 6c 22 3e 3c 61 20 68 72 65 66 3d 22 3f 6c 6f 63 61 6c 65 3d 68 65 22 3e d7 a2 d7 91 d7 a8 d7 99 d7 aa 3c 2f 61 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 63 61 6c 65 2d 63 65 6c 6c 22 3e 3c 61 20 68 72 65 66 3d 22 3f 6c 6f 63 61 6c 65 3d 68 69 22 3e e0 a4 b9 e0 a4 bf e0 a4 a8 e0 a5 8d e0 a4 a6 e0 a5 80 3c 2f 61 3e 3c Data Ascii: is</a></div> <div class="locale-cell"><a href="?locale=he"></a></div> <div class="locale-cell"><a href="?locale=hi"></a><
2024-04-23 19:45:59 UTC	3496	IN	Data Raw: 6b 61 79 6c 65 6e 40 76 69 72 74 75 61 6c 69 6e 74 65 6c 6c 69 67 65 6e 63 65 62 72 69 65 66 69 6e 67 2e 63 6f 6d 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 45 6e 74 65 72 20 79 6f 75 72 20 65 6d 61 69 6c 20 61 64 64 72 65 73 73 2e 22 20 63 6c 61 73 73 3d 22 73 74 64 5f 74 65 78 74 62 6f 78 22 20 74 79 70 65 3d 22 74 65 78 74 22 20 20 74 61 62 69 6e 64 65 78 3d 22 31 22 20 72 65 71 75 69 72 65 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 72 65 71 2d 6c 6f 67 69 6e 20 6c 6f 67 69 6e 2d 70 61 73 73 77 6f 72 64 2d 66 69 65 6c 64 Data Ascii: kaylen@virtualintelligencebriefing.com" placeholder="Enter your email address." class="std_textbox" type="text" tabindex="1" required> </div> <div class="input-req-login login-password-field
2024-04-23 19:45:59 UTC	8192	IN	Data Raw: 83 d0 ba d1 80 d0 b0 d1 97 d0 bd d1 81 d1 8c d0 ba d0 b0 3c 2f 6f 70 74 69 6f 6e 3e 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 27 76 69 27 3e 54 69 e1 ba bf 6e 67 20 56 69 e1 bb 87 74 3c 2f 6f 70 74 69 6f 6e 3e 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 27 7a 68 27 3e e4 b8 ad e6 96 87 3c 2f 6f 70 74 69 6f 6e 3e 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 27 7a 68 5f 63 6e 27 3e e4 b8 ad e6 96 87 ef bc 88 e4 b8 ad e5 9b bd ef bc 89 3c 2f 6f 70 74 69 6f 6e 3e 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 27 7a 68 5f 74 77 27 3e e4 b8 ad e6 96 87 ef bc 88 e5 8f b0 e6 b9 be ef bc 89 3c 2f 6f 70 74 69 6f 6e 3e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 6c 65 63 74 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: </option><option value='vi'>Ting Vit</option><option value='zh'></option><option value='zh_cn'></option><option value='zh_tw'></option> </select>
2024-04-23 19:45:59 UTC	8192	IN	Data Raw: 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 2e 6e 6f 74 69 63 65 73 22 29 3b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 72 65 73 75 6c 74 2e 6e 6f 74 69 63 65 73 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 6e 65 77 5f 70 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 70 22 29 3b 6e 65 77 5f 70 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3d 72 65 73 75 6c 74 2e 6e 6f 74 69 63 65 73 5b 6e 5d 2e 63 6f 6e 74 65 6e 74 3b 63 6f 6e 74 61 69 6e 65 72 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 6e 65 77 5f 70 29 7d 63 6c 69 63 6b 5f 66 6f 72 6d 2e 6f 6e 73 75 62 6d 69 74 3d 72 65 64 69 72 65 63 74 6f 72 3b 66 61 64 65 5f 6f 75 74 28 6c 6f 67 69 6e 5f 66 6f 72 6d 29 3b 66 61 64 65 5f 69 6e 28 63 6c 69 63 6b 5f 66 6f 72 6d 29 7d 65 6c 73 65 7b Data Ascii: querySelector(".notices");for(var n=0;n<result.notices.length;n++){var new_p=document.createElement("p");new_p.textContent=result.notices[n].content;container.appendChild(new_p)}click_form.onsubmit=redirector;fade_out(login_form);fade_in(click_form)}else{
2024-04-23 19:45:59 UTC	5264	IN	Data Raw: 65 5a 6f 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 6e 3d 7b 22 41 6d 65 72 69 63 61 2f 44 65 6e 76 65 72 22 3a 5b 22 41 6d 65 72 69 63 61 2f 44 65 6e 76 65 72 22 2c 22 41 6d 65 72 69 63 61 2f 4d 61 7a 61 74 6c 61 6e 22 5d 2c 22 41 6d 65 72 69 63 61 2f 43 68 69 63 61 67 6f 22 3a 5b 22 41 6d 65 72 69 63 61 2f 43 68 69 63 61 67 6f 22 2c 22 41 6d 65 72 69 63 61 2f 4d 65 78 69 63 6f 5f 43 69 74 79 22 5d 2c 22 41 6d 65 72 69 63 61 2f 53 61 6e 74 69 61 67 6f 22 3a 5b 22 41 6d 65 72 69 63 61 2f 53 61 6e 74 69 61 67 6f 22 2c 22 41 6d 65 72 69 63 61 2f 41 73 75 6e 63 69 6f 6e 22 2c 22 41 6d 65 72 69 63 61 2f 43 61 6d 70 6f 5f 47 72 61 6e 64 65 22 5d 2c 22 41 6d 65 72 69 63 61 2f 4d 6f 6e 74 65 76 69 64 65 6f 22 Data Ascii: eZone=function(e){"use strict";var n={"America/Denver":["America/Denver","America/Mazatlan"],"America/Chicago":["America/Chicago","America/Mexico_City"],"America/Santiago":["America/Santiago","America/Asuncion","America/Campo_Grande"],"America/Montevideo"
2024-04-23 19:45:59 UTC	5	IN	Data Raw: 74 6d 6c 3e 0a Data Ascii: tml>
2024-04-23 19:45:59 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-04-23 19:45:59 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49719	23.46.214.6	443

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:01 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-23 19:46:01 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/073D) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus2-z1 Cache-Control: public, max-age=40657 Date: Tue, 23 Apr 2024 19:46:01 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49726	23.46.214.6	443

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:02 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-23 19:46:02 UTC	520	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-MSEdge-Ref: Ref A: 86D4C1EC23844E65A40A9F1508D7BABF Ref B: BL2EDGE2514 Ref C: 2023-04-05T23:36:05Z Cache-Control: public, max-age=40636 Date: Tue, 23 Apr 2024 19:46:02 GMT Content-Length: 55 Connection: close X-CID: 2
2024-04-23 19:46:02 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49711	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:10 UTC	693	OUT	GET /resetpass?start=1 HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:10 UTC	166	IN	HTTP/1.1 404 Not Found Date: Tue, 23 Apr 2024 19:46:10 GMT Server: Apache/2 Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-04-23 19:46:10 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.5	49741	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:11 UTC	647	OUT	GET /favicon.ico HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://webmail.cmxserver.com/resetpass?start=1 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:11 UTC	166	IN	HTTP/1.1 404 Not Found Date: Tue, 23 Apr 2024 19:46:11 GMT Server: Apache/2 Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-04-23 19:46:11 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.5	49747	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:13 UTC	686	OUT	GET /?locale=en HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:13 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:13 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:13 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Session ID	Source IP	Source Port	Destination IP	Destination Port
6	192.168.2.5	49746	23.1.237.91	443

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:14 UTC	2148	OUT	POST /threshold/xls.aspx HTTP/1.1 Origin: https://www.bing.com Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH Content-type: text/xml X-Agent-DeviceId: 01000A410900D492 X-BM-CBT: 1696428841 X-BM-DateFormat: dd/MM/yyyy X-BM-DeviceDimensions: 784x984 X-BM-DeviceDimensionsLogical: 784x984 X-BM-DeviceScale: 100 X-BM-DTZ: 120 X-BM-Market: CH X-BM-Theme: 000000;0078d7 X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E X-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22 X-Device-isOptin: false X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A} X-Device-OSSKU: 48 X-Device-Touch: false X-DeviceID: 01000A410900D492 X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticsh X-MSEdge-ExternalExpType: JointCoord X-PositionerType: Desktop X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI X-Search-CortanaAvailableCapabilities: None X-Search-SafeSearch: Moderate X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time X-UserAgeClass: Unknown Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: www.bing.com Content-Length: 2484 Connection: Keep-Alive Cache-Control: no-cache Cookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1713901541037&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF
2024-04-23 19:46:14 UTC	1	OUT	Data Raw: 3c Data Ascii: <
2024-04-23 19:46:14 UTC	2483	OUT	Data Raw: 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 33 36 34 34 46 44 37 34 44 46 31 36 36 31 38 46 30 38 46 37 45 43 30 33 44 45 35 35 36 30 30 31 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 37 35 32 32 38 31 35 36 37 30 33 41 34 30 44 35 42 39 37 45 35 41 36 38 33 36 46 32 41 31 43 45 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43 49 Data Ascii: ClientInstRequest><CID>3644FD74DF16618F08F7EC03DE556001</CID><Events><E><T>Event.ClientInst</T><IG>75228156703A40D5B97E5A6836F2A1CE</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"CI
2024-04-23 19:46:14 UTC	479	IN	HTTP/1.1 204 No Content Access-Control-Allow-Origin: * Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version X-MSEdge-Ref: Ref A: CFF8C1B545B94E1BB26F41900E8587E6 Ref B: LAX311000111019 Ref C: 2024-04-23T19:46:14Z Date: Tue, 23 Apr 2024 19:46:14 GMT Connection: close Alt-Svc: h3=":443"; ma=93600 X-CDN-TraceID: 0.57ed0117.1713901574.80d42d0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.5	49748	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:14 UTC	686	OUT	GET /?locale=ar HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:14 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:14 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:14 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.5	49751	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:16 UTC	686	OUT	GET /?locale=bg HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:16 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:16 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:16 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.5	49752	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:18 UTC	686	OUT	GET /?locale=bn HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:18 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:18 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:18 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.5	49753	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:20 UTC	686	OUT	GET /?locale=cs HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:20 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:20 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:20 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.5	49754	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:22 UTC	686	OUT	GET /?locale=da HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:22 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:22 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:22 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.5	49755	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:25 UTC	686	OUT	GET /?locale=de HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:26 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:25 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:26 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.5	49756	185.38.249.30	443	5376	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-23 19:46:28 UTC	686	OUT	GET /?locale=el HTTP/1.1 Host: webmail.cmxserver.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: timezone=Europe/Berlin
2024-04-23 19:46:28 UTC	294	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:46:28 GMT Server: Apache/2 Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 14 Mar 2024 00:11:05 GMT ETag: "193-61393ba3b100c" Accept-Ranges: bytes Content-Length: 403 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-04-23 19:46:28 UTC	403	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0a 77 65 62 6d 61 69 6c 2e 63 6d 78 73 65 72 76 65 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 2a 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 74 3b 20 43 4f 4c 4f 52 3a 20 67 72 61 79 3b 20 7d 0a 62 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 7d 0a 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 67 72 61 79 3b 7d 0a 74 64 20 7b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 70 61 64 64 69 6e 67 3a 20 32 35 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 0a 3c 62 72 3e 3c 62 72 Data Ascii: <html><head><title>webmail.cmxserver.com</title><style>* { font-family: verdana; font-size: 10pt; COLOR: gray; }b { font-weight: bold; }table { border: 1px solid gray;}td { text-align: center; padding: 25;}</style></head><body><center><br><br

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 348, Parent PID: 6108

General

Target ID:	0
Start time:	21:45:51
Start date:	23/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5376, Parent PID: 348

General

Target ID:	2
Start time:	21:45:54
Start date:	23/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 --field-trial-handle=2236,i,4940320550483537317,12252077527601305955,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2700, Parent PID: 6108

General

Target ID:	3
Start time:	21:45:57
Start date:	23/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://webmail.cmxserver.com/authsecure/index.php?email=kaylen@virtualintelligencebriefing.com"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly