Loading ...

Play interactive tourEdit tour

Analysis Report ACH & WlRE REMlTTANCE ADVlCE.xlsx

Overview

General Information

Sample Name:ACH & WlRE REMlTTANCE ADVlCE.xlsx
Analysis ID:321281
MD5:75e913502474fa4bb098d201fd95d673
SHA1:f82825f0640281b5bd8b17957515700b346cc7a3
SHA256:c4fcd5eabfa2bd961ca72a963398df5f41d36f7eef3ea01f098ed42b4559de71

Most interesting Screenshot:

Detection

HTMLPhisher
Score:60
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Yara detected HtmlPhish_25
Phishing site detected (based on image similarity)
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Steals Internet Explorer cookies

Classification

Startup

  • System is w7x64
  • EXCEL.EXE (PID: 928 cmdline: 'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding MD5: 5FB0A0F93382ECD19F5F499A5CAA59F0)
    • iexplore.exe (PID: 2960 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' https://onggodwebs.typeform.com/to/ZLWgtC1e MD5: 4EB098135821348270F27157F7A84E65)
      • iexplore.exe (PID: 1776 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2960 CREDAT:275457 /prefetch:2 MD5: 8A590F790A98F3D77399BE457E01386A)
  • iexplore.exe (PID: 2304 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 4EB098135821348270F27157F7A84E65)
    • iexplore.exe (PID: 2348 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2304 CREDAT:275457 /prefetch:2 MD5: 8A590F790A98F3D77399BE457E01386A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[1].htmJoeSecurity_HtmlPhish_25Yara detected HtmlPhish_25Joe Security
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[2].htmJoeSecurity_HtmlPhish_25Yara detected HtmlPhish_25Joe Security

      Sigma Overview

      No Sigma rule has matched

      Signature Overview

      Click to jump to signature section

      Show All Signature Results

      AV Detection:

      barindex
      Antivirus detection for URL or domainShow sources
      Source: https://onggodwebs.typeform.com/to/ZLWgtC1eSlashNext: Label: Fake Login Page type: Phishing & Social Engineering

      Phishing:

      barindex
      Yara detected HtmlPhish_25Show sources
      Source: Yara matchFile source: 701188.pages.csv, type: HTML
      Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[1].htm, type: DROPPED
      Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[2].htm, type: DROPPED
      Phishing site detected (based on image similarity)Show sources
      Source: https://images.typeform.com/images/EieTXNzHVqRh/background/largeMatcher: Found strong image similarity, brand: MicrosoftJump to dropped file
      Source: Joe Sandbox ViewIP Address: 99.86.0.85 99.86.0.85
      Source: Joe Sandbox ViewIP Address: 162.247.242.18 162.247.242.18
      Source: Joe Sandbox ViewJA3 fingerprint: 7dcce5b76c8b17472d024758970a406b
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\70379C3.jpegJump to behavior
      Source: unknownDNS traffic detected: queries for: onggodwebs.typeform.com
      Source: vendors~form.d48f3fb79ce238c3dfbc[1].js.3.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
      Source: vendors~form.d48f3fb79ce238c3dfbc[1].js.3.drString found in binary or memory: http://www.jacklmoore.com/autosize
      Source: renderer.d9cd9e242faababc210a[1].js.3.drString found in binary or memory: https://github.com/js-cookie/js-cookie
      Source: vendors~form.d48f3fb79ce238c3dfbc[1].js.3.drString found in binary or memory: https://github.com/kof/animationFrame
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://images.typeform.com/images/CFFf65RuaPdt/image/default
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://images.typeform.com/images/EieTXNzHVqRh/background/large
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://images.typeform.com/images/EieTXNzHVqRh/background/large);background-position:top
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://images.typeform.com/images/FYUps4mFKPYK/image/default
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typ
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.cRoot
      Source: imagestore.dat.3.drString found in binary or memory: https://onggodwebs.typeform.com/favicon.ico
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://onggodwebs.typeform.com/oembed?url=https%3A%2F%2Fonggodwebs.typeform.com%2Fto%2FZLWgtC1e
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1e
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1e6MRoot
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1e6Meform.com/to/ZLWgtC1eRoot
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1e6MlCR0S0FT
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1e6Mom/?utm_campaign=ZLWgtC1e&utm_soom/to/ZLWgtC1e
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1e6Mom/to/ZLWgtC1e
      Source: ~DF0C806608EFF04186.TMP.6.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1eFiles=C:
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1eRoot
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://onggodwebs.typeform.com/to/ZLWgtC1ex
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/blocks-matrix.0742b4167bc8af329e18.js
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/form.44ecc65af94e261e9930.js
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/modern-renderer.1dc96dfb1da55c4cfd25.js
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/phonenumber.ae56d052e4544f833f45.js
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/renderer.d9cd9e242faababc210a.js
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/vendors~attachment.61b4a881f6eb809fa6a2.js
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/vendors~blocks-ranking.877fc127e125b1d5effd.js
      Source: ZLWgtC1e[1].htm.3.drString found in binary or memory: https://renderer-assets.typeform.com/vendors~form.d48f3fb79ce238c3dfbc.js
      Source: {E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drString found in binary or memory: https://www.typeform.c
      Source: ~DF20A6A3F7EB8521E3.TMP.2.drString found in binary or memory: https://www.typeform.com/?utm_campaign=ZLWgtC1e&utm_source=typeform.com-17244355-Free&utm_medium=typ
      Source: unknownNetwork traffic detected: HTTP traffic on port 49185 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49169
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49168
      Source: unknownNetwork traffic detected: HTTP traffic on port 49187 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49167
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49189
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49188
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49187
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49186
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49185
      Source: unknownNetwork traffic detected: HTTP traffic on port 49189 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49182
      Source: unknownNetwork traffic detected: HTTP traffic on port 49172 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49168 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49170 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49193 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49176 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49178 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49178
      Source: unknownNetwork traffic detected: HTTP traffic on port 49186 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49177
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49176
      Source: unknownNetwork traffic detected: HTTP traffic on port 49182 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49173
      Source: unknownNetwork traffic detected: HTTP traffic on port 49188 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49172
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49194
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49171
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49193
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49170
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49192
      Source: unknownNetwork traffic detected: HTTP traffic on port 49169 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49194 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49171 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49167 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49192 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49173 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49177 -> 443
      Source: classification engineClassification label: mal60.phis.winXLSX@8/73@18/6
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile created: C:\Users\user\Desktop\~$ACH & WlRE REMlTTANCE ADVlCE.xlsxJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Temp\CVRF018.tmpJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile read: C:\Users\desktop.iniJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
      Source: unknownProcess created: C:\Program Files\Microsoft Office\Office14\EXCEL.EXE 'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding
      Source: unknownProcess created: C:\Program Files\Internet Explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
      Source: unknownProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2304 CREDAT:275457 /prefetch:2
      Source: unknownProcess created: C:\Program Files\Internet Explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' https://onggodwebs.typeform.com/to/ZLWgtC1e
      Source: unknownProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2960 CREDAT:275457 /prefetch:2
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess created: C:\Program Files\Internet Explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' https://onggodwebs.typeform.com/to/ZLWgtC1eJump to behavior
      Source: C:\Program Files\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2304 CREDAT:275457 /prefetch:2Jump to behavior
      Source: C:\Program Files\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2960 CREDAT:275457 /prefetch:2Jump to behavior
      Source: Window RecorderWindow detected: More than 3 window changes detected
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItemsJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile opened: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\MSVCR90.dllJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile read: C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\2SFPAZKD.txtJump to behavior

      Mitre Att&ck Matrix

      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
      Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading1Credentials In Files1File and Directory Discovery1Remote ServicesData from Local System1Exfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
      Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemorySystem Information Discovery2Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
      Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
      Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferIngress Tool Transfer1SIM Card SwapCarrier Billing Fraud

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.

      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      ACH & WlRE REMlTTANCE ADVlCE.xlsx0%VirustotalBrowse
      ACH & WlRE REMlTTANCE ADVlCE.xlsx0%ReversingLabs

      Dropped Files

      No Antivirus matches

      Unpacked PE Files

      No Antivirus matches

      Domains

      SourceDetectionScannerLabelLink
      bam.nr-data.net0%VirustotalBrowse

      URLs

      SourceDetectionScannerLabelLink
      https://onggodwebs.typeform.com/to/ZLWgtC1e100%SlashNextFake Login Page type: Phishing & Social Engineering
      https://onggodwebs.typeform.cRoot0%Avira URL Cloudsafe
      https://onggodwebs.typ0%Avira URL Cloudsafe
      https://www.typeform.c0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      d296je7bbdd650.cloudfront.net
      99.86.0.85
      truefalse
        high
        api.segment.io
        50.112.221.239
        truefalse
          high
          d2citsn5wf4j9j.cloudfront.net
          143.204.201.83
          truefalse
            high
            d2nvsmtq2poimt.cloudfront.net
            143.204.201.126
            truefalse
              high
              bam.nr-data.net
              162.247.242.18
              truefalseunknown
              onggodwebs.typeform.com
              unknown
              unknownfalse
                high
                cdn.segment.com
                unknown
                unknownfalse
                  high
                  try.typeform.com
                  unknown
                  unknownfalse
                    high
                    renderer-assets.typeform.com
                    unknown
                    unknownfalse
                      high
                      js-agent.newrelic.com
                      unknown
                      unknownfalse
                        high
                        images.typeform.com
                        unknown
                        unknownfalse
                          high

                          Contacted URLs

                          NameMaliciousAntivirus DetectionReputation
                          https://www.typeform.com/?utm_campaign=ZLWgtC1e&utm_source=typeform.com-17244355-Free&utm_medium=typeform&utm_content=typeform-footer&utm_term=ENfalse
                            high
                            https://onggodwebs.typeform.com/to/ZLWgtC1efalse
                            • SlashNext: Fake Login Page type: Phishing & Social Engineering
                            high

                            URLs from Memory and Binaries

                            NameSourceMaliciousAntivirus DetectionReputation
                            https://renderer-assets.typeform.com/ZLWgtC1e[1].htm.3.drfalse
                              high
                              https://onggodwebs.typeform.com/to/ZLWgtC1eZLWgtC1e[1].htm.3.drfalse
                              • SlashNext: Fake Login Page type: Phishing & Social Engineering
                              high
                              http://www.apache.org/licenses/LICENSE-2.0vendors~form.d48f3fb79ce238c3dfbc[1].js.3.drfalse
                                high
                                https://onggodwebs.typeform.com/to/ZLWgtC1ex{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                  high
                                  https://images.typeform.com/images/CFFf65RuaPdt/image/defaultZLWgtC1e[1].htm.3.drfalse
                                    high
                                    https://onggodwebs.typeform.com/to/ZLWgtC1e6MRoot{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                      high
                                      https://onggodwebs.typeform.cRoot{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                      • Avira URL Cloud: safe
                                      unknown
                                      https://onggodwebs.typeform.com/to/ZLWgtC1eFiles=C:~DF0C806608EFF04186.TMP.6.drfalse
                                        high
                                        https://images.typeform.com/images/EieTXNzHVqRh/background/largeZLWgtC1e[1].htm.3.drfalse
                                          high
                                          https://onggodwebs.typeform.com/to/ZLWgtC1e6Mom/to/ZLWgtC1e{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                            high
                                            https://github.com/kof/animationFramevendors~form.d48f3fb79ce238c3dfbc[1].js.3.drfalse
                                              high
                                              https://renderer-assets.typeform.com/renderer.d9cd9e242faababc210a.jsZLWgtC1e[1].htm.3.drfalse
                                                high
                                                https://onggodwebs.typeform.com/to/ZLWgtC1e6MlCR0S0FT{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                                  high
                                                  https://images.typeform.com/images/FYUps4mFKPYK/image/defaultZLWgtC1e[1].htm.3.drfalse
                                                    high
                                                    https://onggodwebs.typeform.com/oembed?url=https%3A%2F%2Fonggodwebs.typeform.com%2Fto%2FZLWgtC1eZLWgtC1e[1].htm.3.drfalse
                                                      high
                                                      https://onggodwebs.typeform.com/to/ZLWgtC1e6Meform.com/to/ZLWgtC1eRoot{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                                        high
                                                        https://onggodwebs.typ{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://onggodwebs.typeform.com/to/ZLWgtC1eRoot{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                                          high
                                                          https://renderer-assets.typeform.com/vendors~attachment.61b4a881f6eb809fa6a2.jsZLWgtC1e[1].htm.3.drfalse
                                                            high
                                                            https://renderer-assets.typeform.com/vendors~blocks-ranking.877fc127e125b1d5effd.jsZLWgtC1e[1].htm.3.drfalse
                                                              high
                                                              https://renderer-assets.typeform.com/phonenumber.ae56d052e4544f833f45.jsZLWgtC1e[1].htm.3.drfalse
                                                                high
                                                                https://images.typeform.com/images/EieTXNzHVqRh/background/large);background-position:topZLWgtC1e[1].htm.3.drfalse
                                                                  high
                                                                  https://www.typeform.c{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://onggodwebs.typeform.com/to/ZLWgtC1e6Mom/?utm_campaign=ZLWgtC1e&utm_soom/to/ZLWgtC1e{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat.2.drfalse
                                                                    high
                                                                    https://renderer-assets.typeform.com/blocks-matrix.0742b4167bc8af329e18.jsZLWgtC1e[1].htm.3.drfalse
                                                                      high
                                                                      http://www.jacklmoore.com/autosizevendors~form.d48f3fb79ce238c3dfbc[1].js.3.drfalse
                                                                        high
                                                                        https://renderer-assets.typeform.com/vendors~form.d48f3fb79ce238c3dfbc.jsZLWgtC1e[1].htm.3.drfalse
                                                                          high
                                                                          https://github.com/js-cookie/js-cookierenderer.d9cd9e242faababc210a[1].js.3.drfalse
                                                                            high
                                                                            https://renderer-assets.typeform.com/form.44ecc65af94e261e9930.jsZLWgtC1e[1].htm.3.drfalse
                                                                              high
                                                                              https://renderer-assets.typeform.com/modern-renderer.1dc96dfb1da55c4cfd25.jsZLWgtC1e[1].htm.3.drfalse
                                                                                high
                                                                                https://www.typeform.com/?utm_campaign=ZLWgtC1e&utm_source=typeform.com-17244355-Free&utm_medium=typ~DF20A6A3F7EB8521E3.TMP.2.drfalse
                                                                                  high
                                                                                  https://onggodwebs.typeform.com/favicon.icoimagestore.dat.3.drfalse
                                                                                    high

                                                                                    Contacted IPs

                                                                                    • No. of IPs < 25%
                                                                                    • 25% < No. of IPs < 50%
                                                                                    • 50% < No. of IPs < 75%
                                                                                    • 75% < No. of IPs

                                                                                    Public

                                                                                    IPDomainCountryFlagASNASN NameMalicious
                                                                                    143.204.201.126
                                                                                    unknownUnited States
                                                                                    16509AMAZON-02USfalse
                                                                                    99.86.0.85
                                                                                    unknownUnited States
                                                                                    16509AMAZON-02USfalse
                                                                                    54.149.50.128
                                                                                    unknownUnited States
                                                                                    16509AMAZON-02USfalse
                                                                                    162.247.242.18
                                                                                    unknownUnited States
                                                                                    23467NEWRELIC-AS-1USfalse
                                                                                    50.112.221.239
                                                                                    unknownUnited States
                                                                                    16509AMAZON-02USfalse
                                                                                    143.204.201.83
                                                                                    unknownUnited States
                                                                                    16509AMAZON-02USfalse

                                                                                    General Information

                                                                                    Joe Sandbox Version:31.0.0 Red Diamond
                                                                                    Analysis ID:321281
                                                                                    Start date:20.11.2020
                                                                                    Start time:19:22:07
                                                                                    Joe Sandbox Product:CloudBasic
                                                                                    Overall analysis duration:0h 6m 7s
                                                                                    Hypervisor based Inspection enabled:false
                                                                                    Report type:full
                                                                                    Sample file name:ACH & WlRE REMlTTANCE ADVlCE.xlsx
                                                                                    Cookbook file name:defaultwindowsofficecookbook.jbs
                                                                                    Analysis system description:Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
                                                                                    Number of analysed new started processes analysed:9
                                                                                    Number of new started drivers analysed:0
                                                                                    Number of existing processes analysed:0
                                                                                    Number of existing drivers analysed:0
                                                                                    Number of injected processes analysed:0
                                                                                    Technologies:
                                                                                    • EGA enabled
                                                                                    • HDC enabled
                                                                                    • AMSI enabled
                                                                                    Analysis Mode:default
                                                                                    Analysis stop reason:Timeout
                                                                                    Detection:MAL
                                                                                    Classification:mal60.phis.winXLSX@8/73@18/6
                                                                                    Cookbook Comments:
                                                                                    • Adjust boot time
                                                                                    • Enable AMSI
                                                                                    • Found application associated with file extension: .xlsx
                                                                                    • Found Word or Excel or PowerPoint or XPS Viewer
                                                                                    • Attach to Office via COM
                                                                                    • Browse link: https://onggodwebs.typeform.com/to/ZLWgtC1e
                                                                                    • Scroll down
                                                                                    • Close Viewer
                                                                                    • Browsing link: https://www.typeform.com/?utm_campaign=ZLWgtC1e&utm_source=typeform.com-17244355-Free&utm_medium=typeform&utm_content=typeform-footer&utm_term=EN
                                                                                    Warnings:
                                                                                    Show All
                                                                                    • Exclude process from analysis (whitelisted): dllhost.exe
                                                                                    • Excluded IPs from analysis (whitelisted): 104.108.39.131, 104.18.26.71, 104.18.27.71, 151.101.2.110, 151.101.66.110, 151.101.130.110, 151.101.194.110, 13.107.13.80, 204.79.197.200, 13.107.21.200, 152.199.19.161
                                                                                    • Excluded domains from analysis (whitelisted): www.bing.com, e-0001.dc-msedge.net, dual-a-0001.a-msedge.net, ie9comview.vo.msecnd.net, api.bing.com, afd.e-0001.dc-msedge.net, f4.shared.global.fastly.net, r20swj13mr.microsoft.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, random.typeform.com.cdn.cloudflare.net, a-0001.a-afdentry.net.trafficmanager.net, try.typeform.com.cdn.cloudflare.net, go.microsoft.com.edgekey.net, www-bing-com.dual-a-0001.a-msedge.net, api-bing-com.e-0001.e-msedge.net, cs9.wpc.v0cdn.net
                                                                                    • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                    • Report size getting too big, too many NtDeviceIoControlFile calls found.

                                                                                    Simulations

                                                                                    Behavior and APIs

                                                                                    No simulations

                                                                                    Joe Sandbox View / Context

                                                                                    IPs

                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                    143.204.201.126ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                      ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                        99.86.0.85ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                          ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                            ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                              ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                  https://cashout.discussion.communityGet hashmaliciousBrowse
                                                                                                    http://links.notification.intuit.com/ls/click?upn=LEV65WI9EZ1l5TkUt4hKqzq6J49VEXJMRhUxqRckK3UK6eeEy0A-2FylQ0WpPN9IR9nATq3WhntsTLMCi919IHWMcgxpF5i1GT9Eu7cbkbuunbB4fuNIZhVz-2BIL1uP-2B-2FQxNPJeh9cmAA7GBH1Yo4DuZ19j2v1QcQ-2Bb5MFpr7R39LWMEvNjC4P7oB3i95Y4RuoblWdEZeUyR2HtsuqsH-2FaP99PpafutDX-2BJaEmiHApiLKQrN-2FuCLAGGSJDWu1qGydCSETnlQ1bokHII3Ewle9LaIg-3D-3DjFE6_PT-2FQXQzN6Y9dHFdCLOpSYF-2FdGrqxI2h56AGnjU45dUJhQ5TyZEDKgKSkFESkded8yws0-2FrwON9hx1sOOnf2a7Yat9MThuJ6qz57sGUx8cG5cjOIZDNvuMBYR9-2Fk-2BpLzxuYl-2Bq1wcDUGqlbtUx-2FzhncImxQPmEyGhd8GH16dbVgyRAzb2reRFS9rSH-2Bz09WdCTdCy1Z0eYLi6D7ss-2FpgIgfsDjL2IeVNLZnPy44i8xAulJodo80hP-2B85jMv3502Cy8-2FILXfQ68oMCPWD1Sdzxh7cjvhNVlOpODLwLGBRjgM2F5Sy2wzS76WDlec8obk28qlZFEhNmClMPJMOrKZJnp6k-2B-2B7oWipVN-2FNNxIfAwrsmtQ-2Bvig3l-2F-2F6CbGushPGIU7U-2FNmSem9mPVFzOMFosx5svoIgnwg4y59YMqJY3THJD2KTASuezoElDA0N-2ByFcQHkyVjtWm6c9xh-2BYK4RiaNoLSTd-2BSts9G67L5uV4GNyD3DRjA-2BH5tX5xUsnWuUUiJrrJv9Wuhe9Zvf3hon4ge7zGzJHu5bcNiKbXCWjRhUyRV3z7aWjH3HQyQbpeYWmAm2QnhILgBZk4K7xHawdmI81A-3D-3DGet hashmaliciousBrowse
                                                                                                      https://bitly.com/3cYxZ5IGet hashmaliciousBrowse
                                                                                                        54.149.50.128ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                          ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                            162.247.242.18http://owoxchweb.emyspot.com/Get hashmaliciousBrowse
                                                                                                            • bam.nr-data.net/1/1eb02dae32?a=16828251&v=918.2e0ff1d&to=J1oIRBZeWVQHSxwNBApRD14DHkZQDU4%3D&rst=5148&ap=12&be=3893&fe=1108&dc=825&f=%5B%22err%22,%22xhr%22,%22stn%22,%22ins%22%5D&perf=%7B%22timing%22:%7B%22of%22:1531118387055,%22n%22:0,%22dl%22:0,%22di%22:4547,%22ds%22:4547,%22de%22:4718,%22dc%22:4998,%22l%22:4999,%22le%22:5005,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:0,%22rp%22:0,%22rpe%22:42%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
                                                                                                            Scan-0289287.pdfGet hashmaliciousBrowse
                                                                                                            • bam.nr-data.net/1/be34c3f7ff?a=1795030&pl=1509054230154&v=632.2b17625&to=blwEZERTDEJXUhBZDVcWM0JfHQFeWEILXAcWThFHGV4NVl9fS1kMXVweHkZaEg%3D%3D&be=22892&fe=153&dc=152&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1509054230154,%22n%22:0,%22dl%22:22600,%22di%22:23065,%22ds%22:23065,%22de%22:23066,%22dc%22:23067,%22l%22:23067,%22le%22:23081,%22f%22:0,%22dn%22:22598,%22dne%22:22598,%22c%22:22598,%22ce%22:22598,%22rq%22:22598,%22rp%22:22600,%22rpe%22:22625%7D,%22navigation%22:%7B%7D%7D&at=QhsHEgxJH0w%3D&jsonp=NREUM.setToken
                                                                                                            50.112.221.239https://archbee.io/doc/gpDKj-ShASFFy7ljsO-eR/r7ztZd1NKEZHSePgJCywdGet hashmaliciousBrowse
                                                                                                              143.204.201.83ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                http://whatcoronavirus.com/Get hashmaliciousBrowse

                                                                                                                  Domains

                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                  d2citsn5wf4j9j.cloudfront.netACH WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.45
                                                                                                                  ACH WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.45
                                                                                                                  ACH - WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.60
                                                                                                                  ACH - WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.116
                                                                                                                  ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.60
                                                                                                                  ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.43
                                                                                                                  ACH WlRE REMlTTANCE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.45
                                                                                                                  ACH WlRE REMlTTANCE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.45
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.8
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.8
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.8
                                                                                                                  ACH WIRE REMITTANCE COPY.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.82
                                                                                                                  ACH WIRE REMITTANCE COPY.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.99
                                                                                                                  ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.99
                                                                                                                  ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.82
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.82
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.82
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.30
                                                                                                                  ACH WIRE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.45
                                                                                                                  d296je7bbdd650.cloudfront.nethttps://app.clio.com/link/AxWtfjmmzhjaGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACH WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACH WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACH - WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACH - WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACH WlRE REMlTTANCE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACH WlRE REMlTTANCE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.224.100.80
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 99.86.0.85
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 99.86.0.85
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 99.86.0.85
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 99.86.0.85
                                                                                                                  ACH WIRE REMITTANCE COPY.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.174.148
                                                                                                                  ACH WIRE REMITTANCE COPY.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.174.148
                                                                                                                  ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.174.148
                                                                                                                  ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.174.148
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.174.148
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 13.226.174.148
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 99.86.0.85
                                                                                                                  api.segment.iohttps://app.clio.com/link/AxWtfjmmzhjaGet hashmaliciousBrowse
                                                                                                                  • 52.43.118.59
                                                                                                                  ACH WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 35.164.248.150
                                                                                                                  ACH WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.69.174.156
                                                                                                                  ACH - WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.68.95.227
                                                                                                                  ACH - WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.71.104.186
                                                                                                                  ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 34.212.76.189
                                                                                                                  ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.149.50.128
                                                                                                                  ACH WlRE REMlTTANCE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 52.34.69.24
                                                                                                                  ACH WlRE REMlTTANCE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 52.41.185.157
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 35.155.235.224
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 52.41.92.51
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 52.35.191.167
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.191.32.71
                                                                                                                  ACH WIRE REMITTANCE COPY.xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.213.89.109
                                                                                                                  ACH WIRE REMITTANCE COPY.xlsxGet hashmaliciousBrowse
                                                                                                                  • 35.167.90.204
                                                                                                                  ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.68.60.138
                                                                                                                  ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 54.149.50.128
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 52.43.15.143
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 35.164.248.150
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 52.89.79.226

                                                                                                                  ASN

                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                  AMAZON-02UShttp://www.portal.office.com.s3-website.us-east-2.amazonaws.com#p.steinberger@wafra.comGet hashmaliciousBrowse
                                                                                                                  • 52.219.102.33
                                                                                                                  https://protect-us.mimecast.com/s/eKI8CjRMnyCnG2lvSW3aOv?domain=document-efw5.zizera.comGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.92
                                                                                                                  https://t.e.vailresorts.comGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  https://largemail.r1.rpost.net/files/7xU97qcFgCvB3Uv1wDC4qvS2ZriLfublohKWA5V3/ln/en-usGet hashmaliciousBrowse
                                                                                                                  • 52.58.5.168
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=YnJlbmRhLmNvcGVsYW5kQHN0ZXViZW50cnVzdC5jb20=&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  http://s1022.t.en25.com/e/er?s=1022&lid=2184&elqTrackId=BEDFF87609C7D9DEAD041308DD8FFFB8&lb_email=bkirwer%40farbestfoods.com&elq=b095bd096fb54161953a2cf8316b5d13&elqaid=3115&elqat=1Get hashmaliciousBrowse
                                                                                                                  • 13.224.100.124
                                                                                                                  https://ubereats.app.link/cwmLFZfMz5?%243p=a_custom_354088&%24deeplink_path=promo%2Fapply%3FpromoCode%3DRECONFORT7&%24desktop_url=tracking.spectrumemp.com/el?aid=8feeb968-bdd0-11e8-b27f-22000be0a14e&rid=50048635&pid=285843&cid=513&dest=overlordscan.com/cmV0by5tZXR6bGVyQGlzb2x1dGlvbnMuY2g=%23#kkowfocjoyuynaip#Get hashmaliciousBrowse
                                                                                                                  • 13.224.93.92
                                                                                                                  Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.80
                                                                                                                  https://kimiyasanattools.com/outlook/latest-onedrive/microsoft.phpGet hashmaliciousBrowse
                                                                                                                  • 18.202.27.117
                                                                                                                  https://verify-outlook-web.weebly.com/Get hashmaliciousBrowse
                                                                                                                  • 35.158.107.63
                                                                                                                  https://t.e.vailresorts.com/r/?id=h1bac782d,59eb410,55e61f1&VRI_v73=96008558&cmpid=EML_OPENDAYS_RESO_000_OK_SR_REN1Y_000000_TG0001_20201118_V00_EX001_LOCA_ANN_00000_000Get hashmaliciousBrowse
                                                                                                                  • 54.149.237.46
                                                                                                                  https://www.canva.com/design/DAEN9RlD8Vk/acBvt6UoL-DafjXmQk38pA/view?utm_content=DAEN9RlD8Vk&utm_campaign=designshare&utm_medium=link&utm_source=publishsharelinkGet hashmaliciousBrowse
                                                                                                                  • 44.236.48.31
                                                                                                                  https://app.box.com/s/mk1t9s05ty9ba7rvsdbstgc46rb4fod7Get hashmaliciousBrowse
                                                                                                                  • 52.16.35.20
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=Y25veWVzQDk5cmVzdGF1cmFudHMuY29t&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 52.12.33.145
                                                                                                                  https://go.pardot.com/e/395202/siness-insights-dashboard-html/bnmpz6/1446733421?h=AwLDfNsCVbkjEN13pzY-7AXMPolL_XMigGsJSppGaiMGet hashmaliciousBrowse
                                                                                                                  • 52.16.193.33
                                                                                                                  https://app.box.com/s/gdf36roak3w2fc52cgfbxuq651p0zehyGet hashmaliciousBrowse
                                                                                                                  • 52.16.35.20
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=ZGFuaWVsLnBlbm5pbmd0b25AdnZtYy5jb20=&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  https://app.clio.com/link/AxWtfjmmzhjaGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.53
                                                                                                                  http://WWW.ALYSSA-J-MILANO.COMGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.39
                                                                                                                  http://www.marcusevans.comGet hashmaliciousBrowse
                                                                                                                  • 13.224.103.164
                                                                                                                  AMAZON-02UShttp://www.portal.office.com.s3-website.us-east-2.amazonaws.com#p.steinberger@wafra.comGet hashmaliciousBrowse
                                                                                                                  • 52.219.102.33
                                                                                                                  https://protect-us.mimecast.com/s/eKI8CjRMnyCnG2lvSW3aOv?domain=document-efw5.zizera.comGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.92
                                                                                                                  https://t.e.vailresorts.comGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  https://largemail.r1.rpost.net/files/7xU97qcFgCvB3Uv1wDC4qvS2ZriLfublohKWA5V3/ln/en-usGet hashmaliciousBrowse
                                                                                                                  • 52.58.5.168
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=YnJlbmRhLmNvcGVsYW5kQHN0ZXViZW50cnVzdC5jb20=&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  http://s1022.t.en25.com/e/er?s=1022&lid=2184&elqTrackId=BEDFF87609C7D9DEAD041308DD8FFFB8&lb_email=bkirwer%40farbestfoods.com&elq=b095bd096fb54161953a2cf8316b5d13&elqaid=3115&elqat=1Get hashmaliciousBrowse
                                                                                                                  • 13.224.100.124
                                                                                                                  https://ubereats.app.link/cwmLFZfMz5?%243p=a_custom_354088&%24deeplink_path=promo%2Fapply%3FpromoCode%3DRECONFORT7&%24desktop_url=tracking.spectrumemp.com/el?aid=8feeb968-bdd0-11e8-b27f-22000be0a14e&rid=50048635&pid=285843&cid=513&dest=overlordscan.com/cmV0by5tZXR6bGVyQGlzb2x1dGlvbnMuY2g=%23#kkowfocjoyuynaip#Get hashmaliciousBrowse
                                                                                                                  • 13.224.93.92
                                                                                                                  Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.80
                                                                                                                  https://kimiyasanattools.com/outlook/latest-onedrive/microsoft.phpGet hashmaliciousBrowse
                                                                                                                  • 18.202.27.117
                                                                                                                  https://verify-outlook-web.weebly.com/Get hashmaliciousBrowse
                                                                                                                  • 35.158.107.63
                                                                                                                  https://t.e.vailresorts.com/r/?id=h1bac782d,59eb410,55e61f1&VRI_v73=96008558&cmpid=EML_OPENDAYS_RESO_000_OK_SR_REN1Y_000000_TG0001_20201118_V00_EX001_LOCA_ANN_00000_000Get hashmaliciousBrowse
                                                                                                                  • 54.149.237.46
                                                                                                                  https://www.canva.com/design/DAEN9RlD8Vk/acBvt6UoL-DafjXmQk38pA/view?utm_content=DAEN9RlD8Vk&utm_campaign=designshare&utm_medium=link&utm_source=publishsharelinkGet hashmaliciousBrowse
                                                                                                                  • 44.236.48.31
                                                                                                                  https://app.box.com/s/mk1t9s05ty9ba7rvsdbstgc46rb4fod7Get hashmaliciousBrowse
                                                                                                                  • 52.16.35.20
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=Y25veWVzQDk5cmVzdGF1cmFudHMuY29t&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 52.12.33.145
                                                                                                                  https://go.pardot.com/e/395202/siness-insights-dashboard-html/bnmpz6/1446733421?h=AwLDfNsCVbkjEN13pzY-7AXMPolL_XMigGsJSppGaiMGet hashmaliciousBrowse
                                                                                                                  • 52.16.193.33
                                                                                                                  https://app.box.com/s/gdf36roak3w2fc52cgfbxuq651p0zehyGet hashmaliciousBrowse
                                                                                                                  • 52.16.35.20
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=ZGFuaWVsLnBlbm5pbmd0b25AdnZtYy5jb20=&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  https://app.clio.com/link/AxWtfjmmzhjaGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.53
                                                                                                                  http://WWW.ALYSSA-J-MILANO.COMGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.39
                                                                                                                  http://www.marcusevans.comGet hashmaliciousBrowse
                                                                                                                  • 13.224.103.164
                                                                                                                  AMAZON-02UShttps://protect-us.mimecast.com/s/eKI8CjRMnyCnG2lvSW3aOv?domain=document-efw5.zizera.comGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.92
                                                                                                                  https://t.e.vailresorts.comGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  https://largemail.r1.rpost.net/files/7xU97qcFgCvB3Uv1wDC4qvS2ZriLfublohKWA5V3/ln/en-usGet hashmaliciousBrowse
                                                                                                                  • 52.58.5.168
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=YnJlbmRhLmNvcGVsYW5kQHN0ZXViZW50cnVzdC5jb20=&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  http://s1022.t.en25.com/e/er?s=1022&lid=2184&elqTrackId=BEDFF87609C7D9DEAD041308DD8FFFB8&lb_email=bkirwer%40farbestfoods.com&elq=b095bd096fb54161953a2cf8316b5d13&elqaid=3115&elqat=1Get hashmaliciousBrowse
                                                                                                                  • 13.224.100.124
                                                                                                                  https://ubereats.app.link/cwmLFZfMz5?%243p=a_custom_354088&%24deeplink_path=promo%2Fapply%3FpromoCode%3DRECONFORT7&%24desktop_url=tracking.spectrumemp.com/el?aid=8feeb968-bdd0-11e8-b27f-22000be0a14e&rid=50048635&pid=285843&cid=513&dest=overlordscan.com/cmV0by5tZXR6bGVyQGlzb2x1dGlvbnMuY2g=%23#kkowfocjoyuynaip#Get hashmaliciousBrowse
                                                                                                                  • 13.224.93.92
                                                                                                                  Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                                                                  • 13.226.173.80
                                                                                                                  https://kimiyasanattools.com/outlook/latest-onedrive/microsoft.phpGet hashmaliciousBrowse
                                                                                                                  • 18.202.27.117
                                                                                                                  https://verify-outlook-web.weebly.com/Get hashmaliciousBrowse
                                                                                                                  • 35.158.107.63
                                                                                                                  https://t.e.vailresorts.com/r/?id=h1bac782d,59eb410,55e61f1&VRI_v73=96008558&cmpid=EML_OPENDAYS_RESO_000_OK_SR_REN1Y_000000_TG0001_20201118_V00_EX001_LOCA_ANN_00000_000Get hashmaliciousBrowse
                                                                                                                  • 54.149.237.46
                                                                                                                  https://www.canva.com/design/DAEN9RlD8Vk/acBvt6UoL-DafjXmQk38pA/view?utm_content=DAEN9RlD8Vk&utm_campaign=designshare&utm_medium=link&utm_source=publishsharelinkGet hashmaliciousBrowse
                                                                                                                  • 44.236.48.31
                                                                                                                  https://app.box.com/s/mk1t9s05ty9ba7rvsdbstgc46rb4fod7Get hashmaliciousBrowse
                                                                                                                  • 52.16.35.20
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=Y25veWVzQDk5cmVzdGF1cmFudHMuY29t&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 52.12.33.145
                                                                                                                  https://go.pardot.com/e/395202/siness-insights-dashboard-html/bnmpz6/1446733421?h=AwLDfNsCVbkjEN13pzY-7AXMPolL_XMigGsJSppGaiMGet hashmaliciousBrowse
                                                                                                                  • 52.16.193.33
                                                                                                                  https://app.box.com/s/gdf36roak3w2fc52cgfbxuq651p0zehyGet hashmaliciousBrowse
                                                                                                                  • 52.16.35.20
                                                                                                                  https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=ZGFuaWVsLnBlbm5pbmd0b25AdnZtYy5jb20=&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                                                                  • 35.164.67.102
                                                                                                                  https://app.clio.com/link/AxWtfjmmzhjaGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.53
                                                                                                                  http://WWW.ALYSSA-J-MILANO.COMGet hashmaliciousBrowse
                                                                                                                  • 13.224.93.39
                                                                                                                  http://www.marcusevans.comGet hashmaliciousBrowse
                                                                                                                  • 13.224.103.164
                                                                                                                  http://septterror.tripod.com/the911basics.htmlGet hashmaliciousBrowse
                                                                                                                  • 52.94.225.95

                                                                                                                  JA3 Fingerprints

                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                  7dcce5b76c8b17472d024758970a406bPO 20-11-2020.ppsGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  Avion Quotation Request.docGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  https://www.lnepia.com.cn/app/4gnf/tiaoban.phpGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  #U0648#U0631#U0634#U0629 #U0639#U0645#U0644 #U062a#U062f#U0631#U06cc#U0628#U06cc#U0629.docGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  doc2227740.xlsGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  POSH XANADU Order-SP-20093000-xlxs.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  d11311145.xlsGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  MV GRAN LOBO 008.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH - WlRE PAYMENT REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACHWlRE REMlTTANCE ADVlCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH WlRE REMlTTANCE PAYMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH & WlRE REMlTTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH WIRE REMITTANCE COPY.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH WlRE REMITTANCE..xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  POSH XANADU Order-SP-20-V241e.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  ACH WIRE REMITTANCE.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83
                                                                                                                  SHIPMENT DOCUMENT.xlsxGet hashmaliciousBrowse
                                                                                                                  • 143.204.201.126
                                                                                                                  • 99.86.0.85
                                                                                                                  • 54.149.50.128
                                                                                                                  • 162.247.242.18
                                                                                                                  • 50.112.221.239
                                                                                                                  • 143.204.201.83

                                                                                                                  Dropped Files

                                                                                                                  No context

                                                                                                                  Created / dropped Files

                                                                                                                  C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:PNG image data, 16 x 16, 4-bit colormap, non-interlaced
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):237
                                                                                                                  Entropy (8bit):6.1480026084285395
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:6v/lhPIF6R/C+u1fXNg1XQ3yslRtNO+cKvAElRApGCp:6v/7b/C1fm1ZslRTvAElR47
                                                                                                                  MD5:9FB559A691078558E77D6848202F6541
                                                                                                                  SHA1:EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31
                                                                                                                  SHA-256:6D8A01DC7647BC218D003B58FE04049E24A9359900B7E0CEBAE76EDF85B8B914
                                                                                                                  SHA-512:0E08938568CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCFB74437DE520395234D0009D452FB96A8ECE236B
                                                                                                                  Malicious:false
                                                                                                                  Reputation:high, very likely benign file
                                                                                                                  Preview: .PNG........IHDR................R....sRGB.........gAMA......a.....pHYs..........o.d...-PLTE......(..5..X..h...........................J4.I...IIDAT.[c`..&.(.....F....cX.(@.j.+@..K.(..2L....1.{.....c`]L9.&2.l...I..E.......IEND.B`.
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\MP98E46N\onggodwebs.typeform[1].xml
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):425080
                                                                                                                  Entropy (8bit):5.201244670831493
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:1536:dkuSNNYVHHHjH9HyHHHjHG8UdNUGjygyDnJ:KuSNNYVHHHjH9HyHHHjHG8UE
                                                                                                                  MD5:70BAEF4CD6D810393F1233EF5194B27C
                                                                                                                  SHA1:DF37BEF717553BCDE4452536B2C35F64D3724DCD
                                                                                                                  SHA-256:FC4E2F9CBCFEE434AA74EBC978BACA0F8E9E2848DA7F8B975BD6A13753D9ACEE
                                                                                                                  SHA-512:8A11510E7D648C31C68608D2F128317B026BCFCAB9B4A24595B8861B65BABC67466F2C57B6F95A1DB2CEDD84A0BC13BC5580312AF3DAFACD3ED09098E69A9AA9
                                                                                                                  Malicious:false
                                                                                                                  Reputation:low
                                                                                                                  Preview: <root><item name="ZLWgtC1e-visitorId" value="ZLWgtC1e-1605928995886-48" ltime="2794785888" htime="30850997" /><item name="debug" value="undefined" ltime="2882015888" htime="30850997" /><item name="segmentio.57b8064e-17fb-40cd-af9a-cd79572f1085.inProgress" value="{}" ltime="2811185888" htime="30850997" /><item name="segmentio.57b8064e-17fb-40cd-af9a-cd79572f1085.queue" value="[]" ltime="2803075888" htime="30850997" /><item name="segmentio.57b8064e-17fb-40cd-af9a-cd79572f1085.ack" value="1605929004351" ltime="2879515888" htime="30850997" /><item name="segmentio.57b8064e-17fb-40cd-af9a-cd79572f1085.reclaimStart" value="null" ltime="2879515888" htime="30850997" /><item name="segmentio.57b8064e-17fb-40cd-af9a-cd79572f1085.reclaimEnd" value="null" ltime="2879515888" htime="30850997" /><item name="ajs_anonymous_id" value="&quot;35d8d446-0833-4aee-ad56-5736ef30e24d&quot;" ltime="2806665888" htime="30850997" /></root><root><item name="ZLWgtC1e-visitorId" value="ZLWgtC1e-1605928995886-48" ltime=
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E1A8B7BF-2BA8-11EB-ADCF-ECF4BBB5915B}.dat
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:Microsoft Word Document
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):24664
                                                                                                                  Entropy (8bit):1.7916750734567475
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:48:Iv/GcpUOGwp0jPG/apnjqwrGIpHjqYBGvnZpEjqYQUGomVqpqjqYQp9Go46y5pZU:MVKmKrpN9J0al0Zd3U5
                                                                                                                  MD5:6AB07E1C757D6B42C9118B5BF4D534D8
                                                                                                                  SHA1:589773E66C62125D248FEED48DBDE50E19515CEF
                                                                                                                  SHA-256:C3DC70E2C502788598D61819FD2946688BD095927C07C2E312134351008A5811
                                                                                                                  SHA-512:9D1EC72B444DCFCEE49DEAEF2B40E6BB312209BEACAF0C4851EC99219D657BBEF23E13B49C90EC8509BA1085BE23997CE8238806C7BB1AECD1E46F1ABDB93DE7
                                                                                                                  Malicious:false
                                                                                                                  Reputation:low
                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E723EFCA-2BA8-11EB-ADCF-ECF4BBB5915B}.dat
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:Microsoft Word Document
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):29784
                                                                                                                  Entropy (8bit):1.8289998256119755
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:48:IvwKGcpU6xGwp0PCYG/apnP8CPXrGIpHP8StHxGvnZpEP8StRGvHZpqP8StbrGoY:M/KgKFpN9Jma20GaRHJBU0RMX
                                                                                                                  MD5:6D1FD6905B1FF8559DB53C94DE02D99D
                                                                                                                  SHA1:31AFAC154EA7A00589D8138997C9CBF40C971973
                                                                                                                  SHA-256:F833C452F9DA040AAB02B0C55B6BE17EB3F6CF964669CBA66416F05DFCE649D9
                                                                                                                  SHA-512:41F88E87784D586CCCCDADCE7FA24C641B0F11543CD5FCE0FF5F4ED05C009C5F791C6F9D3C1D56109B8EE4723AB75D211DF673D83444C14B2285CD8076EFA0BE
                                                                                                                  Malicious:false
                                                                                                                  Reputation:low
                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E1A8B7C1-2BA8-11EB-ADCF-ECF4BBB5915B}.dat
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:Microsoft Word Document
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):38920
                                                                                                                  Entropy (8bit):2.0059840879837414
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:192:M4KcbIJu7CFc9pokJOzrYnRMyc9kB7o9FM9QBXGdyB:M/a04CiP3Qra+yc9Q7o9690WdE
                                                                                                                  MD5:B9DBCDDF123783AB857A2B5857B064C4
                                                                                                                  SHA1:7CA1AE9D23D38592821638E0C4E86D23155BE2ED
                                                                                                                  SHA-256:1AB18ED212358100E6D54350037B285E2F7AE43CC68D24BBFEA18DE6FFAB031F
                                                                                                                  SHA-512:DD4009E1D273BB2750C9EE952EB0F9B3797ED478A86D9139E0A3A45587DAA06DC15AA538D4C0359205F8858EA5511358ED22381A207A49EE550BDE24A96A783B
                                                                                                                  Malicious:false
                                                                                                                  Reputation:low
                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E723EFCC-2BA8-11EB-ADCF-ECF4BBB5915B}.dat
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:Microsoft Word Document
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):26992
                                                                                                                  Entropy (8bit):1.8711072570872744
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:192:MdK2bPJd7ttgcRCpR0tNJRZzRyt2TRdzRGc9Tr:MM4hVJcK/X/n4c9P
                                                                                                                  MD5:B081FB5C3D9F5A633859555779593C6F
                                                                                                                  SHA1:47B0D4F00B5E244912C2EB45BA6405062155FCD5
                                                                                                                  SHA-256:3CBC92129D537135DA2D63050616E3E5B4F679FFED8BA4A8F94E005498BA8461
                                                                                                                  SHA-512:E822FDAAF523DBA2ADB459A7C61ACB26B636724F1FC912B42982823A2128759AF0BF378783A301DCBB0AFD94EC3F527E0A1C74B4856AA55CA4A2F48C4774889B
                                                                                                                  Malicious:false
                                                                                                                  Reputation:low
                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E723EFCD-2BA8-11EB-ADCF-ECF4BBB5915B}.dat
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:Microsoft Word Document
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):16984
                                                                                                                  Entropy (8bit):1.5676292233843816
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:48:IvTGcpUaGwpNvG4pPHGrapgSErGQpZ3UG7HpC3oXsTGIpG:MpKCbhJbeSEF/3f03o4A
                                                                                                                  MD5:7BD5EA81C5D201C48A85C0B0FD1BFE07
                                                                                                                  SHA1:0A0285C20A4949896F4DCF2939F74E489A4AB2B4
                                                                                                                  SHA-256:13F3634763A7BD6CF65D7D06594C73FEC981EBC56A16C187FD4348C00944E4E6
                                                                                                                  SHA-512:0C9CB3133AF32D2C924DFC0E83060EEC72BC9A0BB192B26B10CC02CDCA8E075D2F9659C39A8891B9CC6FB325C7494AC404ACF36E1B733A32E48B5DFAFC30D3C7
                                                                                                                  Malicious:false
                                                                                                                  Reputation:low
                                                                                                                  Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\lr5drzg\imagestore.dat
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):4410
                                                                                                                  Entropy (8bit):2.299764194174884
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:24:wRbONCfuV+U0mElbdgPBtL70o5hOiT825681Iro2siPxnGA1t+:wRmw3m8bdg5t30eT82/1IrHPx1X+
                                                                                                                  MD5:7BF4AB50C57AC726A7B4F43A48DAC3CF
                                                                                                                  SHA1:C08C82C4A1557764770E819C7B221810169A8FE3
                                                                                                                  SHA-256:33CAF62FD655C66C322B2D59C56FE22C0BF2CB9138839AF581D7A4C4E3CEEF6F
                                                                                                                  SHA-512:9ECCE9C2678E955A8B88BD7E68C6420BCC614E2A424FF1CAC3243822F2CDE9F44CAA6B45DB4F408C07C9170B3EE3BB4E8F19ED33D3F9CB5491EDCAC38B3ECCEE
                                                                                                                  Malicious:false
                                                                                                                  Reputation:low
                                                                                                                  Preview: +.h.t.t.p.s.:././.o.n.g.g.o.d.w.e.b.s...t.y.p.e.f.o.r.m...c.o.m./.f.a.v.i.c.o.n...i.c.o........... .... .........(... ...@..... .................................................................................333.+++*)))2)))8(((:&&&.................................................................................................'''p&&&.'''.'''.'''.'''.'''.'''.'''.'''.(((F........................................................................777.'''.&&&.&&&.'''T(((.....................,,,.&&&k&&&.&&&.(((R............................................................'''N&&&.'''.((( ............................................'''A&&&.'''.+++.................................................'''|&&&.''';............................................................&&&.&&&.***+........................................&&&.&&&.,,,.....................................................................'''\&&&.+++.................................'''.'''.999...............................................
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\LnkQ4hGmxTTD[1].png
                                                                                                                  Process:C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
                                                                                                                  File Type:PNG image data, 131 x 109, 8-bit/color RGBA, non-interlaced
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):11245
                                                                                                                  Entropy (8bit):7.975358433194237
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:192:mbz+31SP85NJJDasl02Sj6cPXana59Wh50KH83Yh7Ewnp4Un5To75yhoEbN:ONIlSB/aabCeHSEwnp4UnpoFhEbN
                                                                                                                  MD5:9936A0F33BBE88F448A1E166B8CCD4A9
                                                                                                                  SHA1:EBBE8544383B73EB0C8BA6733B3588F7781B5B23
                                                                                                                  SHA-256:B0CF2B3D20750F69559365B1926CA243502BE1E58EFBCB45E8315C943BE1BCDF
                                                                                                                  SHA-512:58BD2ECF7E1DADBC96DF63B01595C5B8E5E9301B5AC55645B6F36C4B831F39E89375476076CCCC20204B53960C153FBF1103710A74DC41EEBC23C5ABAD5814F0
                                                                                                                  Malicious:false
                                                                                                                  Reputation:moderate, very likely benign file
                                                                                                                  IE Cache URL:https://images.typeform.com/images/LnkQ4hGmxTTD
                                                                                                                  Preview: .PNG........IHDR.......m..........+.IDATx..].x.U.^.H.d..f..l(b.......`......)...g..SJ...M.....bGQ." *.;**...M#$.......L.....s.Mvgvg.{.{.s.....V.....'.YR.s..?-e..V..t.......SE0..%...V..e............-.....r.[..=_..W......(.g..KC.....[...8.X..;`S .U..=.('.....S,..Z..Gq...........,..W...p._...o.?.>....c....?..........A....Q..].s....+..^*..NOj..Y....%..3.&.n.......b..0...B.......!$G..rN....+.r..tL...M.(.{XY..*.F6....]RY....Y..XS=9$..k...k....$........S0.'c.~.....|.z.....*.A..)..._.#..QN....&.........P.U8..%.vM+....B..1.?..UP.....3..f......J.@.h....xc$..5...a>~....1..&.v^... ....*f....5.C3.g.).c.#...|_J........Z.jWO.f...9w.q...o(...&i%L....#V.|.,..4M@.W..ZQ`.P..T.........5K...w..}.Jsj.ZR.W`x.f.3.\....C.J.*.*R...g..S2.qx...&N.yr.B...0..'......,....`:0A..%.\.A^%fa........y}.+..6i..fx..d..8..).e@..Uk.}...S..M8..}.:.Qk..K.S...[...H.T.Bh..i..\'..%..$Q..W....eI.....ru.._....ySy..t..ZR..b.V.:.M.........`:.9.L[.V...Mu...U.7X.....3.G..9......Z....
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\default-firstframe[1].png
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:PNG image data, 158 x 48, 8-bit/color RGBA, non-interlaced
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):4301
                                                                                                                  Entropy (8bit):7.933099795148911
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:96:DJsJ9I1DId7LovB7A/LIVh3wJSRhRAnGn6pfQDEk/3o:W77L2t6InwmgiyfQto
                                                                                                                  MD5:7EDA9EC93D911B48A77B18FFAD77F7DC
                                                                                                                  SHA1:1678B6CC7973C764289783D63A7797E1AE85DA99
                                                                                                                  SHA-256:00BAB0371C61890A7EEEF86A0C1F0E4F037861C02E78EB1BE127CA00288F91E4
                                                                                                                  SHA-512:7A6DF695ECFFE124E066672548AEBA8CD5E88140B5C2DA80153825544A6F44350A966A8006716076FDC972B778533268EA28033ADDC5446C3338668A047E71B7
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://images.typeform.com/images/CFFf65RuaPdt/image/default-firstframe.png
                                                                                                                  Preview: .PNG........IHDR.......0.............pHYs...........~.....IDATx..\.tU..b-3N.. :...A..$..r......Z....-.[.....,SWK[.T..U..Q;L....F^..IHB......$ ...#$.....o....%..W...............K...K...K....)..L...]..q.e.3s(..5.3.u..M.....W.....l....A.?...iG..VebB~:.!.{.y.e...t..^.Y..".o4ec.A.J......t}wS.Kj.........]i.R.t..8. ..5d.W.al!....[..a.a......?..u).*-.........J;R.\....)........<..M.\..o....[.b..r<...%....D...go....m.b...?..lY....z:.t.H....w...Ui].U* ~...h..2.O.{q{.._........S].O...s..>....T...W`.U.4J.b..C.EY.EO.....1.....F/.z...... .z.f...d.?p!>'..c.....*&..4...>.....i.O.....t-...0.....c...e{.....^.\..?..+...s...xZDY.......~.. .q.j......./.....#..Dc....[..g....V...>.X._.a.....9.z.....L..F.n.j..g...'...J><.`E....Vn..'..$.g^....`...#..e\o.x.16..a. .:....E...t ....xjI:FuzYA&n4..c..K......A<X..q+3p......NOw.o.p....ka...v#.5......s_.~&.v.hn..(.yW....0`Y:..H.`..._....pw-.o.........:U.....{.g.#..0f.A........).O$D.(.w[.c.Y.>#..lx>...t.N......7...7.
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\errorPageStrings[1]
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):3470
                                                                                                                  Entropy (8bit):5.076790888059907
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:96:z9UUiqRxqH211CUIRHERyRyntQRXaR8RS6C87a/5/+mhPcF+5g+mOC53B5Fqs1qP:JsUOHaQyYX4yJQOWCbz1Qb5
                                                                                                                  MD5:6B26ECFA58E37D4B5EC861FCDD3F04FA
                                                                                                                  SHA1:B69CD71F68FE35A9CE0D7EA17B5F1B2BAD9EA8FA
                                                                                                                  SHA-256:7F7D1069CA8A852C1C8EB36E1D988FE6A9C17ECB8EFF1F66FC5EBFEB5418723A
                                                                                                                  SHA-512:1676D43B977C07A3F6A5473F12FD16E56487803A1CB9771D0F189B1201642EE79480C33A010F08DC521E57332EC4C4D888D693C6A2323C97750E97640918C3F4
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:res://ieframe.dll/errorPageStrings.js
                                                                                                                  Preview: .//Split out for localization...var L_GOBACK_TEXT = "Go back to the previous page.";..var L_REFRESH_TEXT = "Refresh the page.";..var L_MOREINFO_TEXT = "More information";..var L_OFFLINE_USERS_TEXT = "For offline users";..var L_RELOAD_TEXT = "Retype the address.";..var L_HIDE_HOTKEYS_TEXT = "Hide tab shortcuts";..var L_SHOW_HOTKEYS_TEXT = "Show more tab shortcuts";..var L_CONNECTION_OFF_TEXT = "You are not connected to the Internet. Check your Internet connection.";..var L_CONNECTION_ON_TEXT = "It appears you are connected to the Internet, but you might want to try to reconnect to the Internet.";....//used by invalidcert.js and hstscerterror.js..var L_CertUnknownCA_TEXT = "The security certificate presented by this website was not issued by a trusted certificate authority.";..var L_CertExpired_TEXT = "The security certificate presented by this website has expired or is not yet valid.";..var L_CertCNMismatch_TEXT = "The security certificate presented by this website was issued for a di
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\large[1].jpg
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:JPEG image data, baseline, precision 8, 1920x1080, frames 3
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):283919
                                                                                                                  Entropy (8bit):7.970997679074108
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6144:DNmdUglMt7+XF0CDk8tZcIlpatPG27ZGAOl93b/myKU:DwrlMt7+XFXD9Z/paRGSZGnOXU
                                                                                                                  MD5:0554F0D0A177ACFFDF74BD226B654D77
                                                                                                                  SHA1:DB298AA8FA59397323F8ABC0D91E12F64E298988
                                                                                                                  SHA-256:FF6D65827CC40A27DCAE15A090D56D3FB38536A3B76A3ED62732C86EC6F05AB0
                                                                                                                  SHA-512:6EA26FF4BACBF426B403E1FCB19D5B17913B0560EF81AB937AECC9D55F6941DEF849C7506AD40A46F0E3DC77ABB53FEE5ABC6C5EC18FC084000829A6A1BD97D6
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://images.typeform.com/images/EieTXNzHVqRh/background/large
                                                                                                                  Preview: .....C.....................................%...#... , #&')*)..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......8....".......................................G........................!.1AQ."aq2....#BR..b.....$3r.CS.%4c..D...&Es..............................1.....................!..1AQ"a..2q.....B....R#.3............?..U]J..<..R.....T.1.,1@:0.rF..H.6..g;.DFLQT.T...W6.. ...*.P..1WQh.6.w...f....a.....J...R..*T.@J.*P..J.A1S.u1P..J.(....J.T...A*T.^*..U.&*.W.,P....X.T2...j.Z.@V*.TU.Z-......QO....c..4R.>.b<..1R.JP(.}j.;b....S.....b.q.Ed...j..sQ.9..dr.).S...T.c?.G.02....{5[e.....j....F.....:...M....5<:......j.(..zV.....K-...V.7.........J...0=.b...U....^*......Ai...K.,.0.k..W........S.G.V.....R...9..<<uZ.=V...z..*i=........z-M.J...).....M...S..*.C%`T.^(...J<U...*.S..b..zh....,U....D.X.x...J=5x...@U..Uy....I..&.....F.S.A*.P.:..WR..UJ.x.R..W...&*Qb.(h.*.T..1P..Q.@LT.]J.&*T.@J.*P..J...R....UGC@UJ:..%J.(.R.J.*.]J..XQT...L).8..t..@)..).)l*..
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\urlblockindex[1].bin
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):16
                                                                                                                  Entropy (8bit):1.6216407621868583
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:PF/l:
                                                                                                                  MD5:FA518E3DFAE8CA3A0E495460FD60C791
                                                                                                                  SHA1:E4F30E49120657D37267C0162FD4A08934800C69
                                                                                                                  SHA-256:775853600060162C4B4E5F883F9FD5A278E61C471B3EE1826396B6D129499AA7
                                                                                                                  SHA-512:D21667F3FB081D39B579178E74E9BB1B6E9A97F2659029C165729A58F1787DC0ADADD980CD026C7A601D416665A81AC13A69E49A6A2FE2FDD0967938AA645C07
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://r20swj13mr.microsoft.com/ieblocklist/v1/urlblockindex.bin
                                                                                                                  Preview: .p.J2...........
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[1].htm
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):123135
                                                                                                                  Entropy (8bit):5.37716725217909
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:1536:ZSxNzpZaX8ynI1Z4tG81pMH/+eA/7D5GccKppVCJ0522ObqQRhnLd71UiGw8O9QG:ZSxZ5iQLp7einQTyV8uVnPzw+b
                                                                                                                  MD5:D56B21F34D3B03D0F8C556E7E2B60F24
                                                                                                                  SHA1:A274394F689A49881344006CCB630352F517948C
                                                                                                                  SHA-256:31B3FA20F7122E1FDA27605B9DEA093299F234796166DCA49A4583501F125026
                                                                                                                  SHA-512:3BBC4F98FE9E112FA41A005A9BFE0775AD2FF25B019A5A23560FEC96D6ACE1187B1252CE210F9C75C87E8FED3F02E603E826069AE8B330B7BB0577745F314AEE
                                                                                                                  Malicious:true
                                                                                                                  Yara Hits:
                                                                                                                  • Rule: JoeSecurity_HtmlPhish_25, Description: Yara detected HtmlPhish_25, Source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[1].htm, Author: Joe Security
                                                                                                                  Preview: <!DOCTYPE html><html lang="en"><head><title>MlCR0S0FT 0FFlCE 365 - MAlL</title><meta charSet="utf-8"/><meta content="#434032" name="theme-color"/><meta content="width=device-width, initial-scale=1.0, viewport-fit=cover" name="viewport"/><meta content="Turn data collection into an experience with Typeform. Create beautiful online forms, surveys, quizzes, and so much more. Try it for FREE." name="description"/><meta content="ie=edge" http-equiv="x-ua-compatible"/><meta content="yes" name="apple-mobile-web-app-capable"/><meta content="noindex,nofollow" name="robots"/><meta name="referrer" content="no-referrer-when-downgrade"/><meta content="website" property="og:type"/><meta content="https://onggodwebs.typeform.com/to/ZLWgtC1e" property="og:url"/><meta content="MlCR0S0FT 0FFlCE 365 - MAlL" property="og:title"/><meta content="Turn data collection into an experience with Typeform. Create beautiful online forms, surveys, quizzes, and so much more. Try it for FREE." property="og:description"/
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[2].htm
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:HTML document, UTF-8 Unicode text, with very long lines
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):123135
                                                                                                                  Entropy (8bit):5.37716725217909
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:1536:ZSxNzpZaX8ynI1Z4tG81pMH/+eA/7D5GccKppVCJ0522ObqQRhnLd71UiGw8O9QG:ZSxZ5iQLp7einQTyV8uVnPzw+b
                                                                                                                  MD5:D56B21F34D3B03D0F8C556E7E2B60F24
                                                                                                                  SHA1:A274394F689A49881344006CCB630352F517948C
                                                                                                                  SHA-256:31B3FA20F7122E1FDA27605B9DEA093299F234796166DCA49A4583501F125026
                                                                                                                  SHA-512:3BBC4F98FE9E112FA41A005A9BFE0775AD2FF25B019A5A23560FEC96D6ACE1187B1252CE210F9C75C87E8FED3F02E603E826069AE8B330B7BB0577745F314AEE
                                                                                                                  Malicious:true
                                                                                                                  Yara Hits:
                                                                                                                  • Rule: JoeSecurity_HtmlPhish_25, Description: Yara detected HtmlPhish_25, Source: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\ZLWgtC1e[2].htm, Author: Joe Security
                                                                                                                  Preview: <!DOCTYPE html><html lang="en"><head><title>MlCR0S0FT 0FFlCE 365 - MAlL</title><meta charSet="utf-8"/><meta content="#434032" name="theme-color"/><meta content="width=device-width, initial-scale=1.0, viewport-fit=cover" name="viewport"/><meta content="Turn data collection into an experience with Typeform. Create beautiful online forms, surveys, quizzes, and so much more. Try it for FREE." name="description"/><meta content="ie=edge" http-equiv="x-ua-compatible"/><meta content="yes" name="apple-mobile-web-app-capable"/><meta content="noindex,nofollow" name="robots"/><meta name="referrer" content="no-referrer-when-downgrade"/><meta content="website" property="og:type"/><meta content="https://onggodwebs.typeform.com/to/ZLWgtC1e" property="og:url"/><meta content="MlCR0S0FT 0FFlCE 365 - MAlL" property="og:title"/><meta content="Turn data collection into an experience with Typeform. Create beautiful online forms, surveys, quizzes, and so much more. Try it for FREE." property="og:description"/
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\aa6e0ec721[1].js
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):57
                                                                                                                  Entropy (8bit):4.340020120659463
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:U3KTDW3MiqVkMWVrfUh:H6NukMWVr8h
                                                                                                                  MD5:06DD80AEB628C60DC680BC7A4BEE6651
                                                                                                                  SHA1:8C86EB7DDFF5E1E5D527BD7A41C9D3F6767E23E0
                                                                                                                  SHA-256:5E864C2E3F674C60970513411EAEEEAFD2D615D842E65EC01D09CCFCB4A7B38D
                                                                                                                  SHA-512:C6EE8252743A760AD7BEE017FF7A804B6E34236764BC5630289D5E4C7C15E38CB971F161821586F0235882FD581630F1531FD6396761BF1284581CD8C2CAC4C6
                                                                                                                  Malicious:false
                                                                                                                  Preview: NREUM.setToken({'stn':0,'err':1,'ins':1,'cap':0,'spa':1})
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\analytics.min[1].js
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text, with very long lines
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):361942
                                                                                                                  Entropy (8bit):5.336254686372435
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3072:IbGJ3czFyJlp0zfBQEVyKliFIjREFy1JvLCEt4OKFjF/AgrE:GGy9yeyKliFoRPbQg
                                                                                                                  MD5:32C1450C1D5328936F0C6563B01431D8
                                                                                                                  SHA1:95F3F90F9C7975AB538A14C2F9E77BFB812B6CEA
                                                                                                                  SHA-256:9BF0405EF9CC6A00862C48274F99D166B5A62D0E6E645BAD7EDED66F948E2B5D
                                                                                                                  SHA-512:0D3200B3AC1C63E1639A85289AAE15B851B4EEA7BE477B503B9964E76D4310988A9184AFDB55CB6DFEBF809F6710C8FE68B6D0C0359303A4D4953E575CF90634
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
                                                                                                                  Preview: !function(define){"function"==typeof define&&define.amd&&(define=undefined);!function(){function e(t,n,o){function i(r,s){if(!n[r]){if(!t[r]){var u="function"==typeof require&&require;if(!s&&u)return u(r,!0);if(a)return a(r,!0);var l=new Error("Cannot find module '"+r+"'");throw l.code="MODULE_NOT_FOUND",l}var c=n[r]={exports:{}};t[r][0].call(c.exports,function(e){return i(t[r][1][e]||e)},c,c.exports,e,t,n,o)}return n[r].exports}for(var a="function"==typeof require&&require,r=0;r<o.length;r++)i(o[r]);return i}return e}()({1:[function(e,t,n){"use strict";var o=e("@segment/analytics.js-core"),i=e("@ndhoule/each");t.exports=function(e){i(function(e){o.use(e)},e);return o}},{"@ndhoule/each":32,"@segment/analytics.js-core":64}],2:[function(e,t,n){(function(n){"use strict";var o=e("@segment/send-json");t.exports=function(){for(var e=!1,t=!1,i=/.*\/analytics\.js\/v1\/([^/]*)(\/platform)?\/analytics.*/,a=n.document.getElementsByTagName("script"),r=0;r<a.length;r++){var s=a[r].src,u=i.exec(s);i
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\favicon[1].ico
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):4286
                                                                                                                  Entropy (8bit):2.2086476734448737
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:24:suV+U0mElbdgPBtL70o5hOiT825681Iro2siPxnGA1tR:W3m8bdg5t30eT82/1IrHPx1XR
                                                                                                                  MD5:21FA426135560F2A424680343FAE7E13
                                                                                                                  SHA1:CB69BD05400CBA23CDA0BBC8498792D5D35966BE
                                                                                                                  SHA-256:EBD418438064DDB9CC5AA42C356DE2D76C0F9C27AF97740F0952912272D28108
                                                                                                                  SHA-512:B459F97F5F22464A3667B1616FE67538FA0F917BE95380A8F7302591519D09C50E3AE7F0FAE14F255D45061D6B08446ACCBF376314F448C4A6F7EB3B514580A6
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://onggodwebs.typeform.com/favicon.ico
                                                                                                                  Preview: ...... .... .........(... ...@..... .................................................................................333.+++*)))2)))8(((:&&&.................................................................................................'''p&&&.'''.'''.'''.'''.'''.'''.'''.'''.(((F........................................................................777.'''.&&&.&&&.'''T(((.....................,,,.&&&k&&&.&&&.(((R............................................................'''N&&&.'''.((( ............................................'''A&&&.'''.+++.................................................'''|&&&.''';............................................................&&&.&&&.***+........................................&&&.&&&.,,,.....................................................................'''\&&&.+++.................................'''.'''.999.............................................................................(((.&&&.............................(((`&&&.+++...............
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\httpErrorPagesScripts[1]
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):8714
                                                                                                                  Entropy (8bit):5.312819714818054
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:192:xmjriGCiOciwd1BtvjrG8tAGGGHmjOWnvyJVUXiki3ayimi5ezxiV:xmjriGCi/i+1Btvjy815HmjqVUXiki3g
                                                                                                                  MD5:3F57B781CB3EF114DD0B665151571B7B
                                                                                                                  SHA1:CE6A63F996DF3A1CCCB81720E21204B825E0238C
                                                                                                                  SHA-256:46E019FA34465F4ED096A9665D1827B54553931AD82E98BE01EDB1DDBC94D3AD
                                                                                                                  SHA-512:8CBF4EF582332AE7EA605F910AD6F8A4BC28513482409FA84F08943A72CAC2CF0FA32B6AF4C20C697E1FAC2C5BA16B5A64A23AF0C11EEFBF69625B8F9F90C8FA
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:res://ieframe.dll/httpErrorPagesScripts.js
                                                                                                                  Preview: ...function isExternalUrlSafeForNavigation(urlStr)..{..var regEx = new RegExp("^(http(s?)|ftp|file)://", "i");..return regEx.exec(urlStr);..}..function clickRefresh()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..window.location.replace(location.substring(poundIndex+1));..}..}..function navCancelInit()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..var bElement = document.createElement("A");..bElement.innerText = L_REFRESH_TEXT;..bElement.href = 'javascript:clickRefresh()';..navCancelContainer.appendChild(bElement);..}..else..{..var textNode = document.createTextNode(L_RELOAD_TEXT);..navCancelContainer.appendChild(textNode);..}..}..function expandCollapse(elem,
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\renderer.d9cd9e242faababc210a[1].js
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:UTF-8 Unicode text, with very long lines
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):543338
                                                                                                                  Entropy (8bit):5.363556452017504
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6144:6DxHSh/cxTfuFA74Bu+5fqi5QZCEUbinTfJM3RKm+pgm:6ouu0NDVM3w
                                                                                                                  MD5:75AD8048640742A2E76B1D4EDA33832C
                                                                                                                  SHA1:F9F6F718DC5479C5097250F26DB66F57B00C1CF1
                                                                                                                  SHA-256:97303D0B60795E0B006D68DB974AC2B8E206DBB5A4C5E02BCF6051389BD4DE14
                                                                                                                  SHA-512:62135046BC3BB8DEB009EF2E87A85BAC2428711CF768972F70D416FE4E1C0806ED10729C244759A5538E2FE7DD4FE02294FF401A58193FAFCE4F3850534F84E8
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://renderer-assets.typeform.com/renderer.d9cd9e242faababc210a.js
                                                                                                                  Preview: window.renderer=function(e){function t(t){for(var n,o,i=t[0],a=t[1],u=0,l=[];u<i.length;u++)o=i[u],Object.prototype.hasOwnProperty.call(r,o)&&r[o]&&l.push(r[o][0]),r[o]=0;for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(e[n]=a[n]);for(c&&c(t);l.length;)l.shift()()}var n={},r={3:0};function o(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,o),r.l=!0,r.exports}o.e=function(e){var t=[],n=r[e];if(0!==n)if(n)t.push(n[2]);else{var i=new Promise((function(t,o){n=r[e]=[t,o]}));t.push(n[2]=i);var a,u=document.createElement("script");u.charset="utf-8",u.timeout=120,o.nc&&u.setAttribute("nonce",o.nc),u.src=function(e){return o.p+""+({0:"blocks-matrix",1:"form",2:"phonenumber",4:"vendors~attachment",5:"vendors~blocks-ranking",6:"vendors~form"}[e]||e)+"."+{0:"0742b4167bc8af329e18",1:"44ecc65af94e261e9930",2:"ae56d052e4544f833f45",4:"61b4a881f6eb809fa6a2",5:"877fc127e125b1d5effd",6:"d48f3fb79ce238c3dfbc"}[e]+".js"}(e);var c=new Error;a=fun
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\NewErrorPageTemplate[1]
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):1310
                                                                                                                  Entropy (8bit):4.810709096040597
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:24:5Y0bn73pHIUZtJD0lFBohpZlJiHqw87xTeB0yVFaFG:5b73HJq0TJiHp89TOwU
                                                                                                                  MD5:CDF81E591D9CBFB47A7F97A2BCDB70B9
                                                                                                                  SHA1:8F12010DFAACDECAD77B70A3E781C707CF328496
                                                                                                                  SHA-256:204D95C6FB161368C795BB63E538FE0B11F9E406494BB5758B3B0D60C5F651BD
                                                                                                                  SHA-512:977DCC2C6488ACAF0E5970CEF1A7A72C9F9DC6BB82DA54F057E0853C8E939E4AB01B163EB7A5058E093A8BC44ECAD9D06880FDC883E67E28AC67FEE4D070A4CC
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:res://ieframe.dll/NewErrorPageTemplate.css
                                                                                                                  Preview: .body..{.. background-repeat: repeat-x;.. background-color: white;.. font-family: "Segoe UI", "verdana", "arial";.. margin: 0em;.. color: #575757;..}.....mainContent..{.. margin-top:80px;.. width: 700px;.. margin-left: 120px;.. margin-right: 120px;..}.....title..{.. color: #2778ec;.. font-size: 38pt;.. font-weight: 300;.. vertical-align:bottom;.. margin-bottom: 20px;.. font-family: "Segoe UI", "verdana";.. position: relative;..}.....errorExplanation..{.. color: #000000;.. font-size: 12pt;.. font-family: "Segoe UI", "verdana", "arial";.. text-decoration: none;..}.....taskSection..{.. margin-top: 20px;.. margin-bottom: 40px;.. position: relative; ..}.....tasks..{.. color: #000000;.. font-family: "Segoe UI", "verdana";.. font-weight:200;.. font-size: 12pt;.. padding-top: 5px;..}....li..{.. margin-top: 8px;..}.....diagnoseButton..{.. outline: none;.. font-size: 9pt;..}.....launchInternetOptionsBu
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\aa6e0ec721[1].gif
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:GIF image data, version 89a, 1 x 1
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):24
                                                                                                                  Entropy (8bit):2.459147917027245
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:CUXJ/lH:Dl
                                                                                                                  MD5:BC32ED98D624ACB4008F986349A20D26
                                                                                                                  SHA1:2D3DF8C11D2168CE2C27E0937421D11D85016361
                                                                                                                  SHA-256:0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
                                                                                                                  SHA-512:71ACC6DA78D5D5BF0EEA30E2EE0AC5C992B00EFEC959077DFE0AB769F1DBBD9AF12D5C5C155046283D5416BEB606A9EF323FB410E903768B1569B69F37075B4E
                                                                                                                  Malicious:false
                                                                                                                  Preview: GIF89a.......,..........
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\favicon[1].ico
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:PNG image data, 16 x 16, 4-bit colormap, non-interlaced
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):237
                                                                                                                  Entropy (8bit):6.1480026084285395
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:6v/lhPIF6R/C+u1fXNg1XQ3yslRtNO+cKvAElRApGCp:6v/7b/C1fm1ZslRTvAElR47
                                                                                                                  MD5:9FB559A691078558E77D6848202F6541
                                                                                                                  SHA1:EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31
                                                                                                                  SHA-256:6D8A01DC7647BC218D003B58FE04049E24A9359900B7E0CEBAE76EDF85B8B914
                                                                                                                  SHA-512:0E08938568CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCFB74437DE520395234D0009D452FB96A8ECE236B
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:http://www.bing.com/favicon.ico
                                                                                                                  Preview: .PNG........IHDR................R....sRGB.........gAMA......a.....pHYs..........o.d...-PLTE......(..5..X..h...........................J4.I...IIDAT.[c`..&.(.....F....cX.(@.j.+@..K.(..2L....1.{.....c`]L9.&2.l...I..E.......IEND.B`.
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\form.44ecc65af94e261e9930[1].js
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):219777
                                                                                                                  Entropy (8bit):5.282741911114054
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3072:kedjhJj/BPi9CxBY756iu0pnzj05JWubzlffcn6/v/qPv6y:Hj/kCxBc6iuWzYRz1cnC4V
                                                                                                                  MD5:C16C38B915867813E8A5CF02B9F1944B
                                                                                                                  SHA1:2F82560CD09CC72CE1CA733120591659A1386941
                                                                                                                  SHA-256:4198357CFDA0DCE8E0217934048B28356784E5F6070C65AF857FF7B25FA3E2EE
                                                                                                                  SHA-512:D7EF5B371B889D534319BAFD22C3AF86D116EB1EBD5D20A1A855B9C6494A6E2362DDDFD56C658CA0609353DC60AF02852876DC6F88684B7215CD3EFAAC3AA103
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://renderer-assets.typeform.com/form.44ecc65af94e261e9930.js
                                                                                                                  Preview: (window.webpackJsonp_name_=window.webpackJsonp_name_||[]).push([[1],{236:function(e,t,n){"use strict";n.d(t,"a",(function(){return o})),n.d(t,"b",(function(){return a}));var r=n(12),o=function(){return{type:r.t,payload:{}}},a=function(){return{type:r.E,payload:{}}}},237:function(e,t,n){"use strict";n.d(t,"b",(function(){return o})),n.d(t,"a",(function(){return a}));var r=n(12);function o(e){return{type:r.A,payload:e}}function a(e){return{type:r.z,payload:e}}},238:function(e,t,n){"use strict";n.d(t,"b",(function(){return ye})),n.d(t,"a",(function(){return Ce}));var r=n(86),o=n.n(r),a=(n(159),n(122)),c=n.n(a),i=n(3),u=n(30),s=n(114),l=n(6),p=n(482);n(433);var d=n(151),f=(n(37),n(483),n(484),n(521),n(9),n(19)),b=n.n(f),h=n(528),m=n.n(h),v=n(522),O=n.n(v),g=(n(11),n(13),n(14),n(17),n(18),n(15),n(2)),y=n.n(g),j=n(225),w=(n(33),n(38),n(455),n(90),n(206)),k=n.n(w),x=function(e){var t=e.split("-"),n=b()(t,3),r=n[0],o=n[1],a=n[2];if(!r||!o||!a)return!1;r=r.padStart(4,"0"),o=o.padStart(2,"0"),a=
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\nr-1123.min[1].js
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):24380
                                                                                                                  Entropy (8bit):5.3039076589847856
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:384:yNeRyajOhmUdGa4PFaOy0hGF1Ux9EmiwbikgkYPMvFzoUMC0GPwi5MteM7gN+u:yNP0HgGa4P7x+XM9zoJmlGtGN+u
                                                                                                                  MD5:7FFB242072196E9DB5F4F1BFBFA2ED7D
                                                                                                                  SHA1:6CFD443F06C2D4E96E14765E045277B67DA0EEC5
                                                                                                                  SHA-256:94CDF5B7F868883DE0E1248CD80B42DD84E3F38685F2B234747550C02190DC82
                                                                                                                  SHA-512:371BCC019D60EDBC2DD331F379AC46951B6D8E50FCA25FC79062C02F4E78A6B41DC884C590FD2E8F47EDE8BC392F3A84B0CFE102386282504538BFD157848B17
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://js-agent.newrelic.com/nr-1123.min.js
                                                                                                                  Preview: !function(n,e,t){function r(t,i){if(!e[t]){if(!n[t]){var a="function"==typeof __nr_require&&__nr_require;if(!i&&a)return a(t,!0);if(o)return o(t,!0);throw new Error("Cannot find module '"+t+"'")}var s=e[t]={exports:{}};n[t][0].call(s.exports,function(e){var o=n[t][1][e];return r(o||e)},s,s.exports)}return e[t].exports}for(var o="function"==typeof __nr_require&&__nr_require,i=0;i<t.length;i++)r(t[i]);return r}({1:[function(n,e,t){e.exports=function(n,e){return"addEventListener"in window?window.addEventListener(n,e,!1):"attachEvent"in window?window.attachEvent("on"+n,e):void 0}},{}],2:[function(n,e,t){function r(n,e,t,r,i){d[n]||(d[n]={});var a=d[n][e];return a||(a=d[n][e]={params:t||{}},i&&(a.custom=i)),a.metrics=o(r,a.metrics),a}function o(n,e){return e||(e={count:0}),e.count+=1,f(n,function(n,t){e[n]=i(t,e[n])}),e}function i(n,e){return e?(e&&!e.c&&(e={t:e.t,min:e.t,max:e.t,sos:e.t*e.t,c:1}),e.c+=1,e.t+=n,e.sos+=n*n,n>e.max&&(e.max=n),n<e.min&&(e.min=n),e):{t:n}}function a(n,e){return
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\aa6e0ec721[1].gif
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:GIF image data, version 89a, 1 x 1
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):24
                                                                                                                  Entropy (8bit):2.459147917027245
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:CUXJ/lH:Dl
                                                                                                                  MD5:BC32ED98D624ACB4008F986349A20D26
                                                                                                                  SHA1:2D3DF8C11D2168CE2C27E0937421D11D85016361
                                                                                                                  SHA-256:0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
                                                                                                                  SHA-512:71ACC6DA78D5D5BF0EEA30E2EE0AC5C992B00EFEC959077DFE0AB769F1DBBD9AF12D5C5C155046283D5416BEB606A9EF323FB410E903768B1569B69F37075B4E
                                                                                                                  Malicious:false
                                                                                                                  Preview: GIF89a.......,..........
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\aa6e0ec721[1].js
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):57
                                                                                                                  Entropy (8bit):4.340020120659463
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:U3KTDW3MiqVkMWVrfUh:H6NukMWVr8h
                                                                                                                  MD5:06DD80AEB628C60DC680BC7A4BEE6651
                                                                                                                  SHA1:8C86EB7DDFF5E1E5D527BD7A41C9D3F6767E23E0
                                                                                                                  SHA-256:5E864C2E3F674C60970513411EAEEEAFD2D615D842E65EC01D09CCFCB4A7B38D
                                                                                                                  SHA-512:C6EE8252743A760AD7BEE017FF7A804B6E34236764BC5630289D5E4C7C15E38CB971F161821586F0235882FD581630F1531FD6396761BF1284581CD8C2CAC4C6
                                                                                                                  Malicious:false
                                                                                                                  Preview: NREUM.setToken({'stn':0,'err':1,'ins':1,'cap':0,'spa':1})
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\default[1].png
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:PNG image data, 158 x 48, 8-bit/color RGBA, non-interlaced
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):4301
                                                                                                                  Entropy (8bit):7.933099795148911
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:96:DJsJ9I1DId7LovB7A/LIVh3wJSRhRAnGn6pfQDEk/3o:W77L2t6InwmgiyfQto
                                                                                                                  MD5:7EDA9EC93D911B48A77B18FFAD77F7DC
                                                                                                                  SHA1:1678B6CC7973C764289783D63A7797E1AE85DA99
                                                                                                                  SHA-256:00BAB0371C61890A7EEEF86A0C1F0E4F037861C02E78EB1BE127CA00288F91E4
                                                                                                                  SHA-512:7A6DF695ECFFE124E066672548AEBA8CD5E88140B5C2DA80153825544A6F44350A966A8006716076FDC972B778533268EA28033ADDC5446C3338668A047E71B7
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://images.typeform.com/images/CFFf65RuaPdt/image/default
                                                                                                                  Preview: .PNG........IHDR.......0.............pHYs...........~.....IDATx..\.tU..b-3N.. :...A..$..r......Z....-.[.....,SWK[.T..U..Q;L....F^..IHB......$ ...#$.....o....%..W...............K...K...K....)..L...]..q.e.3s(..5.3.u..M.....W.....l....A.?...iG..VebB~:.!.{.y.e...t..^.Y..".o4ec.A.J......t}wS.Kj.........]i.R.t..8. ..5d.W.al!....[..a.a......?..u).*-.........J;R.\....)........<..M.\..o....[.b..r<...%....D...go....m.b...?..lY....z:.t.H....w...Ui].U* ~...h..2.O.{q{.._........S].O...s..>....T...W`.U.4J.b..C.EY.EO.....1.....F/.z...... .z.f...d.?p!>'..c.....*&..4...>.....i.O.....t-...0.....c...e{.....^.\..?..+...s...xZDY.......~.. .q.j......./.....#..Dc....[..g....V...>.X._.a.....9.z.....L..F.n.j..g...'...J><.`E....Vn..'..$.g^....`...#..e\o.x.16..a. .:....E...t ....xjI:FuzYA&n4..c..K......A<X..q+3p......NOw.o.p....ka...v#.5......s_.~&.v.hn..(.yW....0`Y:..H.`..._....pw-.o.........:U.....{.g.#..0f.A........).O$D.(.w[.c.Y.>#..lx>...t.N......7...7.
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\dnserror[1]
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):1857
                                                                                                                  Entropy (8bit):4.6050684780693905
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:24:rCUcWh0sEimVM4mVMyIjyAV28EFySd8/k+C2E93vjqF4IAr4:uUjEiV4VtLV2lFjq29vjNRr4
                                                                                                                  MD5:73C70B34B5F8F158D38A94B9D7766515
                                                                                                                  SHA1:E9EAA065BD6585A1B176E13615FD7E6EF96230A9
                                                                                                                  SHA-256:3EBD34328A4386B4EBA1F3D5F1252E7BD13744A6918720735020B4689C13FCF4
                                                                                                                  SHA-512:927DCD4A8CFDEB0F970CB4EE3F059168B37E1E4E04733ED3356F77CA0448D2145E1ABDD4F7CE1C6CA23C1E3676056894625B17987CC56C84C78E73F60E08FC0D
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:res://ieframe.dll/dnserror.htm
                                                                                                                  Preview: .<!DOCTYPE HTML>..<html>.... <head>.. <link rel="stylesheet" type="text/css" href="NewErrorPageTemplate.css" >.... <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>This page can&rsquo;t be displayed</title>.... <script src="errorPageStrings.js" language="javascript" type="text/javascript">.. </script>.. <script src="httpErrorPagesScripts.js" language="javascript" type="text/javascript">.. </script>.. </head>.... <body onLoad="javascript:getInfo();">.. <div id="contentContainer" class="mainContent">.. <div id="mainTitle" class="title">This page can&rsquo;t be displayed</div>.. <div class="taskSection" id="taskSection">.. <ul id="cantDisplayTasks" class="tasks">.. <li id="task1-1">Make sure the web address <span id="webpage" class="webpageURL"></span>is correct.</li>.. <li id="task1-2">Look for the page with your search
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\vendors~form.d48f3fb79ce238c3dfbc[1].js
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):448669
                                                                                                                  Entropy (8bit):5.757721853453907
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3072:+w6W8UDuYaIwpcGdSlz5ZO203o4PRjdzK4+Z9NGU5xdr5aBnJZXnZr6ttO3/q6vT:+w6WzuYaIwOG6tZUd24+7sUPdrY78Otb
                                                                                                                  MD5:D4590A0DEB9367E13389A6F82660418A
                                                                                                                  SHA1:17DBC4C6BAB2ADAD8E2D3A3AC0B9C30441030C27
                                                                                                                  SHA-256:4716D9D56848268740C56CDBC5202D2F027E18725ADBD435B86C0681E48F30AD
                                                                                                                  SHA-512:F73DBAB593CBD04A448848F896E8A6856E79D59AB02F95C4B1E2AB935839383D241EEE6DB3CA0AFBA83B1FEF7688E855887CC4B41CAD814E5FBF7038E37F6F03
                                                                                                                  Malicious:false
                                                                                                                  IE Cache URL:https://renderer-assets.typeform.com/vendors~form.d48f3fb79ce238c3dfbc.js
                                                                                                                  Preview: (window.webpackJsonp_name_=window.webpackJsonp_name_||[]).push([[6],Array(426).concat([function(t,e,n){"use strict";n.d(e,"a",(function(){return M})),n.d(e,"b",(function(){return b})),n.d(e,"c",(function(){return L})),n.d(e,"d",(function(){return w})),n.d(e,"e",(function(){return d})),n.d(e,"f",(function(){return F})),n.d(e,"g",(function(){return K})),n.d(e,"h",(function(){return P})),n.d(e,"i",(function(){return z})),n.d(e,"j",(function(){return X})),n.d(e,"k",(function(){return rt})),n.d(e,"l",(function(){return at})),n.d(e,"m",(function(){return nt})),n.d(e,"n",(function(){return lt})),n.d(e,"o",(function(){return R})),n.d(e,"p",(function(){return N})),n.d(e,"q",(function(){return A})),n.d(e,"r",(function(){return B})),n.d(e,"s",(function(){return j})),n.d(e,"t",(function(){return dt})),n.d(e,"u",(function(){return tt})),n.d(e,"v",(function(){return Z})),n.d(e,"w",(function(){return J})),n.d(e,"x",(function(){return D})),n.d(e,"y",(function(){return ot})),n.d(e,"z",(function(){retur
                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\70379C3.jpeg
                                                                                                                  Process:C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
                                                                                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 816x1056, frames 3
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):65057
                                                                                                                  Entropy (8bit):7.714453186203319
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:768:WbZakMgV6yb0BGmdBGAUx3BZP3tUL4dbsaPaVOZIBeSGrS0GUysJEWznmkXHGdhc:WQbgQywBGmkla+bsaCaWyVvXmkXwhH8
                                                                                                                  MD5:89776C76604B8117DFD73CA3604286AB
                                                                                                                  SHA1:097D88821166432D9C8EF52CF807353BCC34952F
                                                                                                                  SHA-256:5F43444269E5E9E7D1B94660AD93B9CCFED6622A1D415BDE414D478526A3F5D2
                                                                                                                  SHA-512:68C2826235479DC52C10A6EAF078BA3FA0D77120517D608A69349258F5C3646382431CCDA4AEEBCA1026EE877AE180F06E44E6FDD6888681C660D053EA3427BA
                                                                                                                  Malicious:false
                                                                                                                  Preview: ......JFIF.....`.`.....C....................................................................C....................................................................... .0.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..S..(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(
                                                                                                                  C:\Users\user\AppData\Local\Temp\~DF0C806608EFF04186.TMP
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):35329
                                                                                                                  Entropy (8bit):1.781765085990674
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:192:Ly+vO97J1Gm5R/R5Yd4R/RSYdJRdRtc9:Ly+vO97Jcm5dpV//Hc9
                                                                                                                  MD5:AD961AC2874D48C677586C552C0CB6E7
                                                                                                                  SHA1:26188590822696D19AE44E9723E106ED74F44E64
                                                                                                                  SHA-256:B22577D4362C6BDB13B7B952F75FFC3A6D25E6F39D5ECC9DC886E78AE28547EB
                                                                                                                  SHA-512:19BCC8AFC502B4138D2A2129357369D6166E0AD519215E4E0F3BEF22B2E8E5E72393B96FB4E266BFDDC81DCA17965EE974F6C3F3BD47530316741805E60A080D
                                                                                                                  Malicious:false
                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ...........................................................K.j.j.a.q.f.a.j.N.2.c.0.u.z.g.v.1.l.4.q.y.5.n.f.W.e...........8.......................................................X......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Temp\~DF20A6A3F7EB8521E3.TMP
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):44937
                                                                                                                  Entropy (8bit):0.7040871892616197
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:96:LyXD8IvD8R9d8TVBPSSvSpPwDD2rPp9cBpc9PfhKXbpo9PfhKXY1gP/1gPse/yRv:LyX/vO92VNqaDSrPp9Cc9ko97O3OE4q
                                                                                                                  MD5:52AD5EE693E057480FE17EAE16D46ED5
                                                                                                                  SHA1:B50D1E42AC295502763E06A0B45A7B304FAAC896
                                                                                                                  SHA-256:D552D67426BFBBF3C55988CAA51D0C54365FB83F34A9C4FED52E76892B22E9E0
                                                                                                                  SHA-512:9FEDAC825434BF6478765A4F5C207FCF2801941DAA88E2FC8C2FD8C263C7DB2D8C36473DCA14BE78DA4E69987CBEC9487838F258D69CFA6470873D08EFB4D121
                                                                                                                  Malicious:false
                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ...........................................H.......+.........[....H........................................v`.....p.G.....0.J.......I.......L.....H......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Temp\~DF7DDB95A11F6691BF.TMP
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):12965
                                                                                                                  Entropy (8bit):0.5475162425471388
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:48:LyMZQjr8IvoQjr8ojqIjXjr8WjqYQpYF53Fz:LyYQ8IvoQ8oOID8WF
                                                                                                                  MD5:F7D6B6107AB8DAB7CD4B5797E2616DB9
                                                                                                                  SHA1:4BCED61F773DE886E523969A82FD4C248DA608ED
                                                                                                                  SHA-256:DAEE7E4F50B76A8AA87CF15DDF0A34BC05D93F822421AD2DBC0CBC024531B295
                                                                                                                  SHA-512:162A6551BEECD4E1FE26B8F2DDFC5BD3A53C60B917C463DD6A16552A68E052667FD7BCFE960698DA1DC147CADB868D1C7F36655F339E93E7B512F5CF18F00CC2
                                                                                                                  Malicious:false
                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ............................v`..... .......$.J......eD.......L.....H........................................v`.....p.G.....0.J.......I.......L.....H......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Temp\~DF7E233213DD95DA1D.TMP
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):13029
                                                                                                                  Entropy (8bit):1.4031541078624263
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:48:LyoKGK4vDGyR4PqIP6G2RmP8StBtbz5SS+4z54o:LyOvSSIRjnT
                                                                                                                  MD5:926F520E96EA6CD34DD0DB9FAC7B170C
                                                                                                                  SHA1:969947CD8DE907A40ACDA0BEFD49739121EEADD6
                                                                                                                  SHA-256:7D2980A6E6A23EFA6944466F9E346505E9C185E8E314D91860C65EA12FB2670C
                                                                                                                  SHA-512:DBF629B9E772C103A42393128114C31DC93713DEE62261AA259CF89AB8AEC2801D79FF6256C67E3F2ADC55AF777FE36A0FA69146C71DC330AFC629C9D8507D74
                                                                                                                  Malicious:false
                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ........................................]...................K.j.j.a.q.f.a.j.N.2.c.0.u.z.g.v.1.l.4.q.y.5.n.f.W.e...........8.......................................................X......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Local\Temp\~DFAD7EDCAF08AB104E.TMP
                                                                                                                  Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):25441
                                                                                                                  Entropy (8bit):0.7584278380523437
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:24:3NlLONlLONlIkNlIT8In8HRnNlRxMNlRxN8In8HRnNlTwNlTwNlSS/NlSS/NlaAl:LypvT8G2RBxmxN8G2RDwxSaSras
                                                                                                                  MD5:DAC400697C30C5929403EE2567B24DC9
                                                                                                                  SHA1:7D5650C2B0F6615F93EE4098483A54FD6F4C2A27
                                                                                                                  SHA-256:1D3D151FBB4632E2F498ED1E646DBB1080E8EA3DCAF16C3E843CF7E4CDFEEBE8
                                                                                                                  SHA-512:FB86B642058973ABCAB6A677B40433C34030C38A815C4AA90C74B1A4D65F1B51248A5295DFA838B743D681AE67809A0B4E168DC743A6D32EE1D685E7F1785F2D
                                                                                                                  Malicious:false
                                                                                                                  Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\1AAZO8B1.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\2E0JEI2R.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):426
                                                                                                                  Entropy (8bit):4.712400620853254
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVJec2aTVpROQ:IxlktTJDWPbKdV6Aec2uOQ
                                                                                                                  MD5:BC4D66DE7C53AD2DDBE05D43A2FC1178
                                                                                                                  SHA1:2AD13C6D179372FD58E1930D8266821DA6C52D45
                                                                                                                  SHA-256:FD4954DCA6E8D21227B7DC51D1B9B268D6DAE5C5B7AE53B6580B920DCE5CDD59
                                                                                                                  SHA-512:634838A1630D4288F3297206E1E013B07DC5CBDD44B06895FF459429B44F3AEE8A2BFE93ED8DC7984B3B6A60747616FC381C32F7410665E758131804DC1F9C34
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.ajs%3Atest.true.typeform.com/.1600.607329792.30924423.2882954191.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\2SFPAZKD.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.697558939117893
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTV:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTV
                                                                                                                  MD5:86E4E55CD9FBB309ADDA9E12FD2EAD1A
                                                                                                                  SHA1:3E47E4BD62B2AC648C11ED765AF4D9D78FDD4B5E
                                                                                                                  SHA-256:F63FB1C9B347F0E4BE4A8B77BCB881D6D54BC6BFF4B031414BC48CFC34058A43
                                                                                                                  SHA-512:20E112B941A875EEEFB907AB43EB12DA7E5EBAD468AD79CB6402046172583C36ED5885A884D0604E77DBF6BD12948B412F9C10B6E53E59C284D86454B170949C
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\3SUOWKW4.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):309
                                                                                                                  Entropy (8bit):4.694067634340591
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCUNR3GZTVS0/fQ:K0wS4hlktCQJDr85JaTV1gnb6aTVS4Q
                                                                                                                  MD5:228AE55339CAC6DC56969EB38514EBF5
                                                                                                                  SHA1:E6B53371E0FCEE8A6392617DA306F48EAA29C49D
                                                                                                                  SHA-256:81DC7C81C37D3A7DA580C127D0D329FE8B2CFAB28181DE2198AF9FA774DE3BA4
                                                                                                                  SHA-512:E5C66EFA382AD26206D0B1731D49B0001DAC16EAD1166B84FA2578D1FBA2082D1C00742F10C5586F686185AE4F57866DAB6329C614739EAD66BC8B057A62836D
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs%3Acookies.true.typeform.com/.1600.527329792.30924423.2799001043.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\5KFOSX05.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.697558939117893
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTV:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTV
                                                                                                                  MD5:86E4E55CD9FBB309ADDA9E12FD2EAD1A
                                                                                                                  SHA1:3E47E4BD62B2AC648C11ED765AF4D9D78FDD4B5E
                                                                                                                  SHA-256:F63FB1C9B347F0E4BE4A8B77BCB881D6D54BC6BFF4B031414BC48CFC34058A43
                                                                                                                  SHA-512:20E112B941A875EEEFB907AB43EB12DA7E5EBAD468AD79CB6402046172583C36ED5885A884D0604E77DBF6BD12948B412F9C10B6E53E59C284D86454B170949C
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\5ZY314MI.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.700756370246144
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTY:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTY
                                                                                                                  MD5:C91C20A4F917E788C331A31A47D09AA0
                                                                                                                  SHA1:756CD832F51FEE7F0EA989588BEA29666FF0F1FF
                                                                                                                  SHA-256:FDC69C8131A2906FB9F55EB4137729393430ABED1B22FD5BF147C0CEC27DCA01
                                                                                                                  SHA-512:A26B5BF3DA10E918EA688B785A55B85CB8AF75345BFD19D9A6A447080DA94E66DFFD137300A5DA974AF727827B5C08F79CC84A24903FE59E55494EF0FCE9ACC9
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.617329792.30924423.2890598204.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\7DGEUGTU.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):306
                                                                                                                  Entropy (8bit):4.678975433600946
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCcWr3GZTVSxQ:K0wS4hlktCQJDr85JaTV1gnbc2aTVSxQ
                                                                                                                  MD5:C4FB46C06D72D108FBEFE69F10DA025E
                                                                                                                  SHA1:081AF42AB87DD4B6432A03F55E59199A2D55C62C
                                                                                                                  SHA-256:69D60AD2DAF3A68E8EB1D28350C2E2007BC75DAA87789DF288C012A8252A4319
                                                                                                                  SHA-512:929CED1A5E80EA19CE1C5AD4FC7712A5587324FE7590B106ECDEE24607446981322CCC3225F3F3745D13848D843A445F244B3BB331F0EC59C354A72742E74BC0
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs%3Atest.true.typeform.com/.1600.527329792.30924423.2798845043.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\7Z3X1827.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\8K42JB7F.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.697558939117893
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTV:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTV
                                                                                                                  MD5:86E4E55CD9FBB309ADDA9E12FD2EAD1A
                                                                                                                  SHA1:3E47E4BD62B2AC648C11ED765AF4D9D78FDD4B5E
                                                                                                                  SHA-256:F63FB1C9B347F0E4BE4A8B77BCB881D6D54BC6BFF4B031414BC48CFC34058A43
                                                                                                                  SHA-512:20E112B941A875EEEFB907AB43EB12DA7E5EBAD468AD79CB6402046172583C36ED5885A884D0604E77DBF6BD12948B412F9C10B6E53E59C284D86454B170949C
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\91R9KDA0.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\98PZ3PZ1.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):431
                                                                                                                  Entropy (8bit):4.689160997577177
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVJeMfNtaTVpRPQ:IxlktTJDWPbKdV6AeMfvuPQ
                                                                                                                  MD5:9050F9BFE5F297BFB2B19B989A50BC75
                                                                                                                  SHA1:D267738FC301D757B5A5277E54177100332F40BF
                                                                                                                  SHA-256:B067323936F32CAC827AD300B5FAB0098251AD216C59A2C3B992B03C05D7C85C
                                                                                                                  SHA-512:9059E332B791B3417CC902D4508732C28B66B2076C9F0DEA07530A680D10A51A4829D33997F334BBFD3B9B930B895BEC1EF077550704AC8176150E4FBB93CF25
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.ajs_user_id.17242804.typeform.com/.1600.607329792.30924423.2883266191.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\9WBO3WV9.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):426
                                                                                                                  Entropy (8bit):4.708314134855253
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVJec2aTVpR9FhQ:IxlktTJDWPbKdV6Aec2u9FhQ
                                                                                                                  MD5:DEF0C24AFA2324C3399BEB03D8EB8E11
                                                                                                                  SHA1:9C73B2053159CB9DE0AEF7B97A53DF59B57836EF
                                                                                                                  SHA-256:8FAF508860FEBD01EF9A7EA63095088AF18AFF6E21F489FACD15219E7C9A97E4
                                                                                                                  SHA-512:FE84D1CBB60F39B7D2BC1A98E374DEA98FA0DA459B22A07E3DCFD2D8278C67B669493CC78CDAB2851D003BC98F176D083CFB30E8D9A4AE5D752F271A2B3D759A
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.ajs%3Atest.true.typeform.com/.1600.607329792.30924423.2882798190.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\C25KKDN4.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):309
                                                                                                                  Entropy (8bit):4.694067634340591
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCUNR3GZTVS0/fQ:K0wS4hlktCQJDr85JaTV1gnb6aTVS4Q
                                                                                                                  MD5:228AE55339CAC6DC56969EB38514EBF5
                                                                                                                  SHA1:E6B53371E0FCEE8A6392617DA306F48EAA29C49D
                                                                                                                  SHA-256:81DC7C81C37D3A7DA580C127D0D329FE8B2CFAB28181DE2198AF9FA774DE3BA4
                                                                                                                  SHA-512:E5C66EFA382AD26206D0B1731D49B0001DAC16EAD1166B84FA2578D1FBA2082D1C00742F10C5586F686185AE4F57866DAB6329C614739EAD66BC8B057A62836D
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs%3Acookies.true.typeform.com/.1600.527329792.30924423.2799001043.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\CJXZHDG5.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):113
                                                                                                                  Entropy (8bit):4.408588305029607
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:GmM/1FGX8QjVe1nK2cK+AJGGESMEmwvWVSTcQl6bvWVdQVccQn:XM/bGXBjT2P/JGRVRa7hl6LuQVtQ
                                                                                                                  MD5:6404D97FA88C0E529B72F9FD7B2E1C92
                                                                                                                  SHA1:E3D8FF97E49A83235E5BE16620DFC366CB200629
                                                                                                                  SHA-256:2C511BA008A371884D4D3C101D32353D39D29DA82470D3105F75D928ACD5620A
                                                                                                                  SHA-512:337F0331B938D40531030202CF1C031933BDF7FC8D73648ABFFA7D6DEA2225C1289EDDE22BEA180B43CF592D786C942C1E5DB96FAF12DF05953D2BB8DDB3FC54
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\DTIULW56.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):306
                                                                                                                  Entropy (8bit):4.673204066259644
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCcWr3GZTVS0kwLQ:K0wS4hlktCQJDr85JaTV1gnbc2aTVSUM
                                                                                                                  MD5:8DB876372382524546EAF2B4E5BA4A88
                                                                                                                  SHA1:E98DA0A2343BE804139255D9A84D62C6D96D5D7A
                                                                                                                  SHA-256:2412362BDB6A1F458F053D13C417D343E8F9074CBFD581E815C2AE12EC73F271
                                                                                                                  SHA-512:8C3D1663351BEEB29857C58DB5EF2C4DE0BB162748080D22A0BBC025BA462E2BD80BA48C2B23B1FB48C4849933C6C729F5A90C0BAC48EC6A84065C700805A499
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs%3Atest.true.typeform.com/.1600.527329792.30924423.2799157043.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\EEK4MG65.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\J9BCT079.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.697558939117893
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTV:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTV
                                                                                                                  MD5:86E4E55CD9FBB309ADDA9E12FD2EAD1A
                                                                                                                  SHA1:3E47E4BD62B2AC648C11ED765AF4D9D78FDD4B5E
                                                                                                                  SHA-256:F63FB1C9B347F0E4BE4A8B77BCB881D6D54BC6BFF4B031414BC48CFC34058A43
                                                                                                                  SHA-512:20E112B941A875EEEFB907AB43EB12DA7E5EBAD468AD79CB6402046172583C36ED5885A884D0604E77DBF6BD12948B412F9C10B6E53E59C284D86454B170949C
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\KN3PI6FW.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\LL4KF5OA.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):429
                                                                                                                  Entropy (8bit):4.726696298393459
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVJe6aTVpRlQ:IxlktTJDWPbKdV6Ae6ulQ
                                                                                                                  MD5:31E2FEE27986A65302A774FA8FAC409F
                                                                                                                  SHA1:5BF0BAF16B8BFCE37B8C7B4F7576CA038AD0AE11
                                                                                                                  SHA-256:E9B93A837CF479E5D7AF401C88726CD39D34DFA946D45CD9F5837C311D8C8E43
                                                                                                                  SHA-512:0F6A6EDA062D049A8597092985B4193DA8B965D87F97B8243CBFE85F356CE6EDEBAD6E4DB1E9476909CD89897C318CA72ACF609E09871647056CB019721339C6
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.ajs%3Acookies.true.typeform.com/.1600.607329792.30924423.2882642190.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\OZKS80KS.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):311
                                                                                                                  Entropy (8bit):4.638270921432753
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCMqwNmGGZTVS01cC:K0wS4hlktCQJDr85JaTV1gnbMfNtaTVv
                                                                                                                  MD5:91210FD78690A8EDB5704D89E1CE9B64
                                                                                                                  SHA1:4D433FB20D7D48E2210E055E73BFC75B91762F5E
                                                                                                                  SHA-256:11D2E17D137DC6F0305821D401483B60A2662B5E12B052D71502C7CAFE3D0240
                                                                                                                  SHA-512:C1ED845C4733C61A1B7B893FBFDB50CAFFBA0C5B240D42A4A4E1B4691E0D952B007E6385334C76EA1F37053FF4910865D05534DA3A2BF8F40A9FCA772A6344C0
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_user_id.17242804.typeform.com/.1600.527329792.30924423.2799469044.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\QJ577S17.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):306
                                                                                                                  Entropy (8bit):4.673204066259644
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCcWr3GZTVS0kwLQ:K0wS4hlktCQJDr85JaTV1gnbc2aTVSUM
                                                                                                                  MD5:8DB876372382524546EAF2B4E5BA4A88
                                                                                                                  SHA1:E98DA0A2343BE804139255D9A84D62C6D96D5D7A
                                                                                                                  SHA-256:2412362BDB6A1F458F053D13C417D343E8F9074CBFD581E815C2AE12EC73F271
                                                                                                                  SHA-512:8C3D1663351BEEB29857C58DB5EF2C4DE0BB162748080D22A0BBC025BA462E2BD80BA48C2B23B1FB48C4849933C6C729F5A90C0BAC48EC6A84065C700805A499
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs%3Atest.true.typeform.com/.1600.527329792.30924423.2799157043.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\QL98CBER.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):429
                                                                                                                  Entropy (8bit):4.728029637623606
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVJe6aTVpRrQ:IxlktTJDWPbKdV6Ae6urQ
                                                                                                                  MD5:4E21E0C9B1CBE0CF498CC82C59525B38
                                                                                                                  SHA1:7FD444F45086150A4325E34A4EF5654982EC9411
                                                                                                                  SHA-256:8D6484FFEAB4C84A5EC94AEBB8B0A9729065192B313AA358A9A7085A5D6BE27A
                                                                                                                  SHA-512:44548E05C4ED70A0EEDB20F94D44257F5C49D18304E8EF5E2D4D4EFF574FF339BDEB5E4BA0452664D90AE0035F1A1BAC21871E0FCB9585E3948A6B5F4CF937C6
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.ajs%3Acookies.true.typeform.com/.1600.607329792.30924423.2882486190.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\RAEF9Q9S.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\RUGMVZ3S.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):426
                                                                                                                  Entropy (8bit):4.706294897831962
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVJec2aTVpRnQ:IxlktTJDWPbKdV6Aec2unQ
                                                                                                                  MD5:BBBE65A7584DCC2EC053112535385CFC
                                                                                                                  SHA1:F1ABDAB6EE095509DCBB6FB1DA70C21D5E76A9E5
                                                                                                                  SHA-256:77D64582B4400A3888BB911E317DBA62C91BFD3405211F546312E558452661BF
                                                                                                                  SHA-512:44C6A2FA74317DFDD12333A13CDCF0FDC9F6604E02AED94A8BA390B43994A3670A8FE4E8FAC189717C2CBFCF46C876B2CE571019F8FAAF545220568F75C2163E
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.ajs%3Atest.true.typeform.com/.1600.607329792.30924423.2882330190.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\TKLSHH4E.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):431
                                                                                                                  Entropy (8bit):4.690823993099052
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVpRqFkMfNtaTVpRPQ:IxlktTJDWPbKdV6uEkMfvuPQ
                                                                                                                  MD5:B2291C36E4620A83085B5ADD1195583A
                                                                                                                  SHA1:C252CBD11FFA9F36729EE2BCC1F974567B0A1307
                                                                                                                  SHA-256:149410E3BEA2F2961D4A2B15D23ACFBF6238E77878F18AFC83027D6E8C27E7F0
                                                                                                                  SHA-512:EBA05F88D8166C54D01DC3552AB832CFFAEF563065008EEA3D5E492624536EECA4B130BB8002439D7A41BD962675EF930462E2EEEAF7EC61C4C6AB520FF71604
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.607329792.30924423.2883422191.30850997.*.ajs_user_id.17242804.typeform.com/.1600.607329792.30924423.2883266191.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\TXYVSCX0.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):431
                                                                                                                  Entropy (8bit):4.696056383722357
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTVpU7eRMfNtaTVpRPQ:IxlktTJDWPbKdV614MfvuPQ
                                                                                                                  MD5:6C6941E0DA3E8290543F2DC26EABE938
                                                                                                                  SHA1:A72FF777EED295DBFB0EAC0933D4E966EFAD87D6
                                                                                                                  SHA-256:65C91DD2F87B07E5E0717E8B818178C7390FFD72BECCD52BB45BC6CAD387B51B
                                                                                                                  SHA-512:D5401003A1BAF965817E5262FFF68CF5357F9FA8A8E4B2034A269408B3CF8E33E165F6D0229ADF73528ADFF269FD8AED7B629E7882946EDD21C18EFA55374F90
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.617329792.30924423.2886854198.30850997.*.ajs_user_id.17242804.typeform.com/.1600.607329792.30924423.2883266191.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\ULHZKG1F.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.700418492007185
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTp:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTp
                                                                                                                  MD5:23196C3B92121C46EE8E3F70C6D5ABE8
                                                                                                                  SHA1:B952C9134660F93C90AD732BEC0D16E0B9CB664B
                                                                                                                  SHA-256:6708B42D497814CA881F00CA234458381D206BED6A0E9A59EF53F6BEB2EFD161
                                                                                                                  SHA-512:A97B49B2C1AE75C92FE0C8B849A04F97A2E48A61BA7E68433E2B0756945A0082824C3D119AB2CC84FA7ED3EDDF34FDAA4DFFB4499B11444BBBB91505EA47A626
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806358056.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\UMO9YW15.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\UOUKGKGI.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):431
                                                                                                                  Entropy (8bit):4.686487749392376
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbMfNtaTVSO7IKdFP6aTVJEuCQ:IxlktTJDWPbMfv3QIKdV6AEjQ
                                                                                                                  MD5:1D91846576A0D5434EC892E2E4A300FD
                                                                                                                  SHA1:1BDC163958B4911C4DD8418B0FC5248D1ADAF050
                                                                                                                  SHA-256:09967B6BAB4F471E013AC40382BF880B259AA673BABD015F1B594F5BE1C7E7F4
                                                                                                                  SHA-512:51E31369627C1E08D0197DA003D9967D3A1DC3BC15855E27E1E25636577591BAB16A9538B0C83A194424C97D785699AD2F86A59CB8A73FAF6A93A68FFC8A10F4
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_user_id.17242804.typeform.com/.1600.527329792.30924423.2799469044.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806358056.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\UTR6IVEA.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):230
                                                                                                                  Entropy (8bit):4.635866252239018
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCQ:K0wS4hlktCQJDr85JaTV1gnbQ
                                                                                                                  MD5:B6085188AAF4DC9CDB094FA07FEB9085
                                                                                                                  SHA1:AC20305D1BC48C5BE858149C6C68D4BB91369582
                                                                                                                  SHA-256:F0707E1FC0051E3FB1ECA50A3A0346C05A694FB860572A47D09745E33AFACB07
                                                                                                                  SHA-512:F4354AF4A089A12C8C23F319957EC6AD500417A0C159325DE3E5E229E2069D0BE65B470FD7344418B561E021924B48D02371704FDA5E0CDF450E8EE1FDA024B7
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\XWVA9S5N.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.701272366097601
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTW:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTW
                                                                                                                  MD5:105BECB58621A0422B287BBA973E6A99
                                                                                                                  SHA1:3E5AAF51625653E1CE7615F0310DAA8C11DEBE81
                                                                                                                  SHA-256:E352AA3323139E3C998DFD3C82661B62D28D3B8414C7E4880E5CC13F13D8C56F
                                                                                                                  SHA-512:8A883286CCFC6351B05494D78627F0F9017FCDCA1D66C543C68689AE0D8FC99B6498B80A1FC818B6E3F166979A3B32496B2C2155D25B5E247F95C0E708DE5ABF
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.617329792.30924423.2890286204.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\YM04SNVH.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.697558939117893
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTV:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTV
                                                                                                                  MD5:86E4E55CD9FBB309ADDA9E12FD2EAD1A
                                                                                                                  SHA1:3E47E4BD62B2AC648C11ED765AF4D9D78FDD4B5E
                                                                                                                  SHA-256:F63FB1C9B347F0E4BE4A8B77BCB881D6D54BC6BFF4B031414BC48CFC34058A43
                                                                                                                  SHA-512:20E112B941A875EEEFB907AB43EB12DA7E5EBAD468AD79CB6402046172583C36ED5885A884D0604E77DBF6BD12948B412F9C10B6E53E59C284D86454B170949C
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Z4KBXUT6.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):431
                                                                                                                  Entropy (8bit):4.680680773122527
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:K0wS4hlktCQJDr85JaTV1gnbMfNtaTVSO7IKdFP6aTVSPQ:IxlktTJDWPbMfv3QIKdV63PQ
                                                                                                                  MD5:CEABFE4A53E0584445164B236E2F32D0
                                                                                                                  SHA1:8BDE4A724A4D5C8D7A85C9A34C9E4EEAB36EB1D6
                                                                                                                  SHA-256:9BF8827F103DE610AB5F8991C1FF5C20A05C8DD712E7E4200C90AC645F422ED0
                                                                                                                  SHA-512:AE67D3BA4B3AAB0F6AD054A7DC2D6217E43826208DB9ECF1006DF4A4DDD2D58E560E7C88503451F6A261973B64429D6A1A8473A35329DB880351177FE3C6ACE8
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_user_id.17242804.typeform.com/.1600.527329792.30924423.2799469044.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.527329792.30924423.2799625044.30850997.*.
                                                                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\ZZSZRDOO.txt
                                                                                                                  Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  File Type:ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):350
                                                                                                                  Entropy (8bit):4.697558939117893
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6:XM/bGXBjT2P/JGRVRa7hl6LuQVtP6QZPE0r85JGZTVkOvYnGCyQw87WFDzX6GZTV:K0wS4hlktCQJDr85JaTV1gnbKdFP6aTV
                                                                                                                  MD5:86E4E55CD9FBB309ADDA9E12FD2EAD1A
                                                                                                                  SHA1:3E47E4BD62B2AC648C11ED765AF4D9D78FDD4B5E
                                                                                                                  SHA-256:F63FB1C9B347F0E4BE4A8B77BCB881D6D54BC6BFF4B031414BC48CFC34058A43
                                                                                                                  SHA-512:20E112B941A875EEEFB907AB43EB12DA7E5EBAD468AD79CB6402046172583C36ED5885A884D0604E77DBF6BD12948B412F9C10B6E53E59C284D86454B170949C
                                                                                                                  Malicious:false
                                                                                                                  Preview: __cfduid.d0c155c2b6e859ba06dd73a49f10745681605896614.typeform.com/.9729.970921728.30856957.2778660839.30850997.*.attribution_user_id.2139ca31-8ea7-40d6-a33f-45407a1b7b7b.typeform.com/.1601.517329792.30924423.2794789035.30850997.*.ajs_anonymous_id.%2235d8d446-0833-4aee-ad56-5736ef30e24d%22.typeform.com/.1600.537329792.30924423.2806670057.30850997.*.
                                                                                                                  C:\Users\user\Desktop\~$ACH & WlRE REMlTTANCE ADVlCE.xlsx
                                                                                                                  Process:C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):165
                                                                                                                  Entropy (8bit):1.4377382811115937
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:vZ/FFDJw2fV:vBFFGS
                                                                                                                  MD5:797869BB881CFBCDAC2064F92B26E46F
                                                                                                                  SHA1:61C1B8FBF505956A77E9A79CE74EF5E281B01F4B
                                                                                                                  SHA-256:D4E4008DD7DFB936F22D9EF3CC569C6F88804715EAB8101045BA1CD0B081F185
                                                                                                                  SHA-512:1B8350E1500F969107754045EB84EA9F72B53498B1DC05911D6C7E771316C632EA750FBCE8AD3A82D664E3C65CC5251D0E4A21F750911AE5DC2FC3653E49F58D
                                                                                                                  Malicious:false
                                                                                                                  Preview: .user ..A.l.b.u.s. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

                                                                                                                  Static File Info

                                                                                                                  General

                                                                                                                  File type:Microsoft Excel 2007+
                                                                                                                  Entropy (8bit):7.655309404381854
                                                                                                                  TrID:
                                                                                                                  • Excel Microsoft Office Open XML Format document (40004/1) 83.33%
                                                                                                                  • ZIP compressed archive (8000/1) 16.67%
                                                                                                                  File name:ACH & WlRE REMlTTANCE ADVlCE.xlsx
                                                                                                                  File size:75541
                                                                                                                  MD5:75e913502474fa4bb098d201fd95d673
                                                                                                                  SHA1:f82825f0640281b5bd8b17957515700b346cc7a3
                                                                                                                  SHA256:c4fcd5eabfa2bd961ca72a963398df5f41d36f7eef3ea01f098ed42b4559de71
                                                                                                                  SHA512:36294d06c0c8c7690f8cbf5c64af471151f4c16965632372f6ea3fa7ae4c90e74155e2548da3abbca8ad70f2463353c35339d4925f77dee6c473ac170ee89c45
                                                                                                                  SSDEEP:1536:NxGP/uQbgQywBGmkla+bsaCaWyVvXmkXwhHJ0:Nc3/gQxFklapali0
                                                                                                                  File Content Preview:PK..........!..z..z...<.......[Content_Types].xml ...(.........................................................................................................................................................................................................

                                                                                                                  File Icon

                                                                                                                  Icon Hash:e4e2aa8aa4b4bcb4

                                                                                                                  Network Behavior

                                                                                                                  Network Port Distribution

                                                                                                                  TCP Packets

                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                  Nov 20, 2020 19:23:35.174391031 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.176153898 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.190905094 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.191615105 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.192631006 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.193587065 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.194125891 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.195326090 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.210551023 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.210783005 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.210800886 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.210823059 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.210856915 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.210932970 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.211693048 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.213133097 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.213263035 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.217135906 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.217169046 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.217184067 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.222255945 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.224613905 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.268554926 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.277089119 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.285125971 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.286457062 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.286572933 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.293746948 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.294847012 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.295638084 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.296552896 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.313035011 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.314086914 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.314214945 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.318454981 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.318519115 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.318545103 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.318571091 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.318861961 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.318895102 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.318927050 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.318955898 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.319273949 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.319793940 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.319824934 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.319849968 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.319874048 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.320168018 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.320774078 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.320812941 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.320842028 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.320853949 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.320866108 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.320868969 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.320919037 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.320930004 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.321729898 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.321767092 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.321791887 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.321815968 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.321890116 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.322710037 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.322747946 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.322771072 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.322793007 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.323597908 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.323648930 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.323695898 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.323726892 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.323755980 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.324579000 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.324625015 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.325629950 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.327486992 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.330661058 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.330699921 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.333281040 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.333364964 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.335757971 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.335794926 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.335818052 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.335840940 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.336148977 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.336180925 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.336204052 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.336226940 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.336431026 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.337184906 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.337358952 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.337402105 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.337426901 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.337450027 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.338346004 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.338378906 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.338401079 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.338426113 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.338490009 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.338510036 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.339337111 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.339369059 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.339390039 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.339415073 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.340260029 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.340312958 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.340342999 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.340364933 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.340699911 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.340955019 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.341233969 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.341268063 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.341289997 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.341310024 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.342045069 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.342158079 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.342184067 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.344609976 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.344655037 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.344785929 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.345151901 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345186949 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345211029 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345233917 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345257044 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345280886 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345303059 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345328093 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345350981 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345376968 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345418930 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345443010 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345462084 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.345464945 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345488071 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.345992088 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.346163988 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.349874020 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.349914074 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.349941015 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.349977016 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.350007057 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.352912903 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.352937937 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.352948904 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.352971077 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.352977037 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.352993965 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.353178978 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.353236914 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.353260994 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.353283882 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.353761911 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.353961945 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.354866028 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357227087 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357261896 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357287884 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357315063 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357341051 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357575893 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357610941 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357633114 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357661009 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.357688904 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.358472109 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.358498096 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.358513117 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.358520031 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.358542919 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.358565092 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.361882925 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.361926079 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.361953974 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.361979008 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362004042 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362196922 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362226009 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362253904 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362281084 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362308979 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362921953 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362951040 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362972975 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.362994909 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363018990 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363384008 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.363428116 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.363430977 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.363462925 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.363780975 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363806963 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363830090 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363854885 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363879919 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363897085 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.363903046 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.363909960 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.363920927 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.364000082 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.365729094 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.365772009 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.365799904 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.366220951 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.366241932 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.367959976 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.369409084 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.369441032 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.370174885 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.370733023 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.370759964 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.370784044 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.373013020 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.375108957 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.375114918 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.375799894 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.386398077 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.393553972 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.402887106 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.403409004 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.404679060 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.410053015 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.410500050 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.410604954 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.416424036 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.432941914 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.660041094 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.660231113 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.676673889 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.676713943 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.678472042 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.678586960 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.682749033 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.682790041 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.682820082 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.682861090 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.682883978 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.682909966 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.682931900 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.682930946 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.682996988 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683001995 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683005095 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683008909 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683088064 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683124065 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683159113 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683181047 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683188915 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683203936 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683218956 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683248997 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683248997 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683270931 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683284998 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683291912 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683321953 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683813095 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683851004 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683876038 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683881044 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683893919 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683897018 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683909893 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683918953 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683936119 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683940887 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683960915 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.683963060 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.683971882 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.684006929 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.684704065 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.684736013 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.684756041 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.684777021 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.684782982 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.684794903 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.684799910 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.684808969 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.684825897 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.684849977 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.684860945 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.684874058 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.684880018 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.685539961 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.685566902 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.685589075 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.685607910 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.685611963 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.685621977 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.685636044 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.685646057 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.685657978 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.685662985 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.685672045 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.685679913 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.685703993 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.685717106 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.686403036 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.686420918 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.686434031 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.686449051 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.686463118 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.686475039 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.686487913 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.686494112 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.686521053 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.686542988 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.686561108 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.687323093 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.687349081 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.687366962 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.687380075 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.687380075 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.687393904 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.687397957 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.687407970 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.687421083 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.687431097 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.687441111 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.687464952 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.688132048 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.688186884 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.688201904 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.688205004 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.688219070 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.688232899 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.688244104 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.688246012 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.688256025 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.688260078 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.688268900 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.688298941 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.688385010 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.688999891 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689027071 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689044952 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689058065 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689074039 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689085007 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.689095974 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689106941 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.689115047 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.689121008 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689157963 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.689177036 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.689183950 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.689685106 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.689929008 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689960003 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.689985037 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690002918 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690010071 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690018892 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690038919 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690052032 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690062046 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690068960 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690077066 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690098047 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690114021 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690188885 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690789938 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690809965 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690826893 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690849066 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690862894 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690870047 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690876961 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690887928 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690897942 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690905094 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.690932035 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690947056 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.690956116 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.691714048 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.691749096 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.691773891 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.691796064 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.691798925 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.691814899 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.691819906 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.691822052 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.691838980 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.691845894 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.691873074 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.691874027 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.691895008 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.691915989 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.692610025 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.692639112 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.692661047 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.692686081 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.692698956 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.692709923 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.692718983 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.692723989 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.692728043 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.692734003 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.692756891 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.692761898 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.692779064 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.692810059 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.693456888 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.693479061 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.693495035 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.693512917 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.693526030 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.693547010 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.693577051 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.693593979 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.693599939 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.693603992 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.703679085 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.725748062 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.742434025 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753670931 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753714085 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753741026 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753766060 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753791094 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753813028 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753825903 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.753835917 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753858089 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.753863096 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.753869057 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.753880024 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.753911972 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.754525900 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.754558086 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.754584074 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.754602909 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.754607916 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.754621983 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.754643917 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.755501032 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.755523920 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.755542040 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.755559921 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.755590916 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.755613089 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.756438017 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.756455898 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.756472111 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.756489992 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.756510019 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.756535053 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.757462025 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.757481098 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.757497072 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.757514000 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.757528067 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.757544041 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.757550955 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.758420944 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.758452892 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.758466959 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.758483887 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.758508921 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.758543968 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.759391069 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.759423971 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.759469032 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.759494066 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.765522957 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.770384073 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770425081 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770445108 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770463943 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770529032 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.770751953 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770771980 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770790100 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770808935 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.770888090 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.770922899 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.770927906 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.771723986 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.771748066 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.771768093 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.771786928 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.771823883 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.771850109 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.772727966 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.772814035 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:35.855371952 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855400085 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855418921 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855436087 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855453968 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855469942 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855484009 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.855515003 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.855518103 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.855921984 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855942011 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855957985 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.855995893 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.856007099 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.856718063 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.856735945 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.856753111 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.856785059 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.856795073 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.857522964 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.857551098 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.857575893 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.857584953 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.857604027 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.857615948 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.858335018 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.858361959 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.858385086 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.858388901 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.858397007 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.858427048 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.859118938 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.859164000 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.859188080 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.859200001 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.859209061 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.859219074 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.859954119 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.859982014 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.860007048 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.860008001 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.860017061 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.860033989 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.860727072 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.860776901 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.863462925 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.938740015 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.938762903 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.938786030 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.938888073 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.939014912 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.939028025 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.939058065 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.939153910 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.939861059 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.939879894 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.939896107 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.939954042 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.940720081 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.940737963 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.940752029 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.940774918 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.940810919 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.941466093 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.941487074 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.941503048 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.941561937 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.942266941 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.942336082 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.942353964 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.942373037 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.942398071 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.942409039 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943058014 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943085909 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943104029 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943151951 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943166971 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943320990 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943806887 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943826914 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943842888 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943861008 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943862915 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943878889 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943883896 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943900108 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.943905115 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943916082 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943929911 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.943974972 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.944010019 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.944610119 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.944629908 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.944645882 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.944690943 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.944735050 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.945445061 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.945462942 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.945478916 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.945511103 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.945525885 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.946264982 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.946284056 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.946299076 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.946329117 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.946345091 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.946652889 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.946988106 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.947019100 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.947031021 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.947036982 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.947055101 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.947065115 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.947866917 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.947890043 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.947900057 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.947907925 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.947911978 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.947932005 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.947940111 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.947962999 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.948630095 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.948657036 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.948681116 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.948693991 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.948709965 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.949496984 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.949522972 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.949546099 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.949553967 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.949577093 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.949590921 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.950243950 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.950268030 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.950294971 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.950321913 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.950340033 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:35.955400944 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.955424070 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.955549002 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.026736021 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.026793957 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.026833057 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.026871920 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.026911020 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.026959896 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.026976109 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027010918 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027018070 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027024031 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027028084 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027056932 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027070045 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027126074 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027143955 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027170897 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027177095 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027220011 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027228117 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027278900 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027283907 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027358055 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027359009 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027409077 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027745008 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027800083 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027858019 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027862072 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027916908 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027915955 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.027961016 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.027968884 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028001070 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028011084 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028058052 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028067112 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028117895 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028552055 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028611898 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028630972 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028650999 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028664112 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028690100 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028703928 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028728962 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028738976 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028759956 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.028781891 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.028805017 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.029207945 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.029252052 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.029292107 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.029292107 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.029301882 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.029331923 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.029350042 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.029370070 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.029381990 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.029424906 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.029450893 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.029501915 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.029531002 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.029542923 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.030055046 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.030097008 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.030126095 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.030136108 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.030138969 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.030174971 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.030205965 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.030236006 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.030267954 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.030273914 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.030284882 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.030327082 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031006098 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031049967 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031089067 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031091928 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031105042 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031127930 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031128883 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031167030 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031182051 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031204939 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031218052 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031244993 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031254053 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031294107 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.031797886 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031840086 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031896114 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031929970 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.031992912 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.043888092 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.043967962 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.044059992 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.044089079 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.045146942 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.045182943 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.045212030 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.045252085 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.045258045 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.045290947 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.045299053 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.045311928 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.045336008 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.045336962 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.045380116 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.045394897 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.061948061 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062032938 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062043905 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062076092 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062108040 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062118053 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062129021 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062156916 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062171936 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062196016 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062210083 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062233925 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062248945 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062273979 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062292099 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062314034 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062328100 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062362909 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062372923 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062416077 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062444925 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062504053 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062541962 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062544107 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062571049 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062572956 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062585115 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062613010 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062625885 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062659979 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.062664032 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.062716007 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063201904 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063247919 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063286066 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063293934 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063313007 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063317060 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063358068 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063359022 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063366890 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063397884 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063405037 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063436985 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063460112 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063474894 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063513041 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.063519001 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063555956 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.063564062 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064259052 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064302921 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064342976 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064366102 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064377069 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064383984 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064388990 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064445019 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064460039 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064482927 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064502954 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064531088 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064546108 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064573050 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.064591885 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064632893 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.064790010 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065182924 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065226078 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065263987 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065268040 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065308094 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065310955 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065316916 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065355062 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065370083 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065417051 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065418959 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065459967 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065481901 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065501928 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.065520048 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.065561056 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066128016 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066171885 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066210985 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066211939 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066222906 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066262960 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066265106 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066323996 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066324949 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066366911 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066378117 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066406965 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066421986 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066448927 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.066457987 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.066497087 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.067071915 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.067118883 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.067150116 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.067161083 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.067186117 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.067200899 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.067222118 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.067240953 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.067260981 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.067277908 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.067298889 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.067332983 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.068434954 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115175009 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115252018 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115319014 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115343094 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115416050 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115428925 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115498066 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115555048 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115581989 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115600109 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115614891 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115669012 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115674973 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115730047 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115731001 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115784883 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115786076 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115842104 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115847111 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115900040 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115904093 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.115955114 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.115955114 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116002083 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116010904 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116063118 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116064072 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116121054 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116128922 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116182089 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116184950 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116246939 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116295099 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116306067 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116337061 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116338015 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116343021 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116379023 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116396904 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116421938 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.116436005 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116621971 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.116971016 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117012978 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117054939 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117096901 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117147923 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117171049 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117186069 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117191076 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117192984 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117196083 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117201090 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117235899 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117250919 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117279053 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.117295980 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117348909 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.117923021 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.118032932 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.118144035 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.351361036 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.351996899 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.367578983 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.367764950 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.368067026 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.368130922 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.396742105 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.396992922 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.412761927 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.412924051 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.413093090 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.413162947 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.413201094 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.413254023 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.415806055 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.415891886 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.416508913 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.416528940 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.416589975 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.420614004 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.420696974 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.452362061 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.452586889 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.468432903 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.468492985 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.469152927 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.469211102 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.469233036 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.469293118 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.474534035 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.490614891 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501773119 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501815081 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501841068 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501873016 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.501873970 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501897097 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.501908064 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501920938 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.501936913 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501948118 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.501966000 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.501976967 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.501995087 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.502005100 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.502028942 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.502608061 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.502646923 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.502684116 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.502687931 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.502701044 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.502717972 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.502722025 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.502763987 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.503515005 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.503556013 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.503585100 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.503593922 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.503593922 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.503632069 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.503633022 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.503670931 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.504427910 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.504466057 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.504491091 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.504509926 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.504519939 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.504555941 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.504591942 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.504637957 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.505340099 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.505378962 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.505408049 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.505420923 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.505678892 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.505718946 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.505726099 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.505806923 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.506303072 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.506340027 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.506350040 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.506391048 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.506422043 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.506437063 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.506468058 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.506508112 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.507134914 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.507201910 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.511151075 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.518172979 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.518193007 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.518253088 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.518260956 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.518292904 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.518297911 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.518332958 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.518335104 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.518382072 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.518418074 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.518465042 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.519079924 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.519139051 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.519160986 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.519170046 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.519186974 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.519212961 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.519224882 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.519262075 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.519947052 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.519962072 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.519996881 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.520036936 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.520036936 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.520056963 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.520104885 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.520118952 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.520896912 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.520958900 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.521068096 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.521116018 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.521120071 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.521157026 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.521157980 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.521198988 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.521199942 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.521239042 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.521996021 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.522038937 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.522066116 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.522087097 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.527298927 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:36.612550020 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.629178047 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.822261095 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.822288036 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.822300911 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.822314024 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.822421074 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:36.853050947 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.042118073 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.042224884 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.044020891 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.081415892 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.081729889 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.122148991 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.208343029 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.208436966 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.209134102 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.219614983 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.219683886 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.220491886 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.233088017 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.234396935 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.234420061 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.234431982 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.234523058 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.247230053 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.315898895 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.315995932 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.316698074 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.336159945 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.336838007 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.336903095 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.336927891 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.336950064 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.336952925 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.337004900 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.350888968 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.358513117 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.359141111 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.359183073 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.359210014 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.359249115 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.359272957 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.359277010 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.366539955 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.436533928 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.436599016 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.444643974 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.477858067 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.478498936 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.478636980 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.478667021 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.478705883 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.485199928 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.500360012 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.504427910 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.505095959 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.505114079 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.505170107 CET49177443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.510270119 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.511584044 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.511607885 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.511621952 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.511670113 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.523542881 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.612431049 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.613291025 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.613413095 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:37.676621914 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.689470053 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.690546036 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.690629959 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.717319012 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.717979908 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.722413063 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.722666025 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:37.916368961 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.918488979 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.918632030 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:23:40.753643990 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.770210981 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.770347118 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.771006107 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.787554026 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.787945032 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.788001060 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.788044930 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.788072109 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.788109064 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.790627956 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.790705919 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.797817945 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.814445972 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.815551043 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.819644928 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.829265118 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.845998049 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.848875999 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.848934889 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.848968983 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.848975897 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.849001884 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.849016905 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.849055052 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.849057913 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.849065065 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.849098921 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.849107981 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.849143028 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.849148035 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.849195004 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.849216938 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.849251986 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:40.849714994 CET44349182143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.850806952 CET49182443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:23:43.489289999 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.489669085 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.505861044 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.506015062 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.506109953 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.506158113 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.506927013 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.508100986 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.523442984 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.523977995 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.524015903 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.524046898 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.524079084 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.524106979 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.524111986 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.524487019 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.525080919 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.525115967 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.525140047 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.525146008 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.525175095 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.525182009 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.526998043 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.527059078 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.528069019 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.528122902 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.541867971 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.551405907 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.558403969 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.561578035 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.561697006 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.567881107 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.570282936 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.570348024 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.571301937 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:43.587749004 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.588350058 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.588432074 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:44.162106037 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:44.168858051 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:44.178936005 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.179630041 CET44349185143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.179697037 CET49185443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:44.185579062 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.187463999 CET44349186143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.187550068 CET49186443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:23:44.631352901 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.633356094 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.647546053 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.647670984 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.649441004 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.649558067 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.650507927 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.651081085 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.666574001 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.667213917 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.667273998 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.667320013 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.667644978 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.668586969 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.669405937 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.669467926 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.669503927 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.669538021 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.669553995 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.669574022 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.674933910 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.675054073 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.683460951 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.683640957 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.699548960 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.699583054 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.700314999 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.700453043 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.700639009 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.700716972 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.720546961 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:44.736665010 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.737375975 CET4434918799.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.737473011 CET49187443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:23:45.216310024 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.410732985 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.410830021 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.417593956 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.420831919 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.420964956 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.512893915 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.547949076 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.548496962 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.549365044 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.563776016 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.563932896 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.565217972 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.611994028 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.613251925 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.613298893 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.613320112 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.613336086 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.613369942 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.613396883 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.621304989 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.676454067 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.677158117 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.677201986 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.677236080 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.678240061 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.678273916 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.688232899 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.701877117 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.702282906 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.703630924 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.708081007 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.708775997 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.708833933 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.708867073 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.708983898 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.709012032 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.709014893 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.729857922 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.815325022 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.815823078 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.815864086 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.815895081 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.815923929 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.815958977 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.834471941 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.851242065 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.872937918 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.873526096 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.873642921 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.873661041 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.873728991 CET49192443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:45.891239882 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.892391920 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.894519091 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.894577026 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.894620895 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.894629955 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.894661903 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.894687891 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.903640985 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:45.978369951 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.979456902 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.979549885 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:23:46.072248936 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:46.085551023 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:46.086029053 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:46.086148024 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:46.092753887 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:46.093564987 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:46.100514889 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:46.100660086 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:23:46.289639950 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:46.290906906 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:46.291030884 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:24:06.384342909 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:06.384368896 CET4434917199.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:06.384547949 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:24:06.384648085 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:24:14.665597916 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:14.665632963 CET4434918899.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:14.665741920 CET49188443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:24:15.147286892 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:24:15.147454023 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:24:15.336306095 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:15.336496115 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:15.336616039 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:24:37.072386980 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:24:37.199296951 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:37.199889898 CET44349176162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:37.200006962 CET49176443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:24:37.691204071 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:37.691210032 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:37.691274881 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:24:37.918207884 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:37.918234110 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:37.918325901 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:24:45.417960882 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:24:45.545196056 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:45.546081066 CET44349193162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:45.549298048 CET49193443192.168.2.22162.247.242.18
                                                                                                                  Nov 20, 2020 19:24:46.086723089 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:46.086755037 CET4434918954.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:46.086781025 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:24:46.086815119 CET49189443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:25:10.950733900 CET44349177162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:15.336021900 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:15.336056948 CET4434919454.149.50.128192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:15.336435080 CET49194443192.168.2.2254.149.50.128
                                                                                                                  Nov 20, 2020 19:25:18.147797108 CET44349192162.247.242.18192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.156779051 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:25:33.156815052 CET49178443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:25:33.156898975 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:25:33.157000065 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:25:33.157027960 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:25:33.157087088 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:25:33.157182932 CET49171443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:25:33.157182932 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:25:33.157253981 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:25:33.157453060 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:25:33.157768965 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:25:33.173427105 CET4434917299.86.0.85192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.173935890 CET49172443192.168.2.2299.86.0.85
                                                                                                                  Nov 20, 2020 19:25:33.174245119 CET44349167143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.174417019 CET49167443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:25:33.174539089 CET44349168143.204.201.83192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.174592018 CET49168443192.168.2.22143.204.201.83
                                                                                                                  Nov 20, 2020 19:25:33.175223112 CET44349169143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.175257921 CET44349170143.204.201.126192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.175334930 CET49169443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:25:33.175683975 CET49170443192.168.2.22143.204.201.126
                                                                                                                  Nov 20, 2020 19:25:33.346031904 CET4434917350.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.346132040 CET49173443192.168.2.2250.112.221.239
                                                                                                                  Nov 20, 2020 19:25:33.350543976 CET4434917850.112.221.239192.168.2.22
                                                                                                                  Nov 20, 2020 19:25:33.350673914 CET49178443192.168.2.2250.112.221.239

                                                                                                                  UDP Packets

                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                  Nov 20, 2020 19:23:32.086127996 CET5219753192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:32.122848034 CET53521978.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:33.624450922 CET5309953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:33.688816071 CET53530998.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.131279945 CET5283853192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:35.169262886 CET53528388.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:35.285341978 CET6120053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:35.322962046 CET53612008.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.312020063 CET4954853192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:36.349412918 CET53495488.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.812015057 CET5562753192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET53556278.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:36.889857054 CET5600953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:36.926939011 CET53560098.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.052416086 CET6186553192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:37.079406977 CET53618658.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.178478956 CET5517153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:37.180670977 CET5249653192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:37.181632996 CET5756453192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:37.183147907 CET6300953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:37.183809042 CET5931953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:37.184204102 CET5307053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:37.205593109 CET53551718.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.208467960 CET53575648.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.210012913 CET53630098.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.210758924 CET53593198.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.211075068 CET53530708.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:37.216398001 CET53524968.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:38.579504967 CET5977053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:38.606750011 CET53597708.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:39.729336977 CET6152353192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:39.765115976 CET53615238.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:40.714622021 CET6279153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:40.750387907 CET53627918.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:41.332390070 CET5066753192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:41.369579077 CET53506678.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:41.385080099 CET5412953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:41.428123951 CET53541298.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:42.254621029 CET6532953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:42.290153980 CET53653298.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:43.450344086 CET6071853192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:43.486057997 CET53607188.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:44.591057062 CET4915753192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:44.629467010 CET53491578.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.175798893 CET5739153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET53573918.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.228627920 CET6185853192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.265501976 CET53618588.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.389137983 CET6250053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.416260004 CET53625008.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.881412983 CET5165253192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.906867027 CET6276253192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.908523083 CET53516528.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.910407066 CET5690553192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.914047003 CET5460953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.927087069 CET5810153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.928710938 CET6432953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:23:45.933979034 CET53627628.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.937443972 CET53569058.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.941143990 CET53546098.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.954231977 CET53581018.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:23:45.955681086 CET53643298.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:03.393944025 CET6488153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:03.421047926 CET53648818.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:04.403630018 CET6488153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:04.430685997 CET53648818.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:05.418034077 CET6488153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:05.445187092 CET53648818.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:06.896240950 CET5532753192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:06.932074070 CET53553278.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:07.430408955 CET6488153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:07.466166973 CET53648818.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:11.439676046 CET6488153192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:11.475454092 CET53648818.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:11.963246107 CET5915053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:11.990418911 CET53591508.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:13.025805950 CET5915053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:13.052901983 CET53591508.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:14.040926933 CET5915053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:14.068123102 CET53591508.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:15.172250986 CET6343953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:15.199402094 CET53634398.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:16.042608023 CET5915053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:16.069761038 CET53591508.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:16.182497978 CET6343953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:16.218337059 CET53634398.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:17.196847916 CET6343953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:17.234622955 CET53634398.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:19.209342957 CET6343953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:19.236670017 CET53634398.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:20.052011967 CET5915053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:20.079130888 CET53591508.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:23.218672991 CET6343953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:23.245852947 CET53634398.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:28.738987923 CET6504053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:28.766105890 CET53650408.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:29.740284920 CET6504053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:29.767339945 CET53650408.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:30.754513025 CET6504053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:30.790091038 CET53650408.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:32.767008066 CET6504053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:32.794197083 CET53650408.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:36.776360989 CET6504053192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:36.803407907 CET53650408.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:46.050151110 CET6136953192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:46.085778952 CET53613698.8.8.8192.168.2.22
                                                                                                                  Nov 20, 2020 19:24:46.601160049 CET6551553192.168.2.228.8.8.8
                                                                                                                  Nov 20, 2020 19:24:46.650479078 CET53655158.8.8.8192.168.2.22

                                                                                                                  DNS Queries

                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                                  Nov 20, 2020 19:23:33.624450922 CET192.168.2.228.8.8.80x8b48Standard query (0)onggodwebs.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.131279945 CET192.168.2.228.8.8.80x37e6Standard query (0)renderer-assets.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.285341978 CET192.168.2.228.8.8.80xf2e4Standard query (0)images.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.312020063 CET192.168.2.228.8.8.80x15edStandard query (0)cdn.segment.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.812015057 CET192.168.2.228.8.8.80x73f2Standard query (0)api.segment.ioA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.889857054 CET192.168.2.228.8.8.80x3923Standard query (0)js-agent.newrelic.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:37.052416086 CET192.168.2.228.8.8.80xa9c6Standard query (0)bam.nr-data.netA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:39.729336977 CET192.168.2.228.8.8.80xed69Standard query (0)onggodwebs.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:40.714622021 CET192.168.2.228.8.8.80x15d4Standard query (0)images.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:41.385080099 CET192.168.2.228.8.8.80xa957Standard query (0)onggodwebs.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:42.254621029 CET192.168.2.228.8.8.80x3b8cStandard query (0)onggodwebs.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:43.450344086 CET192.168.2.228.8.8.80xc1d6Standard query (0)renderer-assets.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:44.591057062 CET192.168.2.228.8.8.80xa763Standard query (0)cdn.segment.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.175798893 CET192.168.2.228.8.8.80x5da0Standard query (0)api.segment.ioA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.228627920 CET192.168.2.228.8.8.80xa43bStandard query (0)js-agent.newrelic.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.389137983 CET192.168.2.228.8.8.80x3a57Standard query (0)bam.nr-data.netA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:24:46.050151110 CET192.168.2.228.8.8.80x64c2Standard query (0)onggodwebs.typeform.comA (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:24:46.601160049 CET192.168.2.228.8.8.80x99a3Standard query (0)try.typeform.comA (IP address)IN (0x0001)

                                                                                                                  DNS Answers

                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                                  Nov 20, 2020 19:23:33.688816071 CET8.8.8.8192.168.2.220x8b48No error (0)onggodwebs.typeform.comrandom.typeform.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.169262886 CET8.8.8.8192.168.2.220x37e6No error (0)renderer-assets.typeform.comd2citsn5wf4j9j.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.169262886 CET8.8.8.8192.168.2.220x37e6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.83A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.169262886 CET8.8.8.8192.168.2.220x37e6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.8A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.169262886 CET8.8.8.8192.168.2.220x37e6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.30A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.169262886 CET8.8.8.8192.168.2.220x37e6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.122A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.322962046 CET8.8.8.8192.168.2.220xf2e4No error (0)images.typeform.comd2nvsmtq2poimt.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.322962046 CET8.8.8.8192.168.2.220xf2e4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.126A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.322962046 CET8.8.8.8192.168.2.220xf2e4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.15A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.322962046 CET8.8.8.8192.168.2.220xf2e4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.65A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:35.322962046 CET8.8.8.8192.168.2.220xf2e4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.5A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.349412918 CET8.8.8.8192.168.2.220x15edNo error (0)cdn.segment.comd296je7bbdd650.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.349412918 CET8.8.8.8192.168.2.220x15edNo error (0)d296je7bbdd650.cloudfront.net99.86.0.85A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io50.112.221.239A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io54.187.253.2A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io34.215.76.123A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io52.10.17.224A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io54.69.177.146A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io54.148.89.138A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io35.167.27.130A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.849621058 CET8.8.8.8192.168.2.220x73f2No error (0)api.segment.io54.213.0.126A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:36.926939011 CET8.8.8.8192.168.2.220x3923No error (0)js-agent.newrelic.comf4.shared.global.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:37.079406977 CET8.8.8.8192.168.2.220xa9c6No error (0)bam.nr-data.net162.247.242.18A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:37.079406977 CET8.8.8.8192.168.2.220xa9c6No error (0)bam.nr-data.net162.247.242.20A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:37.079406977 CET8.8.8.8192.168.2.220xa9c6No error (0)bam.nr-data.net162.247.242.21A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:37.079406977 CET8.8.8.8192.168.2.220xa9c6No error (0)bam.nr-data.net162.247.242.19A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:39.765115976 CET8.8.8.8192.168.2.220xed69No error (0)onggodwebs.typeform.comrandom.typeform.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:40.750387907 CET8.8.8.8192.168.2.220x15d4No error (0)images.typeform.comd2nvsmtq2poimt.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:40.750387907 CET8.8.8.8192.168.2.220x15d4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.126A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:40.750387907 CET8.8.8.8192.168.2.220x15d4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.15A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:40.750387907 CET8.8.8.8192.168.2.220x15d4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.65A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:40.750387907 CET8.8.8.8192.168.2.220x15d4No error (0)d2nvsmtq2poimt.cloudfront.net143.204.201.5A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:41.428123951 CET8.8.8.8192.168.2.220xa957No error (0)onggodwebs.typeform.comrandom.typeform.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:42.290153980 CET8.8.8.8192.168.2.220x3b8cNo error (0)onggodwebs.typeform.comrandom.typeform.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:43.486057997 CET8.8.8.8192.168.2.220xc1d6No error (0)renderer-assets.typeform.comd2citsn5wf4j9j.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:43.486057997 CET8.8.8.8192.168.2.220xc1d6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.83A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:43.486057997 CET8.8.8.8192.168.2.220xc1d6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.8A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:43.486057997 CET8.8.8.8192.168.2.220xc1d6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.30A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:43.486057997 CET8.8.8.8192.168.2.220xc1d6No error (0)d2citsn5wf4j9j.cloudfront.net143.204.201.122A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:44.629467010 CET8.8.8.8192.168.2.220xa763No error (0)cdn.segment.comd296je7bbdd650.cloudfront.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:44.629467010 CET8.8.8.8192.168.2.220xa763No error (0)d296je7bbdd650.cloudfront.net99.86.0.85A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io54.149.50.128A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io52.34.69.24A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io52.36.169.40A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io50.112.221.239A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io52.41.15.243A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io54.70.9.247A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io54.186.56.40A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.203114033 CET8.8.8.8192.168.2.220x5da0No error (0)api.segment.io54.191.32.71A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.265501976 CET8.8.8.8192.168.2.220xa43bNo error (0)js-agent.newrelic.comf4.shared.global.fastly.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.416260004 CET8.8.8.8192.168.2.220x3a57No error (0)bam.nr-data.net162.247.242.18A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.416260004 CET8.8.8.8192.168.2.220x3a57No error (0)bam.nr-data.net162.247.242.20A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.416260004 CET8.8.8.8192.168.2.220x3a57No error (0)bam.nr-data.net162.247.242.21A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:23:45.416260004 CET8.8.8.8192.168.2.220x3a57No error (0)bam.nr-data.net162.247.242.19A (IP address)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:24:46.085778952 CET8.8.8.8192.168.2.220x64c2No error (0)onggodwebs.typeform.comrandom.typeform.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)
                                                                                                                  Nov 20, 2020 19:24:46.650479078 CET8.8.8.8192.168.2.220x99a3No error (0)try.typeform.comtry.typeform.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)

                                                                                                                  HTTPS Packets

                                                                                                                  TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                                                                                  Nov 20, 2020 19:23:35.213133097 CET143.204.201.83443192.168.2.2249168CN=*.typeform.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USTue Dec 24 01:00:00 CET 2019 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Sun Jan 24 13:00:00 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                  Nov 20, 2020 19:23:35.222255945 CET143.204.201.83443192.168.2.2249167CN=*.typeform.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USTue Dec 24 01:00:00 CET 2019 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Sun Jan 24 13:00:00 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                  Nov 20, 2020 19:23:35.367959976 CET143.204.201.126443192.168.2.2249169CN=*.typeform.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USTue Dec 24 01:00:00 CET 2019 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Sun Jan 24 13:00:00 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                  Nov 20, 2020 19:23:35.373013020 CET143.204.201.126443192.168.2.2249170CN=*.typeform.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USTue Dec 24 01:00:00 CET 2019 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Sun Jan 24 13:00:00 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                  Nov 20, 2020 19:23:36.415806055 CET99.86.0.85443192.168.2.2249171CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:36.420614004 CET99.86.0.85443192.168.2.2249172CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:37.234431982 CET50.112.221.239443192.168.2.2249173CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:37.336952925 CET162.247.242.18443192.168.2.2249176CN=*.nr-data.net, O="New Relic, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Feb 05 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Tue Feb 08 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:37.359210014 CET162.247.242.18443192.168.2.2249177CN=*.nr-data.net, O="New Relic, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Feb 05 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Tue Feb 08 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:37.511621952 CET50.112.221.239443192.168.2.2249178CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:40.790627956 CET143.204.201.126443192.168.2.2249182CN=*.typeform.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USTue Dec 24 01:00:00 CET 2019 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Sun Jan 24 13:00:00 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                  Nov 20, 2020 19:23:43.526998043 CET143.204.201.83443192.168.2.2249186CN=*.typeform.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USTue Dec 24 01:00:00 CET 2019 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Sun Jan 24 13:00:00 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                  Nov 20, 2020 19:23:43.528069019 CET143.204.201.83443192.168.2.2249185CN=*.typeform.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USTue Dec 24 01:00:00 CET 2019 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Sun Jan 24 13:00:00 CET 2021 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                                                                                  CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                                                                                  CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                                                                                  Nov 20, 2020 19:23:44.669503927 CET99.86.0.85443192.168.2.2249188CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:44.674933910 CET99.86.0.85443192.168.2.2249187CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:45.613336086 CET54.149.50.128443192.168.2.2249189CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:45.677236080 CET162.247.242.18443192.168.2.2249193CN=*.nr-data.net, O="New Relic, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Feb 05 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Tue Feb 08 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:45.708867073 CET162.247.242.18443192.168.2.2249192CN=*.nr-data.net, O="New Relic, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Feb 05 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Tue Feb 08 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                                                                                  Nov 20, 2020 19:23:45.894620895 CET54.149.50.128443192.168.2.2249194CN=*.segment.com, O="Segment.io, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Jun 12 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013Tue Jul 27 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023771,49192-49191-49172-49171-159-158-57-51-157-156-61-60-53-47-49196-49195-49188-49187-49162-49161-106-64-56-50-10-19,0-10-11-13-23-65281,23-24,07dcce5b76c8b17472d024758970a406b
                                                                                                                  CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023

                                                                                                                  Code Manipulations

                                                                                                                  Statistics

                                                                                                                  CPU Usage

                                                                                                                  Click to jump to process

                                                                                                                  Memory Usage

                                                                                                                  Click to jump to process

                                                                                                                  High Level Behavior Distribution

                                                                                                                  Click to dive into process behavior distribution

                                                                                                                  Behavior

                                                                                                                  Click to jump to process

                                                                                                                  System Behavior

                                                                                                                  General

                                                                                                                  Start time:19:22:46
                                                                                                                  Start date:20/11/2020
                                                                                                                  Path:C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding
                                                                                                                  Imagebase:0x13f4f0000
                                                                                                                  File size:27641504 bytes
                                                                                                                  MD5 hash:5FB0A0F93382ECD19F5F499A5CAA59F0
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high

                                                                                                                  General

                                                                                                                  Start time:19:23:11
                                                                                                                  Start date:20/11/2020
                                                                                                                  Path:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
                                                                                                                  Imagebase:0x13f390000
                                                                                                                  File size:814288 bytes
                                                                                                                  MD5 hash:4EB098135821348270F27157F7A84E65
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:moderate

                                                                                                                  General

                                                                                                                  Start time:19:23:11
                                                                                                                  Start date:20/11/2020
                                                                                                                  Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  Wow64 process (32bit):true
                                                                                                                  Commandline:'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2304 CREDAT:275457 /prefetch:2
                                                                                                                  Imagebase:0xef0000
                                                                                                                  File size:815304 bytes
                                                                                                                  MD5 hash:8A590F790A98F3D77399BE457E01386A
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:moderate

                                                                                                                  General

                                                                                                                  Start time:19:23:20
                                                                                                                  Start date:20/11/2020
                                                                                                                  Path:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:'C:\Program Files\Internet Explorer\iexplore.exe' https://onggodwebs.typeform.com/to/ZLWgtC1e
                                                                                                                  Imagebase:0x13f390000
                                                                                                                  File size:814288 bytes
                                                                                                                  MD5 hash:4EB098135821348270F27157F7A84E65
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:moderate

                                                                                                                  General

                                                                                                                  Start time:19:23:21
                                                                                                                  Start date:20/11/2020
                                                                                                                  Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                  Wow64 process (32bit):true
                                                                                                                  Commandline:'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2960 CREDAT:275457 /prefetch:2
                                                                                                                  Imagebase:0xef0000
                                                                                                                  File size:815304 bytes
                                                                                                                  MD5 hash:8A590F790A98F3D77399BE457E01386A
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:moderate

                                                                                                                  Disassembly

                                                                                                                  Reset < >