Edit tour
Windows
Analysis Report
POETDB24-25771.xla.xlsx
Overview
General Information
| Sample name: | POETDB24-25771.xla.xlsx |
| Analysis ID: | 1633349 |
| MD5: | 70ff76bdbb7897e2c3731021351facd3 |
| SHA1: | 107545e7202e995328364052a96083e743881acc |
| SHA256: | faf027205ff3109e74b13910c005ddb30148d1c9bb71f4d8739949d04a6be27d |
| Tags: | xlaxlsxuser-abuse_ch |
| Infos: |  |
 | |
Detection
| Score: | 56 |
| Range: | 0 - 100 |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
Document exploit detected (process start blacklist hit)
Sigma detected: Suspicious Microsoft Office Child Process
Document contains embedded VBA macros
Document embeds suspicious OLE2 link
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Sample execution stops while process was sleeping (likely an evasion)
Searches for the Microsoft Outlook file path
Sigma detected: Excel Network Connections
Sigma detected: Suspicious Office Outbound Connections
Suricata IDS alerts with low severity for network traffic
Unable to load, office file is protected or invalid
Uses a known web browser user agent for HTTP communication
Classification
- System is w10x64
EXCEL.EXE (PID: 6456 cmdline: "C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\EXCEL .EXE" /aut omation -E mbedding MD5: 4A871771235598812032C822E6F68F19) 
mshta.exe (PID: 2848 cmdline: C:\Windows \SysWOW64\ mshta.exe -Embedding MD5: 06B02D5C097C7DB1F109749C45F3F505) 
splwow64.exe (PID: 4700 cmdline: C:\Windows \splwow64. exe 12288 MD5: 77DE7761B037061C7C112FD3C5B91E73)
- EXCEL.EXE (PID: 1048 cmdline:
"C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\EXCEL .EXE" "C:\ Users\user \Desktop\P OETDB24-25 771.xla.xl sx" MD5: 4A871771235598812032C822E6F68F19)
- cleanup
⊘No configs have been found
⊘No yara matches
System Summary |   |
|---|
| Source: | Author: Florian Roth (Nextron Systems), Markus Neis, FPT.EagleEye Team, Vadim Khrykov, Cyb3rEng, Michael Haag, Christopher Peacock @securepeacock, @scythe_io: | ||
| Source: | Author: Christopher Peacock '@securepeacock', SCYTHE '@scythe_io', Florian Roth '@Neo23x0", Tim Shelton: | ||
| Source: | Author: X__Junior (Nextron Systems): | ||
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-10T09:27:00.031529+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.7 | 49701 | 13.107.246.60 | 443 | TCP |
| 2025-03-10T09:27:08.233163+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.7 | 49705 | 13.107.246.60 | 443 | TCP |
| 2025-03-10T09:27:08.297829+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.7 | 49704 | 13.107.246.60 | 443 | TCP |
| 2025-03-10T09:27:08.379185+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.7 | 49703 | 40.90.65.44 | 443 | TCP |
Click to jump to signature section
Show All Signature Results
AV Detection | |
|---|
| Source: | Virustotal: | Perma Link | ||
| Source: | ReversingLabs: | |||
| Source: | File opened: | Jump to behavior | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
Software Vulnerabilities | |
|---|
| Source: | Process created: | ||
| Source: | DNS query: | ||
| Source: | DNS query: | ||
| Source: | DNS query: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | IP Address: | ||
| Source: | JA3 fingerprint: | ||
| Source: | JA3 fingerprint: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | OLE indicator, VBA macros: | ||
| Source: | Stream path 'MBD004FA1DE/\x1Ole' : | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Window title found: | ||
| Source: | Classification label: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | OLE indicator, Workbook stream: | ||
| Source: | File read: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Virustotal: | ||
| Source: | ReversingLabs: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
| Source: | Window detected: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Static file information: | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | Initial sample: | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Stream path 'MBD004FA1DD/Package' entropy: | ||
| Source: | Stream path 'Workbook' entropy: | ||
| Source: | Window / User API: | Jump to behavior | ||
| Source: | Last function: | ||
| Source: | Last function: | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Process information queried: | Jump to behavior | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | 1 Scripting | Valid Accounts | 13 Exploitation for Client Execution | 1 Scripting | 1 Process Injection | 2 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | 1 Email Collection | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Virtualization/Sandbox Evasion | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Process Injection | Security Account Manager | 1 Application Window Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Obfuscated Files or Information | NTDS | 1 File and Directory Discovery | Distributed Component Object Model | Input Capture | 13 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 DLL Side-Loading | LSA Secrets | 2 System Information Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 25% | Virustotal | Browse | ||
| 21% | ReversingLabs | Document-Excel.Exploit.CVE-2017-0199 |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| bg.microsoft.map.fastly.net | 199.232.210.172 | true | false | high | |
| s-0005.dual-s-msedge.net | 52.123.128.14 | true | false | high | |
| service-eks-nlb-public-0b7cb0a32741e125.elb.ap-northeast-2.amazonaws.com | 3.39.153.44 | true | false | unknown | |
| ltsr9a.msedge.net | 40.90.65.44 | true | false | unknown | |
| s-part-0032.t-0009.t-msedge.net | 13.107.246.60 | true | false | high | |
| otelrules.svc.static.microsoft | unknown | unknown | false | high | |
| link.saja.market | unknown | unknown | false | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | high | ||
| false |
| unknown | |
| false | high | ||
| false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 198.23.187.151 | unknown | United States | 36352 | AS-COLOCROSSINGUS | false | |
| 3.39.153.44 | service-eks-nlb-public-0b7cb0a32741e125.elb.ap-northeast-2.amazonaws.com | United States | 8987 | AMAZONEXPANSIONGB | false | |
| 13.107.246.60 | s-part-0032.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 40.90.65.44 | ltsr9a.msedge.net | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false |
| Joe Sandbox version: | 42.0.0 Malachite |
| Analysis ID: | 1633349 |
| Start date and time: | 2025-03-10 09:24:38 +01:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 5m 22s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowsofficecookbook.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Run name: | Without Instrumentation |
| Number of analysed new started processes analysed: | 18 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | POETDB24-25771.xla.xlsx |
| Detection: | MAL |
| Classification: | mal56.expl.winXLSX@6/4@3/4 |
| EGA Information: | Failed |
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, sppsvc.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe, MavInject32.exe
- Excluded IPs from analysis (whitelisted): 52.109.32.97, 23.60.203.209, 52.109.28.47, 199.232.210.172, 20.42.72.131, 20.42.73.26, 20.189.173.26, 52.123.128.14, 4.245.163.56, 40.126.32.140
- Excluded domains from analysis (whitelisted): onedscolprdwus19.westus.cloudapp.azure.com, slscr.update.microsoft.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, eur.roaming1.live.com.akadns.net, mobile.events.data.microsoft.com, roaming.officeapps.live.com, dual-s-0005-office.config.skype.com, login.live.com, onedscolprdeus09.eastus.cloudapp.azure.com, officeclient.microsoft.com, ukw-azsc-config.officeapps.live.com, prod.fs.microsoft.com.akadns.net, c.pki.goog, wu-b-net.trafficmanager.net, ecs.office.com, self-events-data.trafficmanager.net, fs.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, prod.configsvc1.live.com.akadns.net, self.events.data.microsoft.com, ctldl.windowsupdate.com, prod.roaming1.live.com.akadns.net, osiprod-uks-buff-azsc-000.uksouth.cloudapp.azure.com, fe3cr.delivery.mp.microsoft.com, uks-azsc-000.roaming.officeapps.live.com, config.officeapps.live.com, e16604.f.akamaiedge.net, onedscolprdeus00.eastus.cloudapp.azure.co
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtCreateKey calls found.
- Report size getting too big, too many NtQueryAttributesFile calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtReadVirtualMemory calls found.
- Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
| Time | Type | Description |
|---|---|---|
| 04:26:48 | API Interceptor |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 198.23.187.151 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| 3.39.153.44 | Get hash | malicious | Unknown | Browse | ||
| 13.107.246.60 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| service-eks-nlb-public-0b7cb0a32741e125.elb.ap-northeast-2.amazonaws.com | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| s-part-0032.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | DCRat | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Remcos | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| s-0005.dual-s-msedge.net | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Nitrogen | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | ScreenConnect Tool | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| bg.microsoft.map.fastly.net | Get hash | malicious | Remcos, GuLoader | Browse |
| |
| Get hash | malicious | Remcos, GuLoader | Browse |
| ||
| Get hash | malicious | Remcos, GuLoader | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | CobaltStrike, Metasploit | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | XWorm | Browse |
| ||
| Get hash | malicious | AsyncRAT, DarkTortilla, XWorm | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| AS-COLOCROSSINGUS | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Remcos | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| MICROSOFT-CORP-MSN-AS-BLOCKUS | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai, Moobot | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| AMAZONEXPANSIONGB | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | FormBook | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Cobalt Strike, FormBook | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | FormBook | Browse |
| ||
| Get hash | malicious | FormBook | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 6271f898ce5be7dd52b0fc260d0662b3 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| a0e9f5d64349fb13191bc781f81f42e1 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | LummaC Stealer, RHADAMANTHYS | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
|
⊘No context
C:\Program Files (x86)\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\HeartbeatCache.xml
Download File
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 118 |
| Entropy (8bit): | 3.5700810731231707 |
| Encrypted: | false |
| SSDEEP: | 3:QaklTlAlXMLLmHlIlFLlmIK/5lTn84vlJlhlXlDHlA6l3l6Als:QFulcLk04/5p8GVz6QRq |
| MD5: | 573220372DA4ED487441611079B623CD |
| SHA1: | 8F9D967AC6EF34640F1F0845214FBC6994C0CB80 |
| SHA-256: | BE84B842025E4241BFE0C9F7B8F86A322E4396D893EF87EA1E29C74F47B6A22D |
| SHA-512: | F19FA3583668C3AF92A9CEF7010BD6ECEC7285F9C8665F2E9528DBA606F105D9AF9B1DB0CF6E7F77EF2E395943DC0D5CB37149E773319078688979E4024F9DD7 |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 794 |
| Entropy (8bit): | 2.7142819241824805 |
| Encrypted: | false |
| SSDEEP: | 24:YIrNvpKAzLtwcfHGF8AJp9WtAZRJ5poIHWI:YmbfzLSc88AJtfJ52IHV |
| MD5: | BD9E767E74B38030B097E6FED6464EB5 |
| SHA1: | 03D9E758B4DB2B6E922BBBDE189C210AF676C648 |
| SHA-256: | 4FCDC40B7579E1C625A21D9BD14B898D8854FE812BF76BB31D077E39E2FAF6B2 |
| SHA-512: | 61FE087E54A696C70F69827B2136E8E34380F99FE5EFFB38392CF33C26D421B5ECF2A19EE041BD0BEC944412CCC6E8912DEFFBE15A0B77A20184F31BB6C794A5 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
| SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
| SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
| SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 165 |
| Entropy (8bit): | 1.7769794087092887 |
| Encrypted: | false |
| SSDEEP: | 3:iXKG/4N+RMlW8td:iXlMlW8/ |
| MD5: | 37BD8218D560948827D3B948CAFA579C |
| SHA1: | 24347FB0A66F2DA8AD3BAB818E3C24977104E5DA |
| SHA-256: | 189E2D5600E0CC41F498D2EB22FA451F81746DCDBAA3EC1146A22C3A74452DA6 |
| SHA-512: | A34D703FEBFD9E45A57BF047D9CCF890482B0F7CD3788F9BFD89DECA13B96DD4F43BDB0C4D81CC716DEAC37BCD1C393A7BCB159B471B5721B367E4884B17C699 |
| Malicious: | true |
| Preview: |
| File type: | |
| Entropy (8bit): | 7.979014653469718 |
| TrID: |
|
| File name: | POETDB24-25771.xla.xlsx |
| File size: | 1'193'984 bytes |
| MD5: | 70ff76bdbb7897e2c3731021351facd3 |
| SHA1: | 107545e7202e995328364052a96083e743881acc |
| SHA256: | faf027205ff3109e74b13910c005ddb30148d1c9bb71f4d8739949d04a6be27d |
| SHA512: | 1251a225e7d65fbd62efdb086d636c533f5b2cbd767d6bd54911b45d2b6c44d4e78e96ac4caa0d54f6273a56217c5c529ce001021c2afeafd20149ece282fa0c |
| SSDEEP: | 24576:nJIwgRIb3nOXYXKFlQB0Nu/qhChhPCwTobQQN:nzgO7O7Fl2OrhCH6D |
| TLSH: | 604523E4FD98BB06DF0702365B4ED46E481BBF1E2291800B763037AE1A37E6D44F6526 |
| File Content Preview: | ........................>...............................................................................................................{.......}.............................................................................................................. |
 | |
| Icon Hash: | 35e58a8c0c8a85b9 |
| Document Type: | OLE |
| Number of OLE Files: | 1 |
| Has Summary Info: | |
| Application Name: | Microsoft Excel |
| Encrypted Document: | True |
| Contains Word Document Stream: | False |
| Contains Workbook/Book Stream: | True |
| Contains PowerPoint Document Stream: | False |
| Contains Visio Document Stream: | False |
| Contains ObjectPool Stream: | False |
| Flash Objects Count: | 0 |
| Contains VBA Macros: | True |
| Code Page: | 1252 |
| Author: | |
| Last Saved By: | |
| Create Time: | 2006-09-16 00:00:00 |
| Last Saved Time: | 2025-03-10 05:35:35 |
| Creating Application: | |
| Security: | 1 |
| Document Code Page: | 1252 |
| Thumbnail Scaling Desired: | False |
| Contains Dirty Links: | False |
| Shared Document: | False |
| Changed Hyperlinks: | False |
| Application Version: | 786432 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet1 |
| VBA File Name: | Sheet1.cls |
| Stream Size: | 977 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E B . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 c5 45 42 15 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet2 |
| VBA File Name: | Sheet2.cls |
| Stream Size: | 977 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E : . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - . |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 c5 45 cf 3a 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet3 |
| VBA File Name: | Sheet3.cls |
| Stream Size: | 977 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - . 0 |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 c5 45 92 e8 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/ThisWorkbook |
| VBA File Name: | ThisWorkbook.cls |
| Stream Size: | 985 |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E g . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 1 . 9 . - . |
| Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 c5 45 e4 67 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
| Stream Path: | \x1CompObj |
| CLSID: | |
| File Type: | data |
| Stream Size: | 114 |
| Entropy: | 4.25248375192737 |
| Base64 Encoded: | True |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . F & . . . M i c r o s o f t O f f i c e E x c e l 2 0 0 3 W o r k s h e e t . . . . . B i f f 8 . . . . . E x c e l . S h e e t . 8 . 9 q . . . . . . . . . . . . |
| Data Raw: | 01 00 fe ff 03 0a 00 00 ff ff ff ff 20 08 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 26 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 4f 66 66 69 63 65 20 45 78 63 65 6c 20 32 30 30 33 20 57 6f 72 6b 73 68 65 65 74 00 06 00 00 00 42 69 66 66 38 00 0e 00 00 00 45 78 63 65 6c 2e 53 68 65 65 74 2e 38 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
| Stream Path: | \x5DocumentSummaryInformation |
| CLSID: | |
| File Type: | data |
| Stream Size: | 244 |
| Entropy: | 2.889430592781307 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + , 0 . . . . . . . . . . . . . . H . . . . . . . P . . . . . . . X . . . . . . . ` . . . . . . . h . . . . . . . p . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S h e e t 1 . . . . . S h e e t 2 . . . . . S h e e t 3 . . . . . . . . . . . . . . . . . W o r k s h e e t s . . . . . . . . . |
| Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 d5 cd d5 9c 2e 1b 10 93 97 08 00 2b 2c f9 ae 30 00 00 00 c4 00 00 00 08 00 00 00 01 00 00 00 48 00 00 00 17 00 00 00 50 00 00 00 0b 00 00 00 58 00 00 00 10 00 00 00 60 00 00 00 13 00 00 00 68 00 00 00 16 00 00 00 70 00 00 00 0d 00 00 00 78 00 00 00 0c 00 00 00 a1 00 00 00 02 00 00 00 e4 04 00 00 |
General | |
| Stream Path: | \x5SummaryInformation |
| CLSID: | |
| File Type: | data |
| Stream Size: | 200 |
| Entropy: | 3.2920681057018664 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . O h . . . + ' 0 . . . . . . . . . . . . . . @ . . . . . . . H . . . . . . . T . . . . . . . ` . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M i c r o s o f t E x c e l . @ . . . . | . # . @ . . . m 6 ? ~ . . . . . . . . . |
| Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 e0 85 9f f2 f9 4f 68 10 ab 91 08 00 2b 27 b3 d9 30 00 00 00 98 00 00 00 07 00 00 00 01 00 00 00 40 00 00 00 04 00 00 00 48 00 00 00 08 00 00 00 54 00 00 00 12 00 00 00 60 00 00 00 0c 00 00 00 78 00 00 00 0d 00 00 00 84 00 00 00 13 00 00 00 90 00 00 00 02 00 00 00 e4 04 00 00 1e 00 00 00 04 00 00 00 |
General | |
| Stream Path: | MBD004FA1DD/\x1CompObj |
| CLSID: | |
| File Type: | data |
| Stream Size: | 99 |
| Entropy: | 3.631242196770981 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . ! . . . M i c r o s o f t O f f i c e E x c e l W o r k s h e e t . . . . . E x c e l M L 1 2 . . . . . 9 q . . . . . . . . . . . . |
| Data Raw: | 01 00 fe ff 03 0a 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 4f 66 66 69 63 65 20 45 78 63 65 6c 20 57 6f 72 6b 73 68 65 65 74 00 0a 00 00 00 45 78 63 65 6c 4d 4c 31 32 00 00 00 00 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
| Stream Path: | MBD004FA1DD/Package |
| CLSID: | |
| File Type: | Microsoft Excel 2007+ |
| Stream Size: | 904507 |
| Entropy: | 7.992292502985364 |
| Base64 Encoded: | True |
| Data ASCII: | P K . . . . . . . . . . ! . h . . . . . . . . . [ C o n t e n t _ T y p e s ] . x m l . ( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
| Data Raw: | 50 4b 03 04 14 00 06 00 08 00 00 00 21 00 d5 68 cd d7 f9 01 00 00 da 08 00 00 13 00 c4 01 5b 43 6f 6e 74 65 6e 74 5f 54 79 70 65 73 5d 2e 78 6d 6c 20 a2 c0 01 28 a0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
| Stream Path: | MBD004FA1DE/\x1Ole |
| CLSID: | |
| File Type: | data |
| Stream Size: | 564 |
| Entropy: | 4.982836443340031 |
| Base64 Encoded: | False |
| Data ASCII: | . . . . t . s [ v . . . . . . . . . . . . . . . y . . . K . . . . h . t . t . p . s . : . / . / . l . i . n . k . . . s . a . j . a . . . m . a . r . k . e . t . / . Z . 8 . v . B . Z . k . X . t . l . w . ? . & . t . h . i . n . g . = . o . m . n . i . s . c . i . e . n . t . & . s . w . e . a . t . s . h . i . r . t . . . . & . y . ( h a U 4 . . . N z e 1 ' . ^ . a . N g G . d K . ( . ] 1 x = @ X 7 . < < P P ; . . . . . . . . . . . . . . . . . . . G . s . M . v . u . T . 4 . x . J . i . q . F . 8 . 8 . |
| Data Raw: | 01 00 00 02 e1 d8 74 1b 73 a2 5b 76 00 00 00 00 00 00 00 00 00 00 00 00 de 00 00 00 e0 c9 ea 79 f9 ba ce 11 8c 82 00 aa 00 4b a9 0b da 00 00 00 68 00 74 00 74 00 70 00 73 00 3a 00 2f 00 2f 00 6c 00 69 00 6e 00 6b 00 2e 00 73 00 61 00 6a 00 61 00 2e 00 6d 00 61 00 72 00 6b 00 65 00 74 00 2f 00 5a 00 38 00 76 00 42 00 5a 00 6b 00 58 00 74 00 6c 00 77 00 3f 00 26 00 74 00 68 00 69 00 |
General | |
| Stream Path: | Workbook |
| CLSID: | |
| File Type: | Applesoft BASIC program data, first line number 16 |
| Stream Size: | 265433 |
| Entropy: | 7.998342541005724 |
| Base64 Encoded: | True |
| Data ASCII: | . . . . . . . . . . . . . . . . . / . 6 . . . . . . . c . . > D = . . 8 { ( M s 1 N 4 . . b . . c | g . w . . . . . . . . . . . . . . . \\ . p . ! l . . w D 6 B p & * 8 . f n . . 0 r . . e V . . + V { < } j + t r z . . . < Z > . . . . x z . ) Y G = t , V b . . Y B . . . a . . . . . . = . . . A . . . q P . ; . : . . . . . . . . . . . j 3 . . . . . . . . a _ . . . ( = . . . . . d | @ X ( U ? @ . . . . . . , " . . . . . . . . G X . . . Z Y . . . O ' 1 . . . C s . A . . . . Y p D _ . N Z . 5 ] 1 . . . u . $ |
| Data Raw: | 09 08 10 00 00 06 05 00 ab 1f cd 07 c1 00 01 00 06 04 00 00 2f 00 36 00 01 00 01 00 01 00 63 7f 03 a2 3e f4 44 f1 e9 3d 1e 04 b4 38 90 7b e6 28 4d 73 e6 31 bc e7 cb 4e 34 f0 0e d6 95 cd 62 aa d4 89 da 8e 9f e7 b5 63 7c 67 14 77 09 a4 87 00 00 00 e1 00 02 00 b0 04 c1 00 02 00 df 81 e2 00 00 00 5c 00 70 00 21 6c ea dd 83 80 b4 d1 10 77 44 e2 e4 36 ea 42 70 26 b7 db 2a 38 11 66 6e fc |
General | |
| Stream Path: | _VBA_PROJECT_CUR/PROJECT |
| CLSID: | |
| File Type: | ASCII text, with CRLF line terminators |
| Stream Size: | 531 |
| Entropy: | 5.266512041297275 |
| Base64 Encoded: | True |
| Data ASCII: | I D = " { 8 7 7 0 C F C A - 7 C F 8 - 4 5 6 9 - 8 A 4 0 - 5 C 2 E 6 C 1 1 2 2 7 5 } " . . D o c u m e n t = T h i s W o r k b o o k / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 1 / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 2 / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 3 / & H 0 0 0 0 0 0 0 0 . . N a m e = " V B A P r o j e c t " . . H e l p C o n t e x t I D = " 0 " . . V e r s i o n C o m p a t i b l e 3 2 = " 3 9 3 2 2 2 0 0 0 " . . C M G = " B 7 B 5 6 1 3 7 A 1 4 F 5 9 5 3 5 |
| Data Raw: | 49 44 3d 22 7b 38 37 37 30 43 46 43 41 2d 37 43 46 38 2d 34 35 36 39 2d 38 41 34 30 2d 35 43 32 45 36 43 31 31 32 32 37 35 7d 22 0d 0a 44 6f 63 75 6d 65 6e 74 3d 54 68 69 73 57 6f 72 6b 62 6f 6f 6b 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 44 6f 63 75 6d 65 6e 74 3d 53 68 65 65 74 31 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 44 6f 63 75 6d 65 6e 74 3d 53 68 65 65 74 32 2f 26 48 30 30 30 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/PROJECTwm |
| CLSID: | |
| File Type: | data |
| Stream Size: | 104 |
| Entropy: | 3.0488640812019017 |
| Base64 Encoded: | False |
| Data ASCII: | T h i s W o r k b o o k . T . h . i . s . W . o . r . k . b . o . o . k . . . S h e e t 1 . S . h . e . e . t . 1 . . . S h e e t 2 . S . h . e . e . t . 2 . . . S h e e t 3 . S . h . e . e . t . 3 . . . . . |
| Data Raw: | 54 68 69 73 57 6f 72 6b 62 6f 6f 6b 00 54 00 68 00 69 00 73 00 57 00 6f 00 72 00 6b 00 62 00 6f 00 6f 00 6b 00 00 00 53 68 65 65 74 31 00 53 00 68 00 65 00 65 00 74 00 31 00 00 00 53 68 65 65 74 32 00 53 00 68 00 65 00 65 00 74 00 32 00 00 00 53 68 65 65 74 33 00 53 00 68 00 65 00 65 00 74 00 33 00 00 00 00 00 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/_VBA_PROJECT |
| CLSID: | |
| File Type: | data |
| Stream Size: | 2644 |
| Entropy: | 3.9856458236428147 |
| Base64 Encoded: | False |
| Data ASCII: | a . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . * . \\ . G . { . 0 . 0 . 0 . 2 . 0 . 4 . E . F . - . 0 . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . - . C . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 4 . 6 . } . # . 4 . . . 0 . # . 9 . # . C . : . \\ . P . R . O . G . R . A . ~ . 2 . \\ . C . O . M . M . O . N . ~ . 1 . \\ . M . I . C . R . O . S . ~ . 1 . \\ . V . B . A . \\ . V . B . A . 6 . \\ . V . B . E . 6 . . . D . L . L . # . V . i . s . u . a . l . . B . a . s . i . c . . F . o . r . |
| Data Raw: | cc 61 88 00 00 01 00 ff 09 40 00 00 09 04 00 00 e4 04 01 00 00 00 00 00 00 00 00 00 01 00 04 00 02 00 fa 00 2a 00 5c 00 47 00 7b 00 30 00 30 00 30 00 32 00 30 00 34 00 45 00 46 00 2d 00 30 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 2d 00 43 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 34 00 36 00 7d 00 23 00 34 00 2e 00 30 00 23 00 |
General | |
| Stream Path: | _VBA_PROJECT_CUR/VBA/dir |
| CLSID: | |
| File Type: | data |
| Stream Size: | 553 |
| Entropy: | 6.361069873011047 |
| Base64 Encoded: | True |
| Data ASCII: | . % . . . . . . . . 0 * . . . . p . . H . . . . d . . . . . . . V B A P r o j e c t . . 4 . . @ . . j . . . = . . . . r . . . . . . . . . # . i . . . . J < . . . . . r s t d o l e > . . . s . t . d . o . l . e . . . h . % . ^ . . * \\ G { 0 0 0 2 0 4 3 0 - . . . . . C . . . . . . 0 0 4 . 6 } # 2 . 0 # 0 . # C : \\ W i n d . o w s \\ S y s W O W 6 4 \\ . e 2 . . t l b # O L E . A u t o m a t i . o n . ` . . E O f f D i c E O . f . i . c E . . E . 2 D F 8 D 0 4 C . - 5 B F A - 1 0 1 B - B D E 5 E A A C 4 . 2 |
| Data Raw: | 01 25 b2 80 01 00 04 00 00 00 01 00 30 2a 02 02 90 09 00 70 14 06 48 03 00 82 02 00 64 e4 04 04 00 0a 00 1c 00 56 42 41 50 72 6f 6a 65 88 63 74 05 00 34 00 00 40 02 14 6a 06 02 0a 3d 02 0a 07 02 72 01 14 08 05 06 12 09 02 12 23 08 e6 69 0d 94 00 0c 02 4a 3c 02 0a 16 00 01 72 80 73 74 64 6f 6c 65 3e 02 19 00 73 00 74 00 64 00 6f 00 80 6c 00 65 00 0d 00 68 00 25 02 5e 00 03 2a 5c 47 |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-03-10T09:27:00.031529+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.7 | 49701 | 13.107.246.60 | 443 | TCP |
| 2025-03-10T09:27:08.233163+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.7 | 49705 | 13.107.246.60 | 443 | TCP |
| 2025-03-10T09:27:08.297829+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.7 | 49704 | 13.107.246.60 | 443 | TCP |
| 2025-03-10T09:27:08.379185+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.7 | 49703 | 40.90.65.44 | 443 | TCP |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 10, 2025 09:26:36.693736076 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:36.693789005 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:36.693897009 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:36.694144964 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:36.694156885 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.378515005 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.378669024 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.382961035 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.382972002 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.383296013 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.383358002 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.383704901 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.428327084 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.944403887 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.944569111 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.944602966 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.944655895 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.967492104 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.967564106 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.967619896 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.967655897 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.986177921 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.986217976 CET | 443 | 49699 | 3.39.153.44 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.986254930 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.986270905 CET | 49699 | 443 | 192.168.2.7 | 3.39.153.44 |
| Mar 10, 2025 09:26:39.992608070 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:39.997731924 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:39.997818947 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:39.998020887 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.003096104 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503252983 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503272057 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503292084 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503305912 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503318071 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503334045 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503345966 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503480911 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.503480911 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.503832102 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503843069 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503854990 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.503902912 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.503921032 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.509532928 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.509550095 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.509566069 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.509605885 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.509632111 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.509799004 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.509812117 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.509955883 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:40.593127012 CET | 80 | 49700 | 198.23.187.151 | 192.168.2.7 |
| Mar 10, 2025 09:26:40.593214989 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:41.114685059 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:41.114685059 CET | 49700 | 80 | 192.168.2.7 | 198.23.187.151 |
| Mar 10, 2025 09:26:57.900051117 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:26:57.900078058 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:26:57.900247097 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:26:57.900496960 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:26:57.900513887 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.031271935 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.031528950 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.077302933 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.077322960 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.077667952 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.081412077 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.128329992 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.617758989 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.617783070 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.617799044 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.617929935 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.617949963 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.618031979 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.690283060 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.690326929 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.690368891 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.690385103 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.690443993 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.690443993 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.724209070 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.724231005 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.724294901 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.724318027 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.724596977 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.763704062 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.763736010 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.763792992 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.763811111 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.763838053 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.763896942 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.791282892 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.791307926 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.791387081 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.791387081 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.791429043 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.791636944 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.809515953 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.809541941 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.809645891 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.809645891 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.809659958 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.809761047 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.831988096 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.832009077 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.832082987 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.832097054 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.832137108 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.854024887 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.854043007 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.854144096 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.854144096 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.854181051 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.854242086 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.868211031 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.868228912 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.868294954 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.868324995 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.868343115 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.868495941 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.882972956 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.882988930 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.883078098 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.883078098 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.883099079 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.883249044 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.893505096 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.893522024 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.893604040 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.893620968 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.893676043 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.905546904 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.905564070 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.905635118 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.905635118 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.905653954 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.905694962 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.915920973 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.915941954 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.916017056 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.916034937 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.916151047 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.934298992 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.934317112 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.934514999 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.934550047 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.934626102 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.935648918 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.935667038 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.935751915 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.935751915 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.935762882 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.935956001 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.944194078 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.944211006 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.944317102 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.944329977 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.944375038 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.957640886 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.957659006 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.957735062 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.957735062 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.957756042 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.957807064 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.969639063 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.969656944 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.969750881 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.969768047 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.969866037 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.982601881 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.982621908 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.982781887 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.982800961 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.982865095 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.991909027 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.991926908 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.992150068 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:00.992170095 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:00.992322922 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.003505945 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.003528118 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.003647089 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.003670931 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.003727913 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.014086962 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.014121056 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.014293909 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.014321089 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.014406919 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.021364927 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.021387100 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.021503925 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.021533012 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.021612883 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.034758091 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.034778118 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.034897089 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.034921885 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.035069942 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.047811031 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.047837973 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.048095942 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.048130989 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.048330069 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.060645103 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.060664892 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.060801983 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.060801983 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.060866117 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.060905933 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.074135065 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.074152946 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.074358940 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.074409008 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.074476004 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.083151102 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.083170891 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.083314896 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.083333969 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.083435059 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.094237089 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.094258070 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.094377041 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.094393015 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.094443083 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.104893923 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.104912996 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.104999065 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.104999065 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.105019093 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.105135918 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.112653971 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.112673998 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.112799883 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.112817049 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.112864971 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.125261068 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.125289917 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.125390053 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.125390053 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.125401974 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.125463963 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.139075994 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.139100075 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.139234066 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.139246941 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.139295101 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.150759935 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.150789022 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.150979996 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.150989056 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.151035070 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.162646055 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.162676096 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.162803888 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.162812948 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.162868977 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.172583103 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.172614098 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.172689915 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.172698021 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.172738075 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.172738075 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.184911013 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.184947014 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.185026884 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.185036898 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.185086966 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.185086966 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.194400072 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.194427013 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.194505930 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.194514036 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.194561958 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.194561958 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.201987028 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.202018023 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.202146053 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.202157021 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.202239037 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.216172934 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.216197968 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.216310978 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.216321945 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.216396093 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.229859114 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.229886055 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.230026960 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.230036020 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.230151892 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.241573095 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.241599083 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.241880894 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.241888046 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.241939068 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.253829956 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.253906012 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.253964901 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.253964901 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.253977060 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.254019976 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.263705969 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.263736963 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.263843060 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.263851881 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.263946056 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.274827003 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.274846077 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.274918079 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.274928093 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.274975061 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.285836935 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.285856009 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.285949945 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.285958052 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.286010027 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.292359114 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.292376995 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.292454958 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.292462111 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.292577982 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.306839943 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.306860924 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.306947947 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.306956053 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.306991100 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.307007074 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.320410967 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.320434093 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.320573092 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.320583105 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.320632935 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.330302000 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.330324888 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.330435991 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.330456018 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.330502033 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.344280958 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.344300032 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.344608068 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.344616890 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.344664097 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.353696108 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.353720903 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.353791952 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.353811979 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.353820086 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.353852034 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.367610931 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.367630959 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.367738008 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.367757082 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.367798090 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.379714012 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.379731894 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.379823923 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.379837990 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.379872084 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.379893064 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.384011984 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.384031057 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.384104967 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.384114981 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.384162903 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.397486925 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.397505999 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.397605896 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.397617102 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.397660017 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.410439968 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.410471916 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.410537958 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.410547972 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.410595894 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.421468019 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.421494007 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.421545029 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.421554089 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.421593904 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.421607018 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.434668064 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.434689045 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.434731960 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.434746981 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.434762001 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.434787035 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.442615986 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.442634106 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.442723989 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.442734003 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.442779064 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.454042912 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.454062939 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.454122066 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.454130888 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.454189062 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.467941999 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.467998028 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.468040943 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.468050003 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.468100071 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.474231958 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.474286079 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.474386930 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.474395990 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.474432945 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.485100985 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.485110044 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.485186100 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.485193968 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.485239983 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.498740911 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.498761892 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.498819113 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.498827934 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.498859882 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.498876095 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.510267973 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.510288000 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.510338068 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.510346889 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.510390997 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.522963047 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.522984028 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.523029089 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.523039103 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.523082018 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.532906055 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.532927036 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.532958984 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.532972097 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.532989025 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.533026934 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.533061028 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.533107042 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.533777952 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.533793926 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:01.533807039 CET | 49701 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:01.533813953 CET | 443 | 49701 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:05.800822020 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:05.800860882 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:05.800934076 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:05.801223993 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:05.801246881 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:06.126018047 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:06.126060009 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:06.126113892 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:06.126873970 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:06.126889944 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:06.127073050 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:06.127111912 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:06.127175093 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:06.127443075 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:06.127454996 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.232580900 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.233163118 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.233177900 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.234093904 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.234100103 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.297214985 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.297828913 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.297878027 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.298809052 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.298815012 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.379108906 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.379184961 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:08.380456924 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:08.380464077 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.380700111 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.382180929 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:08.428339958 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.745251894 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.745325089 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.745578051 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.745610952 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.745632887 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.745644093 CET | 49705 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.745650053 CET | 443 | 49705 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.934372902 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.934401035 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.934485912 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.934514999 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.934904099 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.934904099 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:08.934927940 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.935141087 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.935174942 CET | 443 | 49704 | 13.107.246.60 | 192.168.2.7 |
| Mar 10, 2025 09:27:08.935282946 CET | 49704 | 443 | 192.168.2.7 | 13.107.246.60 |
| Mar 10, 2025 09:27:09.149265051 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.149287939 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.149303913 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.149373055 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.149382114 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.149435997 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.196649075 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.196671009 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.196727037 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.196734905 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.196778059 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.325599909 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.325622082 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.325690985 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.325700998 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.325756073 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.354166985 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.354192019 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.354260921 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.354268074 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.354321003 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.381330013 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.381354094 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.381448030 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.381455898 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.381488085 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.381513119 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.411952019 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.411973953 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.412041903 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.412050962 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.412092924 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.443399906 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.443420887 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.443485022 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.443496943 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.443536997 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.469604969 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.469634056 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.469687939 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.469702959 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.469744921 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.495764971 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.495784998 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.495837927 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.495845079 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.495893955 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.514401913 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.514421940 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.514481068 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.514487028 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.514548063 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.528415918 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.528438091 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.528486013 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.528491020 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.528532028 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.528548002 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.569330931 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.569359064 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.569410086 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.569420099 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.569488049 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.569488049 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.587896109 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.587919950 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.587985992 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.587995052 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.588078976 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.610285997 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.610307932 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.610423088 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.610430956 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.610559940 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.630408049 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.630441904 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.630575895 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.630584002 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.630705118 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.647434950 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.647454977 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.647537947 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.647550106 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.647684097 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.709439993 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.709464073 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.709603071 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.709615946 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.709775925 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.724602938 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.724630117 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.724725008 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.724736929 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.724864960 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.737466097 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.737488031 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.737577915 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.737585068 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.737629890 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.759573936 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.759597063 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.759675026 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.759682894 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.759726048 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.782551050 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.782573938 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.782653093 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.782661915 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.782785892 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.831240892 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.831264973 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.831326962 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.831336021 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.831480026 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.859240055 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.859266043 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.859335899 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.859345913 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.859677076 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.885885000 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.885905981 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.885978937 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.885987043 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.886025906 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.886044979 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.892297983 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.892319918 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.892400980 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.892405987 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.893146038 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.913496971 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.913513899 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.913593054 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.913599014 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.913695097 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.934166908 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.934187889 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.934256077 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.934271097 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.936728001 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.966955900 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.966975927 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.967087030 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.967093945 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.967148066 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.992513895 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.992535114 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.992592096 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:09.992597103 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:09.992650986 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.014596939 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.014617920 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.014681101 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.014687061 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.014730930 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.036640882 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.036674023 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.036741018 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.036747932 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.036851883 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.060234070 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.060251951 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.060333014 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.060339928 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.060394049 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.078293085 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.078325033 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.078372955 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.078381062 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.078433990 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.102796078 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.102823973 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.102941036 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.102950096 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.103104115 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.124430895 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.124455929 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.124530077 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.124538898 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.124583960 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.148586035 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.148610115 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.148689985 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.148696899 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.148823977 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.168890953 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.168936968 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.168972969 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.168982029 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.169018984 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.169040918 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.187017918 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.187031031 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.187165976 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.187171936 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.187640905 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.205818892 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.205842018 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.205965042 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.205974102 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.206088066 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.239173889 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.239197016 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.239308119 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.239317894 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.239443064 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.262578011 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.262604952 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.262715101 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.262725115 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.262866020 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.278158903 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.278186083 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.278254032 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.278264999 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.278289080 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.278310061 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.296422005 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.296448946 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.296572924 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.296582937 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.296700954 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.313031912 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.313065052 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.313194990 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.313205957 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.313359022 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.331768036 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.331793070 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.331897974 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.331911087 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.332026005 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.368248940 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.368275881 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.368406057 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.368415117 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.368571043 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.385018110 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.385046005 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.385160923 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.385169983 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.385359049 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.406517029 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.406534910 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.406653881 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.406663895 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.406795025 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.421730042 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.421756983 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.421865940 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.421878099 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.422802925 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.438221931 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.438251019 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.438369036 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.438379049 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.440567017 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.455729008 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.455753088 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.455881119 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.455890894 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.456020117 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.472393990 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.472424984 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.472492933 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.472502947 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.472516060 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.472543955 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.506613016 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.506648064 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.506778955 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.506788015 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.507023096 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.523674011 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.523694038 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.523791075 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.523799896 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.523910046 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.540429115 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.540447950 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.540646076 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.540652037 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.540716887 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.556776047 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.556785107 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.556883097 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.556890965 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.557069063 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.573348045 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.573373079 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.573580027 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.573589087 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.573725939 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.590728998 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.590754032 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.590874910 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.590887070 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.592223883 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.606410980 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.606431961 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.606478930 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.606486082 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.606518030 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.606538057 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.639600039 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.639626026 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.639678001 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.639686108 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.639722109 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.639744043 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.653803110 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.653826952 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.653896093 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.653904915 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.653950930 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.671364069 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.671391964 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.671452045 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.671458006 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.671515942 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.689920902 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.689945936 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.689995050 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.690002918 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.690038919 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.690057993 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.706569910 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.706592083 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.706649065 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.706655979 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.706691980 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.706703901 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.719626904 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.719659090 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.719697952 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.719707966 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.719728947 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.719742060 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.741013050 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.741036892 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.741075039 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.741081953 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.741112947 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.741128922 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.762958050 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.762989044 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.763055086 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.763065100 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.763088942 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.763104916 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.791024923 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.791054010 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.791120052 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.791141033 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.791151047 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.791162014 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.791229963 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.791266918 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.791543007 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.791557074 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Mar 10, 2025 09:27:10.791568041 CET | 49703 | 443 | 192.168.2.7 | 40.90.65.44 |
| Mar 10, 2025 09:27:10.791574001 CET | 443 | 49703 | 40.90.65.44 | 192.168.2.7 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Mar 10, 2025 09:26:36.641347885 CET | 52229 | 53 | 192.168.2.7 | 1.1.1.1 |
| Mar 10, 2025 09:26:36.684518099 CET | 53 | 52229 | 1.1.1.1 | 192.168.2.7 |
| Mar 10, 2025 09:26:57.890342951 CET | 57987 | 53 | 192.168.2.7 | 1.1.1.1 |
| Mar 10, 2025 09:26:57.898896933 CET | 53 | 57987 | 1.1.1.1 | 192.168.2.7 |
| Mar 10, 2025 09:27:05.792126894 CET | 56968 | 53 | 192.168.2.7 | 1.1.1.1 |
| Mar 10, 2025 09:27:05.799901962 CET | 53 | 56968 | 1.1.1.1 | 192.168.2.7 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Mar 10, 2025 09:26:36.641347885 CET | 192.168.2.7 | 1.1.1.1 | 0x40d2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 10, 2025 09:26:57.890342951 CET | 192.168.2.7 | 1.1.1.1 | 0x8502 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Mar 10, 2025 09:27:05.792126894 CET | 192.168.2.7 | 1.1.1.1 | 0xce71 | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Mar 10, 2025 09:25:49.650105953 CET | 1.1.1.1 | 192.168.2.7 | 0x9058 | No error (0) | s-0005.dual-s-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:25:49.650105953 CET | 1.1.1.1 | 192.168.2.7 | 0x9058 | No error (0) | 52.123.128.14 | A (IP address) | IN (0x0001) | false | ||
| Mar 10, 2025 09:25:49.650105953 CET | 1.1.1.1 | 192.168.2.7 | 0x9058 | No error (0) | 52.123.129.14 | A (IP address) | IN (0x0001) | false | ||
| Mar 10, 2025 09:25:52.275382042 CET | 1.1.1.1 | 192.168.2.7 | 0x1863 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
| Mar 10, 2025 09:25:52.275382042 CET | 1.1.1.1 | 192.168.2.7 | 0x1863 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:36.684518099 CET | 1.1.1.1 | 192.168.2.7 | 0x40d2 | No error (0) | istio.saja.market | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:36.684518099 CET | 1.1.1.1 | 192.168.2.7 | 0x40d2 | No error (0) | service-eks-nlb-public-0b7cb0a32741e125.elb.ap-northeast-2.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:36.684518099 CET | 1.1.1.1 | 192.168.2.7 | 0x40d2 | No error (0) | 3.39.153.44 | A (IP address) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:36.684518099 CET | 1.1.1.1 | 192.168.2.7 | 0x40d2 | No error (0) | 3.39.89.152 | A (IP address) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:57.898896933 CET | 1.1.1.1 | 192.168.2.7 | 0x8502 | No error (0) | otelrules-bzhndjfje8dvh5fd.z01.azurefd.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:57.898896933 CET | 1.1.1.1 | 192.168.2.7 | 0x8502 | No error (0) | star-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:57.898896933 CET | 1.1.1.1 | 192.168.2.7 | 0x8502 | No error (0) | shed.dual-low.s-part-0032.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:57.898896933 CET | 1.1.1.1 | 192.168.2.7 | 0x8502 | No error (0) | s-part-0032.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:26:57.898896933 CET | 1.1.1.1 | 192.168.2.7 | 0x8502 | No error (0) | 13.107.246.60 | A (IP address) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | otelrules-bzhndjfje8dvh5fd.z01.azurefd.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | star-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | shed.dual-low.s-part-0032.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | azurefd-t-fb-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | dual.s-part-0044.t-0009.fb-t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | global-entry-fb-afdthirdparty-unicast.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | ltsr9a.msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Mar 10, 2025 09:27:05.799901962 CET | 1.1.1.1 | 192.168.2.7 | 0xce71 | No error (0) | 40.90.65.44 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.7 | 49700 | 198.23.187.151 | 80 | 6456 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| Mar 10, 2025 09:26:39.998020887 CET | 246 | OUT | |
| Mar 10, 2025 09:26:40.503252983 CET | 1236 | IN | |
| Mar 10, 2025 09:26:40.503272057 CET | 224 | IN | |
| Mar 10, 2025 09:26:40.503292084 CET | 1236 | IN | |
| Mar 10, 2025 09:26:40.503305912 CET | 224 | IN | |
| Mar 10, 2025 09:26:40.503318071 CET | 1236 | IN | |
| Mar 10, 2025 09:26:40.503334045 CET | 224 | IN | |
| Mar 10, 2025 09:26:40.503345966 CET | 1236 | IN | |
| Mar 10, 2025 09:26:40.503832102 CET | 224 | IN | |
| Mar 10, 2025 09:26:40.503843069 CET | 1236 | IN | |
| Mar 10, 2025 09:26:40.503854990 CET | 1236 | IN | |
| Mar 10, 2025 09:26:40.509532928 CET | 1236 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.7 | 49699 | 3.39.153.44 | 443 | 6456 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-10 08:26:39 UTC | 233 | OUT | |
| 2025-03-10 08:26:39 UTC | 512 | IN | |
| 2025-03-10 08:26:39 UTC | 98 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.7 | 49701 | 13.107.246.60 | 443 | 6456 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-10 08:27:00 UTC | 226 | OUT | |
| 2025-03-10 08:27:00 UTC | 493 | IN | |
| 2025-03-10 08:27:00 UTC | 15891 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN | |
| 2025-03-10 08:27:00 UTC | 16384 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.7 | 49705 | 13.107.246.60 | 443 | 6456 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-10 08:27:08 UTC | 214 | OUT | |
| 2025-03-10 08:27:08 UTC | 491 | IN | |
| 2025-03-10 08:27:08 UTC | 204 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.7 | 49704 | 13.107.246.60 | 443 | 6456 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-10 08:27:08 UTC | 214 | OUT | |
| 2025-03-10 08:27:08 UTC | 495 | IN | |
| 2025-03-10 08:27:08 UTC | 2128 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.7 | 49703 | 40.90.65.44 | 443 | 1048 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-03-10 08:27:08 UTC | 226 | OUT | |
| 2025-03-10 08:27:09 UTC | 493 | IN | |
| 2025-03-10 08:27:09 UTC | 15891 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN | |
| 2025-03-10 08:27:09 UTC | 16384 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 04:25:42 |
| Start date: | 10/03/2025 |
| Path: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x390000 |
| File size: | 53'161'064 bytes |
| MD5 hash: | 4A871771235598812032C822E6F68F19 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 10 |
| Start time: | 04:26:39 |
| Start date: | 10/03/2025 |
| Path: | C:\Windows\SysWOW64\mshta.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x380000 |
| File size: | 13'312 bytes |
| MD5 hash: | 06B02D5C097C7DB1F109749C45F3F505 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 12 |
| Start time: | 04:26:48 |
| Start date: | 10/03/2025 |
| Path: | C:\Windows\splwow64.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff66ecd0000 |
| File size: | 163'840 bytes |
| MD5 hash: | 77DE7761B037061C7C112FD3C5B91E73 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 14 |
| Start time: | 04:27:00 |
| Start date: | 10/03/2025 |
| Path: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x390000 |
| File size: | 53'161'064 bytes |
| MD5 hash: | 4A871771235598812032C822E6F68F19 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
⊘No disassembly