Play interactive tour

Edit tour

Analysis Report Information-Account-Prime-Disable-Service.pdf

Overview

General Information

Sample Name:	Information-Account-Prime-Disable-Service.pdf
Analysis ID:	338148
MD5:	7ef4760a44a8cc65c4261a5227fdad25
SHA1:	19af34bf781eb79717cc1db64d3d1923da115fe6
SHA256:	29c631b5ce054c8b4b11fbaa06aa26d5edeb9e06d53315d7eddbe18469b15b20
Most interesting Screenshot:

Detection

Score:	22
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

Machine Learning detection for sample

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Found iframes

HTML title does not match URL

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Classification

Analysis Advice

No malicious behavior found, analyze the document also on other version of Office / Acrobat

Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis

Startup

System is w10x64

AcroRd32.exe (PID: 5948 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Information-Account-Prime-Disable-Service.pdf' MD5: B969CF0C7B2C443A99034881E8C8740A)

AcroRd32.exe (PID: 5956 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Information-Account-Prime-Disable-Service.pdf' MD5: B969CF0C7B2C443A99034881E8C8740A)

RdrCEF.exe (PID: 5060 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6344 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13817734648253318396 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13817734648253318396 --renderer-client-id=2 --mojo-platform-channel-handle=1720 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6372 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=11890072385820109879 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6424 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=1881667437359436119 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1881667437359436119 --renderer-client-id=4 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6560 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=5458918827524385669 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5458918827524385669 --renderer-client-id=5 --mojo-platform-channel-handle=1864 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6676 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13143280483817159406 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13143280483817159406 --renderer-client-id=6 --mojo-platform-channel-handle=2140 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)

iexplore.exe (PID: 4736 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' https://t.umblr.com/redirect?z=https%3A%2F%2Fykm.de%2F65f0a4768a364c17&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTAzZWMzZCwwY2IyNWEwNWYyMzA5MGNlNzYxMzg5ZTFhMTcwMTA4Y2U5NmEwYzZl&ts=1610149120 MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 1048 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Machine Learning detection for sample

Show sources

Source: Information-Account-Prime-Disable-Service.pdf

Joe Sandbox ML: detected

Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417349&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Fregister.html&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417348788&bpp=10&bdt=515&idt=314&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=6343227133430&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417349&ga_hid=488988360&ga_fc=0&u_tz=-480&u_his=4&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=387605769970244&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=hZWRzNH2jw&p=https%3A//ykm.de&dtd=400
Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417349&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Fregister.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417348751&bpp=37&bdt=482&idt=181&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=6343227133430&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417349&ga_hid=488988360&ga_fc=1&u_tz=-480&u_his=4&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=387605769970244&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=341
Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html#
Source: https://ykm.de/member_login.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417363&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Fmember_login.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417362885&bpp=27&bdt=546&idt=197&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=3237432082960&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417363&ga_hid=40148678&ga_fc=1&u_tz=-480&u_his=8&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1280&bih=906&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21069109&oid=3&pvsid=3325573467270068&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=278
Source: https://ykm.de/member_login.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html#
Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417349&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Fregister.html&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417348788&bpp=10&bdt=515&idt=314&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=6343227133430&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417349&ga_hid=488988360&ga_fc=0&u_tz=-480&u_his=4&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=387605769970244&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=hZWRzNH2jw&p=https%3A//ykm.de&dtd=400
Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417349&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Fregister.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417348751&bpp=37&bdt=482&idt=181&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=6343227133430&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417349&ga_hid=488988360&ga_fc=1&u_tz=-480&u_his=4&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=387605769970244&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=341
Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Source: https://ykm.de/register.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html#
Source: https://ykm.de/member_login.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417363&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Fmember_login.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417362885&bpp=27&bdt=546&idt=197&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=3237432082960&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417363&ga_hid=40148678&ga_fc=1&u_tz=-480&u_his=8&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1280&bih=906&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21069109&oid=3&pvsid=3325573467270068&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=278
Source: https://ykm.de/member_login.html	HTTP Parser: Iframe src: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html#

Source: https://ykm.de/register.html	HTTP Parser: Title: Register - YKM.de Quickly Shorten Url does not match URL
Source: https://ykm.de/member_login.html	HTTP Parser: Title: Login - YKM.de Quickly Shorten Url does not match URL
Source: https://ykm.de/register.html	HTTP Parser: Title: Register - YKM.de Quickly Shorten Url does not match URL
Source: https://ykm.de/member_login.html	HTTP Parser: Title: Login - YKM.de Quickly Shorten Url does not match URL

Source: https://ykm.de/register.html	HTTP Parser: No <meta name="author".. found
Source: https://ykm.de/member_login.html	HTTP Parser: No <meta name="author".. found
Source: https://ykm.de/register.html	HTTP Parser: No <meta name="author".. found
Source: https://ykm.de/member_login.html	HTTP Parser: No <meta name="author".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 74.114.154.21:443 -> 192.168.2.3:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.114.154.21:443 -> 192.168.2.3:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.0.78.27:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.0.78.27:443 -> 192.168.2.3:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.28.25.219:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.28.25.219:443 -> 192.168.2.3:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.226:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.226:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.2:443 -> 192.168.2.3:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.2:443 -> 192.168.2.3:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.66:443 -> 192.168.2.3:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.66:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.194:443 -> 192.168.2.3:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.194:443 -> 192.168.2.3:49770 version: TLS 1.2

Source: Joe Sandbox View	IP Address: 172.217.22.194 172.217.22.194
Source: Joe Sandbox View	IP Address: 74.114.154.21 74.114.154.21
Source: Joe Sandbox View	IP Address: 172.217.23.2 172.217.23.2

Source: Joe Sandbox View

JA3 fingerprint: 9e10692f1b7f78228b2d4e424db3a98c

Source: msapplication.xml0.23.dr	String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xe65086e6,0x01d6e887</date><accdate>0xe65086e6,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml0.23.dr	String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xe65086e6,0x01d6e887</date><accdate>0xe652e959,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml5.23.dr	String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xe657adeb,0x01d6e887</date><accdate>0xe657adeb,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml5.23.dr	String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xe657adeb,0x01d6e887</date><accdate>0xe657adeb,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml7.23.dr	String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xe65a1083,0x01d6e887</date><accdate>0xe65a1083,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: msapplication.xml7.23.dr	String found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xe65a1083,0x01d6e887</date><accdate>0xe65a1083,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: index[2].htm.24.dr	String found in binary or memory: s (pt)", "admin":"Admin", "ban_type":"Ban Type", "plugin_title":"plugin title", "directory_name":"directory name", "installed":"installed?", "faq_page_content":"<div> <h4>How can my site benefit from using shortened urls?</h4> Shorten long urls such as:<br/><br/> <pre>http://maps.google.co.uk/maps?oe=utf-8&client=firefox-a&rlz=1R1GGLL_en-GB___GB423&um=1&ie=UTF-8&q=google+maps+big+ben<br/>&fb=1&gl=uk&hq=google+maps+big+ben&hnear=google+maps+big+ben&cid=0,0,7629721680134612<br/>123&ei=AukATpvoBpDA8QPaq4mzDQ&sa=X&oi=local_result&ct=image&resnum=1&ved=0CCAQnwIwAA</pre> <br/> Into a shorter version such as:<br/><br/> <pre><a href=\"http://[[[_CONFIG_SITE_FULL_URL]]]\">http://[[[_CONFIG_SITE_FULL_URL]]]/a</a></pre> <br/> Then post to Twitter, Facebook, send via email, use on your existing website, advertising, affiliate links, the uses are endless. <hr> </div> <div> <h4>How can I view how many visitors have clicked on my short url?</h4> You can see details stats including unique visitors, visiting countries, browsers and more by adding <code>~s</code> onto the end of your short url. <hr> </div> <div> <h4>Can I automatically expire my urls after x clicks?</h4> Yes. When you create the url, you can specify a \'total uses\' value which only allows the short url to be used this amount of times. The url will be expired after the total visits reaches this value. <hr> </div> <div> <h4>Can I protect my short with a password?</h4> Yes. When creating the url, specify a password within the \'password\' input. The visitor will be prompted to enter the password when the visit the url. <hr> </div> <div> <h4>How many urls can I create?</h4> There are no limits on the amount of urls you can create. <hr> </div> <div> <h4>What are the benefits of registering an account?</h4> View and manage all your short urls in one place. Easily view your url statistics and share your urls through social media. <hr> </div>", "terms_page_name":"Terms", "terms_meta_description":"Terms", "terms_meta_keywords":"terms", "terms_page_content":"<ol><li>Users of this website (Users) agree to be bound by these terms and conditions, which are subject to change at the sole discretion of the site. Your use of and access to this site indicate your acceptance of these terms and conditions.</li><li>This site was created as a free service to make posting long URLs easier. This service is provided without warranty of any kind. Short URLs used in spam (including email and forum spam) will be disabled.</li><li>This site may include third party content which is subject to that third party\'s terms and conditions of use.</li><li>This site may include links to third party
Source: index[2].htm.24.dr	String found in binary or memory: s (pt)", "admin":"Admin", "ban_type":"Ban Type", "plugin_title":"plugin title", "directory_name":"directory name", "installed":"installed?", "faq_page_content":"<div> <h4>How can my site benefit from using shortened urls?</h4> Shorten long urls such as:<br/><br/> <pre>http://maps.google.co.uk/maps?oe=utf-8&client=firefox-a&rlz=1R1GGLL_en-GB___GB423&um=1&ie=UTF-8&q=google+maps+big+ben<br/>&fb=1&gl=uk&hq=google+maps+big+ben&hnear=google+maps+big+ben&cid=0,0,7629721680134612<br/>123&ei=AukATpvoBpDA8QPaq4mzDQ&sa=X&oi=local_result&ct=image&resnum=1&ved=0CCAQnwIwAA</pre> <br/> Into a shorter version such as:<br/><br/> <pre><a href=\"http://[[[_CONFIG_SITE_FULL_URL]]]\">http://[[[_CONFIG_SITE_FULL_URL]]]/a</a></pre> <br/> Then post to Twitter, Facebook, send via email, use on your existing website, advertising, affiliate links, the uses are endless. <hr> </div> <div> <h4>How can I view how many visitors have clicked on my short url?</h4> You can see details stats including unique visitors, visiting countries, browsers and more by adding <code>~s</code> onto the end of your short url. <hr> </div> <div> <h4>Can I automatically expire my urls after x clicks?</h4> Yes. When you create the url, you can specify a \'total uses\' value which only allows the short url to be used this amount of times. The url will be expired after the total visits reaches this value. <hr> </div> <div> <h4>Can I protect my short with a password?</h4> Yes. When creating the url, specify a password within the \'password\' input. The visitor will be prompted to enter the password when the visit the url. <hr> </div> <div> <h4>How many urls can I create?</h4> There are no limits on the amount of urls you can create. <hr> </div> <div> <h4>What are the benefits of registering an account?</h4> View and manage all your short urls in one place. Easily view your url statistics and share your urls through social media. <hr> </div>", "terms_page_name":"Terms", "terms_meta_description":"Terms", "terms_meta_keywords":"terms", "terms_page_content":"<ol><li>Users of this website (Users) agree to be bound by these terms and conditions, which are subject to change at the sole discretion of the site. Your use of and access to this site indicate your acceptance of these terms and conditions.</li><li>This site was created as a free service to make posting long URLs easier. This service is provided without warranty of any kind. Short URLs used in spam (including email and forum spam) will be disabled.</li><li>This site may include third party content which is subject to that third party\'s terms and conditions of use.</li><li>This site may include links to third party

Source: unknown

DNS traffic detected: queries for: umblr.com

Source: jflickrfeed.min[1].js.24.dr	String found in binary or memory: http://api.flickr.com/services/feeds/
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12282#comment:15
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/(15)
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/ER_1
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: jquery.tweet[1].js.24.dr	String found in binary or memory: http://daringfireball.net/2010/07/improved_regex_for_matching_urls
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: font-awesome.min[1].css.24.dr	String found in binary or memory: http://fontawesome.io
Source: font-awesome.min[1].css.24.dr	String found in binary or memory: http://fontawesome.io/license
Source: f[1].txt0.24.dr	String found in binary or memory: http://googleads.g.doubleclick.net
Source: jquery.easing.1.3[1].js.24.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_(NS_ERROR_NOT_A
Source: docs[1].css.24.dr	String found in binary or memory: http://html.orange-idea.com/veles/images/read_more.png
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/.
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://jquery.com/
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://jquery.org/license
Source: jquery-ui-1.10.2.custom.min[1].js.24.dr	String found in binary or memory: http://jqueryui.com
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://json.org/json2.js
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: faq[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: http://maps.google.co.uk/maps?oe=utf-8&client=firefox-a&rlz=1R1GGLL_en-GB___GB423&um=1&ie=UTF-8&q=go
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/E
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0C
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0H
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0I
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0O
Source: f[1].txt0.24.dr	String found in binary or memory: http://pagead2.googlesyndication.com
Source: jquery.tweet[1].js.24.dr	String found in binary or memory: http://search.twitter.com/operators)
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://sizzlejs.com/
Source: docs[1].css.24.dr	String found in binary or memory: http://themeforest.net/user/OrangeIdea/portfolio
Source: jquery.tweet[1].js.24.dr	String found in binary or memory: http://tweet.seaofclouds.com/
Source: jquery.min[1].js.24.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: AcroRd32.exe, 00000001.00000003.373081997.000000000D2C6000.00000004.00000001.sdmp	String found in binary or memory: http://www.adobe.coH
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/extension/
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/extension/K
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/field#
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/id/
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/property#
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/property#B
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/schema#
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/schema#c
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/schema#z
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/type#
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/type#i
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfe/ns/id/
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfe/ns/id/(
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfe/ns/id/Z
Source: jquery.waitforimages[1].js.24.dr	String found in binary or memory: http://www.alexanderdickson.com/
Source: msapplication.xml.23.dr	String found in binary or memory: http://www.amazon.com/
Source: f[1].txt.24.dr, bootstrap-responsive[1].css.24.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: bootstrap.min[1].js.24.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.txt
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: msapplication.xml1.23.dr	String found in binary or memory: http://www.google.com/
Source: index[2].htm.24.dr	String found in binary or memory: http://www.google.com/privacy.html
Source: msapplication.xml2.23.dr	String found in binary or memory: http://www.live.com/
Source: jflickrfeed.min[1].js.24.dr	String found in binary or memory: http://www.newmediacampaigns.com/page/jquery-flickr-plugin
Source: AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	String found in binary or memory: http://www.npes.org/pdfx/ns/id/
Source: msapplication.xml3.23.dr	String found in binary or memory: http://www.nytimes.com/
Source: jquery.autosize-min[1].js.24.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: options[1].css.24.dr	String found in binary or memory: http://www.orange-idea.com/assets/builder/link.png
Source: options[1].css.24.dr	String found in binary or memory: http://www.orange-idea.com/assets/builder/zoom.png
Source: AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default
Source: AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/drm/default
Source: AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn
Source: AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/layout/anchor
Source: AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes
Source: AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs
Source: AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/subclip/1.0
Source: AcroRd32.exe, 00000001.00000002.392423113.000000000B51E000.00000004.00000001.sdmp	String found in binary or memory: http://www.quicktime.com.Acrobat
Source: msapplication.xml4.23.dr	String found in binary or memory: http://www.reddit.com/
Source: msapplication.xml5.23.dr	String found in binary or memory: http://www.twitter.com/
Source: msapplication.xml6.23.dr	String found in binary or memory: http://www.wikipedia.com/
Source: msapplication.xml7.23.dr	String found in binary or memory: http://www.youtube.com/
Source: faq[1].htm.24.dr	String found in binary or memory: http://ykm.de/a
Source: ZeroClipboard.min[1].js.24.dr	String found in binary or memory: http://zeroclipboard.org/
Source: index[2].htm.24.dr, IUE4OCQZ.htm.24.dr	String found in binary or memory: https://...
Source: AcroRd32.exe, 00000001.00000002.391756660.000000000B27C000.00000004.00000001.sdmp	String found in binary or memory: https://.OKCancelEdit
Source: AcroRd32.exe, 00000001.00000002.392044752.000000000B3C1000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/
Source: AcroRd32.exe, 00000001.00000002.392044752.000000000B3C1000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/-V_
Source: AcroRd32.exe, 00000001.00000002.392044752.000000000B3C1000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/;WE~_F
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/
Source: AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/#
Source: AcroRd32.exe, 00000001.00000002.392044752.000000000B3C1000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/xW
Source: js[1].js.24.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: f[1].txt.24.dr	String found in binary or memory: https://adsense.com.
Source: f[1].txt.24.dr	String found in binary or memory: https://adservice.google.com
Source: js[1].js.24.dr	String found in binary or memory: https://adservice.google.com/ddm/regclk
Source: analytics[1].js.24.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: AcroRd32.exe, 00000001.00000003.372898356.000000000CE75000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.com
Source: AcroRd32.exe, 00000001.00000003.372898356.000000000CE75000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.com15)/
Source: AcroRd32.exe, 00000001.00000002.394772228.000000000D0DA000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.comRL
Source: f[1].txt.24.dr	String found in binary or memory: https://attestation.android.com
Source: jquery.min[1].js.24.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: jquery.min[1].js.24.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: jquery.min[1].js.24.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: f[1].txt0.24.dr	String found in binary or memory: https://cdn.ampproject.org/amp4ads-host-v0.js
Source: f[1].txt0.24.dr	String found in binary or memory: https://cdn.ampproject.org/rtv/%
Source: jquery.min[1].js.24.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: jquery.min[1].js.24.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: f[1].txt0.24.dr	String found in binary or memory: https://fundingchoicesmessages.google.com/uf/%
Source: jquery.min[1].js.24.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: js[1].js.24.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: jquery.tweet[1].js.24.dr	String found in binary or memory: https://github.com/seaofclouds/tweet
Source: f[1].txt0.24.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&o
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html#
Source: redirect[1].htm.24.dr	String found in binary or memory: https://href.li/?https://ykm.de/65f0a4768a364c17
Source: ~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://href.li/?https://ykm.de/65f0a4768a364c1717&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTA
Source: register[1].htm.24.dr	String found in binary or memory: https://html5shim.googlecode.com/svn/trunk/html5.js
Source: AcroRd32.exe, 00000001.00000002.380377428.0000000009470000.00000004.00000001.sdmp	String found in binary or memory: https://ims-na1.adobelogin.com
Source: js[1].js.24.dr, f[1].txt0.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: js[1].js.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/
Source: sodar2[1].js.24.dr, runner[1].htm.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/bg/%
Source: f[1].txt0.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=
Source: f[1].txt0.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/expansion_embed.js
Source: f[1].txt.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204
Source: f[1].txt.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=
Source: f[1].txt0.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status
Source: f[1].txt0.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=imerr&err=
Source: f[1].txt.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics
Source: runner[1].htm.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219
Source: sodar2[1].js.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220
Source: f[1].txt.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/
Source: register[1].htm.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Source: f[1].txt.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/js/managed/adsense/
Source: f[1].txt0.24.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/osd.js
Source: f[1].txt0.24.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: analytics[1].js.24.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: AcroRd32.exe, 00000001.00000002.394314194.000000000CF4A000.00000004.00000001.sdmp	String found in binary or memory: https://t.umblr.com
Source: AcroRd32.exe, 00000001.00000002.380628525.0000000009560000.00000004.00000001.sdmp	String found in binary or memory: https://t.umblr.com/redirect?z=https%3A%2F%2Fclick-email2.giize.com%2F_PeXKkjgCsfgwYIEhjR9526431&t=N
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://t.umblr.com/redirect?z=https%3A%2F%2Fykm.de%2F65f0a4768a364c17&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI
Source: sodar2[1].js.24.dr	String found in binary or memory: https://tpc.googlesyndication.com
Source: f[1].txt0.24.dr	String found in binary or memory: https://tpc.googlesyndication.com/sodar/%
Source: ~DF006BB75F40C378F3.TMP.23.dr, sodar2[1].js.24.dr	String found in binary or memory: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Source: register[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: https://wurlie.net
Source: ~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://wurlie.net/
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://wurlie.net/r_login.html
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://wurlie.net/r_login.htmlhort
Source: AcroRd32.exe, 00000001.00000002.379695109.0000000008B4D000.00000002.00000001.sdmp	String found in binary or memory: https://www.digicert.com/CPS0
Source: js[1].js.24.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: analytics[1].js.24.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: analytics[1].js.24.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: js[1].js.24.dr, sodar2[1].js.24.dr	String found in binary or memory: https://www.google.com
Source: f[1].txt.24.dr	String found in binary or memory: https://www.google.com/adsense
Source: sodar2[1].js.24.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/aframe
Source: js[1].js.24.dr	String found in binary or memory: https://www.google.com/travel/flights/click/conversion/
Source: js[1].js.24.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: analytics[1].js.24.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: register[1].htm.24.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-406118-10
Source: f[1].txt0.24.dr	String found in binary or memory: https://www.googletagservices.com/activeview/js/current/osd.js
Source: js[1].js.24.dr	String found in binary or memory: https://www.googletraveladservices.com/travel/clk/pagead/conversion/
Source: f[1].txt0.24.dr	String found in binary or memory: https://www.gstatic.com/adsense/autoads/icons/arrow_left_24px_grey_800.svg
Source: f[1].txt0.24.dr	String found in binary or memory: https://www.gstatic.com/adsense/autoads/icons/close_24px_grey_700.svg
Source: f[1].txt0.24.dr	String found in binary or memory: https://www.gstatic.com/adsense/autoads/icons/gpp_good_24px_blue_600.svg
Source: f[1].txt0.24.dr	String found in binary or memory: https://www.gstatic.com/adsense/autoads/icons/gpp_good_24px_grey_800.svg
Source: register[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: https://www.mfscripts.com
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://www.mfscripts.com/
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://www.mfscripts.com/html
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://www.mfscripts.com/htmlhort
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://www.mfscripts.com/n.ico
Source: register[1].htm.24.dr, faq[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: https://ykm.de
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/
Source: KQGQMC7O.htm.24.dr	String found in binary or memory: https://ykm.de/65f0a4768a364c17
Source: register[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: https://ykm.de/admin/assets/images/icons/flags/de.png
Source: register[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: https://ykm.de/admin/assets/images/icons/flags/us.png
Source: register[1].htm.24.dr, bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/api.html
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/api.html#activate
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/api.html#createBasic
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/api.html#createOptions
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/api.html#disable
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/api.html#info
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/api.html#list
Source: ~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr, bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/bookmarklet.html
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/bookmarklet.html88186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/bookmarklet.htmlP
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/bookmarklet.htmlTBookmarklet
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/contact.html
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/convert_html_links.html
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/error.html?e=This
Source: bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/export_url_data.php
Source: ~DF006BB75F40C378F3.TMP.23.dr, faq[1].htm.24.dr, bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/faq.html
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/faq.htmlDFAQ
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/faq.htmlhtml
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/faq.htmlhtmlO1SPS
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/faq.htmlhtmlis
Source: ~DF006BB75F40C378F3.TMP.23.dr, imagestore.dat.24.dr	String found in binary or memory: https://ykm.de/favicon.ico
Source: member_login[1].htm.24.dr	String found in binary or memory: https://ykm.de/forgot_password.html
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/impressum.html
Source: index[2].htm.24.dr, IUE4OCQZ.htm.24.dr	String found in binary or memory: https://ykm.de/index.html
Source: ~DF006BB75F40C378F3.TMP.23.dr, index[2].htm.24.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/index.html?_t=Deutsch
Source: ~DF006BB75F40C378F3.TMP.23.dr, index[2].htm.24.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/index.html?_t=English
Source: index[2].htm.24.dr, bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/index.html?agreeTerms=1&submitted=1&longUrl=
Source: index[2].htm.24.dr, bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/index.html?agreeTerms=1&submitted=1&postToTwitter=1&longUrl=
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/index.htmle=This
Source: ~DF006BB75F40C378F3.TMP.23.dr, member_login[1].htm.24.dr	String found in binary or memory: https://ykm.de/member_login.html
Source: ~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/member_login.htmlHLogin
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/member_login.htmlhort
Source: ~DF006BB75F40C378F3.TMP.23.dr, index[2].htm.24.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr, recent_urls[1].htm.24.dr	String found in binary or memory: https://ykm.de/recent_urls.html
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/recent_urls.htmlTRecent
Source: ~DF006BB75F40C378F3.TMP.23.dr, faq[1].htm.24.dr	String found in binary or memory: https://ykm.de/register.html
Source: ~DF006BB75F40C378F3.TMP.23.dr	String found in binary or memory: https://ykm.de/register.htmlNRegister
Source: {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/register.htmlis
Source: register[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: https://ykm.de/report_url.html
Source: ~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://ykm.de/rror.html?e=This
Source: register[1].htm.24.dr, index[2].htm.24.dr	String found in binary or memory: https://ykm.de/terms.html
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/images/favicon.ico
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/images/logo/_default.png
Source: index[2].htm.24.dr, IUE4OCQZ.htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/images/plus_icon.png
Source: index[2].htm.24.dr, IUE4OCQZ.htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/images/star_icon.png
Source: index[2].htm.24.dr, IUE4OCQZ.htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/images/twitter_icon.png
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/ZeroClipboard/ZeroClipboard.min.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/jquery-ui-1.10.2.custom.min.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/jquery.autosize-min.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/jquery.dataTables.min.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/jquery.min.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/theme/bootstrap.min.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/theme/custom.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/theme/jflickrfeed.min.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/theme/jquery.easing.1.3.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/theme/jquery.tweet.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/theme/jquery.waitforimages.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/js/theme/testimonialrotator.js
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/bootstrap.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/builder.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/docs.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/font-awesome.min.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/fonts.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/layouts/orange.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/options.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/css/wide_layout.css
Source: register[1].htm.24.dr	String found in binary or memory: https://ykm.de/themes/ykm/styles/screen.css
Source: register[1].htm.24.dr, bookmarklet[1].htm.24.dr	String found in binary or memory: https://ykm.de/tools.html

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 74.114.154.21:443 -> 192.168.2.3:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.114.154.21:443 -> 192.168.2.3:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.0.78.27:443 -> 192.168.2.3:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.0.78.27:443 -> 192.168.2.3:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.28.25.219:443 -> 192.168.2.3:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.28.25.219:443 -> 192.168.2.3:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.226:443 -> 192.168.2.3:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.20.226:443 -> 192.168.2.3:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.1:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.34:443 -> 192.168.2.3:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.2:443 -> 192.168.2.3:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.2:443 -> 192.168.2.3:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.66:443 -> 192.168.2.3:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.23.66:443 -> 192.168.2.3:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.194:443 -> 192.168.2.3:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.22.194:443 -> 192.168.2.3:49770 version: TLS 1.2

Source: classification engine

Classification label: sus22.winPDF@19/166@10/11

Source: Information-Account-Prime-Disable-Service.pdf	Initial sample: https://t.umblr.com/redirect?z=https%3A%2F%2Fykm.de%2F65f0a4768a364c17&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTAzZWMzZCwwY2IyNWEwNWYyMzA5MGNlNzYxMzg5ZTFhMTcwMTA4Y2U5NmEwYzZl&ts=1610149120
Source: Information-Account-Prime-Disable-Service.pdf	Initial sample: https://t.umblr.com/redirect?z=https%3A%2F%2Fclick-email2.giize.com%2F_PeXKkjgCsfgwYIEhjR9526431&t=NjhlMjZlNjIzYTkwZmNhNzQ4MzZkN2ZhY2VmYzhkODliNTYyMmM5NSw3NjcwNzJhMWFiMzRkNjk3ZTE2YTE0MGQyZTQ2YWQxYWM5N2U4MjBm&ts=1607177201

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File created: C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File created: C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9Rc4bt2d_p7y4ku_4lg.tmp

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Information-Account-Prime-Disable-Service.pdf'
Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Information-Account-Prime-Disable-Service.pdf'
Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13817734648253318396 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13817734648253318396 --renderer-client-id=2 --mojo-platform-channel-handle=1720 --allow-no-sandbox-job /prefetch:1
Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=11890072385820109879 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=1881667437359436119 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1881667437359436119 --renderer-client-id=4 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1
Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=5458918827524385669 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5458918827524385669 --renderer-client-id=5 --mojo-platform-channel-handle=1864 --allow-no-sandbox-job /prefetch:1
Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13143280483817159406 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13143280483817159406 --renderer-client-id=6 --mojo-platform-channel-handle=2140 --allow-no-sandbox-job /prefetch:1
Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' https://t.umblr.com/redirect?z=https%3A%2F%2Fykm.de%2F65f0a4768a364c17&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTAzZWMzZCwwY2IyNWEwNWYyMzA5MGNlNzYxMzg5ZTFhMTcwMTA4Y2U5NmEwYzZl&ts=1610149120
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Information-Account-Prime-Disable-Service.pdf'	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' https://t.umblr.com/redirect?z=https%3A%2F%2Fykm.de%2F65f0a4768a364c17&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTAzZWMzZCwwY2IyNWEwNWYyMzA5MGNlNzYxMzg5ZTFhMTcwMTA4Y2U5NmEwYzZl&ts=1610149120	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13817734648253318396 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13817734648253318396 --renderer-client-id=2 --mojo-platform-channel-handle=1720 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=11890072385820109879 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=1881667437359436119 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1881667437359436119 --renderer-client-id=4 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=5458918827524385669 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5458918827524385669 --renderer-client-id=5 --mojo-platform-channel-handle=1864 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13143280483817159406 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13143280483817159406 --renderer-client-id=6 --mojo-platform-channel-handle=2140 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2	Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File opened: C:\Windows\SysWOW64\Msftedit.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: Information-Account-Prime-Disable-Service.pdf	Initial sample: PDF keyword /JS count = 0
Source: Information-Account-Prime-Disable-Service.pdf	Initial sample: PDF keyword /JavaScript count = 0

Source: Information-Account-Prime-Disable-Service.pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior

Source: AcroRd32.exe, 00000001.00000002.394314194.000000000CF4A000.00000004.00000001.sdmp

Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

Code function: 1_2_0503F003 LdrInitializeThunk,

1_2_0503F003

Source: AcroRd32.exe, 00000001.00000002.375084454.0000000005930000.00000002.00000001.sdmp	Binary or memory string: Program Manager
Source: AcroRd32.exe, 00000001.00000002.375084454.0000000005930000.00000002.00000001.sdmp	Binary or memory string: Shell_TrayWnd
Source: AcroRd32.exe, 00000001.00000002.375084454.0000000005930000.00000002.00000001.sdmp	Binary or memory string: Progman
Source: AcroRd32.exe, 00000001.00000002.375084454.0000000005930000.00000002.00000001.sdmp	Binary or memory string: Progmanlock

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Spearphishing Link1	Windows Management Instrumentation	Path Interception	Process Injection2	Masquerading1	OS Credential Dumping	Security Software Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Drive-by Compromise1	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection2	LSASS Memory	Process Discovery1	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	File and Directory Discovery1	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
Information-Account-Prime-Disable-Service.pdf	0%	Virustotal		Browse
Information-Account-Prime-Disable-Service.pdf	100%	Joe Sandbox ML

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
ykm.de	4%	Virustotal		Browse
adservice.google.co.uk	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label
https://ykm.de/api.html#activate	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/styles/css/font-awesome.min.css	0%	Avira URL Cloud	safe
https://ykm.de/api.html	0%	Avira URL Cloud	safe
https://ykm.de/index.html?agreeTerms=1&submitted=1&longUrl=	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css	0%	Avira URL Cloud	safe
https://ykm.de/contact.html	0%	Avira URL Cloud	safe
https://ykm.de/tools.html	0%	Avira URL Cloud	safe
https://ykm.de/rror.html?e=This	0%	Avira URL Cloud	safe
http://ykm.de/a	0%	Avira URL Cloud	safe
http://www.osmf.org/drm/default	0%	URL Reputation	safe
http://www.osmf.org/drm/default	0%	URL Reputation	safe
http://www.osmf.org/drm/default	0%	URL Reputation	safe
https://ykm.de/themes/ykm/js/theme/custom.js	0%	Avira URL Cloud	safe
https://ykm.de/index.html?_t=Deutsch	0%	Avira URL Cloud	safe
https://ykm.de/faq.htmlhtml	0%	Avira URL Cloud	safe
https://ykm.de/api.html#createBasic	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/js/theme/testimonialrotator.js	0%	Avira URL Cloud	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
https://ykm.de/themes/ykm/styles/css/docs.css	0%	Avira URL Cloud	safe
http://cipa.jp/exif/1.0/(15)	0%	URL Reputation	safe
http://cipa.jp/exif/1.0/(15)	0%	URL Reputation	safe
http://cipa.jp/exif/1.0/(15)	0%	URL Reputation	safe
https://ykm.de/member_login.htmlhort	0%	Avira URL Cloud	safe
http://www.alexanderdickson.com/	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/images/star_icon.png	0%	Avira URL Cloud	safe
http://maps.google.co.uk/maps?oe=utf-8&client=firefox-a&rlz=1R1GGLL_en-GB___GB423&um=1&ie=UTF-8&q=go	0%	Avira URL Cloud	safe
http://www.adobe.coH	0%	Avira URL Cloud	safe
https://ykm.de/api.html#createOptions	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/styles/css/builder.css	0%	Avira URL Cloud	safe
https://ykm.de/register.htmlis	0%	Avira URL Cloud	safe
https://ykm.de/api.html#disable	0%	Avira URL Cloud	safe
https://wurlie.net	0%	Avira URL Cloud	safe
http://cipa.jp/exif/1.0/	0%	URL Reputation	safe
http://cipa.jp/exif/1.0/	0%	URL Reputation	safe
http://cipa.jp/exif/1.0/	0%	URL Reputation	safe
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	0%	URL Reputation	safe
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	0%	URL Reputation	safe
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	0%	URL Reputation	safe
http://cipa.jp/exif/1.0/ER_1	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/js/ZeroClipboard/ZeroClipboard.min.js	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/js/theme/jquery.waitforimages.js	0%	Avira URL Cloud	safe
https://ykm.de/faq.htmlhtmlis	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/styles/screen.css	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/	0%	Avira URL Cloud	safe
https://wurlie.net/r_login.htmlhort	0%	Avira URL Cloud	safe
https://ykm.de/register.htmlNRegister	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/xW	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/js/theme/jquery.easing.1.3.js	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/images/logo/_default.png	0%	Avira URL Cloud	safe
https://ykm.de/api.html#list	0%	Avira URL Cloud	safe
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	0%	URL Reputation	safe
https://ykm.de/themes/ykm/styles/css/layouts/orange.css	0%	Avira URL Cloud	safe
https://ykm.de/themes/ykm/images/favicon.ico	0%	Avira URL Cloud	safe
https://ykm.de/report_url.html	0%	Avira URL Cloud	safe
https://ykm.de/forgot_password.html	0%	Avira URL Cloud	safe
http://gsgd.co.uk/sandbox/jquery/easing/	0%	URL Reputation	safe
http://gsgd.co.uk/sandbox/jquery/easing/	0%	URL Reputation	safe
http://gsgd.co.uk/sandbox/jquery/easing/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/.	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/#	0%	Avira URL Cloud	safe
https://html5shim.googlecode.com/svn/trunk/html5.js	0%	Avira URL Cloud	safe
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	0%	URL Reputation	safe
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	0%	URL Reputation	safe
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	0%	URL Reputation	safe
http://www.wikipedia.com/	0%	URL Reputation	safe
http://www.wikipedia.com/	0%	URL Reputation	safe
http://www.wikipedia.com/	0%	URL Reputation	safe
https://ykm.de	0%	Avira URL Cloud	safe
https://ykm.de/api.html#info	0%	Avira URL Cloud	safe
https://ykm.de/index.html?_t=English	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
pagead46.l.doubleclick.net	172.217.20.226	true	false		high
umblr.com	74.114.154.17	true	false		high
partnerad.l.doubleclick.net	172.217.23.34	true	false		high
ykm.de	104.28.25.219	true	false	4%, Virustotal, Browse	unknown
t.umblr.com	74.114.154.21	true	false		high
googlehosted.l.googleusercontent.com	172.217.23.1	true	false		high
href.li	192.0.78.27	true	false		high
googleads.g.doubleclick.net	unknown	unknown	false		high
www.googletagservices.com	unknown	unknown	false		high
themes.googleusercontent.com	unknown	unknown	false		high
adservice.google.co.uk	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Reputation
https://ykm.de/register.html	true	unknown
https://ykm.de/bookmarklet.html	true	unknown
https://ykm.de/faq.html	true	unknown
https://ykm.de/member_login.html	true	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://ykm.de/api.html#activate	bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://www.aiim.org/pdfa/ns/extension/K	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false		high
https://ykm.de/themes/ykm/styles/css/font-awesome.min.css	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/api.html	register[1].htm.24.dr, bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/index.html?agreeTerms=1&submitted=1&longUrl=	index[2].htm.24.dr, bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://daringfireball.net/2010/07/improved_regex_for_matching_urls	jquery.tweet[1].js.24.dr	false		high
https://ykm.de/contact.html	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/tools.html	register[1].htm.24.dr, bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://bugs.jquery.com/ticket/12282#comment:15	jquery.min[1].js.24.dr	false		high
http://dev.w3.org/csswg/cssom/#resolved-values	jquery.min[1].js.24.dr	false		high
http://www.opensource.org/licenses/mit-license.php	jquery.autosize-min[1].js.24.dr	false		high
https://ykm.de/rror.html?e=This	~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false	Avira URL Cloud: safe	unknown
http://ykm.de/a	faq[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/recent_urls.html	~DF006BB75F40C378F3.TMP.23.dr, index[2].htm.24.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr, recent_urls[1].htm.24.dr	false		unknown
http://www.osmf.org/drm/default	AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://stats.g.doubleclick.net/j/collect	analytics[1].js.24.dr	false		high
https://cdn.ampproject.org/amp4ads-host-v0.js	f[1].txt0.24.dr	false		high
http://www.reddit.com/	msapplication.xml4.23.dr	false		high
https://ykm.de/themes/ykm/js/theme/custom.js	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/index.html?_t=Deutsch	~DF006BB75F40C378F3.TMP.23.dr, index[2].htm.24.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/bookmarklet.html	~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr, bookmarklet[1].htm.24.dr	false		unknown
http://bugs.jquery.com/ticket/12359	jquery.min[1].js.24.dr	false		high
https://ykm.de/faq.htmlhtml	~DF006BB75F40C378F3.TMP.23.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/api.html#createBasic	bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://search.twitter.com/operators)	jquery.tweet[1].js.24.dr	false		high
https://t.umblr.com/redirect?z=https%3A%2F%2Fclick-email2.giize.com%2F_PeXKkjgCsfgwYIEhjR9526431&t=N	AcroRd32.exe, 00000001.00000002.380628525.0000000009560000.00000004.00000001.sdmp	false		high
https://ykm.de/themes/ykm/js/theme/testimonialrotator.js	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://bugzilla.mozilla.org/show_bug.cgi?id=649285	jquery.min[1].js.24.dr	false		high
http://html.orange-idea.com/veles/images/read_more.png	docs[1].css.24.dr	false		high
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://ykm.de/themes/ykm/styles/css/docs.css	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://cipa.jp/exif/1.0/(15)	AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://ykm.de/member_login.htmlhort	{0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false	Avira URL Cloud: safe	unknown
http://www.alexanderdickson.com/	jquery.waitforimages[1].js.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/themes/ykm/images/star_icon.png	index[2].htm.24.dr, IUE4OCQZ.htm.24.dr	false	Avira URL Cloud: safe	unknown
https://t.umblr.com	AcroRd32.exe, 00000001.00000002.394314194.000000000CF4A000.00000004.00000001.sdmp	false		high
http://maps.google.co.uk/maps?oe=utf-8&client=firefox-a&rlz=1R1GGLL_en-GB___GB423&um=1&ie=UTF-8&q=go	faq[1].htm.24.dr, index[2].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://www.aiim.org/pdfa/ns/schema#c	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false		high
http://www.adobe.coH	AcroRd32.exe, 00000001.00000003.373081997.000000000D2C6000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://googleads.g.doubleclick.net	f[1].txt0.24.dr	false		high
https://ykm.de/api.html#createOptions	bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ims-na1.adobelogin.com	AcroRd32.exe, 00000001.00000002.380377428.0000000009470000.00000004.00000001.sdmp	false		high
https://bugzilla.mozilla.org/show_bug.cgi?id=491668	jquery.min[1].js.24.dr	false		high
https://ykm.de/themes/ykm/styles/css/builder.css	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/register.htmlis	{0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false	Avira URL Cloud: safe	unknown
https://www.mfscripts.com/htmlhort	{0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false		high
https://ykm.de/api.html#disable	bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://www.aiim.org/pdfa/ns/schema#	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false		high
https://wurlie.net/	~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false		unknown
https://wurlie.net	register[1].htm.24.dr, index[2].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://www.mfscripts.com/	~DF006BB75F40C378F3.TMP.23.dr	false		high
http://www.amazon.com/	msapplication.xml.23.dr	false		high
https://ykm.de/register.html	~DF006BB75F40C378F3.TMP.23.dr, faq[1].htm.24.dr	false		unknown
http://cipa.jp/exif/1.0/	AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://cipa.jp/exif/1.0/ER_1	AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://www.twitter.com/	msapplication.xml5.23.dr	false		high
https://ykm.de/themes/ykm/js/ZeroClipboard/ZeroClipboard.min.js	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://jsperf.com/getall-vs-sizzle/2	jquery.min[1].js.24.dr	false		high
http://www.aiim.org/pdfa/ns/schema#z	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false		high
https://ykm.de/themes/ykm/js/theme/jquery.waitforimages.js	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/faq.htmlhtmlis	{0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/themes/ykm/styles/screen.css	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://wurlie.net/r_login.htmlhort	{0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/register.htmlNRegister	~DF006BB75F40C378F3.TMP.23.dr	false	Avira URL Cloud: safe	unknown
http://www.aiim.org/pdfa/ns/property#B	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false		high
http://www.aiim.org/pdfa/ns/extension/	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/xW	AcroRd32.exe, 00000001.00000002.392044752.000000000B3C1000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://ykm.de/themes/ykm/js/theme/jquery.easing.1.3.js	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/themes/ykm/images/logo/_default.png	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/api.html#list	bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://www.nytimes.com/	msapplication.xml3.23.dr	false		high
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://ykm.de/themes/ykm/styles/css/layouts/orange.css	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/themes/ykm/images/favicon.ico	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://www.aiim.org/pdfe/ns/id/	AcroRd32.exe, 00000001.00000002.394253994.000000000CF38000.00000004.00000001.sdmp	false		high
https://cdn.ampproject.org/rtv/%	f[1].txt0.24.dr	false		high
https://googleads.g.doubleclick.net	f[1].txt0.24.dr	false		high
https://ykm.de/report_url.html	register[1].htm.24.dr, index[2].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://www.newmediacampaigns.com/page/jquery-flickr-plugin	jflickrfeed.min[1].js.24.dr	false		high
https://ykm.de/forgot_password.html	member_login[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://href.li/?https://ykm.de/65f0a4768a364c1717&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTA	~DF006BB75F40C378F3.TMP.23.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false		high
http://fontawesome.io/license	font-awesome.min[1].css.24.dr	false		high
http://gsgd.co.uk/sandbox/jquery/easing/	jquery.easing.1.3[1].js.24.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/.	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://themeforest.net/user/OrangeIdea/portfolio	docs[1].css.24.dr	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/#	AcroRd32.exe, 00000001.00000002.393703092.000000000CE06000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://html5shim.googlecode.com/svn/trunk/html5.js	register[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	AcroRd32.exe, 00000001.00000002.376215224.0000000007C90000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.wikipedia.com/	msapplication.xml6.23.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://ykm.de	register[1].htm.24.dr, faq[1].htm.24.dr, index[2].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/api.html#info	bookmarklet[1].htm.24.dr	false	Avira URL Cloud: safe	unknown
https://ykm.de/index.html?_t=English	~DF006BB75F40C378F3.TMP.23.dr, index[2].htm.24.dr, {0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat.23.dr	false	Avira URL Cloud: safe	unknown
http://www.live.com/	msapplication.xml2.23.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
104.28.25.219	unknown	United States	13335	CLOUDFLARENETUS	false
172.217.22.194	unknown	United States	15169	GOOGLEUS	false
192.0.78.27	unknown	United States	2635	AUTOMATTICUS	false
74.114.154.21	unknown	Canada	2635	AUTOMATTICUS	false
172.217.23.2	unknown	United States	15169	GOOGLEUS	false
172.217.23.1	unknown	United States	15169	GOOGLEUS	false
172.217.23.66	unknown	United States	15169	GOOGLEUS	false
172.217.23.34	unknown	United States	15169	GOOGLEUS	false
80.0.0.0	unknown	United Kingdom	5089	NTLGB	false
172.217.20.226	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1

General Information

Joe Sandbox Version:	31.0.0 Red Diamond
Analysis ID:	338148
Start date:	11.01.2021
Start time:	18:06:30
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 8m 55s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	Information-Account-Prime-Disable-Service.pdf
Cookbook file name:	defaultwindowspdfcookbook.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	40
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	SUS
Classification:	sus22.winPDF@19/166@10/11
EGA Information:	Successful, ratio: 100%
HDC Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 11 Number of non-executed functions: 0
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .pdf Found PDF document Find and activate links Security Warning found Close Viewer Browsing link: https://ykm.de/ Browsing link: https://ykm.de/index.html Browsing link: https://ykm.de/register.html Browsing link: https://ykm.de/faq.html Browsing link: https://ykm.de/tools.html Browsing link: https://ykm.de/recent_urls.html Browsing link: https://ykm.de/member_login.html Browsing link: https://wurlie.net/ Browsing link: https://www.mfscripts.com/ Browsing link: https://ykm.de/index.html?_t=English+%28en%29 Browsing link: https://ykm.de/index.html?_t=Deutsch+%28de%29
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, RuntimeBroker.exe, backgroundTaskHost.exe, UsoClient.exe, audiodg.exe, BackgroundTransferHost.exe, HxTsr.exe, WMIADAP.exe, SgrmBroker.exe, conhost.exe, WmiPrvSE.exe, svchost.exe, wuapihost.exe Excluded IPs from analysis (whitelisted): 13.64.90.137, 40.88.32.150, 92.122.146.26, 2.20.142.203, 2.20.143.130, 51.104.139.180, 104.79.90.110, 92.122.213.194, 92.122.213.247, 67.27.159.126, 8.248.139.254, 8.253.204.121, 8.248.135.254, 67.26.73.254, 51.103.5.186, 20.54.26.129, 88.221.62.148, 172.217.23.40, 172.217.23.46, 216.58.207.129, 152.199.19.161, 52.155.217.156 Excluded domains from analysis (whitelisted): arc.msn.com.nsatc.net, e4578.dscb.akamaiedge.net, partner.googleadservices.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, wns.notify.windows.com.akadns.net, adservice.google.com, acroipm2.adobe.com, arc.msn.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, skypedataprdcoleus15.cloudapp.net, par02p.wns.notify.windows.com.akadns.net, go.microsoft.com, emea1.notify.windows.com.akadns.net, www.googletagmanager.com, a122.dscd.akamai.net, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, auto.au.download.windowsupdate.com.c.footprint.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, www.google-analytics.com, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, skypedataprdcolwus17.cloudapp.net, client.wns.windows.com, fs.microsoft.com, www-google-analytics.l.google.com, acroipm2.adobe.com.edgesuite.net, ie9comview.vo.msecnd.net, www-googletagmanager.l.google.com, ris-prod.trafficmanager.net, displaycatalog.md.mp.microsoft.com.akadns.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, pagead2.googlesyndication.com, ris.api.iris.microsoft.com, ssl.adobe.com.edgekey.net, armmf.adobe.com, tpc.googlesyndication.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, cs9.wpc.v0cdn.net Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtDeviceIoControlFile calls found. Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

Time	Type	Description
18:07:28	API Interceptor	13x Sleep call for process: RdrCEF.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
74.114.154.21	http://g1security.co.tz	Get hash	malicious	Browse
	https://parg.co/bdZz	Get hash	malicious	Browse
	APPLE Invoice.docx	Get hash	malicious	Browse
	Receipt-LifeTime.docx	Get hash	malicious	Browse
	https://t.umblr.com/redirect?z=https%3A%2F%2Fmusic-city-shop.com%2F%2F%2F%2Foverride%2Fclasses%2Fstock%2Fsan%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2Fvia.php&t=NGQ3MjEzY2E1YTAyZGMxMDVkMmUzZWMzNmQwNWY2YTliNmJhNmNhMyx1Rno5SkZyYg%3D%3D&b=t%3AhKGM0jeSxf1q_W_X9lISHg&p=https%3A%2F%2Fjosephatheo.tumblr.com%2Fpost%2F190844014194%2Fhttpsmusic-city-shopcomoverrideclassessto&m=1	Get hash	malicious	Browse
172.217.23.2	e-card.jpg .exe	Get hash	malicious	Browse
	https://luacclibrary-my.sharepoint.com/:b:/g/personal/polson_luacc_com/EfAoFE3NqkFOtaxmNOJG-7cBczwxxIkQeEoohauxLQI30g?e=RpwCpr	Get hash	malicious	Browse
	https://recovermy3-account.com/	Get hash	malicious	Browse
	https://recovermy3-account.com/	Get hash	malicious	Browse
	http://103.40.8.188/ap/signin?key=a@b.c	Get hash	malicious	Browse
	https://nishimurakoumuten.com/assets/images/wood/outlookexpress/index.php%3Femail=	Get hash	malicious	Browse
	https://web.eventwoaccess.com/goglobal/goglobal/register?_ga=2.243374789.1555520295.1604500994-391290916.1603882332	Get hash	malicious	Browse
	https://online.flippingbook.com/view/96105/	Get hash	malicious	Browse
	MicrosoftEmail_Reactivation.html	Get hash	malicious	Browse
	http://pages.clarizen.com/dc/WRXScLcEN1dR4zDWjpu2BD-3pt2XB3qp-KL2mI6LZblQM73ILB5KRoOqFh6ia76X8jiCjQMqbHUZD8L1oOtOBN-vidy9gluYXpASVTJdCJvbv96N51bho8TJNt7usuzrbaJdT1t3zkAoWDj9BSWVMRLwHOG6X1GflqGf-28MD5Ao0SuF67rlnl4XrEkl6nfOwISnDXI86dg16RUtbnIqIrCRYgqLfOUIyl8BVAmPtagKUgC416wwB-hScG15PSuL6nwULWA-pOqMMwhGOKwA541dR6pQd6E7O879rt-hrUonz5Meop9AKoUOBOyCgYDoEi5efSrQD6V2yRvKU2jgXH6SA9n_y73Iob-zgjqlZee6ZhARRWHeAkHSf6b0XPqJlpJefnOiA8zP5VfcG4Yqv75Cn30Al7AVRBByak96JmCjgg473RrceLfBDsIV-HM0tkIprVEjnTA_45hEyRXnR0IhVe2Ixc0NVjqoAO2zmDSNgnsRpzlpQOY1Hpg2aIKk71PnHgeeQeqhvjeq1BSvGw==/c0n03POB033T2MqZt0CgL00	Get hash	malicious	Browse
	https://app.box.com/s/kt9kxlxan0dxlfcjanytk37vf78687xc	Get hash	malicious	Browse
	http://sfpartnersllc.bubbleapps.io/version-test/index?debug_mode=true	Get hash	malicious	Browse
	https://securemail.usablecs.com/enduser/msg.html?x=d-ac8b3d51e0180abf7a45357f2b6c3b76d7642d23ff7dda12b28b53cbb804d6eb2474e7fe993d4d60804022fb4c14d8b5a9aa43c9561242d49b5d07d57cf93ce6	Get hash	malicious	Browse
	http://aanqylta.com	Get hash	malicious	Browse
	http://dechielfirearms.com/mlired/	Get hash	malicious	Browse
	https://online.pubhtml5.com/rkho/ldvq/	Get hash	malicious	Browse
	https://online.pubhtml5.com/xdrd/migk	Get hash	malicious	Browse
	https://www.yumpu.com/en/document/read/64446890/fax-document	Get hash	malicious	Browse
	https://online.pubhtml5.com/ugab/jobu/	Get hash	malicious	Browse
	http://dbms.pamllaw.com/667697573657070652e6d6172746940626d732e636f6d	Get hash	malicious	Browse
104.28.25.219	ReceiptDOC#KXJAISF2154915.docx	Get hash	malicious	Browse
172.217.22.194	http://149.129.50.37/	Get hash	malicious	Browse
	https://panoramacharter.xyz	Get hash	malicious	Browse
	http://tantric-goddess.org	Get hash	malicious	Browse
	http://slimware.com	Get hash	malicious	Browse
	obliczanie-pierwiastka-dowolnego-stopnia-w-excelu[1].htm	Get hash	malicious	Browse
	https://cutt.ly/lgD28dp	Get hash	malicious	Browse
	http://tftpd32.jounin.net	Get hash	malicious	Browse
	7CFPFFfS4g	Get hash	malicious	Browse
	https://stqtvqfuafwykkyhsgsppgpgmvncrulddrdu-dot-solar-vertex-285913.rj.r.appspot.com/#mlarson@jhhc.com	Get hash	malicious	Browse
	HappyMod-Download-2-6-0.apk	Get hash	malicious	Browse
	https://www.yumpu.com/en/document/read/64446890/fax-document	Get hash	malicious	Browse
	https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssIdZGtK2LGw4coQMwtQcONuf8cVZUVHUrlFgT33_wiLCuxpoweUvHdBH9neY4iW-CZh2SzgITptx6j64F0B2pEU0uoeRfmKTeyn7LSG5Irubqjv6IFl9MeqTp84ZT99WRJlZDMgrwUaUI7QjgNwL22AVveJm980wuVNryiILT2WhxCPmcY8M7PVIOygAXT_382p7PUn7bIByn2OjlTfCiaqta3tAhZWCuROeXZPznm5cGhgUYspVywPb8Y8GbuT5pyEUyF89icmqe5zg&sig=Cg0ArKJSzFtr0kI2Y6Ll&adurl=https%3A%2F%2Fmediterraneanfencing.com%2Foffice%2Flive%3Femail%3DY3JhaWcuaGF5ZGVuQGluc3Blcml0eS5jb20%3D&nx=CLICK_X&ny=CLICK_Y	Get hash	malicious	Browse
	Acunetix Premium v13.0.200930102 Activation Tool.exe	Get hash	malicious	Browse
	http://dbms.pamllaw.com/667697573657070652e6d6172746940626d732e636f6d	Get hash	malicious	Browse
	http://cutt.ly/	Get hash	malicious	Browse
	https://www.canva.com/design/DAEJRw-Cekg/yqHz7lRXkcf0H9s6UXEU-Q/view?utm_content=DAEJRw-Cekg&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton	Get hash	malicious	Browse
	https://www.canva.com/design/DAEJRw-Cekg/yqHz7lRXkcf0H9s6UXEU-Q/view?utm_content=DAEJRw-Cekg&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton	Get hash	malicious	Browse
	https://microsjrl6f22qp9ra0hepfa60rlke.oa.r.appspot.com/?c=mmm014am00am0m04am04am1m015am015ammmm00am1m0m08am014am1m013am016am2m01am1.m01am3m09a	Get hash	malicious	Browse
	https://czohsdpvklpderkoidxjbenlqmeiqupjgfjg-dot-glenxpecial3009493.ey.r.appspot.com/#fsifuentes@greendotcorp.com	Get hash	malicious	Browse
	http://mediaonetv.in	Get hash	malicious	Browse
192.0.78.27	http://ssqi.com	Get hash	malicious	Browse	stats.wordpress.com/e-202009.js

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
pagead46.l.doubleclick.net	e-card.htm .exe	Get hash	malicious	Browse	172.217.23.66
	e-card.jpg .exe	Get hash	malicious	Browse	172.217.23.2
	https://1drv.ms:443/o/s!BAXL7VqGJe6lg0eKk2MZcT_c29ga?e=Qdftz9F3oESsQIuV76Ppsw&at=9	Get hash	malicious	Browse	142.250.180.66
	http://search.hwatchtvnow.co	Get hash	malicious	Browse	216.58.198.2
	https://wfuwdbjwquoiynfb-dot-tundasma.el.r.appspot.com/#test@test.com	Get hash	malicious	Browse	172.217.16.162
	https://www.ensonoelevate2021.com/event/8e8c2672-3b18-40b1-8efc-026ab72e6424/summary?environment=P2&5S%2CM3%2C8e8c2672-3b18-40b1-8efc-026ab72e6424=	Get hash	malicious	Browse	142.250.180.98
	https://bit.ly/3aA3uVV	Get hash	malicious	Browse	142.250.180.66
	http://ovd.ru/forum/register.php?a=act&u=84666&i=25545989	Get hash	malicious	Browse	142.250.180.162
	https://pdfsharedmessage.xtensio.com/7wtcdlta	Get hash	malicious	Browse	216.58.198.34
	http://free.atozmanuals.com	Get hash	malicious	Browse	172.217.168.34
	https://alijafari6.wixsite.com/owa-projection-aspx	Get hash	malicious	Browse	172.217.168.34
	https://j.mp/2MBbcFl	Get hash	malicious	Browse	216.58.215.226
	details.html	Get hash	malicious	Browse	172.217.168.34
	http://search.hwatchtvnow.co	Get hash	malicious	Browse	172.217.168.34
	https://www.canva.com/design/DAESYWKuLHs/avvDNRvDuj_tk82H9Q45ZQ/view?utm_content=DAESYWKuLHs&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton	Get hash	malicious	Browse	172.217.168.2
	details.html	Get hash	malicious	Browse	172.217.16.162
	https://notification1.bubbleapps.io/version-test?debug_mode=true	Get hash	malicious	Browse	172.217.168.66
	http://quickneasyrecipes.co	Get hash	malicious	Browse	172.217.168.66
	https://xmailexpact.wixsite.com/mysite	Get hash	malicious	Browse	172.217.168.66
	https://veringer.com/wp-includes/wwii11/GXQb6HLGz4AV965RfN9795cyETWfmdzBUarzFg4YkqaJnfdTD/	Get hash	malicious	Browse	172.217.168.34
umblr.com	PRODUCT INQUIRY BNQ1.xlsx	Get hash	malicious	Browse	74.114.154.18
	http://WWW.ALYSSA-J-MILANO.COM	Get hash	malicious	Browse	74.114.154.18
	https://www.women.com/alexa/quiz-dialect-test	Get hash	malicious	Browse	192.0.77.40
	Amazon-Service-Center[2368].docx	Get hash	malicious	Browse	74.114.154.17
	Amazon-Service-Center[2368].docx	Get hash	malicious	Browse	74.114.154.17
	https://parg.co/bdZz	Get hash	malicious	Browse	74.114.154.21
	APPLE Invoice.docx	Get hash	malicious	Browse	74.114.154.17
	APPLE Invoice.docx	Get hash	malicious	Browse	74.114.154.21
	Tax Invoice-Castle-Clash-War-Empire.docx	Get hash	malicious	Browse	74.114.154.17
	Tax Invoice-Castle-Clash-War-Empire.docx	Get hash	malicious	Browse	74.114.154.17
	Receipt-LifeTime.docx	Get hash	malicious	Browse	74.114.154.21
	Receipt-LifeTime.docx	Get hash	malicious	Browse	74.114.154.17
	iNYNU6VuC7.exe	Get hash	malicious	Browse	66.6.32.21
partnerad.l.doubleclick.net	https://1drv.ms:443/o/s!BAXL7VqGJe6lg0eKk2MZcT_c29ga?e=Qdftz9F3oESsQIuV76Ppsw&at=9	Get hash	malicious	Browse	142.250.180.98
	http://search.hwatchtvnow.co	Get hash	malicious	Browse	142.250.180.98
	http://ovd.ru/forum/register.php?a=act&u=84666&i=25545989	Get hash	malicious	Browse	216.58.206.66
	https://notification1.bubbleapps.io/version-test?debug_mode=true	Get hash	malicious	Browse	216.58.215.226
	https://veringer.com/wp-includes/wwii11/GXQb6HLGz4AV965RfN9795cyETWfmdzBUarzFg4YkqaJnfdTD/	Get hash	malicious	Browse	216.58.215.226
	http://encryptdrive.booogle.net	Get hash	malicious	Browse	216.58.215.226
	http://getfreshnews.com/nuoazaojrnvenpyxyse	Get hash	malicious	Browse	172.217.18.98
	http://s3-eu-west-1.amazonaws.com/hjdpjni/ogbim#qs=r-acacaeeikdgeadkieeefjaehbihabababaefahcaccajbiackdcagfkbkacb	Get hash	malicious	Browse	172.217.18.98
	https://fdkl5.csb.app/	Get hash	malicious	Browse	172.217.18.98
	https://shocking-foregoing-driver.glitch.me	Get hash	malicious	Browse	172.217.18.98
	https://www.chronopost.fr/fclV2/authentification.html?numLt=XP091625009FR&profil=DEST&cc=47591&type=MASMail&lang=fr_FR	Get hash	malicious	Browse	172.217.18.98
	http://ferreirainvestig.com.br/Activacion/cuenta-cdqd/	Get hash	malicious	Browse	172.217.18.98
	https://survey.alchemer.com/s3/6089047/Contract-Addendum	Get hash	malicious	Browse	172.217.18.98
	https://holidaysintorrox.com	Get hash	malicious	Browse	172.217.18.98
	http://perpetual.veteran.az/673616c6c792e64756e6e654070657270657475616c2e636f6d2e6175	Get hash	malicious	Browse	172.217.18.98
	http://www.cqdx.ru	Get hash	malicious	Browse	216.58.215.226
	http://view.e.business.officedepot.com/?qs=3fe5dee3fd6dc334e57f4fe8c13caa1dc833d1845b46e0df5e76d8dcd189c65840b833e5f8853ee5eca50625943bfd8b71f0d693bc12eda6d7c035c0df2243dc5fe3f7c370b5320b8fd654c8b827b865	Get hash	malicious	Browse	216.58.215.226
	https://designsbytony.co/signin/	Get hash	malicious	Browse	216.58.215.226
	https://designsbytony.co/signin/	Get hash	malicious	Browse	216.58.215.226
	https://www.fosshub.com/Calibre.html/calibre-5.6.0.msi	Get hash	malicious	Browse	172.217.21.194

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
CLOUDFLARENETUS	SecuriteInfo.com.Exploit.Rtf.Obfuscated.16.18733.rtf	Get hash	malicious	Browse	162.159.133.233
	mal.exe	Get hash	malicious	Browse	172.67.193.152
	Client.vbs	Get hash	malicious	Browse	162.159.134.233
	PURCHASE ORDER-34002174.doc	Get hash	malicious	Browse	162.159.130.233
	IRS Notice Letter pdf document.exe	Get hash	malicious	Browse	172.67.209.95
	SecuriteInfo.com.Exploit.Rtf.Obfuscated.16.5396.rtf	Get hash	malicious	Browse	162.159.130.233
	n#U00b0 761.doc	Get hash	malicious	Browse	162.159.133.233
	SecuriteInfo.com.Variant.Graftor.893032.186.exe	Get hash	malicious	Browse	104.31.70.209
	imagnpdf0440690129912239vistaprevia02052329503adobeplayer02304293.exe	Get hash	malicious	Browse	104.23.98.190
	SEA LION LOGISTICS-URGENT QUOTATION.exe	Get hash	malicious	Browse	23.227.38.74
	R1G9cMpG36BO2Sg.exe	Get hash	malicious	Browse	172.67.188.154
	099898892.exe	Get hash	malicious	Browse	23.227.38.74
	Invoice #756-77988-23989646.exe	Get hash	malicious	Browse	104.27.138.99
	e-card.htm .exe	Get hash	malicious	Browse	104.27.201.87
	e-card.jpg .exe	Get hash	malicious	Browse	104.27.201.87
	QyS0Q13lBd.exe	Get hash	malicious	Browse	104.31.71.209
	SEe64c0h6A.exe	Get hash	malicious	Browse	172.67.188.154
	b88rKzKJmJ.exe	Get hash	malicious	Browse	104.28.5.151
	36bjGck9ps.exe	Get hash	malicious	Browse	104.28.5.151
	_00AC0000.exe	Get hash	malicious	Browse	172.67.218.107
GOOGLEUS	mal.exe	Get hash	malicious	Browse	34.102.136.180
	Client.vbs	Get hash	malicious	Browse	34.102.136.180
	SecuriteInfo.com.Trojan.Inject4.6535.29715.exe	Get hash	malicious	Browse	34.102.136.180
	IRS Notice Letter pdf document.exe	Get hash	malicious	Browse	216.58.207.179
	s3CRQNulKZ.exe	Get hash	malicious	Browse	172.217.20.227
	PO 24000109490.xlsx	Get hash	malicious	Browse	34.102.136.180
	n#U00b0 761.doc	Get hash	malicious	Browse	34.102.136.180
	ptrb-ES-2999223.msi	Get hash	malicious	Browse	172.217.23.1
	SEA LION LOGISTICS-URGENT QUOTATION.exe	Get hash	malicious	Browse	35.246.6.109
	099898892.exe	Get hash	malicious	Browse	34.102.136.180
	e-card.htm .exe	Get hash	malicious	Browse	172.217.23.35
	e-card.jpg .exe	Get hash	malicious	Browse	172.217.23.35
	QN08qH1zYv.exe	Get hash	malicious	Browse	34.102.136.180
	VHspB1u63F.exe	Get hash	malicious	Browse	216.239.38.21
	Scan_order.exe	Get hash	malicious	Browse	172.217.23.1
	correos-1.apk	Get hash	malicious	Browse	216.58.198.42
	correos-1.apk	Get hash	malicious	Browse	216.58.198.10
	parler.apk	Get hash	malicious	Browse	216.58.198.10
	parler.apk	Get hash	malicious	Browse	142.250.180.131
	Riskware.apk	Get hash	malicious	Browse	216.58.198.10
AUTOMATTICUS	20210111140930669.exe	Get hash	malicious	Browse	192.0.78.24
	099898892.exe	Get hash	malicious	Browse	192.0.78.24
	QN08qH1zYv.exe	Get hash	malicious	Browse	192.0.78.25
	RF-E68-STD-2020-106.xlsx	Get hash	malicious	Browse	192.0.78.24
	PO21010699XYJ.exe	Get hash	malicious	Browse	192.0.78.24
	http://mckeepropainting.com/.adv3738diukjuctdyakbd/dhava93vdia11876dkb/ag38vdua3848dk/sajvd9484auad/ajd847vauadja/101kah474sbbadad/wose/Paint20200921_2219.pdf.html	Get hash	malicious	Browse	192.0.77.48
	catalogo TAWI group.exe	Get hash	malicious	Browse	192.0.78.25
	http://herculematerilesede.tumblr.com/	Get hash	malicious	Browse	192.0.77.40
	http://free.atozmanuals.com	Get hash	malicious	Browse	192.0.73.2
	https://canningelectricinc.wordpress.com/	Get hash	malicious	Browse	192.0.79.33
	rib.exe	Get hash	malicious	Browse	192.0.78.12
	http://getfreshnews.com/nuoazaojrnvenpyxyse	Get hash	malicious	Browse	192.0.73.2
	Rfq_Catalog.exe	Get hash	malicious	Browse	192.0.78.24
	P.O-45.exe	Get hash	malicious	Browse	192.0.78.25
	Rfq_Catalog.exe	Get hash	malicious	Browse	192.0.78.25
	https://create.piktochart.com/output/51658503-cfo-capabel	Get hash	malicious	Browse	192.0.73.2
	Quote.exe	Get hash	malicious	Browse	192.0.78.25
	https://sharepointsfile.eu-gb.cf.appdomain.cloud/redirect/?param=YW50d2VycGVuLmNlbnRydW1AY20uYmU=	Get hash	malicious	Browse	192.0.73.2
	http://s3-eu-west-1.amazonaws.com/hjdpjni/ogbim#qs=r-acacaeeikdgeadkieeefjaehbihabababaefahcaccajbiackdcagfkbkacb	Get hash	malicious	Browse	192.0.73.2
	https://aftersync.com/blog/rightqlik-quick-access-to-common-operations-on-qlikview-files	Get hash	malicious	Browse	192.0.77.48

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
9e10692f1b7f78228b2d4e424db3a98c	sfk_setup.exe	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	P166824.htm	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	e-card.htm .exe	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	e-card.jpg .exe	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	Payment.exe	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	Test.HTM	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	mailsearcher32.dll	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	mailsearcher64.dll	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	Curriculo Laura.xlsm	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	prints carlos bolsonaro.docm	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://friskyferals.info/cgjx	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://marseral.am/wp-includes/aw?i=i&0=leo.cai@mainfreightasia.com	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://bit.ly/35cYpiT	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	http://mckeepropainting.com/.adv3738diukjuctdyakbd/dhava93vdia11876dkb/ag38vdua3848dk/sajvd9484auad/ajd847vauadja/101kah474sbbadad/wose/Paint20200921_2219.pdf.html	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://new-fax-messages.mydopweb.com/	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://survey.alchemer.com/s3/6130663/Check-11-Payment	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://proudflex.org	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://www.food4rhino.com/app/human	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://www.food4rhino.com/app/elefront	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226
	https://smlfinance.com/wp-content/uploads/2021/DHL2021/MARKET/	Get hash	malicious	Browse	74.114.154.21 172.217.23.2 172.217.23.1 104.28.25.219 172.217.23.66 172.217.23.34 172.217.22.194 192.0.78.27 172.217.20.226

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	820
Entropy (8bit):	5.702678492090885
Encrypted:	false
SSDEEP:	12:vDRM98k6eZiEDDRM9MiVZiEADRM9vWVZiEkDRM9GxZiE:7tXE3FieE2YWeEiVqE
MD5:	B3E5B0C4E783901AE9D4CD907D7EA4F3
SHA1:	6DFB9CFC5BEA3BF1F2AB8B012803601E6FE3C196
SHA-256:	8AF87AAACB16F7EA0A95A6E8D27445D26739AD8481A605AACA3B2ECA661A0076
SHA-512:	997537C175ECB0933E8F6E4B386A7796709D8E0787A8862211D6481A2B26C9F80E93AB4686078D508A7F1EC90C0925CB3AB634BD54347048F1BFA222CE72300E
Malicious:	false
Reputation:	low
Preview:	0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js .....@./....."#.D.7p.A..A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo.......@.?........0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js .=.?.@./....."#.Dw...A..A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo.........&........0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js .f[Z.@./....."#.D `v.A..A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo..................0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js .`.\|.@./....."#.DIJ..A..A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo.......v,;........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	696
Entropy (8bit):	5.651138238886709
Encrypted:	false
SSDEEP:	12:V9zr899PQnl9zI9PQYP9zfaS9PQ2d9zPZ9PQ:XzQ99PQnnzI9PQYFzSS9PQazPZ9PQ
MD5:	0FD5A50978A2EDECFDCBDEF0A04B0D53
SHA1:	07070AA69C16343C2CED3600E4E124EE369B2CC2
SHA-256:	8D0601114B8C5F0AFFAFEAB171A152DC0580EE83D22219A9E67B7E362A6ABD1E
SHA-512:	E297AAB9B278DCDA3FE2B78CCD19CE3E1A9CA0556D9E6AE8ADDD81784FCA4362C32DF564DE53976DB707282DE98F345598E2DB9255C6BA7094B78237335D0E2E
Malicious:	false
Reputation:	low
Preview:	0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js .....@./....."#.Db.%.A..A.1.x.'.vI..\|Z..o...+.4....0..A..Eo...................A..Eo.......F.l........0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ...+.@./....."#.D...A..A.1.x.'.vI..\|Z..o...+.4....0..A..Eo...................A..Eo......vY..........0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js .2.G.@./....."#.D`['.A..A.1.x.'.vI..\|Z..o...+.4....0..A..Eo...................A..Eo................0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ..ql.@./....."#.D...A..A.1.x.'.vI..\|Z..o...+.4....0..A..Eo...................A..Eo......?..#........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	984
Entropy (8bit):	5.616926894389946
Encrypted:	false
SSDEEP:	24:tB4v4oRHSBXB4v4DxYSBCB4v4nG4SBTB4v4OSB:nMBtSBRMAySBSMcSBtMFSB
MD5:	D53EE18CBC236E3A5995638C3998972B
SHA1:	92BAD5F782232EEED1156FC1D0BE31AAA3B9A54A
SHA-256:	046F92FAC9FB343BE9502E71BAF9424F8780EC6A2A51EADA66E2B5B795A1261D
SHA-512:	8B52A142EAFB81CE725626299333D1506C9375A9792C4B8752756128392730B3968F03368319F6DC45D1AFAB1688F196D5ABA83ECF073D41E7851E01687EFE4E
Malicious:	false
Reputation:	low
Preview:	0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js .....@./....."#.D.+n.A..A..hvDO.N.t@.....n....... ....A..Eo...................A..Eo......wdl.........0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js ..=.@./....."#.D...A..A..hvDO.N.t@.....n....... ....A..Eo...................A..Eo.......W.&........0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js ..YZ.@./....."#.D..u.A..A..hvDO.N.t@.....n....... ....A..Eo...................A..Eo......b(.J........0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js ...{.@./....."#.DJ...A..A..hvDO.N.t@.....n.*...... ....A..Eo...................A..Eo......Nc..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	464
Entropy (8bit):	5.687561447312121
Encrypted:	false
SSDEEP:	6:mNtVYOFLvEWdFCi5RswMte+mk6iiWulHyA1TK6tu+NtVYOFLvEWdFCi5RsMtWiWt:IbRkiDMteU6nWusswwbRkiDJ9Wusss
MD5:	0553D89A70CE1F6435CD3D2C176E03B4
SHA1:	863EB0123A414AA6AB5B7BC31A6954F7F8711BFB
SHA-256:	56AF2AC1581172025A556CF111DE9C2C43956BC2B72B033FC42BF69072A14027
SHA-512:	D16D0BA64099DE482BFE96111145763A9289553F1E1522EE276F94A70C193E8291804DE3336B1151A8F0D2E285B7770EB245BDE6EAFF80C445E9F41E98D6E724
Malicious:	false
Reputation:	low
Preview:	0\r..m......h.....'....._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-tool-view.js ....@./....."#.D...A..A..8 P..a...R..Y....7.@..2Dm{..A..Eo...................A..Eo......~..........0\r..m......h.....'....._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-tool-view.js .s(_.@./....."#.D...A..A..8 P..a...R..Y....7.@..2Dm{..A..Eo...................A..Eo.................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	420
Entropy (8bit):	5.608377047902467
Encrypted:	false
SSDEEP:	6:m+yiXYOFLvEWd7VIGXVu1RPVyh9PT41TK6t72+yiXYOFLvEWd7VIGXVutTAMVyhy:pyixRu1V41TEnyixRu/V41TE
MD5:	D09D2DAD435D62C0FBCEC2A31C76409D
SHA1:	EDE572E0C62C55FE2556E6310FC0E4FAD6DA1BAB
SHA-256:	857F99554AEC6DDAF99780310E173BFF4CB602FEBB6903E60AD64F1F37166841
SHA-512:	D95B97011AB7E1844E427B5647452D0DC052BF06C6272047CB8AF4B4C930B8107B082ED7032A56722A8F9E49AC4AF30F5F887D95EDFE306D558AC29A84EC9511
Malicious:	false
Reputation:	low
Preview:	0\r..m......R...kP]g...._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/selector.js ..b?.@./....."#.DN&..A..Ak.Q.....-_..y.....O...>..1....A..Eo...................A..Eo.......'.........0\r..m......R...kP]g...._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/selector.js .H.{.@./....."#.D....A..Ak.Q.....-_..y.....O...>..1....A..Eo...................A..Eo......j.N?........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.65652213540904
Encrypted:	false
SSDEEP:	6:mvYOFLvEWdhwjQdyulECLZIl6P41TK6tqevYOFLvEWdhwjQxgZl/WJLZIl6P41Tn:0RhkQy5CLZC7RhkcgbuJLZC
MD5:	088589183E175B8AB7E64B395CD9EFD2
SHA1:	20D83F612A906C1BF2E1F4C7D6C934DAEF8BECB2
SHA-256:	BB6C243810BB55C87704885631481E83C4B7682B4E9F4DFD0BC18BF3F7517647
SHA-512:	459F1E1AAED0ED2BB74A91535406E0AF1B443533DE5CB4E5B899DB1A564A279FC4D94E23FA5F4911B06C576EEB91D396EB0BA79A7A4D3299855EDC217953C6F7
Malicious:	false
Reputation:	low
Preview:	0\r..m......X.....V....._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/plugin.js ...9.@./....."#.D.H..A..A.].>....uUf..N...k......c..l.A..Eo...................A..Eo......W.6o........0\r..m......X.....V....._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/plugin.js ...x.@./....."#.D.J..A..A.].>....uUf..N...k......c..l.A..Eo...................A..Eo.........H........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.542143667721754
Encrypted:	false
SSDEEP:	6:mJYOFLvEWdGQRQOdQynWv06g1TK6tTtMJYOFLvEWdGQRQOdQV5nv06g1TK6tF:2RHRQCBW81wRHRQCU01
MD5:	FE0953743595685AD4A77457107369E7
SHA1:	231F2414EBAA22A83BB778CDB5140FA125B02CE3
SHA-256:	8D49E189BFBA58E2EEF66C92457CDC1ED3657E82C2619889ADE0C337257FC769
SHA-512:	D25DDA04F10C3E023ECDA2E9D91D32EFF5E2AE4093C5152882E0D0C551ED4704AA5DC9BE566C6D4487DEBF9CA5625F86E671BEA2C19CE96675F3A3FEBF242E3E
Malicious:	false
Preview:	0\r..m......Q..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/plugin.js .J~?.@./....."#.DsH..A..A..c..y/L....\|y.n..C/I.....X7-ne.A..Eo...................A..Eo................0\r..m......Q..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/plugin.js .z.\|.@./....."#.DNa..A..A..c..y/L....\|y.n..C/I.....X7-ne.A..Eo...................A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	716
Entropy (8bit):	5.6090334555231625
Encrypted:	false
SSDEEP:	12:Z5MlVtZMuR/EC5MPz/NMuR/E+5MIUMuR/Ej5MShMuR/Ee:ZSlVteuR/ECS7yuR/E+SEuR/EjSFuR/E
MD5:	B92F35D7EE2D2491D066FD9C537F3007
SHA1:	3595853EF6EF085733716B6F34775F78BAAFAAC3
SHA-256:	FBE8121891F7CACC95F49B9BB616D106DD0EBF41EE02A705C37EA3D8D1086753
SHA-512:	C05BB1FCF6FA3A7BF265D7B0F1CB9CE295A370D5577AAA9A46EDB0A963581F907A55681E197FF65BE23852962E14CDDA6FF8AC97CD64633BEAB38C1EAD32F8C1
Malicious:	false
Preview:	0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js .z...@./....."#.Da5&.A..A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo......+..L........0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js ...+.@./....."#.D.4..A..A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo.......!..........0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js ...G.@./....."#.D..'.A..A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo......J...........0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js .&.l.@./....."#.Dd...A..A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo......_b..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\39c14c1f4b086971_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	212
Entropy (8bit):	5.626248984885863
Encrypted:	false
SSDEEP:	6:mGpYOFLvEWdzAAukoTK5m0bbsIDMGH41TK6tAF:XfRM6oO8KsIZES
MD5:	E98725ACFF8FA4945F931A522438BD97
SHA1:	DC0495C5FE156B2A4995F3F429EAC12882690FCF
SHA-256:	2F4FAC6463BCEF513B103BD6DAF07A21B8BC076BE61E76EAE1CAA9883FDF9266
SHA-512:	A3F565ACCB4C5D8DF2DE8DBC97F8E70E8BCE0F861F59D6F6EF61EC3BAB5F8B65AD1E1A99494430E3C11B0F7B397EB2BFB1D88B42E0A7A7346B1AD05CA564C38A
Malicious:	false
Preview:	0\r..m......T....,.^...._keyhttps://rna-resource.acrobat.com/static/js/plugins/walk-through/js/selector.js .YFJ.@./....."#.D..0.A..A..`.....^....L>..Xa./......C.y.A..Eo...................A..Eo......#..G........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	428
Entropy (8bit):	5.550479329638553
Encrypted:	false
SSDEEP:	6:m4fPYOFLvEWdtuNLF0by0zBUKSAA1TK6tbe4fPYOFLvEWdtuYu35by0zBUKSAA13:pRfbeVxRfkbe
MD5:	E97B09BFA213868C826E58A2BC7D29B6
SHA1:	A1DD88C4CD6741A44421DDB82315B32B61304781
SHA-256:	B38BB006BB2860C60FA1AA3C1235B695B89ADE0099CF740752144A040F4CBA68
SHA-512:	9718238C00BF5BD9C75BBFC93A5D75C26C4105A2B62C9297E33CDC3B9140D16BD9F3D4B7867191B45E1945A38C56F1A68899068C42D0B5AC1FFBCEF820478AA8
Malicious:	false
Preview:	0\r..m......V..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/search-summary/js/selector.js ..%@.@./....."#.D....A..AQ..E.=....=h`t..t..3%A.F$..w..A..Eo...................A..Eo......c.B.........0\r..m......V..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/search-summary/js/selector.js .?)}.@./....."#.Dp#..A..AQ..E.=....=h`t..t..3%A.F$..w..A..Eo...................A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	708
Entropy (8bit):	5.600721338054688
Encrypted:	false
SSDEEP:	12:KkXxKMSCvUeu+4ytUllkXxKMSCvWO24tUlC4kXxKMSCvKmtUlJ4kXxKMSCvYMtUj:KkXxiCekWlkXxiCrWC4kXxiCymWmkXxc
MD5:	CAD3E1FB3E8609482C29ED4ADEA303DF
SHA1:	828FD267BEF522AF799E4BA205DD0C29C9A612A0
SHA-256:	A277E1FB7DFA4F55671FC37AE911FC976A1F5F96EC46C55EE67DC93E7EBD1B04
SHA-512:	668D9B28F104C5BFC1ECD7E6DEFF6DAB96E1C1DEB84D8231C7E664D95643B520CD4110C933DDE48DD0B363D3D4FDF9D325CEC30429730F3E4C94B48DB2E47FA5
Malicious:	false
Preview:	0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js .)...@./....."#.D..&.A..A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo.........n........0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ..+.@./....."#.D....A..A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo.......&<.........0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ...G.@./....."#.Dn.'.A..A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo.........k........0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js .T.l.@./....."#.D....A..A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo.......{Nl........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	748
Entropy (8bit):	5.6211519322545005
Encrypted:	false
SSDEEP:	12:5h6OL0L2Jnk+h6OLJk3h6OLg+Ukzh6OLOnk:5h6RLn+h6r3h6l+Bzh6fk
MD5:	091E2DCEB714876C00AC2DBD4DE87DFA
SHA1:	783A571B190F6B52200C9C59D2E4B214718E758E
SHA-256:	E35FDBF9005E221D9889AE6F7765DB95AA9E7B7956F7DD6201BFD39B4432804A
SHA-512:	0BC505B32DF88D4BA132E890ADECE55B23151F94D9EB522A30F1194CB04E3266309B3D6D7E3E33E84B7CE90336D0E9B7B9DEAB078937FC5B017AD5DCE1979E7D
Malicious:	false
Preview:	0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js ..>..@./....."#.D.R\.A..A..q.O...j....._y..L^z...?..@N..A..Eo...................A..Eo......N.o1........0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js ...6.@./....."#.DI,..A..A..q.O...j....._y..L^z...?..@N..A..Eo...................A..Eo.........Y........0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js .D.U.@./....."#.D.@`.A..A..q.O...j....._y..L^z...?..@N..A..Eo...................A..Eo.......z..........0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js ...v.@./....."#.D.D..A..A..q.O...j....._y..L^z...?..@N..A..Eo...................A..Eo......?.J.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	976
Entropy (8bit):	5.649984606670983
Encrypted:	false
SSDEEP:	24:UB4v4w3wzXLnxfB4v4OvwzXLn9cB4v4/FvwzXLnHB4v4dwzXLnr:8MdMbnfMzEbn2M8FEbnhMrbnr
MD5:	06C733BA2BD9D4DCF54F23F97E76851F
SHA1:	7B2781E3B0332032EDDABAA8941238BAE83DB562
SHA-256:	5EB9223F3E79BBFC27DD29F339F771ABC5828B5727ED707B205556D0ED8AB4AC
SHA-512:	98E84D4FAE777BB8EF80506DF6BA778DD70F1FC3D01A09E403FA755DE08DFA975DFF59DB772398AB8F34DFF760BAC8E8E0C8BBF8E841A1A5E9586F5ECB095FAE
Malicious:	false
Preview:	0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js ..'..@./....."#.DR.s.A..A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo......NjoR........0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js ..d?.@./....."#.D....A..A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo.........<........0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js .v^Z.@./....."#.D$.{.A..A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo......@.4.........0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js ..%\|.@./....."#.D....A..A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo.......(.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6267ed4d4a13f54b_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	210
Entropy (8bit):	5.546160280053087
Encrypted:	false
SSDEEP:	6:mq9YOFLvEWdzAHdQ2ouAkAK5GFCaa+41TK6tm:NRMHdt75Gda+Eg
MD5:	76B9964BDC4E4376390FDC647F2064C8
SHA1:	8A408A186CF98F1E58A0281C21517ADEE7B226C0
SHA-256:	7E392F013A6E8B1EDFBA76212D5ED2F96783BF5226934346FF20C0EEDAD5B8AA
SHA-512:	592B288D4A1AB9D5AC3DEAD1E1E3C1303ABC884EDA17D2FF55A52BE9F993951CFE890E335C59A6A0CC1D85195C2990A9A95423B6C5626AAA278656DAE7856F2D
Malicious:	false
Preview:	0\r..m......R....L......_keyhttps://rna-resource.acrobat.com/static/js/plugins/walk-through/js/plugin.js ..cJ.@./....."#.D..1.A..A...G.3D.....Q.g0...._.Q.........A..Eo...................A..Eo......2.w1........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	422
Entropy (8bit):	5.527925631329872
Encrypted:	false
SSDEEP:	6:ms2VYOFLvEWdvBIEGdeXu0bgZtcjc11TK6tm2s2VYOFLvEWdvBIEGdeXuD9D5113:BsR2Ese9b6D0RsR2EsemX
MD5:	D9B568D20C3C950C5D0B264FBAAD497E
SHA1:	1FFC8F3FA8C6E5A8DE08CC15D6F1DC6CA16260E5
SHA-256:	824A478A2E2461DAF7DDD9F5711730A59BCF5EB91AF1797F08A7348186E196E2
SHA-512:	6D1FFE1530F76D5BEC1D3FE060341F1D5D411B0F3352625D7C708FE81FBDD266A0EFDEA5D3B656009EBB865645E7302A0C10705FD3401626505B8FD0B569F5BB
Malicious:	false
Preview:	0\r..m......S...]......._keyhttps://rna-resource.acrobat.com/static/js/plugins/add-account/js/selector.js .g.>.@./....."#.D....A..A.A.o]@r..Q.....<w.....].n\....A..Eo...................A..Eo........_6........0\r..m......S...]......._keyhttps://rna-resource.acrobat.com/static/js/plugins/add-account/js/selector.js ..{.@./....."#.D+...A..A.A.o]@r..Q.....<w.....].n\....A..Eo...................A..Eo.......F#.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	404
Entropy (8bit):	5.669187766254238
Encrypted:	false
SSDEEP:	6:maVYOFLvEWdwAPCQSZtQ+kF+B7OhKlvA1TK6tVaVYOFLvEWdwAPCQ3uoqxV+B7OB:RbR169eIJkGbR16wGrIJkP
MD5:	49B3C43CC904ED507E1C7A3BDA4491CA
SHA1:	5E2F8BD9362B26CFE39CA28FC5C5D1DC28E406DC
SHA-256:	0A60FFCC515895765A0C605AD4DC33290F33980159AB870F7CCB784B62B9064D
SHA-512:	D54578643BA5A317BC08070EAF6503143806F3DBD3D1871AF4FB0534A5B93C2E432FBF67FC23E41861B3EC400137228198DEC80BFF507DAA903296DC0B577467
Malicious:	false
Preview:	0\r..m......J......{...._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/plugin.js .:.9.@./....."#.D....A..A..4T].....Tw.....(..b...EO....9.A..Eo...................A..Eo......l.OQ........0\r..m......J......{...._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/plugin.js ...x.@./....."#.D....A..A..4T].....Tw.....(..b...EO....9.A..Eo...................A..Eo.......}<........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	422
Entropy (8bit):	5.572214235255749
Encrypted:	false
SSDEEP:	6:ms2gEYOFLvEWdGQRQVu2lTlV0QdFt1TK6tss2gEYOFLvEWdGQRQVu0ou4TxeQdFX:B2geRHRQb00R2geRHRQPS00
MD5:	AE2308E2F677D3E4943B317706E82EB4
SHA1:	6FA3FCA9DF15D4C5F4A0E367D6214CD19CCF809C
SHA-256:	D599F175FB490FDC23D39847722C8635C8580F02335488FC70DAED64E3A77293
SHA-512:	859D850A4D2D4B95C42FA0E9604903A59B377CA7DE63F487F9C0FE5B4D7F1E7CB251665509A91AE7953F45A5E8AF252FD0ADD63A0921BC8478E10020334FE03F
Malicious:	false
Preview:	0\r..m......S...W.%z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/selector.js .oT=.@./....."#.Do...A..A@..{o]...9o\|..qY....T....{..u.b..A..Eo...................A..Eo..................0\r..m......S...W.%z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/selector.js ...{.@./....."#.D.C..A..A@..{o]...9o\|..qY....T....{..u.b..A..Eo...................A..Eo.........]........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	824
Entropy (8bit):	5.667148665594576
Encrypted:	false
SSDEEP:	12:WyeRlTuYt1wHyeRlY8yt1whyeRlv72Rt1wpyeRl5yt1we:WJKYfwHJQBfwhJH72RfwpJEfw
MD5:	6AC420B618A4EB617F3FD00C8AA468EE
SHA1:	DE9540EA1D819C7ACA6A781FB2A5914801F942C0
SHA-256:	6A2C86571271594BCCC504E1F52C460F16C486BEFB597E197597457E4E263BFA
SHA-512:	80FA8EB30B879B65F65A82487336CDB14216411732C797F0AD50EE2B93BA924F0DD322481A08A31CC0D57221B1F1A19843079B2CE022E456779654D1EB17C923
Malicious:	false
Preview:	0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js .....@./....."#.D`.d.A..A.t\a......x5.'OuE.C..@......x..A..Eo...................A..Eo.......;5........0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js .~.7.@./....."#.D....A..A.t\a......x5.'OuE.C..@......x..A..Eo...................A..Eo......x.e.........0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js .i.V.@./....."#.D.&j.A..A.t\a......x5.'OuE.C..@......x..A..Eo...................A..Eo........vK........0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js ._Bw.@./....."#.D....A..A.t\a......x5.'OuE.C..@......x..A..Eo...................A..Eo......../.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	436
Entropy (8bit):	5.586306964324677
Encrypted:	false
SSDEEP:	6:mnYOFLvEWdhwyu5X+JCqwK+41TK6tQ2nYOFLvEWdhwyu/GoKtcCqwK+41TK6tK:wRhHwK+EFRhIGXGwK+E
MD5:	4B2877EBD1DDB3E45F4686DBA8A10011
SHA1:	DB2F61A8D8B1D86DE70A4393551216B592FE1C40
SHA-256:	9919029F6316E5C768FAA432F7BCE5E1424268F57C530D4DCF37EF7F8CFCFA4D
SHA-512:	8EA831D872911C43C180DDA06BA1CCC0C05D8F2B1E163EF0DEAFCDBF9CC2DDAE4A427343D8B857C24E5D00E90D8BD7FAF6FDE2D846C8EFFDAD7C49F0ADADFA3F
Malicious:	false
Preview:	0\r..m......Z.........._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/selector.js .6?9.@./....."#.D#...A..A.......7...o..a=.98I......(3.$G.A..Eo...................A..Eo.......9.g........0\r..m......Z.........._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/selector.js .0.x.@./....."#.D....A..A.......7...o..a=.98I......(3.$G.A..Eo...................A..Eo......pZ..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	920
Entropy (8bit):	5.666060176446061
Encrypted:	false
SSDEEP:	24:/PJ/lmi4hPJ/Obi4rPJ/6Ii4KPJ/AIi4:XJNmi4FJWbi47Jni4mJxi4
MD5:	54034BD6D0F181C967EC2C070FF0E9F4
SHA1:	B34656593B703AFD7861C57A27B44866F298BB88
SHA-256:	6847CB4F7967CD9D4099191974975E833DB007A8FF888AA9D692068C573FF8BA
SHA-512:	310979E04053A350673AF95B3A25BBD450E5F251A717D49D5F1D24DBB408E71CD4C53E19BC429B0D53EE767C4E18BA2286BABBCF807DCF5CB06622247BDF99EB
Malicious:	false
Preview:	0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js .R...@./....."#.D..d.A..A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo........1.........0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ..7.@./....."#.D)...A..A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo..................0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ...V.@./....."#.D..i.A..A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo......+{&.........0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ..@w.@./....."#.D.o..A..A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo......$...........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	744
Entropy (8bit):	5.665543055845509
Encrypted:	false
SSDEEP:	12:xqTHVtOCPLnKfqT/p2CPLnP5qTaCPLnQqTYVCPLn:ArOMnRN2MnQ+MnHaMn
MD5:	99E96A7853AE33735D652CF943014E7E
SHA1:	B306FC89D5BA3D344A3B17D4DF85D595615FA08A
SHA-256:	2EAD6DE9B60FD4D5DF8FE70706DC50F809593E0E1F66EC879D5705C9CFE7DE94
SHA-512:	5FF2444FA4C5BE3179526A4F8DAB167F25025045F7FEEE709D0BAE7DF75D9E16063BB078777EE0205808834FB76F8DD5271F16938582A5C02B042F329054C6C4
Malicious:	false
Preview:	0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js .o...@./....."#.D.D\.A..A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo......,N.$........0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js ...6.@./....."#.DW&..A..A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo......u.d.........0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js .w.T.@./....."#.Dk._.A..A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo.......M..........0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js ...v.@./....."#.D.;..A..A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo.......d..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	828
Entropy (8bit):	5.652145869007757
Encrypted:	false
SSDEEP:	12:zRMe/fsDXRM8i/sDmBRMkIsD0ZRMnbsD:zB0DXDPDm1D0ZRD
MD5:	5E0F2B8E8D7B3B49797C95961C8A375E
SHA1:	1A072345985393F736663E7E7C71F96D54608AA8
SHA-256:	8FF9D0B3CA29F6C3D445B6E0940341660A607FCB7EE365F1C4CBF8CCA3631EA8
SHA-512:	E772CC76F8EFD30A06403F2CB675711E472162474F8D2C1AE516038C55B45B2F2B5DAF141A1D6DE349B24D7DB2307CEC7B5B9320635AD8D7970F2213915B20A5
Malicious:	false
Preview:	0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js ..k..@./....."#.D..m.A..A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo.......4.D........0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js .'.>.@./....."#.D8...A..A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo........~`........0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js ...Y.@./....."#.D..t.A..A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo.......8.G........0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js ...{.@./....."#.D....A..A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo.........u........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	840
Entropy (8bit):	5.658295069135241
Encrypted:	false
SSDEEP:	6:mYilPYOFLvEWd8CAdAuGl9J3+Fong1TK6tEYilPYOFLvEWd8CAdAuO+A+uFong18:6lJR/yoM6lJRJoM/lJR57oM0lJREoM2
MD5:	C13AC2CCCEBEA918257A7E5CE957A27E
SHA1:	6ECCAAF05E944D5618A81999CA3D5E0FD88EBB90
SHA-256:	D5DACA9C0E86653D4FEA03BCF552BF1BE0505A133A52F667B37805FA677D5A1C
SHA-512:	9071CE7AEDCCBE989729205B5CF8CD9342AEED395800FC30801F038896F37B6E5281FAD8FFBD5299795B01477AC328619BDC8D33C218AAB27604142F652A7FB5
Malicious:	false
Preview:	0\r..m......R....\|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .!...@./....."#.D..n.A..Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo..................0\r..m......R....\|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .._?.@./....."#.D....A..Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo..................0\r..m......R....\|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .-.Y.@./....."#.D..t.A..Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo......l.f.........0\r..m......R....\|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js ...{.@./....."#.D....A..Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo.......MB*........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	892
Entropy (8bit):	5.6643903340722686
Encrypted:	false
SSDEEP:	12:F8hRrROk/1zCn2in8hRrROk/Dsow2l8hRrROk/p2H/8hRrROk/DRL20:UPJ/Ni21PJ/Dfw20PJ/p2KPJ/DRL20
MD5:	4D6CFE24674B2DE2104BF5977088BCD0
SHA1:	81E09431DC7400AE0DE3540F6B949EADE9B485EC
SHA-256:	F083CC2FAD2C6E95740B3157881F1D94B897EFD802103742A1F686D306CFBBBA
SHA-512:	1F872A5CDD56B8DE59E27134724692A8BD7E246B5D05059869E2BF961C1379D0FBFE16388F9C000C7BDE9C4BA36F552A97AE8E706131699E421B9CC4AE52D9B3
Malicious:	false
Preview:	0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js ..`..@./....."#.DX.d.A..A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo......(!Vx........0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js ...7.@./....."#.Dv...A..A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo......L%fQ........0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js .q.V.@./....."#.D.zi.A..A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo........A........0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js ...w.@./....."#.D.^..A..A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo......?.c.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	852
Entropy (8bit):	5.726870878511555
Encrypted:	false
SSDEEP:	12:ehRcc9zINJICk4hRcJYKNJICW4hRcWNJICZmhRcCFNJIC7:ehNSJICk4hoJICHhzJICEhtDJIC7
MD5:	28274758A469456740351E4384D684B9
SHA1:	CA0CF4F4B274CA5556A85ED6705FD990E6E3C534
SHA-256:	11A51610B2ADD0E4A565771E191234A3C17F2544B155FE878BD98FC7CA09B240
SHA-512:	2882B27E019C08E3D7ED964AA1C1EE717295FAD5E17D448EEF21FD2196244452D1E75B39CEE61E77A1AEB1F9B5321644D40BA310E8B156D79229AFA6BACDA7CD
Malicious:	false
Preview:	0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js .q...@./....."#.D..d.A..A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo.......,..........0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js .B.7.@./....."#.D....A..A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo......(.F.........0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js ...V.@./....."#.D.Yj.A..A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo..................0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js .Glw.@./....."#.DG...A..A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo......[_g.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	832
Entropy (8bit):	5.643315886583072
Encrypted:	false
SSDEEP:	6:mOEYOFLvEWdrIhuSlp+2bLzgm2d/1TK6tsOEYOFLvEWdrIhuFekg8Lzgm2d/1TKF:0RAlEKReQRQiReVvR1l6//Re3R2KRer
MD5:	C97C23937618BE7ABA252605A2C7B6D9
SHA1:	9CC4821A40C53FC0162F47E83CE84CAC0C76BAD8
SHA-256:	4A59AA1C4FE5CFF197DF52F30EB3E698B1279071B0E26FAB8670EB94FC4B5153
SHA-512:	86E8F60F310C516A245648EC7F15DEE4EC2B972855163662EEA026486C1ACD8A2082A668DC2A139CAE1C98C9E921D45B6AABDCD3A70F3CEEE8F1ACBDE7ED4E26
Malicious:	false
Preview:	0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js .....@./....."#.DL8b.A..AZ.Z}Q..4.o....0+..[\|..n:..U.W.A..Eo...................A..Eo....... :.........0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js .Mu7.@./....."#.D>...A..AZ.Z}Q..4.o....0+..[\|..n:..U.W.A..Eo...................A..Eo.......,.........0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js .\|.V.@./....."#.D..h.A..AZ.Z}Q..4.o....0+..[\|..n:..U.W.A..Eo...................A..Eo.......hg.........0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js ...w.@./....."#.DG...A..AZ.Z}Q..4.o....0+..[\|..n:..U.W.A..Eo...................A..Eo......I9.v........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	752
Entropy (8bit):	5.6420531520072545
Encrypted:	false
SSDEEP:	12:6JJKb/tI7JJKgK+IgJJKcoIhI/JJKgWoMfahII:6JIb/O7JIgegJIf/JI5nVI
MD5:	E6BA47C7A3A07BAD5540ADE1EB406070
SHA1:	29F07020A0A90CFD992C1CAAADB4DCE51DCD7300
SHA-256:	B012C400E3E04B714BB118BF0BC38DB08B11C0B77398FB20E92571D2A29EC489
SHA-512:	43F6A2A9F1BBD0192F727B5E7A3BA58A46EB14DE66DA421BD2875468572C41534CC455CA5FFEC0BBEB64C5B6A5A98C8CEAFA47630F428C4B1A28B054D9550586
Malicious:	false
Preview:	0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js .._..@./....."#.D.x<.A..Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo.......E)z........0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js ...-.@./....."#.Dl...A..Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo..................0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js ...I.@./....."#.D.n:.A..Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo......9.%.........0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js ...n.@./....."#.D....A..Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo.......?..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	428
Entropy (8bit):	5.68094770908088
Encrypted:	false
SSDEEP:	6:mWYOFLvEWdBJvvulZCzrhUDLYtmOZn1TK6tZm8WYOFLvEWdBJvvuwyuu0lihUDLL:xRBJJzeDcFZLPmTRBJ6OlXDcFZL
MD5:	5AD4F6908E9AFAF3D67BCC098971A643
SHA1:	AC683FDA21A52CFFAB78E9D1D7039FEF5971AF73
SHA-256:	FB2995E3625BC5FEA48127C8866A9FE86B71B00BA16DC801FEEC93A370C60E5B
SHA-512:	381D161C5B2D3C2EE64C0B0A2CEEB444E0BCDA0BE85A08F937023048656BBFD63B39DFB52EB0F0005C167C9748ED50C2A78CBD0F43910AE616D77390F0B2D356
Malicious:	false
Preview:	0\r..m......V.....h....._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/selector.js .*.>.@./....."#.D....A..A....t.q..W.EZ....1...[.zC.7mD..A..Eo...................A..Eo.........P........0\r..m......V.....h....._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/selector.js .1.{.@./....."#.DZ+..A..A....t.q..W.EZ....1...[.zC.7mD..A..Eo...................A..Eo.........d........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	844
Entropy (8bit):	5.6397099584839525
Encrypted:	false
SSDEEP:	12:BPHm9RcQPHvZgE4RcnlZPH09S7czPHYog7c:BPHURcQPHvZEcrPH0I7czPHYog7c
MD5:	293A21870ADB88923EB7ADE6641F8EAF
SHA1:	A49405BEA2D562C85DFB07D86F7C0586D493393B
SHA-256:	F11EAC4AB747616A204ADD8D7AA9F815B92C1F89BFBCB1552787233D826FBE26
SHA-512:	36D5023E9712E4348DD6CF5641D62E6730DB2B4C7E14D03F3DE6100ADC292B6F0B3D8A86075B96E6AFD89E5661E2A8EFB4727B472746E98FD9C5D2E3F0CC2811
Malicious:	false
Preview:	0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js .....@./....."#.D#.&.A..A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo.........&........0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js .y.+.@./....."#.D.a..A..A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo......@...........0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js .<.H.@./....."#.D..'.A..A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo..................0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js .Z.l.@./....."#.Dj2..A..A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo......L..!........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	416
Entropy (8bit):	5.603377762145338
Encrypted:	false
SSDEEP:	6:mKPYOFLvEWdENU9Q4Tn/k6diM3Y1TK6tZNMKPYOFLvEWdENU9QhxeiM3Y1TK6tN:bJRT9d/bdr07TJRT92er0
MD5:	DFF31E91CAAD0675D742A5B0E3FFB33B
SHA1:	E3F7E1012588F5E5B830AB070C4A88C8F810D016
SHA-256:	147868E72A1A59C1CDE3285EDA0DC50DF1393580BD4E2BEA91A3FCDDEC390C09
SHA-512:	1D3047B519156DB6257807714EB01ECDB9473DF1789F55EF8AD192BAF2FEC79EADA01922D8C59FB98864B9E424C5399879DE05723F6AB17B2DEF9574A93A9B02
Malicious:	false
Preview:	0\r..m......P...Yft....._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/plugin.js .8.9.@./....."#.D....A..A...M....m+lS..e.....<7.U.P8.0K.A..Eo...................A..Eo......=#i.........0\r..m......P...Yft....._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/plugin.js .y.x.@./....."#.Dd"..A..A...M....m+lS..e.....<7.U.P8.0K.A..Eo...................A..Eo.......p..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	416
Entropy (8bit):	5.629798235677845
Encrypted:	false
SSDEEP:	6:mQt6EYOFLvEWdccAHQuTjL8QjBRCh/41TK6t1d//MQt6EYOFLvEWdccAHQZ8pyj3:XRc9/LhDi/E3Rc9OxDi/E/
MD5:	BF6E5E6D20E5BD94D0C552BD2E77AEF8
SHA1:	6C29B1C37BFC76820E112026B68901D417ACD4CB
SHA-256:	9EC224E3B160BB827E5580DB334716D9657518BF41C7B72489E668E767A93737
SHA-512:	4687E3FA5CA1CC9D4E99AE5690F2ED9A7082C0B8CFFD5C3F5A362A8FA25F99566CEACF5E604F8A29D7A80CD2ECFE836309A22A837B5C17CA67A6D28B5CD48FBC
Malicious:	false
Preview:	0\r..m......P...W3......_keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/plugin.js .4f?.@./....."#.D....A..APJm...0x.x..RD...BB!@5..<..]....A..Eo...................A..Eo......6\.1........0\r..m......P...W3......_keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/plugin.js .r.\|.@./....."#.D]...A..APJm...0x.x..RD...BB!@5..<..]....A..Eo...................A..Eo......^.}w........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	462
Entropy (8bit):	5.5987639281311665
Encrypted:	false
SSDEEP:	6:mqs6XYOFLvEWdFCi5mhuCHlQyxULlF4r1TK6t7v+qs6XYOFLvEWdFCi5mhubtEJc:bs6xRki6QpLlF4n5js6xRkiRELlF4nV
MD5:	9FA2F9AE25DE88DB001BC9E54A4323F2
SHA1:	789E90872E3EA7246619E5FFEE4971D5E56590AB
SHA-256:	660E53056386DEC5394D9BBD05E3372F2B4F074001C9A710DDD68E5221694CA7
SHA-512:	012A2E2E5AE471077C7125D5EA8F23219CA2A2BBC8D35AAD66A2A778DA33D77BA723B0E696D5FE6BD70961392FB3B04A7B27C02E2B6A2B4D8EE422EA4D38EAA0
Malicious:	false
Preview:	0\r..m......g...~.I?...._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-selector.js .....@./....."#.D:.e.A..A.P...#4..l....5...5..).w.. .h.~..A..Eo...................A..Eo.......Q.u........0\r..m......g...~.I?...._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-selector.js ..W.@./....."#.D..k.A..A.P...#4..l....5...5..).w.. .h.~..A..Eo...................A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	430
Entropy (8bit):	5.56812339725298
Encrypted:	false
SSDEEP:	6:mhYOFLvEWd/aFuJ4tAo8Y941TK6tthYOFLvEWd/aFuZTh6i8Y941TK6t:WR4X8Y9EfRB6fY9E
MD5:	CC5C0A52AFCB27701C553EF5F1B5A993
SHA1:	69BB2BB3F07E2FE920EFDE337B0CD420B3A56A35
SHA-256:	A2F7C68AA18099D1A02273ADDF4EC1763A856FC936064CEA479021A8FE51293C
SHA-512:	78AD0C7033C8E0A7146DD3ED501A53C80BDA1B807E6F822BAD3EA15DD45448159D80F65A6E765715624C0D0FC6CEC9B5CB56496F6174F3EDA5930ADFAD9DD399
Malicious:	false
Preview:	0\r..m......W....w.m...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-recent-files/js/selector.js ..2@.@./....."#.D....A..A...a.f.m.i.o.p..3U5.....^...I.A..Eo...................A..Eo.......v..........0\r..m......W....w.m...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-recent-files/js/selector.js ..V}.@./....."#.D^...A..A...a.f.m.i.o.p..3U5.....^...I.A..Eo...................A..Eo........l........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	modified
Size (bytes):	416
Entropy (8bit):	5.585850714245512
Encrypted:	false
SSDEEP:	12:2DRuRyI2oB9Vd2k7lODRuRRTWoB9Vd2k:8xIvbdT7+mPbdT
MD5:	E9AC958175E99D878AE5BA5F1DC8DAD2
SHA1:	A1C30175259A236C67B12463360AE6928866C5A5
SHA-256:	0E227BBD198C5A31C7076FB1233318C05751F260AA7E99C605B6DEA489679C68
SHA-512:	A5CF13BE96C9F135431D4076D2B4EEF7F66011B5F01534E747DBF15C62E2D1E953CBBCA1DBE57D5F95370E70C98B8C5D711CE32BF9DCCEE9242F9884515C6907
Malicious:	false
Preview:	0\r..m......P...y.p....._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/plugin.js .I.@.@./....."#.D.j..A..A..y.$..$.v5j...T...z.]..._S....A..Eo...................A..Eo..................0\r..m......P...y.p....._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/plugin.js ..$}.@./....."#.D.H..A..A..y.$..$.v5j...T...z.]..._S....A..Eo...................A..Eo.......f(q........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	832
Entropy (8bit):	5.641536709495563
Encrypted:	false
SSDEEP:	12:+RQRdkcrn72RQC6crny8RQVDrnTRQyZ2rn:+amAn72TjnfAnT96n
MD5:	1689CB1605CDEC6336085B2A04797E09
SHA1:	F0E18951B2756F2387A70AF45CC755E5B1B854C1
SHA-256:	CFDC657BFA75EC24FCC399D834C6EE45C37CE0A81EBBA68BABE9F6685692AC2A
SHA-512:	52C8BD4CEF674398EE497ABCB14A251D9CEC113DBB38779BCA20209FA6007EBDAB59FFEEF754545BD05A98DB6E8792BDF10621D3BFD2E4ECC593114264CCA1C5
Malicious:	false
Preview:	0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js .....@./....."#.D?.r.A..A#..@..k(v.8g..5.~_....]Pj...6.A..Eo...................A..Eo......B.c?........0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js ...?.@./....."#.D\...A..A#..@..k(v.8g..5.~_....]Pj...6.A..Eo...................A..Eo........f}........0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js ..\Z.@./....."#.D4ix.A..A#..@..k(v.8g..5.~_....]Pj...6.A..Eo...................A..Eo.......4.Z........0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js .q }.@./....."#.D....A..A#..@..k(v.8g..5.~_....]Pj...6.A..Eo...................A..Eo.........$........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	420
Entropy (8bit):	5.587870288603734
Encrypted:	false
SSDEEP:	6:moXXYOFLvEWdENUAuBoud3ryC8n1TK6tj598oXXYOFLvEWdENUAunP9Oa43ryC8u:xhRT73r7QlhRTloJr7Q
MD5:	78DF120D508E6B4F50C86319DF2DDD99
SHA1:	8D5B2311785D84B95639C777B0E61C62FA12F516
SHA-256:	993A62A420FDBE27529D9AC385AF6DEA47AF38FE96D45C64C2F95E6A44858C24
SHA-512:	FB584FF9D36A528246A2A56809890A33DADEC15B9D8E4DEC5018A8CBA372B840B7D1CB645EDE9FD863C0E7A6FC9C7FC7F101E4061F21A37C5FA6E799F73AC03C
Malicious:	false
Preview:	0\r..m......R..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/selector.js .A=9.@./....."#.D....A..A8.../...;.\\o....1..........+..A..Eo...................A..Eo......e. f........0\r..m......R..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/selector.js .(.x.@./....."#.D....A..A8.../...;.\\o....1..........+..A..Eo...................A..Eo....... VC........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	884
Entropy (8bit):	5.6653885267159225
Encrypted:	false
SSDEEP:	12:nRrROk/V3/6mJdRrROk/VI3KomgRrROk/VQmxzRrROk/V2BTm:nPJ/xrzPJ/7gPJ/XxzPJ/oy
MD5:	2503FC887EEFEA2A634CC8F7AFEC1C96
SHA1:	F7D10B82527CF98CDC7D8A9EA47EDD4F2B391747
SHA-256:	4FDEB33D09150FEB46326AE020D1CE0D369ECA115945317243F1201321ABC47A
SHA-512:	78DD177F3960AB17EB571B8685F61948F5A18A9B2CCAD43AF8C08A5C048B0B7EA05F086EF8B2765AF4265523D742622FA91062A623523BB8F2DE6A5DE421A690
Malicious:	false
Preview:	0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js .....@./....."#.DS[e.A..A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo........g.........0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js .9.7.@./....."#.DnN..A..A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo......0X..........0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js ...V.@./....."#.D!.j.A..A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo........5&........0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js ..mw.@./....."#.D....A..A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo......~d..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	420
Entropy (8bit):	5.598806930063381
Encrypted:	false
SSDEEP:	6:mZ/lXYOFLvEWdccAWu+T6aJKzAdm9741TK6tm/lMZ/lXYOFLvEWdccAWu/syzAdB:qxRcYFjdu7Eo6xRc9Cdu7E
MD5:	CB519DB625D190E0BD864AF2FE4F0982
SHA1:	999131A5D7164BD6E392D9EA6708C08D092EC581
SHA-256:	4E040C70E02967ABFB2E9905902FBD08573A26EDD8A3DA9FDF47A9E330E9271E
SHA-512:	9C90172FD679AB182111C820F5F86F131BDF6311E322D13F6377C062EB1D8B8DBB8FB0A230BEBAB93537ABEC8C422DB672A05D39966DB434D52D4AE50D22E1E1
Malicious:	false
Preview:	0\r..m......R...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/selector.js ..,=.@./....."#.D%...A..A...U...I.>P...X...x..0U.~;m.x.k.A..Eo...................A..Eo........3.........0\r..m......R...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/selector.js .0c{.@./....."#.D....A..A...U...I.>P...X...x..0U.~;m.x.k.A..Eo...................A..Eo.......KR.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	408
Entropy (8bit):	5.60630221706492
Encrypted:	false
SSDEEP:	6:mMOYOFLvEWdwAPVuoRouQhkJn1TK6ti2MOYOFLvEWdwAPVu2/u2KkJn1TK6tk:2R1DRaqLBR1HKqLC
MD5:	F26B9A1D7E939433FCED6850228ED663
SHA1:	ECAA63DF1F1ECFFC2C0B9D33E91C56102D5B324B
SHA-256:	FC1A4BB97790CA8BABDDEDCFCDECD5DF0E602BE6055319597645D94314AD34A3
SHA-512:	DCB8E2DDFC60754144537046D9579645A03538D144ABC1345378C066826DE980BE62C7CB5C583C12FAA4A73DDAD152875175C46A4C3BE41A7AD04DC2B7EC3D1C
Malicious:	false
Preview:	0\r..m......L....Ey....._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/selector.js .):9.@./....."#.D....A..A.....k....F..D..O.n;[.1m.....=..A..Eo...................A..Eo......D...........0\r..m......L....Ey....._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/selector.js .G.x.@./....."#.D\|...A..A.....k....F..D..O.n;[.1m.....=..A..Eo...................A..Eo.........#........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	424
Entropy (8bit):	5.68687260025801
Encrypted:	false
SSDEEP:	6:m3PXYOFLvEWdBJvYQspG94zhcsBXIh1TK6t2l23PXYOFLvEWdBJvYQhCkG94zhcx:mxRBJQjDB0AWxRBJQIdDB07
MD5:	B46902F311BC7FB41891281556E78E25
SHA1:	C94B89D9DFA75EAE4304020F4B6F90F9096003C3
SHA-256:	DD264173C7137172B657E770234072B6750C4DB7F02B4DF61AC05DF130ED12E3
SHA-512:	6B56EDFC7CD356A02A78A823011D334FE2F155E4E7BADDC8626800A64D5A41BCD3286CCE280ACD4A8853D3F4275805AD8F8C9F315D0B7C46D4184CCFB6A5B0F5
Malicious:	false
Preview:	0\r..m......T......z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/plugin.js ...?.@./....."#.D....A..A...k..`..N3.... ..d..$[.....{.A..Eo...................A..Eo......W...........0\r..m......T......z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/plugin.js .5.\|.@./....."#.D_...A..A...k..`..N3.... ..d..$[.....{.A..Eo...................A..Eo.......s..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	912
Entropy (8bit):	5.641631907790579
Encrypted:	false
SSDEEP:	12:3RrROk/s9/+7cedRrROk/sk7clRrROk/saL7ciHRrROk/skL7cg:3PJ/E/zedPJ/elPJ/aiHPJ/P0
MD5:	02034B3952BA47C65131E11D294BD5F0
SHA1:	5A8EA433DFA9B603DFFC24A7E351D3D3809993DB
SHA-256:	258DEEEE0565E9431088587D10642DE88A7EA5154EF37999DA8280D8A236ABD0
SHA-512:	4789BDB1397B9805928AA7AC423F8EC7F71260121A04C63192C21207E13B17431B46EBF16BC37C14D5A5E38580E489BE8BFDE3EED5D93C153656FB0A40DE2BB5
Malicious:	false
Preview:	0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js .....@./....."#.D.e.A..A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo................0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js ...7.@./....."#.D....A..A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo................0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js ...V.@./....."#.D..j.A..A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo......~+/W........0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js ..nw.@./....."#.D....A..A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo.................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	2064
Entropy (8bit):	5.258385491138858
Encrypted:	false
SSDEEP:	24:Mfg1zZFufGMisp6r6C9QPCkteWkXqnM5MIyMhwuZ5xYMLBoMoH3XD1OFG3WBoIXN:h1zZ4+dsp60Nz6AlM9lYI
MD5:	D7E3FFD69E7359BAEF5CE234617580C7
SHA1:	8ED3B0159B84800031F445E0CB0680B6068BA4F8
SHA-256:	08728D0EF2D975051623F02CC1945127BB69A212A64888246C639BACC60F7F19
SHA-512:	51D24AD3CFD3044D66F2D519A67615A95F622B3E6D347A73CEABD1DBBA6A69B79388BB76FE218A045B68B25BDC32B38A8C9F8EA243594DA1C3A5406A51E233B0
Malicious:	false
Preview:	....h...oy retne....'........'............;.y~A..z.B_./..............z.B_./..............oB.8.B_./............#...(...A_./.............k7A..z.B_./.............D.4..z.B_./..........[.i..%..z.B_./.........<...W..J.8.B_./.........,+..._.#.z.B_./..........J..j....z.B_./...........6<\|....8.B_./.........A?.2:...z.B_./..........+.{..'.z.B_./.........)....J:.z.B_./...........2q.....z.B_./...........P....V.z.B_./.........+.U.!..V.z.B_./............P[. q.z.B_./.........!...0.o.z.B_./..........u\]..q.z.B_./.................z.B_./................z.B_./..........o..k...z.B_./.........^.~..z..z.B_./.............o..z.B_./.........Gy.'.h..z.B_./.........F..=z;..z.B_./...........3....z.B_./..........v...q...8.B_./..........C..M.....A_./...........a.....8.B_./..........~.,.4>..z.B_./..........&.S.....z.B_./..........@..x..z.B_./.........=....m...z.B_./..........;/....z.B_./..............q..z.B_./............MV3...z.B_./.........:..N.A...z.B_./............B_./.0.......oy retne

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.239876567987421
Encrypted:	false
SSDEEP:	6:mJz1q2PWXp+N2nKuAl9OmbnIFUtpoQAZZmwPo1okwOWXp+N2nKuAl9OmbjLJ:Yz1vaHAahFUtpo//Poy5fHAaSJ
MD5:	65A2265F7CB8745AED2EC853BEB59BB6
SHA1:	876B7B2BAE729D086FFA786F831C9AA64DF4E587
SHA-256:	2BEB8414DFDBBE876924641A2576DE4C5237371FB61CC164078FB402D6A1904C
SHA-512:	46691A498F162400B2F92417E007BB8E0744449A4AE863D4F8CB3288F073AF0C7EDAC5FB76ADF704ED94DAB51DB2980F456EA84C7D87F03165B54D1F0E3E455E
Malicious:	false
Preview:	2021/01/11-18:07:33.622 1994 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2021/01/11-18:07:33.623 1994 Recovering log #3.2021/01/11-18:07:33.624 1994 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	1835008
Entropy (8bit):	0.009582006888757566
Encrypted:	false
SSDEEP:	48:TGEiaGEiCsMi9sMiDgsMiDgsMiDdsMhCDdsMhCDOsMhCDo+sMhCDo+sMhCDo+sM5:trrCCXononononono
MD5:	33F24B6D329F01A8F81AFC1B3E2C6E7F
SHA1:	6088252E3E8BFA2180B74D1FCABCA58A817D14F0
SHA-256:	361223C095F871E0BB736E5E473347AC1508951ED7639469F1976297C9BA6064
SHA-512:	F8BCD8F46FBD8067F7802044D1EDB9A8ECFA768D889BCEBA6E71FEA7CE95109965470F17B18D55676FD582B4901C130E58FF8458DF8BDB9D7CA1D6ED3A3E913C
Malicious:	false
Preview:	VLnk.....?.......Tq.>..j................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-210112020728Z-201.bmp Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	PC bitmap, Windows 3.x format, 117 x -152 x 32
Category:	dropped
Size (bytes):	71190
Entropy (8bit):	0.8518006993848117
Encrypted:	false
SSDEEP:	96:kSUECGQMQd4Mo0BUpdbQPFER2pGWUDTUppYX152CG9GkAfw55WGW3F5M1JTHGZMS:uthdFEXz5hZD
MD5:	D5D65186305BC515846A1CD8B4996B5D
SHA1:	1D8B42971F92331CCCE4E7E3B0B22E93BA928123
SHA-256:	E092B9F6505771F8A66ECE515E7BFA5B291576EBE06CD97A2194382CC6A614A7
SHA-512:	A5C94AF9305CD2DE42B6AAB1A2C417F177F44E38782B98137D2BEB97FCBD03907C4BADEA08FA3EC1A81790412D3948A8AFF63B52D57B9F1D3CBE465E371E5E48
Malicious:	false
Preview:	BM........6...(...u...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	SQLite 3.x database, last written using SQLite version 3024000
Category:	modified
Size (bytes):	32768
Entropy (8bit):	3.386475011094444
Encrypted:	false
SSDEEP:	96:iR49IVXEBodRBkQkOhFVCsL49IVXEBodRBkRykOhAVCs749IVXEBodRBklykOhaS:iGedRBsedRBxedRBVedRBu
MD5:	A659C217283598C661FCC45899695A0E
SHA1:	AA20CC1F7EBB46D2C0B3B676EEB7A4DFCAD88C8E
SHA-256:	7457114E3835B49515C4DAF68B14536200073F56B31059620FDF2A5CA8037198
SHA-512:	6122A690603D63A77C0422896851FEDB51DA79619B65D72A689255493138835BF02117DC9484E4AABEDEC0464210F42E9C9D894C55750F77F541845B0473BE7E
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................$.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	data
Category:	dropped
Size (bytes):	34928
Entropy (8bit):	3.199459618739851
Encrypted:	false
SSDEEP:	96:d7OhFVCPD949IVXEBodRBk3kOhFVCsALR49IVXEBodRBkWykOhAVCs7d49IVXEBh:dviedRBNLGedRBpCedRB4yedRBZ
MD5:	B32EEA558BA8D2FAA53715B0DC73471A
SHA1:	7AB85D382CE3CF0170373DCA26EE51E301D07AF8
SHA-256:	AD5C2486FFB7518B36E2B847EF8E063BEF5752E81B45BC3AF65B7BB043304023
SHA-512:	2AF0FF241BE303D19378F40B5C8D4B20936D2CDED2B2717AD4D5BE0B28182AAC7BEAE7033BE7B25E9A28FCEF76EC7709ECCEC18510DB84CCD9DA97ACA35FDBA8
Malicious:	false
Preview:	............=.l................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................X...h...y................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt16.lst.5956 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	PostScript document text
Category:	dropped
Size (bytes):	157443
Entropy (8bit):	5.172039478677
Encrypted:	false
SSDEEP:	1536:amNTjRlaRlQShhp2VpMKRhWa11quVJzlzofqG9Z0ADWp1ttawvayKLWbVG3+2:RNj3aRlQShhp2VpMKRhWa11quVJX2
MD5:	A2C6972A1A9506ACE991068D7AD37098
SHA1:	BF4D2684587CF034BCFC6F74CED551F9E5316440
SHA-256:	0FB687D20C49DDBADD42ABB489C3B492B5A1893352E2F4B6AA1247EFE7363F65
SHA-512:	4D03884CA5D1652A79E6D55D8F92F4D138C47D462E05C3E6A685DA6742E98841D9C63720727203B913A179892C413BFB33C05416E1675E0CF80DA98BE90BA5E4
Malicious:	false
Preview:	%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Marlett.FamilyName:Marlett.StyleName:Regular.MenuName:Marlett.StyleBits:0.WeightClass:500.WidthClass:5.AngleClass:0.FullName:Marlett.WritingScript:Roman.WinName:Marlett.FileLength:27724.NameArray:0,Win,1,Marlett.NameArray:0,Mac,4,Marlett.NameArray:0,Win,1,Marlett.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:ArialMT.FamilyName:Arial.StyleName:Regular.MenuName:Arial.StyleBits:0.WeightClass:400.WidthClass:5.AngleClass:0.FullName:Arial.WritingScript:Roman.WinName:Arial.FileLength:1036584.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial.NameArray:0,Win,1,Arial.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Arial-BoldMT.FamilyName:Arial.StyleName:Bold.MenuName:Arial.StyleBits:2.WeightClass:700.WidthClass:5.AngleClass:0.FullName:Arial Bold.WritingScript:Roman.WinName:Arial Bold.FileLength:980756.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial Bold.NameAr

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\CKHMOFCB\ykm[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	148652
Entropy (8bit):	5.091705378315703
Encrypted:	false
SSDEEP:	768:uM8M8MpMpMsMAMcMpMpMIMIMFMFMHMHMvMvMiMiMkMwMwMHMHMAMAM9MAM+MzMzN:t
MD5:	2BC983FC5FD2C8490C0768871AC91F05
SHA1:	7C4BF75169118FB8B7DF02E20B39737CC287176F
SHA-256:	8770437D92C735E29E0CD91C947A0EBFA25153EDBD4AC5C2AA4C9EB24DB156B6
SHA-512:	F2A73BF24E16EBA57C54515C2235F2DE96377230C71E6FCAA7D0F891378055BE929514E494BCC702E49DB42F6FEE640EDBDFE9F8CAAB9BF9697DBEF3540DE3DE
Malicious:	false
Preview:	<root></root><root><item name="goog_pem_mod" value="30" ltime="3553952688" htime="30861447" /></root><root><item name="goog_pem_mod" value="30" ltime="3553952688" htime="30861447" /><item name="google_experiment_mod47" value="580" ltime="3554112688" htime="30861447" /><item name="google_experiment_mod34" value="251" ltime="3554112688" htime="30861447" /><item name="google_experiment_mod53" value="114" ltime="3554112688" htime="30861447" /><item name="google_experiment_mod36" value="656" ltime="3554112688" htime="30861447" /><item name="google_experiment_mod37" value="41" ltime="3554112688" htime="30861447" /><item name="google_experiment_mod44" value="894" ltime="3554112688" htime="30861447" /></root><root><item name="goog_pem_mod" value="30" ltime="3553952688" htime="30861447" /><item name="google_experiment_mod47" value="580" ltime="3554112688" htime="30861447" /><item name="google_experiment_mod34" value="251" ltime="3554112688" htime="30861447" /><item name="google_experiment_mod53

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0E7866F7-547B-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	32856
Entropy (8bit):	1.8506950905142427
Encrypted:	false
SSDEEP:	192:rrZWZ62N9Wqtpfu+t93/XWJXfBttxWt13un3:r9S5NUiZRcZFA8
MD5:	D9E60C03A87694609F903D2413375586
SHA1:	FCE4300C7A506B2B4DD8288813F330D873271571
SHA-256:	0065355D3DCB9564022FCB9844C75A2E0EF0BDF1416233BB2DC37E0464856E54
SHA-512:	ABAAA1E4C284B7F94BB49D0309564234FC0F83E9A97EFCFD7E458180637E944F238F10008D8E2C02327123D616264224D8C84A36EB06FC3A2DF46FCE562D23B5
Malicious:	false
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0E7866F9-547B-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	497472
Entropy (8bit):	3.360979994397474
Encrypted:	false
SSDEEP:	3072:k0yeRCsexC0+7Ps9M5Qe/gxUxC0+7Ps9M5Qe/gxR049:X
MD5:	8E3D37D42F199A18FBB14B42C4456078
SHA1:	0A70693D59EE7FD2F9570E780C9493343A696638
SHA-256:	4E549749316BE49EE087C95F0CF2210FAEFD3963CDFCDA367BA95310E0C7847B
SHA-512:	0A45891F21015A7383F05D48F51DC74B38662DC075C5C868F87E835A39CCC7919AD921C1FEED4B28EE4D10C8239F5BB94597C280C4CCB027AE23860C71D68FC6
Malicious:	false
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1551FE3F-547B-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5671212813916753
Encrypted:	false
SSDEEP:	48:IwJ7GcprOGwpaLG4pQQGrapbSErGQpKyG7HpR7sTGIpG:rLZmQN6uBSEFAdT74A
MD5:	8F977B16C19F9FA032F527C5911FC51C
SHA1:	507551C738676FA941D4A2C7D6A623C91B13EE3E
SHA-256:	4133F2E7B4376C943CE0524C3CEF18BE0D3442FB807981EDA084BDA62E6055CF
SHA-512:	9448D21FBAD9F437274EC70F716B4B0B7C89422FF5499D3A300F649136313A184A57CB32D12CAB15D19E8E57A16D15DF731133A094601F060A89C5D60B3111FC
Malicious:	false
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	656
Entropy (8bit):	5.070829975620784
Encrypted:	false
SSDEEP:	12:TMHdNMNxOEnVMoVMf4nWimI002EtM3MHdNMNxOEnVMoVMf4nWimI00ObVbkEtMb:2d6NxO2Pw4SZHKd6NxO2Pw4SZ76b
MD5:	EFAB90AD33E2D8DDA74DF9ABBAB3D2BA
SHA1:	DB39D39190545BA6B02234C39ADA5E5F0982CEA7
SHA-256:	B7FAA8975D15B8B413F42DA6C5323F8A7B4B60F1003171FF6100DE010F696152
SHA-512:	9F885CFEF0943CEE2B93A8806C15C2A17BE6E8C92A4AD555E7CA5FF8B4AD1DA726A515BFBBBE88E6B1D33005F904F435B728A327510A144AE0FDC20FDDF313A4
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xe657adeb,0x01d6e887</date><accdate>0xe657adeb,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xe657adeb,0x01d6e887</date><accdate>0xe657adeb,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	653
Entropy (8bit):	5.157787853271403
Encrypted:	false
SSDEEP:	12:TMHdNMNxe2kWhcMDhcMf4nWimI002EtM3MHdNMNxe2kWhcMDhcMf4nWimI00ObkS:2d6NxrdhcQhcw4SZHKd6NxrdhcQhcw4o
MD5:	5E6BA57CC06A35CE63E4B1C5C98CE5F4
SHA1:	C7366A89704C7DF60D28D0F413FACF5B4BAEF340
SHA-256:	DDF5D05229917A4D1F974E029BD611517760F3205C34DABDB2E24D3FEB01B938
SHA-512:	A159654B34DE2F4FD088217FBB70482F1E76F4F56D77ECD5F1D733DEDF92822DEA6DF79F2C461B52B717B7C5D5BF328C6D4399621EDBBE63EFC6CE92F1B879B9
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0xe64e24b9,0x01d6e887</date><accdate>0xe64e24b9,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0xe64e24b9,0x01d6e887</date><accdate>0xe64e24b9,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Amazon.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	662
Entropy (8bit):	5.091447693204191
Encrypted:	false
SSDEEP:	12:TMHdNMNxvL3bFMwbFMf4nWimI002EtM3MHdNMNxvL3bFMwbFMf4nWimI00ObmZEs:2d6NxvjJ9Jw4SZHKd6NxvjJ9Jw4SZ7mb
MD5:	5421213E6082F41321F376E7E4D8AE40
SHA1:	750C3AF0557CE099EE36B24A6E90C5B37D9DFC57
SHA-256:	E463D06F6CE34689E936A6DDC74C836BD0A71509FAB0752524D595BFCD46101E
SHA-512:	49FD738DD2A339811BDACE582CFAB2A5463296148B38C082AE4C6AA0AD509A6491A6072CEF1AEA031CAC559F036181E453BC61FE608FC9415965EDD32F0890D3
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0xe65a1083,0x01d6e887</date><accdate>0xe65a1083,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0xe65a1083,0x01d6e887</date><accdate>0xe65a1083,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Wikipedia.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	647
Entropy (8bit):	5.137668419403086
Encrypted:	false
SSDEEP:	12:TMHdNMNxiIMRMf4nWimI002EtM3MHdNMNxiIMRMf4nWimI00Obd5EtMb:2d6Nx9Gw4SZHKd6Nx9Gw4SZ7Jjb
MD5:	471DFCF4557DC7CFED16C92C18F67F64
SHA1:	6341A7C18A1D44B4A50A929E7220B967C39822B4
SHA-256:	283D2C9B1FBA5D69AD48D3558ADC750627895DA4EFAE73A246C13FB821E334ED
SHA-512:	3F77C73D073AA6083DEEC0CE06881F2A7F98D4BFB1F8C051CCFF9E86F6DC5BA5EA7B11CEB9E25F26AC18F23C35B85935B01BD0EB0C51A7A0EE894DEDAC54F2FD
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0xe652e959,0x01d6e887</date><accdate>0xe652e959,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0xe652e959,0x01d6e887</date><accdate>0xe652e959,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Live.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	656
Entropy (8bit):	5.106863354651443
Encrypted:	false
SSDEEP:	12:TMHdNMNxhGw3bFMwbFMf4nWimI002EtM3MHdNMNxhGw3bFMwbFMf4nWimI00Ob8V:2d6NxQqJ9Jw4SZHKd6NxQqJ9Jw4SZ7YV
MD5:	734FC0C37998172077227BD425EC5088
SHA1:	B36924ACD78ACFDDFC6E010411E65B7CE9859D36
SHA-256:	DA8DB2BE7E728176C2384BB0C6D7D5DB44C25034338DA7E333C9BD77E63F80E8
SHA-512:	8810D418B6B8243E0DE3B41B999B08D85098C96898BAA549836066D22F9315C5AE15D2DB6EFEE0DED1FB54296D6398C35C9E7FB0A749B5645AF5EF8EDCDB7241
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xe65a1083,0x01d6e887</date><accdate>0xe65a1083,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xe65a1083,0x01d6e887</date><accdate>0xe65a1083,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	653
Entropy (8bit):	5.117128886789481
Encrypted:	false
SSDEEP:	12:TMHdNMNx0nMBcMpBcMf4nWimI002EtM3MHdNMNx0nMBcMpBcMf4nWimI00ObxEty:2d6Nx0dPw4SZHKd6Nx0dPw4SZ7nb
MD5:	CF4D2E8A29452D75CEBEE8498047763D
SHA1:	DE8A85D65B388A79803FA3C9CD90A028EFEFA6E1
SHA-256:	933D08AF6A0338A1D8CDF6C2A4DBEEEC0C39FF2A0EAF56A1766887A9B07ECEF5
SHA-512:	583DD5796C3000447417F87D6AF3F0E2F501E358003A88DC33C078BE07E9F5297AC183929889A9AAA8BB0A6D62CA9CF1FD4C81BE30299920F9B9CB8F8882B2B4
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0xe6554b8f,0x01d6e887</date><accdate>0xe6554b8f,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0xe6554b8f,0x01d6e887</date><accdate>0xe6554b8f,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Reddit.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	656
Entropy (8bit):	5.154292066887897
Encrypted:	false
SSDEEP:	12:TMHdNMNxxMBcMpBcMf4nWimI002EtM3MHdNMNxxMBcMpBcMf4nWimI00Ob6Kq5Es:2d6NxTPw4SZHKd6NxTPw4SZ7ob
MD5:	594CA1B7CC3E295F663E83B0B4AB6F82
SHA1:	694F633B6186E51DC92CD1CFEDB3513A893B7760
SHA-256:	E01130391FBA7C9ADEF392075C736CD1CA9BB1D29E17F59900C714E8D4AD140A
SHA-512:	0A1CADD1668E55D99E2BB5110FD21A6E5192B4A4A2DD57CE64291A6B8245F0CE2C5E2497BBF1F4DEE3C964C13C0E007F3CC42DCB8A76445AD39E2BBEC5CFC3C2
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0xe6554b8f,0x01d6e887</date><accdate>0xe6554b8f,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0xe6554b8f,0x01d6e887</date><accdate>0xe6554b8f,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\NYTimes.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	659
Entropy (8bit):	5.113761539596227
Encrypted:	false
SSDEEP:	12:TMHdNMNxcdAcMQAcMf4nWimI002EtM3MHdNMNxcdAcMRMf4nWimI00ObVEtMb:2d6NxydPdw4SZHKd6NxydGw4SZ7Db
MD5:	65070A00E61F8ACF4A58ED7CF69DBD64
SHA1:	B3770B35657332D0825CC4058A6A2979D59C93E5
SHA-256:	255EF8032B1BDE611906ECDEB6367ABC0F19B8D4DF981DFDE06F734157D0007A
SHA-512:	04CADCD647506E4904A7D24ADCF2070394151BE8E4EB1823F019094370686AFFF866924F88F83D2E5724F86074B780FD848EBB051DAA47DB57809ED481816025
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xe65086e6,0x01d6e887</date><accdate>0xe65086e6,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xe65086e6,0x01d6e887</date><accdate>0xe652e959,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	653
Entropy (8bit):	5.123088082869807
Encrypted:	false
SSDEEP:	12:TMHdNMNxfnIMRMf4nWimI002EtM3MHdNMNxfnIMRMf4nWimI00Obe5EtMb:2d6NxwGw4SZHKd6NxwGw4SZ7ijb
MD5:	43BA3283C293ABD32D0EA2BF724C90BD
SHA1:	5CD8F03F2E7D684D957C5E490C919D310C6BF489
SHA-256:	0D594DDDAAE0B75E4EA16177C785BA90AD2F751AAD13D7566E69CD868FC403AA
SHA-512:	AB76C5FB577C27B9BCE76DC5ED6D7409A2241BA470C6456FA05BDFC044593F5198202A9F22A5C06851A6BEA1A0021C93A753D58C90D5726C63AF9EB48A7E0070
Malicious:	false
Preview:	<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0xe652e959,0x01d6e887</date><accdate>0xe652e959,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig>..<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0xe652e959,0x01d6e887</date><accdate>0xe652e959,0x01d6e887</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Google.url"/></tile></msapplication></browserconfig>..

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	1264
Entropy (8bit):	2.1527581361537425
Encrypted:	false
SSDEEP:	6:0YOIvvcAMlGx/i1dFlVPmaYOIvvcAMlGxlKVR1HPmt:5Obplki1dFXmbObploKVzvmt
MD5:	C7A2538BAE3CAD6509487B90E2BBBCE8
SHA1:	153BDF91A5A417542B43D89F06C3E30E3C083873
SHA-256:	BE35E083C6DB6CA5F1108856081CADB9FDD768AE7DAFD5FDC42414AF3357C017
SHA-512:	D73054B27249BF3C39CDD73B50EAA25281DB9D29CD4708B32D658E13155601799E415512A19DBEAA6BB4460D4CCD31C05A2EDCE5EFFCE298721F68F80DBBA69A
Malicious:	false
Preview:	..h.t.t.p.s.:././.y.k.m...d.e./.f.a.v.i.c.o.n...i.c.o.>.................(.......(....... .................................................................................................................................................................................................................................................................................................................._......._......h.t.t.p.s.:././.y.k.m...d.e./.f.a.v.i.c.o.n...i.c.o........... ..............(... ...@.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22656, version 1.1
Category:	downloaded
Size (bytes):	22656
Entropy (8bit):	7.977267678934457
Encrypted:	false
SSDEEP:	384:raUkzOoQUm7Ed4aTRrH9uIJcFvggUg2qh86vYk8lDRSf5shb6dddddvKy9E:raUkSoxmi42ZhiFvHj2486vYZRKIbOE
MD5:	7C5D9F078BEA8C1FC0B21A764B832138
SHA1:	2505FE5F361045BE53FB71AFB8B105E319393389
SHA-256:	7E7FD69FF0A1671B508800F38F6AD3690650C27C0A1F3F505629ECBE6BA51942
SHA-512:	5BC9B355684351605966964093580605A3504CB0C775F3A331BB413EB5CC1999437914FC14776CD05C42305F13F6B130E71ABB2E02128B773EF8DF842431D171
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
Preview:	wOFF......X.................................FFTM...l........\.\iOS/2.......]...`...cmap.......h.......cvt ...P...]........fpgm............~a..gasp...\...........#glyf...l..8"..U.~Q.\head..@....3...6.q..hhea..@........$...8hmtx..@........Xy.[4kern..B.......#.....loca..Q...........lmaxp..R.... ... ...Uname..R...........M.post..U....x....x..prep..Wd.......:..].........o1.....B.........\x.c`f.`.a`e.`..j...(.../2.1..`b.ffcfeabby....A!...A............6..".-..L.....Ar,...@r...s......x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c..$K..$..`.g.e........ .......R.g......?......x.)d...........$...."....0.#@2....0......x.uU.S.F......"S.0.!.n..`.t..@)lm..u.b.3+.A"&cz.C...H

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\EInbV5DfGHOiMmvb1Xr-hnhCUOGz7vYGh680lGh-uXM[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22944, version 1.1
Category:	downloaded
Size (bytes):	22944
Entropy (8bit):	7.971252540494737
Encrypted:	false
SSDEEP:	384:hUT65+9ZqAMaCMUkyKV0YWnAUuLoWKlhx8OuuiL3ShGAshb6dddddvaSZ:hUT65g8AikyKinAUuLo/pVgkIbny
MD5:	F9F5441393891F990AE6AFD069E86613
SHA1:	767B7D4E0FADB12BF6FB015E76AC21AD3EEDCACA
SHA-256:	CAE22D14E699BFF969A782A9A166C6CE43FA857CF1F63A5AF8B2C4CA09B8217A
SHA-512:	8748ED37F2830FAB72796B7E7542583EE0830E6356097FBD1E33054C5A5290DFEE5AE95F733A67CE6F8B35E20B69BB0A77CED9C3A49A8F9CC7C6393C51BC65D5
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/EInbV5DfGHOiMmvb1Xr-hnhCUOGz7vYGh680lGh-uXM.woff
Preview:	wOFF......Y........h........................FFTM...l........\.2.OS/2.......^...`...qcmap.......h.......cvt ...P...g.....o.[fpgm............s.ugasp...l...........#glyf...\|..9)..V...~3head..A....4...6....hhea..A........$....hmtx..A........X.?.kern..D.......#.....loca..R(........)...maxp..S.... ... .u.Dname..S..........z.post..W....x....x..prep..X........1..S.........o1.....L........Wx.c`fY......:....Q.B3_dHcb.`b..dc.`abby....A!...A................ah..e.P``...c.e....\.kW....x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g``..$K..(..`.e.a.a`....C..L..@t.............A..L..&..............1\gta.e....320.0...2.g.j...=...x..U.O.G..Y..0d.....2.].vI...Jaj{..nZ.A.%=.A..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22604, version 1.1
Category:	downloaded
Size (bytes):	22604
Entropy (8bit):	7.975270797522764
Encrypted:	false
SSDEEP:	384:5/UizWtMNrcEK2lvVuj8USPW1A7aZ+zLTo+SkM41+p8yshb6dddddvSEzkA:dUi5rK8N00u1A7zOwLyIbIh
MD5:	33B67BE977ACF26D66961D95DF64C1B8
SHA1:	8D05328ABAF7121EF858219E1E642B98597C9144
SHA-256:	A851D97FCC71C78CA279754FABC2289A600AABECEC4D9E4387CAB9C7400AA2D0
SHA-512:	621920075BC0BDEB0DF983B8E40D4B2F718DFD1CE49AB8FFB6CB94B44B80368B9099E024E3C60A58D49D468ABF4D9F347A4A6B928C0D0CA8BABCB3F72746FDB3
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff
Preview:	wOFF......XL................................FFTM...l........\.2.OS/2.......^...`....cmap.......h.......cvt ...P...[.......4fpgm............~a..gasp...X............glyf...d..8...T..2b.head..@h...4...6.5..hhea..@........$....hmtx..@........X..P.kern..B.......#.....loca..P............maxp..R.... ... .R.?name..R.............post..U....x....x..prep..WD........x..n.........o1.....L.}.......bx.c`f.a.``e.`..j...(.../2.1~c``.fgc.`abby....A!...A................ah..e.P``...c.b....\....o..x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c..$KY...e@.,A.".m....x.......3......?.[.o...2...:...a..b.)@.Y.....v1.b4d...36 ..x.uU.S.F......"S.0.!.n..`.t..@)lm..u.b.3+.A"&cz.C...H..'r

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\PRmiXeptR36kaC0GEAetxkCDe67GEgBv_HnyvHTfdew[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21504, version 1.1
Category:	downloaded
Size (bytes):	21504
Entropy (8bit):	7.971786766447748
Encrypted:	false
SSDEEP:	384:3aUR65+w/hUzXsrqAH6y+iQSGnR8OR05Ok1rBFshb6dddddvErVR8Q:qUR65JWwqAH6JSGnR8O8nIbJnp
MD5:	CBBCF9A611C26C27252829FF4C8449E7
SHA1:	BFF19768A4218854193C18C65895AF20D71CEEA1
SHA-256:	7F268D600F53E6CF94E5DCE1534AC0E8694FCFF3A5039463831378171977890D
SHA-512:	5BEDF6CBDC3BFADC6D35EB74EEF2D7A69F0B3BC29914695F853729A1D16320A95646F46D1606035B93B97BF1FEA75189B905FAF912E80660B3DCF6071A47B0E8
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/PRmiXeptR36kaC0GEAetxkCDe67GEgBv_HnyvHTfdew.woff
Preview:	wOFF......T.................................FFTM...l........\../OS/2.......^...`...Ecmap.......h.......cvt ...P...o........fpgm............s.ugasp...t...........#glyf......3P..I.>.<.head..;....4...6.H..hhea..<....!...$....hmtx..<,... ...X.A&.kern..>L......#.....loca..L`........\|.k,maxp..N.... ... ....name..N0.......;....post..Q`...y....l..prep..R....!...@..R..........o1.....e.........Yx.c`f.gV``e.`..j...(.../2.11s01qs.1s.01.<``z....................k....0.p.2E(00....n.R@..[.....x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c..$KY...e@.,..".9....x........3............e..=L.....`.Q..1.Q........uF.F[F}..4#......-.p....... ..x..U.O.G..Y..0d.....2.].vI...Jaj{..nZ.A

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ZeroClipboard.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	29973
Entropy (8bit):	5.375774377884238
Encrypted:	false
SSDEEP:	768:2MkhrOFro75Mhy/J/eHjogJRsn68K9f71taqhTgY6g+f6A+r2Z:ZkZOxo7f/oHTJRs631tVhkY6g+SO
MD5:	997A9DCE7DC693A1F1D257480D0FF39C
SHA1:	76D4CCE32D630D2E7BC6258C8DD5D8825D812B83
SHA-256:	1EE1E41295C9A0E494D7290A97C7DF2BB8F50BE5978342FC6D68EF98A10AEE54
SHA-512:	50FB9FA03EBB082DB7D5B40C10B38F6DBD05D2E4F19770B80BA43F572E859D729BE6EF78155A605B33515FD795138367735B8FA2DBBE2CCADFF00E368DD3AAFD
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/ZeroClipboard/ZeroClipboard.min.js
Preview:	/!. ZeroClipboard. * The ZeroClipboard library provides an easy way to copy text to the clipboard using an invisible Adobe Flash movie and a JavaScript interface.. * Copyright (c) 2009-2014 Jon Rohan, James M. Greene. * Licensed MIT. * http://zeroclipboard.org/. * v2.2.0. * Subversion: "4+c8xqv+FPZ/Zcns21/yraTgJzE5b/j5w63ecG1n5AU=". */.!function(a,b){"use strict";var c,d,e,f=a,g=f.document,h=f.navigator,i=f.setTimeout,j=f.clearTimeout,k=f.setInterval,l=f.clearInterval,m=f.getComputedStyle,n=f.encodeURIComponent,o=f.ActiveXObject,p=f.Error,q=f.Number.parseInt\|\|f.parseInt,r=f.Number.parseFloat\|\|f.parseFloat,s=f.Number.isNaN\|\|f.isNaN,t=f.Date.now,u=f.Object.keys,v=f.Object.defineProperty,w=f.Object.prototype.hasOwnProperty,x=f.Array.prototype.slice,y=function(){var a=function(a){return a};if("function"==typeof f.wrap&&"function"==typeof f.unwrap)try{var b=g.createElement("div"),c=f.unwrap(b);1===b.nodeType&&c&&1===c.nodeType&&(a=f.unwrap)}catch(d){}return a}(),z=function(a){return x.ca

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\_recent_urls.ajax[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	5173
Entropy (8bit):	5.1306137724634
Encrypted:	false
SSDEEP:	48:Y1zmLofIX1vWBb5HWD6cOtGX3vdkzaGr8RW8RmU1keT8:Z0fIX1vWBxWD6cOtGXezagSWSmU1kk8
MD5:	B1F05D74585E4BE6C8688DAD5494AB79
SHA1:	E0903446045D622C3BE425BE766D2671B1A909A6
SHA-256:	F30B4498678799374F8BD7032C6278285F2169873175E41C2388D8BEC52D3CAA
SHA-512:	81E2F230B76ED5025A37EDD31676BB1213DB12D9810B4E8D53D2FFEA0A379939F1A529809A956BD0028807F82C83A9800233E5168154FF7C2DAA169C00CD9B5A
Malicious:	false
IE Cache URL:	https://ykm.de/_recent_urls.ajax.php?sEcho=1&iColumns=2&sColumns=&iDisplayStart=0&iDisplayLength=30&iSortingCols=1&iSortCol_0=0&sSortDir_0=asc&bSortable_0=false&bSortable_1=false
Preview:	{"sEcho":1,"iTotalRecords":"2050","iTotalDisplayRecords":"2050","aaData":[["11\/01\/2021 16:07:51","<a href=\"https:\/\/ykm.de\/312ec217f37310d6\" target=\"_blank\"><span class=\"mobileHide\">https:\/\/ykm.de<\/span>\/312ec217f37310d6<\/a>"],["11\/01\/2021 09:52:32","<a href=\"https:\/\/ykm.de\/95a0db859db4e0b7\" target=\"_blank\"><span class=\"mobileHide\">https:\/\/ykm.de<\/span>\/95a0db859db4e0b7<\/a>"],["10\/01\/2021 14:28:27","<a href=\"https:\/\/ykm.de\/054e9d62dc204a68\" target=\"_blank\"><span class=\"mobileHide\">https:\/\/ykm.de<\/span>\/054e9d62dc204a68<\/a>"],["09\/01\/2021 06:58:01","<a href=\"https:\/\/ykm.de\/f4b5b0c66b58ab0e\" target=\"_blank\"><span class=\"mobileHide\">https:\/\/ykm.de<\/span>\/f4b5b0c66b58ab0e<\/a>"],["08\/01\/2021 10:07:03","<a href=\"https:\/\/ykm.de\/0e31787b0a830c44\" target=\"_blank\"><span class=\"mobileHide\">https:\/\/ykm.de<\/span>\/0e31787b0a830c44<\/a>"],["07\/01\/2021 11:54:40","<a href=\"https:\/\/ykm.de\/6b689707bce52a76\" target=\"_bla

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ads[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556388878043573
Encrypted:	false
SSDEEP:	192:TtjY0I6p44JlVyjORGpM8O6njXIVhSa0pZrPhoG8FZ7BGUSczOZeYmfJ5iJRLJxP:TG0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI
MD5:	524C4EB9FD782257406546FF4F14F138
SHA1:	DCC91AFF7289F7743B2BB8BDA1D58B528530C015
SHA-256:	0D23F4A226212BD190A27972F8DCCD95180C79AFD6BC1AF982DE12722E1454D1
SHA-512:	1AEDEC383BD77152B8DDCE5E1D2E1ABB97E0B9B53E213E491F09B6D769D53C68CBBAF6A5F23E871A957AF3668611AEB7EE14D984160D25AE85CA084559E9901A
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417345&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2F&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417344754&bpp=97&bdt=365&idt=202&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=4708315792234&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417345&ga_hid=1361912638&ga_fc=1&u_tz=-480&u_his=2&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=3832476064384589&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=378
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1263,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ads[2].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.441110174389376
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fR4E+/tFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2fYVF5Kpp3iZd5F5G
MD5:	65019203CAF94BFC2DD97A7C11A2FC0A
SHA1:	253326F9502A2700F4A7EF2356049978835E69E6
SHA-256:	46DB2594E5DE14DF96DB3E122643E3B0AE8066AF8A699A20C34BA1A040967115
SHA-512:	75EC264039010420554D85744EC3C2BAFFA487F68CCBBE6C6091EC0305DA1734489D21D9516F056EA21806FB10551CFD90D6CED00A38A0024B99268C4AF67050
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417347&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Findex.html&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417346856&bpp=22&bdt=514&idt=305&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=5281413869788&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417347&ga_hid=113105145&ga_fc=0&u_tz=-480&u_his=3&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=1654621586386755&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=chLf4BaLjs&p=https%3A//ykm.de&dtd=378
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"CKv9kbavlO4CFdVR4AodZ30EDA"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ads[3].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556230132069357
Encrypted:	false
SSDEEP:	384:ToI0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI:TlHqR2BaQZrWGmcP
MD5:	0FBCB91C2863D070EDBFFBEEC677F74B
SHA1:	BD0E2057823F0815A914018D1633ADEAA0EE175F
SHA-256:	F5DDB7072327B926FD281249441CDD7A14E9F2DF41CE8CDE5600085B24591BB4
SHA-512:	BE73513ECE8E17890F5BB66CE847386857E0C4BC7E53BB7C12681DA18131DE6A4EB7E4ABA570C5F011D89348D0C21403FBA0FD86ECD50C128F840842ECEDE548
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417360&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Frecent_urls.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417360304&bpp=76&bdt=587&idt=259&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=464880232668&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417361&ga_hid=361796023&ga_fc=1&u_tz=-480&u_his=7&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1280&bih=906&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=1862184718256542&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=347
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1280,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ads[4].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	3166
Entropy (8bit):	4.663077055101726
Encrypted:	false
SSDEEP:	48:0hOji9IzM0xTn5YuVR4QARJxRlWrwJxUTmWfWR:TN/JnbVqQAJR0rwJxUTs
MD5:	FFC05C21EE29B5935567EC6F9D49AA9A
SHA1:	8547E775F79A6C30D58E3321E85158657045D158
SHA-256:	BBB482B766186E2550D8C640BE59961AF9A8A7CB8141F462147BA1B1822FEB29
SHA-512:	582268646E233EC3D6F4FC1ADB3D5C73F5F09C3A69D6B362622D029CCB61188514377C6AD163E507BBCBB5BAD78B2DABDAC6BA45B5EE50607C127F5FFD420598
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417363&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Fmember_login.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417362885&bpp=27&bdt=546&idt=197&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=3237432082960&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417363&ga_hid=40148678&ga_fc=1&u_tz=-480&u_his=8&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1280&bih=906&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21069109&oid=3&pvsid=3325573467270068&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=278
Preview:	<!doctype html><html><head></head><body></body></html><script>var apcnf = '{"googMsgType":"apcnf","config":"[[[[null,0,null,[],null,null,\\\"BODY\\\"],2,[\\\"10px\\\",\\\"10px\\\",true],[4],null,[],[],1,[],[],[]],[[null,0,null,[],null,null,\\\"DIV.top_line\\\"],4,[\\\"10px\\\",\\\"10px\\\",true],[4],null,[],[],1,[],[],[]],[[null,0,null,[],null,null,\\\"DIV.page_head\\\"],4,[\\\"10px\\\",\\\"10px\\\",true],[2],null,[],[],1,[],[],[]],[[null,0,null,[],null,null,\\\"DIV.tag_line\\\"],4,[\\\"30px\\\",\\\"10px\\\",true],[2],null,[],[],1,[],[],[]],[[null,0,null,[],null,null,\\\"BODY\\\"],3,[\\\"10px\\\",\\\"10px\\\",true],[2],null,[],[],1,[],[],[]],[[null,0,null,[],null,null,\\\"DIV.main_content_area\\\\u003eDIV.container\\\\u003eDIV.row\\\\u003eDIV\\\\u003eDIV.alert.alert-error\\\"],4,[\\\"10px\\\",\\\"21.7391px\\\",true],[2],null,[],[],1,[],[],[]],[[null,0,null,[],null,null,\\\"DIV.main_content_area\\\\u003eDIV.container\\\\u003eDIV.row\\\\u003eDIV\\\\u003eDIV.row\\\"],4,[\\\"10px\\\",\\\"1

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ads[5].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.414111767810088
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fR0STtFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2f9hF5Kpp3iZd5F5G
MD5:	B1D32081B8B9DBFC2E51C2280C0A8541
SHA1:	C71CAFF1EB606FA811883B79F009667A97E6AD95
SHA-256:	B5B169670BF5496037938435E8A26FC05A2220B3E07182EE4321C5694B29F478
SHA-512:	799EE12E0A0A8556F9B61180F9AAC6CCF5D5E3048D7869C33D98DD0EDA10661A7CA01B97D985AF2EF0720F5013C7122D22174402BAC92C5B3D7BBD9B367652A4
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417367&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Findex.html%3F_t%3DEnglish%2B%2528en%2529&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417366983&bpp=11&bdt=817&idt=249&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=8142626605308&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417367&ga_hid=1627427382&ga_fc=0&u_tz=-480&u_his=13&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=44731609%2C21067213%2C21068769%2C21069710&oid=3&pvsid=2002097160963238&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=23MpO6K52T&p=https%3A//ykm.de&dtd=448
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"CJHu4r-vlO4CFWavewodK5kF7A"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\custom[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1470
Entropy (8bit):	4.404026044513129
Encrypted:	false
SSDEEP:	24:EtEo8IXnVCEQG+ZGMR5hDn7RC5CEMbyFqIm4RUpCeoGunlNdynhHUp:EtEo7nVCEU9g5CExFqIm4RUpCeo5lNdl
MD5:	82EC7434A30AAAC78C2254C9A6DD2BD9
SHA1:	9D13544CB5C4D2A21887DE1FCE36673414CAE51F
SHA-256:	08CF37457213462052C6597A2D774BFD0D83400C927C2D973400F89C0E707FA5
SHA-512:	4E40C4A8C11AE3C26EF305D6A361FBB3B27DCE1F5F9CC9FE7F4DBB86DAB00B5844ED72E87D44ECB4981D5A97E00EC42D070AD0AB8424B568C4717B8D8BBBA838
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/theme/custom.js
Preview:	jQuery.noConflict()(function($){.... // Create the dropdown base.. $("<select />").appendTo("nav");.... // Create default option "Go to..." .. $("<option />", {.. "selected": "selected",.. "value" : "",.. "text" : "Please choose page" .. }).appendTo("nav select");.. //new dropdown menu.. $("nav a").each(function() {.. var el = $(this);.. var perfix = '';.. switch(el.parents().length){.. case(11):.. perfix = '';.. break;.. case(13):.. perfix = '-- ';.. break;.. default:.. perfix = '';.. break;.... }.. $("<option />", {.. "value" : el.attr("href"),.. "text" : perfix + el.text().. }).appendTo("nav select");........ $("nav select").change(function() {.. window.location = $(this).find("option:selected").val();.. });.. });..});..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\down[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 15 x 15, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	748
Entropy (8bit):	7.249606135668305
Encrypted:	false
SSDEEP:	12:6v/7/2QeZ7HVJ6o6yiq1p4tSQfAVFcm6R2HkZuU4fB4CsY4NJlrvMezoW2uONroc:GeZ6oLiqkbDuU4fqzTrvMeBBlE
MD5:	C4F558C4C8B56858F15C09037CD6625A
SHA1:	EE497CC061D6A7A59BB66DEFEA65F9A8145BA240
SHA-256:	39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781
SHA-512:	D60353D3FBEA2992D96795BA30B20727B022B9164B2094B922921D33CA7CE1634713693AC191F8F5708954544F7648F4840BCD5B62CB6A032EF292A8B0E52A44
Malicious:	false
IE Cache URL:	res://ieframe.dll/down.png
Preview:	.PNG........IHDR...............ex....PLTE....W..W..W..W..W..W..W..W..W..W..W..W..W.U..............W..W.!Y.#Z.$\.'].<r.=s.P..Q..Q..U..o..p..r..x..z..~.............................................b.............................................................................................................................................................................................................$..s...7tRNS.a.o(,.s....e......q*...................................F.Z....IDATx^%.S..@.C..jm.mTk...m.?\|;.y..S....F.t...,.......D.>..LpX=f.M...H4........=...=..xy.[h..7....7.....<.q.kH....#+....I..z.....'.ksC...X<.+..J>....%3BmqaV...h..Z._.:<.Y_jG...vN^.<>.Nu.u@.....M....?...1D.m~)s8..&....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\error[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	65318
Entropy (8bit):	4.984216586859167
Encrypted:	false
SSDEEP:	768:DrSf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkennw:fptur+2qW2lJTo2+jMRHUnktX7B
MD5:	82AB8E3D232B419F328A129BA4E0B2BE
SHA1:	16CA9C7D0B9EE67DDCAF2B73377C0CDEDC7FDD07
SHA-256:	4E23DCB4AD205C9E5831932AC3D09DB814DC1664E0B8516665EC1FC4D89A4CFD
SHA-512:	0D630B115BD98885102C1B3541ECE29923CC93CA070031D16E65BDE3235606A5359F64C7501359A1509DD5C338CBB25F95106986AB1FAB20C0E790C2CF200EBE
Malicious:	false
IE Cache URL:	https://ykm.de/error.html?e=This+short+url+is+no+longer+active
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Error - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="An error occurred" />. <meta name="keywords" content="error, tiny, url, script, occurred" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/wide_layout.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\f[1].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	10035
Entropy (8bit):	6.016410080199775
Encrypted:	false
SSDEEP:	192:9wZjVJvxzwRXhpSfsjHVm8r/Wd0EBi+H8SB:+pJBeRaAfraiqB
MD5:	CA2868DDEA7BE26C23852BABE55BC03D
SHA1:	716D04449F4402B6C06CC652224A821B1ECD0E39
SHA-256:	4ED263AD8C1F51F9C78219BF7C8450A26C65E6641A1A551C7A3B2AFA97BD7C4F
SHA-512:	710F7F9746F65CAAA6D3C48A39AA69F9BCF4EB2A61FB8E66017BD5932DEEFFF79C556DB6B9546A3BDF27AD4587D7B5692EEEB1DAC4E507DF0BCEDD43DEE43069
Malicious:	false
IE Cache URL:	https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Preview:	{"sodar_query_id":"Eob8X_PZBtOngAfum4OIBg","injector_basename":"sodar2","bg_hash_basename":"YaMN4Oy8AhH-iW3da0J-Nuczn6meMMc-yumwdmwIUIQ","bg_binary":"RPilNgFbO9A5mbOmRPnJH5NAYB7mxC47B/g85oE9Ab7MlAsIxAbDFRc5I2t4Qyv1jAb4zYsxG10M6uEGJvxjY8XzEpuz48jYgZuc00lUUqaNn575pOGDRXLADAqydkltZtORBOzjGG2qVGPmbqrMshrIUF3sEXUhJ691rLLBxtQu9gLgSwlX7N+HWrq2rfxluDcewkrSaud9MjZPc2VdB4HRugMaHq6k6ygy4AfCpZzDqBLBL/shu0jaOTm3csNNlPmRAFoRc8DfNifRFokq+6fXD5/4wSzrE85nWDfbqk8vL89tjOZOIfjVhHKqknmjVowKAoTti7HIhPDhX0E03dTYuFiqqHEo4yPsG4jG9AU5jxXnqokHdQN6lXp+O76WrnflcjJi+3Xl/g6f5Vsrb7odwHVP58qUW7Qai6HX+9C52YkSTyHGFgBw+dgPK3tufFm3CqyaFBm18+If0xlv6ebCNYBUbRHohUrtfFF1PI4b3cOP2tLUdqD+QtsEKc5fmk+Y+TPKFrjwjp8h8qx14RgJmr4PG6MFmBivLTn1IqWkH88luvjwqoTuSAlqcZ3Toepifv/MhWYe7u1W4l0SAbgo0f8dzA334QWvhIHqxj49JRg1H2JcAwpDgKYfVYhmwoRZ1upYB4PgOsbtzcR5FAJitFQW5L2iVLXGWwhFZ5r8KoDZnKb5I48N1n9ox7HPvGU8m6E4inndjVpVndbqG84RWM/cmRA1lAb77xBxCGYILYhnjzI0rInKcgNPWwY8x46VFsyEhAH5TkE9ZeZkf3gRGJXUjNLIWNBMYXl1gCDo/ut4WDO64sQ0J30NNE0215outY3LdAJb/5MvsG

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\f[2].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	135658
Entropy (8bit):	5.527456277707522
Encrypted:	false
SSDEEP:	3072:5SocAkHIGEk9PfRUoKcXPao1i7lHjeidOR2:upoOKcCMi7lDeBR2
MD5:	EBBB9B99F39DD8DD5B87F4A6563053A9
SHA1:	9B1B0A438F72CB73172304086E79B45269BDE70D
SHA-256:	CA1EA37E2772D92801DB83691BFD5FF2395CA21C5AFA6E650BF0EBB32F501C38
SHA-512:	00E91619964832642B983AEFEDA9D1CBBAF68E2B9062A751DECDE2292407E3E1CDFD6C9056087EB9618A765C32D0FC22F6A785BDFAE963913FD4F80C01679C5C
Malicious:	false
Preview:	(function(){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var n;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a}; .function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var da=ca(this),ea="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),q={},fa={};function t(a,b){var c=fa[b];if(null==c)return a[b];c=a[c];return void 0!==c?c:a[b]} .function x(a,b,c){if(b)a:{var d=a.split(".");a=1===d.length;var e=d[0],f;!a&&e in q?f=q:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=ea&&"es6"===c?f[d]:null;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\faq[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	67815
Entropy (8bit):	4.979610005460299
Encrypted:	false
SSDEEP:	768:0HSf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkennA:0Hptur+2qW2lJTo2+jMRHUnk4h4X7B
MD5:	83476F85DE708E1ABD64D58E4226C684
SHA1:	0A6CC0CF350B7E7F4C0E2FA8D350D3C3F946E6DB
SHA-256:	AE96DFB24041AB9570E233789FAF56474505B261C13185DBC87B912460091169
SHA-512:	B568744C0770847C205A4D299C7003925BD0FE9722380C41340DA49654ABB344E33B39DAADAB9419BA5A9393E40C6D00CED948B465AFE9FADE38E562BCD16F8F
Malicious:	false
IE Cache URL:	https://ykm.de/faq.html
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>FAQ - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Frequently Asked Questions" />. <meta name="keywords" content="faq, frequently, asked, questions, short, url, site" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/wide_layout.css" rel="stylesheet"/>. <link href

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\font-awesome.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	23757
Entropy (8bit):	4.758786109395766
Encrypted:	false
SSDEEP:	192:nqHtZX8W+ab2edrKeTUKuErArKlcZJVrJ3ee+cR6waYm215bvfhf5DrkHUasT:is5yWeTUKb+KlkJ5de2UYmyTfhYUasT
MD5:	FBAB9BD833DFD405FE5119ACC3AD60B8
SHA1:	70E968A95DE272546B8D4155F08DD186920B1438
SHA-256:	53486122A592B9C53DA3905FDF3447489D9CFE384A5F119E84BEB2A3A1DF2EA5
SHA-512:	9133B3EE57AB6F13BE5C284FC4F93076E34ED32A55FF1EEB29C6555FF290A56D04C45301E1DAE331D7CD9690F006FD987B0F28810AABFE741DC65D55B6A5D699
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/font-awesome.min.css
Preview:	/!. Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../../fonts/fontawesome-webfont.eot?v=4.3.0');src:url('../../fonts/fontawesome-webfont.eot?#iefix&v=4.3.0') format('embedded-opentype'),url('../../fonts/fontawesome-webfont.woff2?v=4.3.0') format('woff2'),url('../../fonts/fontawesome-webfont.woff?v=4.3.0') format('woff'),url('../../fonts/fontawesome-webfont.ttf?v=4.3.0') format('truetype'),url('../../fonts/fontawesome-webfont.svg?v=4.3.0#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;transform:translate(0, 0)}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-s

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\httpErrorPagesScripts[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	dropped
Size (bytes):	12105
Entropy (8bit):	5.451485481468043
Encrypted:	false
SSDEEP:	192:x20iniOciwd1BtvjrG8tAGGGVWnvyJVUrUiki3ayimi5ezLCvJG1gwm3z:xPini/i+1Btvjy815ZVUwiki3ayimi5f
MD5:	9234071287E637F85D721463C488704C
SHA1:	CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152
SHA-256:	65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
SHA-512:	87D691987E7A2F69AD8605F35F94241AB7E68AD4F55AD384F1F0D40DC59FFD1432C758123661EE39443D624C881B01DCD228A67AFB8700FE5E66FC794A6C0384
Malicious:	false
Preview:	...function isExternalUrlSafeForNavigation(urlStr)..{..var regEx = new RegExp("^(http(s?)\|ftp\|file)://", "i");..return regEx.exec(urlStr);..}..function clickRefresh()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..window.location.replace(location.substring(poundIndex+1));..}..}..function navCancelInit()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..var bElement = document.createElement("A");..bElement.innerText = L_REFRESH_TEXT;..bElement.href = 'javascript:clickRefresh()';..navCancelContainer.appendChild(bElement);..}..else..{..var textNode = document.createTextNode(L_RELOAD_TEXT);..navCancelContainer.appendChild(textNode);..}..}..function getDisplayValue(elem

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jflickrfeed.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	1731
Entropy (8bit):	5.1282546572483225
Encrypted:	false
SSDEEP:	48:U7TGMFvLAmzFXIJ1CVK/lV463kG7M1DxErroUaf6:U7aMFvLAmzhKDxkG7M1DxEr9
MD5:	EDDDF66884FE1A84ED2BFADF5DE6B61C
SHA1:	CD8B2CDC1137045FD67FDD1CF3CAD81E2752B717
SHA-256:	7331E568D44900F570F233A6CC0022A6A8F272F6FDABCAE6DDC2092FE1C00C1A
SHA-512:	74B63994F53A8964CD48B520165D62679E5B1A88DA17CD54E2DB32C87F1EDC3A6E7EE68F9F4FF5B2C29D7D75B38CDAD2BC0AF80CBEE2F50EDE9F41D91BE3F17E
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/theme/jflickrfeed.min.js
Preview:	/.. Copyright (C) 2009 Joel Sutherland..* Licenced under the MIT license..* http://www.newmediacampaigns.com/page/jquery-flickr-plugin.... Available tags for templates:..* title, link, date_taken, description, published, author, author_id, tags, image../..(function($){$.fn.jflickrfeed=function(settings,callback){settings=$.extend(true,{flickrbase:'http://api.flickr.com/services/feeds/',feedapi:'photos_public.gne',limit:20,qstrings:{lang:'en-us',format:'json',jsoncallback:'?'},cleanDescription:true,useTemplate:true,itemTemplate:'',itemCallback:function(){}},settings);var url=settings.flickrbase+settings.feedapi+'?';var first=true;for(var key in settings.qstrings){if(!first)..url+='&';url+=key+'='+settings.qstrings[key];first=false;}..return $(this).each(function(){var $container=$(this);var container=this;$.getJSON(url,function(data){$.each(data.items,function(i,item){if(i<settings.limit){if(settings.cleanDescription){var regex=/<p>(.*?)<\/p>/g;var input=item.description;if(regex.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery.autosize-min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	2122
Entropy (8bit):	5.335066184702954
Encrypted:	false
SSDEEP:	48:UUCzaxmriWU3Tp7sryHyw8hd1o8tvVpZVIbGX3VR7vcDwESO:DCzrwjp7srw+7bHZKbgnrcUVO
MD5:	B5C0EF55A224ABF5047E9DC3B4FC1225
SHA1:	83149C43EFFB6156970D096EF45C64D185A1A1FC
SHA-256:	0DB91532815790FA85AE602886D621FB2BD429BA2C9C85AAC1D31751E3FDBADB
SHA-512:	3BB5D44F2C7F81377FA301D5852B325C86245B3E2852C0767471474DF92DF7F8E7593A3660BD4A6F3AB9AA7F31730C1236D5E957514D16B25DB3AF8B8BDE5D3D
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/jquery.autosize-min.js
Preview:	/!..jQuery Autosize v1.16.7..(c) 2013 Jack Moore - jacklmoore.com..updated: 2013-03-20..license: http://www.opensource.org/licenses/mit-license.php./.(function(e){var t,o,n={className:"autosizejs",append:"",callback:!1},i="hidden",s="border-box",a="lineHeight",l='<textarea tabindex="-1" style="position:absolute; top:-999px; left:0; right:auto; bottom:auto; border:0; -moz-box-sizing:content-box; -webkit-box-sizing:content-box; box-sizing:content-box; word-wrap:break-word; height:0 !important; min-height:0 !important; overflow:hidden;"/>',r=["fontFamily","fontSize","fontWeight","fontStyle","letterSpacing","textTransform","wordSpacing","textIndent"],c="oninput",h="onpropertychange",p=e(l).data("autosize",!0)[0];p.style.lineHeight="99px","99px"===e(p).css(a)&&r.push(a),p.style.lineHeight="",e.fn.autosize=function(a){return a=e.extend({},n,a\|\|{}),p.parentNode!==document.body&&(e(document.body).append(p),p.value="\n\n\n",p.scrollTop=9e4,t=p.scrollHeight===p.scrollTop+p.clientHeight),this.e

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery.dataTables.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	69604
Entropy (8bit):	5.377786670862721
Encrypted:	false
SSDEEP:	1536:9Wbx6yktBJR6wIsJLl8Td/7oHfCkYQJtpG3:EOMoa
MD5:	737F853E9FD6A31D62F5028E88663C9F
SHA1:	CF144F2AB49F53A69FBFE10D3588FC23437D2736
SHA-256:	6C3CA64B7ACFDD29B3CA6F1B9B46696369ABD462D4546182085C347F72211841
SHA-512:	C148B09FBA278EA4A75F57817A8BE87ABD06F9A6D9A46A23619A32A4BCD4CA4AC89E73D969ECD359BFB2B6B09C7A25E6F5BEC05B9435928F585847C47026D91C
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/jquery.dataTables.min.js
Preview:	/. File: jquery.dataTables.min.js. * Version: 1.8.0. * Author: Allan Jardine (www.sprymedia.co.uk). * Info: www.datatables.net. * . * Copyright 2008-2011 Allan Jardine, all rights reserved.. . This source file is free software, under either the GPL v2 license or a. * BSD style license, as supplied with this software.. * . * This source file is distributed in the hope that it will be useful, but . * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY . * or FITNESS FOR A PARTICULAR PURPOSE. See the license files for details.. */.(function(i,wa,p){i.fn.dataTableSettings=[];var D=i.fn.dataTableSettings;i.fn.dataTableExt={};var o=i.fn.dataTableExt;o.sVersion="1.8.0";o.sErrMode="alert";o.iApiIndex=0;o.oApi={};o.afnFiltering=[];o.aoFeatures=[];o.ofnSearch={};o.afnSortData=[];o.oStdClasses={sPagePrevEnabled:"paginate_enabled_previous",sPagePrevDisabled:"paginate_disabled_previous",sPageNextEnabled:"paginate_enabled_next",sPageNextDisabled:"p

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\plus_icon[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1109
Entropy (8bit):	7.721087930383875
Encrypted:	false
SSDEEP:	24:igbkIviVBfjhqJ62Aan+JDTCy6s+SoxdP8NA:iGkIviVBfjh467N5ZFoxdPF
MD5:	5E2E68BFB694C0E19F505FEA933FA54D
SHA1:	7DC975D8EE927EF6619AD5E73554685525B67C6A
SHA-256:	19820A113BB1D006964AC41987870D4888583C97D0BBCC5171B3A729428541DB
SHA-512:	5525A80E7019C3240F15F724A624C389FA0AABF129B2D3B488DD221A2C55B2887D99C2FE4C3A7BC3E648F3A0C97A5F0F656E523D4E9BAF8123DED955B7409517
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/plus_icon.png
Preview:	.PNG........IHDR...............c....sBIT....\|.d.....pHYs...........~.....tEXtCreation Time.18/01/2010..H....tEXtSoftware.Adobe FireworksO..N....IDATH...K..U....V..t.$31!......B@..9t.&.p.F.5_@D..\..\...q'.P...3d......:...3!...s...=...s.yHDp..@n\......8V..O......M.u..kq.,N}..0..>~..{...%.... .d...z..i..'m..-=^... D..x8..$.6...8.=QE.C..<.(.D.P...#.]T.s...j....P.H)a.8.....m.<G..w342.zz/$...B#cf....i.F.B-..Q<..<.K..;.-:..(..rc...p..aN........xK.4............ uJl.<a...,...o....I..!.$""B...._.)...b.$.aT.(.pe\|}...vU.z...."<,,=Z....T/]y..v.T..........y.........F...........6.....Q.0/\|..+u.2m..U.x4.....!d<......ax8..4.Q...Y....;./.3.k...7O%Z...(...3.c(. ...%..t...wA...p.6.w/..6..v.%.yH6.Qo.!.'p....@[..q.....=..j.)s.e..c.P\|.{!pD...#O....0..la.u1....h,.X...i...@......8/(j^.%....im.y...t.I..Mg.*.....M$`..X.\|P......}...Y..."..dgg....q..r..8..F.u..=...2"Hmn...?~<..zE..Z.H.#.y.R...D..$.........8l.......Y._.pvG.....`.u..D#a..........X .&EM.5.. ..5..l.<.i%U

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\runner[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	12318
Entropy (8bit):	5.314497117961088
Encrypted:	false
SSDEEP:	192:I7UTGaZMNZU5mFCD+hgnFGzb90VzsiKvWJ9jkyN88:y4AFcZn8F0VzseJQ8
MD5:	892009D341852C0AE2F39AAADC568D6C
SHA1:	B645A3A8CD30464433BAA0ABEE04396D5BDE0525
SHA-256:	E46E226858CB1C57593472A14B545F60F1A7CD2BE103EB0F711917A4F2A01308
SHA-512:	4B7ACD8B3C7E89CFFA18C6BBDF31EF317EAB82CCE271D93133E6DD71EE0B5DEA5E8A4FA51DBCB0D10F00B46E501750AEFA263A66FB2F18F562D8666C3892CE5A
Malicious:	false
IE Cache URL:	https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Preview:	<!DOCTYPE html>.<meta charset=utf-8><script>.(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';function m(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function p(a){var b="undefined"!=typeof t.Symbol&&u(t.Symbol,"iterator")&&a[u(t.Symbol,"iterator")];return b?b.call(a):{next:m(a)}}var aa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},v="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};.function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");}var w=ba(this),x="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),t={},y={};function

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\KQGQMC7O.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	465
Entropy (8bit):	5.314069571660964
Encrypted:	false
SSDEEP:	12:hYzx7BqhCnmr7ctQtqqJmrLgFBQt+4Nbx8oA2HVt:hYzxBqhCY42RIt+4NBA2b
MD5:	88BF24642893F2E9F7592E0FD3464D46
SHA1:	2C543C8DA2D86ABF50B007B07E8DB8EE8F6F82ED
SHA-256:	D326EED23F9D217734D32A76AD6448D9769AD9441A37A30CE3134877636F0DFA
SHA-512:	0B166D21BF489225D2BBCAEAD4468150FC2D02E8ACDC33436582D3E779F1E70438F7A1B4F9E2E264E00155FC3307AB1D2A19A8A3247B588DDC46C44D59491154
Malicious:	false
IE Cache URL:	https://href.li/?https://ykm.de/65f0a4768a364c17
Preview:	<!DOCTYPE html>.<html><head>.<title>href.li</title>.<meta http-equiv="Refresh" content="0; url=https://ykm.de/65f0a4768a364c17" />.<meta name="referrer" content="no-referrer" />.<script type="text/javascript">./* <![CDATA[ /.window.location.replace( "https:\/\/ykm.de\/65f0a4768a364c17" + window.location.hash );./ */.</script>.</head>.<body><p>Redirecting..<br /><a href="https://ykm.de/65f0a4768a364c17">https://ykm.de/65f0a4768a364c17</a></p></body></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\PRmiXeptR36kaC0GEAetxh_xHqYgAV9Bl_ZQbYUxnQU[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21524, version 1.1
Category:	downloaded
Size (bytes):	21524
Entropy (8bit):	7.968787463619674
Encrypted:	false
SSDEEP:	384:xUtz2PcceIA3bILf1sBZc6wUYkFtB+e+YTr6/UGVA7HCshb6dddddvXTR+Vw:xUtSUc8kf1eZzdntB2YKbVAmIb0U2
MD5:	C7BDA75B1D04DD8C00F5E057D3489E21
SHA1:	7C183A9BB69A412B6BC9D4FD0D51056C6168AE56
SHA-256:	630D5A53820A8FEC8C0C4583F1A276DF0A8FB41091D448E0162CB50A80053B4E
SHA-512:	52261BBDE700D3C5E437BAB485FDD0CD15F3BF806DDD45F5630D57D12BA39CD22EF32F1C22CCA467965ECE6B2588430BA0817A6A3BAB3A7178329212BB5A95B2
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/PRmiXeptR36kaC0GEAetxh_xHqYgAV9Bl_ZQbYUxnQU.woff
Preview:	wOFF......T.................................FFTM...l........\..OS/2.......^...`..hcmap.......h.......cvt ...P...^.....M..fpgm............~a..gasp...\...........#glyf...l..3...J@..1_head..;....3...6....hhea..<0...!...$.(..hmtx..<T......XK?L3kern..>.......#.....loca..L.........z.i,maxp..ND... ... .t..name..Nd...%......s.post..Q....y....l..prep..S........$...J.........o1.....cI........^x.c`f........:....Q.B3_dHcb.`b.ffcfeabby....A!...A................ah..e.P``...c.g....\.~.....x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J..j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c.. .P...,..`....b`....C..D@$P..)._............a .p@.0.(.@.8. ..0....a8.............x.uU.S.F......"S.0.!.n..`.t..@)lm..u.b.3+.A"&cz.C...H

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ads[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556388878043573
Encrypted:	false
SSDEEP:	192:TtjY0I6p44JlVyjORGpM8O6njXIVhSa0pZrPhoG8FZ7BGUSczOZeYmfJ5iJRLJxP:TG0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI
MD5:	524C4EB9FD782257406546FF4F14F138
SHA1:	DCC91AFF7289F7743B2BB8BDA1D58B528530C015
SHA-256:	0D23F4A226212BD190A27972F8DCCD95180C79AFD6BC1AF982DE12722E1454D1
SHA-512:	1AEDEC383BD77152B8DDCE5E1D2E1ABB97E0B9B53E213E491F09B6D769D53C68CBBAF6A5F23E871A957AF3668611AEB7EE14D984160D25AE85CA084559E9901A
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417349&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Fregister.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417348751&bpp=37&bdt=482&idt=181&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=6343227133430&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417349&ga_hid=488988360&ga_fc=1&u_tz=-480&u_his=4&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=387605769970244&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=341
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1263,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ads[2].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.446669463410376
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fRqitFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2fdF5Kpp3iZd5F5G
MD5:	4C1A813F381606F5AA9A15C99FC7777B
SHA1:	B57AD3878F5CACACCA2BCC34F727231B2C86643A
SHA-256:	6A82422D188A97B0A571AC79818E4FF580141BE71B165E20CD04547F3ECE2585
SHA-512:	0F5177D911E9A55BBA2EC8355A0604344F6D1966257BAC8F4B6B3D58869AB64ED7F6DC3EC00E916F8CE5BEB98EB1F9B7A4746D151F3E47B3ED1A2C36E26FC54E
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417349&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Fregister.html&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417348788&bpp=10&bdt=515&idt=314&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=6343227133430&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417349&ga_hid=488988360&ga_fc=0&u_tz=-480&u_his=4&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=387605769970244&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=hZWRzNH2jw&p=https%3A//ykm.de&dtd=400
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"COzZiLevlO4CFRfG7Qod744N3w"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ads[3].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556388878043573
Encrypted:	false
SSDEEP:	192:TtjY0I6p44JlVyjORGpM8O6njXIVhSa0pZrPhoG8FZ7BGUSczOZeYmfJ5iJRLJxP:TG0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI
MD5:	524C4EB9FD782257406546FF4F14F138
SHA1:	DCC91AFF7289F7743B2BB8BDA1D58B528530C015
SHA-256:	0D23F4A226212BD190A27972F8DCCD95180C79AFD6BC1AF982DE12722E1454D1
SHA-512:	1AEDEC383BD77152B8DDCE5E1D2E1ABB97E0B9B53E213E491F09B6D769D53C68CBBAF6A5F23E871A957AF3668611AEB7EE14D984160D25AE85CA084559E9901A
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417367&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Findex.html%3F_t%3DEnglish%2B%2528en%2529&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417366935&bpp=48&bdt=783&idt=188&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=8142626605308&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417367&ga_hid=1627427382&ga_fc=1&u_tz=-480&u_his=13&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=44731609%2C21067213%2C21068769%2C21069710&oid=3&pvsid=2002097160963238&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=272
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1263,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ads[4].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556230132069357
Encrypted:	false
SSDEEP:	384:ToI0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI:TlHqR2BaQZrWGmcP
MD5:	0FBCB91C2863D070EDBFFBEEC677F74B
SHA1:	BD0E2057823F0815A914018D1633ADEAA0EE175F
SHA-256:	F5DDB7072327B926FD281249441CDD7A14E9F2DF41CE8CDE5600085B24591BB4
SHA-512:	BE73513ECE8E17890F5BB66CE847386857E0C4BC7E53BB7C12681DA18131DE6A4EB7E4ABA570C5F011D89348D0C21403FBA0FD86ECD50C128F840842ECEDE548
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417369&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Findex.html%3F_t%3DDeutsch%2B%2528de%2529&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417368907&bpp=78&bdt=381&idt=214&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=2042136898454&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417369&ga_hid=18271482&ga_fc=1&u_tz=-480&u_his=14&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1280&bih=906&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068946&oid=3&pvsid=2852579933633363&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=301
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1280,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bookmarklet[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	67688
Entropy (8bit):	5.00104730175302
Encrypted:	false
SSDEEP:	768:ySf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkennap:yptur+2qW2lJTo2+jMRHUnk1X7B
MD5:	DD0ECF49ED8AE46D14265E646AC20416
SHA1:	108200228194F599729DAD117C055DE036CA2B9B
SHA-256:	9623428A90973E3168741CD34A374043533C6474FB0037C558D76FB1CF5B7E82
SHA-512:	FB51FF7A9676C5BED05287273199E0D0A2C02C74B7EDA92083CB2E80A28B7BA5BBF5BFA2FAE20729D6E9C3D27C4732CC5F18E281419C999C0C24B8497DD79D24
Malicious:	false
IE Cache URL:	https://ykm.de/bookmarklet.html
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Bookmarklet - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Bookmarklet" />. <meta name="keywords" content="bookmarklet, tools, short, url, bookmarklet, api, application, programming, interface, short, url, site" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/wide_layout.css"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\errorPageStrings[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	dropped
Size (bytes):	4720
Entropy (8bit):	5.164796203267696
Encrypted:	false
SSDEEP:	96:z9UUiqRxqH211CUIRgRLnRynjZbRXkRPRk6C87Apsat/5/+mhPcF+5g+mOQb7A9o:JsUOG1yNlX6ZzWpHOWLia16Cb7bk
MD5:	D65EC06F21C379C87040B83CC1ABAC6B
SHA1:	208D0A0BB775661758394BE7E4AFB18357E46C8B
SHA-256:	A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F
SHA-512:	8A166D26B49A5D95AEA49BC649E5EA58786A2191F4D2ADAC6F5FBB7523940CE4482D6A2502AA870A931224F215CB2010A8C9B99A2C1820150E4D365CAB28299E
Malicious:	false
Preview:	.//Split out for localization...var L_GOBACK_TEXT = "Go back to the previous page.";..var L_REFRESH_TEXT = "Refresh the page.";..var L_MOREINFO_TEXT = "More information";..var L_OFFLINE_USERS_TEXT = "For offline users";..var L_RELOAD_TEXT = "Retype the address.";..var L_HIDE_HOTKEYS_TEXT = "Hide tab shortcuts";..var L_SHOW_HOTKEYS_TEXT = "Show more tab shortcuts";..var L_CONNECTION_OFF_TEXT = "You are not connected to the Internet. Check your Internet connection.";..var L_CONNECTION_ON_TEXT = "It appears you are connected to the Internet, but you might want to try to reconnect to the Internet.";....//used by invalidcert.js and hstscerterror.js..var L_CertUnknownCA_TEXT = "Your PC doesn\u2019t trust this website\u2019s security certificate.";..var L_CertExpired_TEXT = "The website\u2019s security certificate is not yet valid or has expired.";..var L_CertCNMismatch_TEXT = "The hostname in the website\u2019s security certificate differs from the website you are trying to visit.";..var L

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\exclamation[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	701
Entropy (8bit):	7.537917344298478
Encrypted:	false
SSDEEP:	12:6v/7CLruYCttIuR6xaz7NDUP6n2gjrCzl/lC/4WqJSGZH40AC7gxcyWRQyq1:/zCttX6xalUP62YrY9lC/4HJjY0AC5b8
MD5:	E4DD51F46566ED3CEACDC900BF2FDF01
SHA1:	A460CC5CEACA30E0338EA784C6A0A83EFDCFCA31
SHA-256:	C89B56C55B934B1F05EF01D47AA7169B5CA0322C37D1FCF62B067D660EB29F12
SHA-512:	5A2C8A83C8D83B8CF0EA64CE79421B74373F2198938F60BF3218FABD0BD28796FE7812A95FF2A2B3A16D8DEE5F100A6DF10BBEF575EAAFB20DCE5D77AF4A600D
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/vc/exclamation.png
Preview:	.PNG........IHDR................a....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...OIDAT8...K.a........SA..oc....6...PD.C.......D....@.Zx.h1.N..."..C.N...:v....f.}.....6uv...y..y.1....=!..4.vCv..$...H.S8d......P....M`+..S...n.v~c..H.Vr}....O.........KW...55Bb.`l..`yj`yk.1.Aj...E......@..E......oqS.2.F..E....6...4(l=...$6#.1![.?....@Dw$-W....fW.&D.$.F.n>.SR..Ju....Z.NWc#di........@%.....b_s..R......^...t&:?.!Dm.S.Q..e.JWe.J.q..MT.....'D....B.........:RE.._.as..3....C2..Vz9W....[...9..w.U....B4!B..\|..z.....PJ.fVc..d.Em...Z..V.w!...O...p.....zp.!Mu..S..>x.......9.f.0..U..x8...G.Hv.=}..u..G.B...y=.-..Ka..J....8.K.+${.?......`.......v...L...3.7.....Lj.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\f[1].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	264759
Entropy (8bit):	5.510025846690705
Encrypted:	false
SSDEEP:	6144:eVBPIYlHjj7AqqIoY/a9HAMW9lCjd5NVdhwJaD:wjHjj7jqIoY/a3MlOd5NVvwJ2
MD5:	C0E5468CC4FA9759A9A598B46332A373
SHA1:	9EE21C4F50688881C561DD76C0A720D59F8500E2
SHA-256:	6FD9072EE947E4D641435B2E0EA0ACA3E5619275936FB6FFF0FDCE4284C169AB
SHA-512:	5021CC885133ADAF2A81E7E49B0FEB13F60EBC2959421EA8112654A8889BB3B60DABC0F4B3FA514A051247B41EA744801EB5A44AF8183F92DF3E4EB0E31223D8
Malicious:	false
IE Cache URL:	https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl.js
Preview:	(function(window,document,location){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var p;function ba(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ca="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a}; .function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=ea(this),ia="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),r={},ka={};function t(a,b){var c=ka[b];if(null==c)return a[b];c=a[c];return void 0!==c?c:a[b]} .function w(a,b,c){if(b)a:{var d=a.split(".");a=1===d.length;var e=d[0],f;!a&&e in r?f=r:f=ha;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\f[2].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	107
Entropy (8bit):	4.687983113383467
Encrypted:	false
SSDEEP:	3:oVewGL34zhoJMd/xC0MId/avHvpHlxfYf:ogwcozOJe/xeq/Ynxwf
MD5:	D9C47F48660B656705D0FF86FC850DE8
SHA1:	BCEB9478F69CDFC2EB87AE6B80E95DBAAC8B6769
SHA-256:	A4A1824DEFEC1084CA81D496EE77891684C26196924BDC4FC21DD3482CE15E14
SHA-512:	0CDE289EAD00BD9B3BDD614FEC5B5EB132FDD0D9EEF5136F7E6EA0081F7D8DBF8144EE90067C8C25C4547FAC4ADC8FEA1B028930C9EDCF023151758BF6671D6A
Malicious:	false
Preview:	processGoogleToken({"newToken":"","validLifetimeSecs":300,"freshLifetimeSecs":300,"1p_jar":"","pucrd":""});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\f[3].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	107
Entropy (8bit):	4.687983113383467
Encrypted:	false
SSDEEP:	3:oVewGL34zhoJMd/xC0MId/avHvpHlxfYf:ogwcozOJe/xeq/Ynxwf
MD5:	D9C47F48660B656705D0FF86FC850DE8
SHA1:	BCEB9478F69CDFC2EB87AE6B80E95DBAAC8B6769
SHA-256:	A4A1824DEFEC1084CA81D496EE77891684C26196924BDC4FC21DD3482CE15E14
SHA-512:	0CDE289EAD00BD9B3BDD614FEC5B5EB132FDD0D9EEF5136F7E6EA0081F7D8DBF8144EE90067C8C25C4547FAC4ADC8FEA1B028930C9EDCF023151758BF6671D6A
Malicious:	false
Preview:	processGoogleToken({"newToken":"","validLifetimeSecs":300,"freshLifetimeSecs":300,"1p_jar":"","pucrd":""});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\f[4].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	12
Entropy (8bit):	3.188721875540867
Encrypted:	false
SSDEEP:	3:tDKn:tDK
MD5:	124D3918819AB4C349A7F9FA979BEF07
SHA1:	6AD167D76A8768130783CD19AA6D8143C0B1BF37
SHA-256:	DAA795332E5DBCF893ADF2D5F3349F02B8C1CB957FF3B5F4C11B742E33C3376F
SHA-512:	4F7F15B28C6B38FC66002DBEE29688B801A689B716093BA63ADBE23FFFE144621198973A8AC4981FF2D20881BD4C84E45130A631E5B9A5EAE3A5FE26C106F7D0
Malicious:	false
IE Cache URL:	https://partner.googleadservices.com/gampad/cookie.js?domain=ykm.de&callback=_gfp_s_&client=ca-pub-8989771679754051&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA
Preview:	_gfp_s_({});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\f[5].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	406810
Entropy (8bit):	5.526906160512109
Encrypted:	false
SSDEEP:	12288:uaOKcLi7lDeBRhanKcLi7lDeBRhanKcLi7lDeBR2:bOpi7lDeBRMnpi7lDeBRMnpi7lDeBR2
MD5:	E98155B0C409B8FCF45F0E1A91601A1F
SHA1:	D4A46C7F13A907C87B7B06E8F814F793598C67C1
SHA-256:	E44CE986B3DB384C20B5E1739EE5D646B2A72BD770E6B2E23F9719E459BBE498
SHA-512:	E6FE9AA840062EF8C9D8A66D6AF58BD033DF8611FBF1F764B8FE50B2F5C41B311106699B80C921F6E86EE4C4E479CAB525A317E4B228DDB7B7F9C13849AAB548
Malicious:	false
IE Cache URL:	https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Preview:	(function(){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var n;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a}; .function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var da=ca(this),ea="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),q={},fa={};function t(a,b){var c=fa[b];if(null==c)return a[b];c=a[c];return void 0!==c?c:a[b]} .function x(a,b,c){if(b)a:{var d=a.split(".");a=1===d.length;var e=d[0],f;!a&&e in q?f=q:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=ea&&"es6"===c?f[d]:null;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\httpErrorPagesScripts[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	12105
Entropy (8bit):	5.451485481468043
Encrypted:	false
SSDEEP:	192:x20iniOciwd1BtvjrG8tAGGGVWnvyJVUrUiki3ayimi5ezLCvJG1gwm3z:xPini/i+1Btvjy815ZVUwiki3ayimi5f
MD5:	9234071287E637F85D721463C488704C
SHA1:	CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152
SHA-256:	65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649
SHA-512:	87D691987E7A2F69AD8605F35F94241AB7E68AD4F55AD384F1F0D40DC59FFD1432C758123661EE39443D624C881B01DCD228A67AFB8700FE5E66FC794A6C0384
Malicious:	false
IE Cache URL:	res://ieframe.dll/httpErrorPagesScripts.js
Preview:	...function isExternalUrlSafeForNavigation(urlStr)..{..var regEx = new RegExp("^(http(s?)\|ftp\|file)://", "i");..return regEx.exec(urlStr);..}..function clickRefresh()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..window.location.replace(location.substring(poundIndex+1));..}..}..function navCancelInit()..{..var location = window.location.href;..var poundIndex = location.indexOf('#');..if (poundIndex != -1 && poundIndex+1 < location.length && isExternalUrlSafeForNavigation(location.substring(poundIndex+1)))..{..var bElement = document.createElement("A");..bElement.innerText = L_REFRESH_TEXT;..bElement.href = 'javascript:clickRefresh()';..navCancelContainer.appendChild(bElement);..}..else..{..var textNode = document.createTextNode(L_RELOAD_TEXT);..navCancelContainer.appendChild(textNode);..}..}..function getDisplayValue(elem

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.easing.1.3[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text
Category:	downloaded
Size (bytes):	8097
Entropy (8bit):	5.390616885965898
Encrypted:	false
SSDEEP:	192:pl+Or8ur83V33R3hqRAsfAy4MOr8ur83V33R3hqo:zZr8ur83VHBhm+r8ur83VHBhL
MD5:	6516449ED5089677ED3D7E2F11FC8942
SHA1:	82E40D060BC269A6DDE20C3990CA5A4FEA6CA754
SHA-256:	0757F7FF6E5F6A581922A5E2D42C5E0CF7475D880885A9802E8BDD5E4188DD34
SHA-512:	6EBAE34E9F46E8C90A5F94235F0C00424B1C7C5A4A8B7A248F267F337BC6C3083DA88D66B28CFBCFE11B4012D7B139D52B73CE8D80461DC42F5F7E0614AAFFEC
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/theme/jquery.easing.1.3.js
Preview:	/. jQuery Easing v1.3 - http://gsgd.co.uk/sandbox/jquery/easing/. . Uses the built in easing capabilities added In jQuery 1.1. * to offer multiple easing options. . TERMS OF USE - jQuery Easing. * . * Open source under the BSD License. . * . * Copyright . 2008 George McGinley Smith. * All rights reserved.. * . * Redistribution and use in source and binary forms, with or without modification, . * are permitted provided that the following conditions are met:. * . * Redistributions of source code must retain the above copyright notice, this list of . * conditions and the following disclaimer.. * Redistributions in binary form must reproduce the above copyright notice, this list . * of conditions and the following disclaimer in the documentation and/or other materials . * provided with the distribution.. * . * Neither the name of the author nor the names of contributors may be used to endorse . * or promote products derived from this software without specific prior written permis

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.tweet[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	downloaded
Size (bytes):	12318
Entropy (8bit):	4.878625102038644
Encrypted:	false
SSDEEP:	192:G+uylKBdTSgZUpRIGAY/lc++4oZ9mjqdX1kSEADRpAVj1TOt9E4I7p4iKt93ZODJ:ckKCRIGAYm/9E4u4iAjODJ
MD5:	BEBC34009FC0F1FD396354CDE061E8CC
SHA1:	CF627BBF8162B69B225157370AA38DD926FEFDF1
SHA-256:	0BD297A38FB7B928E03194E67397A73D76F90379207C12E5B8E73F123C4D529A
SHA-512:	5BAAC1CEDA72670A1C96CD6E86482BFF8E29242648DBA8365D789FB8E942277F2B19CB73A1404CD39F14BAE9DBA90C8AAFC61C5533322B28E849B7929D835A81
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/theme/jquery.tweet.js
Preview:	// jquery.tweet.js - See http://tweet.seaofclouds.com/ or https://github.com/seaofclouds/tweet for more info..// Copyright (c) 2008-2011 Todd Matthews & Steve Purcell..(function($) {.. $.fn.tweet = function(o){.. var s = $.extend({.. username: null, // [string or array] required unless using the 'query' option; one or more twitter screen names (use 'list' option for multiple names, where possible).. list: null, // [string] optional name of list belonging to username.. favorites: false, // [boolean] display the user's favorites instead of his tweets.. query: null, // [string] optional search query (see also: http://search.twitter.com/operators).. avatar_size: null, // [integer] height and width of avatar if displayed (48px max).. count: 3, // [integer] how many tweets to display?..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.waitforimages[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	1464
Entropy (8bit):	5.308621975623849
Encrypted:	false
SSDEEP:	24:0DkVsaV6q4+6P3nhuewlamJF9QKDNOKay1C83YuDt/1hS2Qhd94gy:0Dk1yfwlamJTDNOKa7qYittP
MD5:	C06480EDC5DB7B9E35F4F02713CF1BAD
SHA1:	741DCE7C97AA2B400309F23C41A07188A013A8AD
SHA-256:	AA5D486A992D96FE0A780253E7441DA9CE88D21B48E59A778C7D4FD9DA799094
SHA-512:	44DEC4C818E85C980F68386BBD74659354FD021E811A5F73E9A0BD6C90E5846D64BAE5B8992327BB488DDAF9DF571108FFB67547CDBC62CD624DDB598521E7CF
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/theme/jquery.waitforimages.js
Preview:	/.. waitForImages 1.4.. * -----------------.. * Provides a callback when all images have loaded in your given selector... * http://www.alexanderdickson.com/.. .. .. * Copyright (c) 2011 Alex Dickson.. * Licensed under the MIT licenses... * See website for more info... .. /....(function(a){var b="waitForImages";a.waitForImages={hasImageProperties:["backgroundImage","listStyleImage","borderImage","borderCornerImage"]};a.expr[":"].uncached=function(b){if(!a(b).is('img[src!=""]')){return false}var c=document.createElement("img");c.src=b.src;return!c.complete};a.fn.waitForImages=function(c,d,e){if(a.isPlainObject(arguments[0])){d=c.each;e=c.waitForAll;c=c.finished}c=c\|\|a.noop;d=d\|\|a.noop;e=!!e;if(!a.isFunction(c)\|\|!a.isFunction(d)){throw new TypeError("An invalid callback was supplied.")}return this.each(function(){var f=a(this),g=[];if(e){var h=a.waitForImages.hasImageProperties\|\|[],i=/url$(['"]?)(.?)\1$/g;f.find("").each(function(){var b=a(this);if(b.is("img:uncached")){g.push(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\member_login[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	66257
Entropy (8bit):	4.97378889471299
Encrypted:	false
SSDEEP:	768:ESf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkennaU:Eptur+2qW2lJTo2+jMRHUnkQX7B
MD5:	89CC8628F2C7B013B50FD1003BBC1954
SHA1:	4DF91EDADC1D35321915C4ADDC7D665069130313
SHA-256:	A5EB4FC87D29456E9F4A6AE4DA433B1470236579BF41AC7C594583036849B8A7
SHA-512:	58DF92760EBA5D669131B129ABE5621C2B5F198B80D76751ACC57157BC953EA49982C3E5F39DC91849A98DEE2D006375C0653F256249F619B2259BB885AB7FD6
Malicious:	false
IE Cache URL:	https://ykm.de/member_login.html
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Login - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Login to your account" />. <meta name="keywords" content="login, register, short url" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/wide_layout.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\osd[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	75435
Entropy (8bit):	5.46540319582362
Encrypted:	false
SSDEEP:	1536:KqKf5Kk9M+POJJUU0mgQk6hr+fhOj6+lyRVWAtXLig9s:P4jsiOO+lyR1Vs
MD5:	5AC37794FC439D9965B62B0955FAC384
SHA1:	B81D9BCF15C5CEEA9EF3E50E0B2A2ADB44608625
SHA-256:	7A2C24123BF9E2D278064A1C1596653F626B24DEEDA2C4422DE8882840F82E83
SHA-512:	A88BD264192E183C343DCC4276FE648E478035C70A20421AF2427F54E968FEFB176EB73B3D1E374B7A8BA62D8DD9A4E7B6E0F318FA395734D8F447E6F29C15EE
Malicious:	false
IE Cache URL:	https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Preview:	(function(window,document){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var k;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var da=ca(this);function ea(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}}function fa(a){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];return b?b.call(a):{next:aa(a)}}function t(a){if(!(a i

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\sodar2[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	16489
Entropy (8bit):	5.3278781656847745
Encrypted:	false
SSDEEP:	384:9b6PXmzlcwwR9JWy3dVy5SeTMEjijNazLciIEHSzv:CqlLG9JR3G5SV5ziIRv
MD5:	940F0371D0B05D33EECED0E78EC8A66B
SHA1:	41B2BD4450BE194C1C51AC0E78E73F9C308A935A
SHA-256:	BAF04FF369A96D4BB7228E99A65163DE20845BF23826295DD3471AFD3CEE9EE5
SHA-512:	668251F7E9B87152EC7C4D810AC94540306CDB413D1CC06CFD9C28BACE221D11ED66B48753A2A7ED7384ACF455FBA8164542AC7D0338A96777DFB6089F871845
Malicious:	false
IE Cache URL:	https://tpc.googlesyndication.com/sodar/sodar2.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){var b="undefined"!=typeof n.Symbol&&p(n.Symbol,"iterator")&&a[p(n.Symbol,"iterator")];return b?b.call(a):{next:aa(a)}}var ca="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},q="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};.function da(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");}var r=da(this),t="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),n={},v={};function p(a,b){var d=v[b];if(null==d)return a[b];d

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\star_icon[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1290
Entropy (8bit):	7.779294294603693
Encrypted:	false
SSDEEP:	24:ieE9YjN5aDHM9ZCIRDt5RCwNQlo7IXxO9/MoJbGbBVwp2zp3ppfO5:iH9kN5aDHUZpbXTIhTPl+
MD5:	92E8EA554FB54A0F21937E8B323F02E5
SHA1:	EA137D0C2C03103CB5A6E47056AC5B1FB6EE098C
SHA-256:	7E62942D5B86FFA5BC910541AD5B612B8BFFCF96ADC2EF306648DEF54E146054
SHA-512:	E00137949271D3AD59DAEC530E303AEC36D72E8B307571D7972B619E0C249B24F42775831A10DFF8147350C462B80ED51FD6709AFC49FA2C9C032727B58EE6E5
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/star_icon.png
Preview:	.PNG........IHDR...............c....sBIT....\|.d.....pHYs...........~.....tEXtCreation Time.01/18/10Ye......tEXtSoftware.Adobe FireworksO..N...fIDATH...[l.U...gfwf;.[......@).pS.../...#jS...\|..^.o..D\|Ck.&.4..%$......b0....%.....ew..9>,.^.R....\|...............E..i..5+C...S.M.l..U.......6$4O84.}.UO..........]@....b..xK.+...vF!'....aoAu..WRP].......:c...+.y....w.pW..'._.+.:c...}.V.B.\|...UJ..Z\n>..y....{@.<.+.<R.^..K.........O.e.U{@<NG..I.2.te3G.".8).*.....:KJ.g.7\|.....[v...e,er99B....X.t.c...Cv...u......<.jx....yE..K..h.b..O.0@Z.!B.9J.._$..I..&~.....s(b[#C......i.-~~...[..........p........v......:... ....$...t~s.4..{BJ...b..@=Q..-....'.d....x.'...#....13z...<...s..&o.......!..LM......N.l.......-jW.......]+6.J.#....^.&....+M....t...D....w.[.O...[&w......?/...l... .....$..=...C..U.a..b.j.....m7.........;.v....xl.$v.27....\Ol........m+1.J...'..+:q..H+.m+..i.e...7-....S.. 5...<..T.......,Z..O...,..~p...%...EI...B...-..f...>.O....F...!...)F..U........"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\testimonialrotator[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	934
Entropy (8bit):	4.913724231487295
Encrypted:	false
SSDEEP:	12:KLdKEGSy9xYZxYaqEPGMMQ3HAY/YBS4SsJDGr5uCv1ybPVeNKvsPJ2UQPQqvsJjN:KRKEGSGiZFMiEkbsJgDNKWKQqSZFHVr
MD5:	FD186F28254A7331CDB6698D0487ADC2
SHA1:	0281479E3B7A22C978BEFA699463EA25E57776D9
SHA-256:	F9D05793DDACF41D51A255E9EA719278D6F910885CF3A6895FB8658613996059
SHA-512:	D234508E1F1CFBB7FF6B0BA5D6C85E167DE1F3B4CCC1BF309F79459EC7FCAC2849D25451DA47C7C43F5BD7ED4BA09D4D0BB21FF3BBF93764F07E55FE926318CF
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/theme/testimonialrotator.js
Preview:	.(function($) {...$.fn.testimonialrotator = function(o) {......var defaults = {....settings_slideshowTime : '5',....settings_autoHeight : 'on'...}......o = $.extend(defaults, o);...this.each( function() {....var cthis = jQuery(this);....var cchildren = cthis.children();....var currNr=0;....var timebuf=0;....var slideshowTime = parseInt(o.settings_slideshowTime);....setInterval(tick, 1000);....cthis.height(cchildren.eq(currNr).height());....cchildren.eq(0).css('position', 'absolute');....function tick(){.....timebuf++;.....if(timebuf>slideshowTime){......timebuf=0;......gotoNext();.....}....}....function gotoNext(){.....var arg=currNr+1;.....if(arg>cchildren.length-1){.....arg=0;.....}.....cchildren.eq(currNr).fadeOut('slow');.....cchildren.eq(arg).fadeIn('slow');.....if(o.settings_autoHeight=='on'){......cthis.animate({'height' : cchildren.eq(arg).height()}).....}.....currNr=arg;....}....return this;...})..}.})(jQuery)..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\wide_layout[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	7177
Entropy (8bit):	5.003480930616198
Encrypted:	false
SSDEEP:	192:cbWJW8b2SqEQ8/eDV9grZKEY5u5RuscZv5/iioK/:syVQ8/eDV9grZKb5u5Ru1vii
MD5:	FDEA8DE4CE3DE46006788556FD1BA0C5
SHA1:	FD31F6CB5DE362A392C547C418C23100C7CDE8A6
SHA-256:	30B84B640093E4FA8EF37D461D0F495A73695C2C03EAA1A9297D3884EF226C7F
SHA-512:	158307AF53CD4B7CF07C3AAC39A17F5139AD8FE874CBCF396662BADFFFC3CFBA8FD95DE217F3A983CF14773BBE08FCD4DABCF1F68580CB0727B1F79295DCCF59
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/wide_layout.css
Preview:	@media (min-width: 1200px) {.. body { padding:0px !important; margin:0px !important;}.. .row {.. margin-left: -30px;.. zoom: 1;.. }.. .row:before,.. .row:after {.. display: table;.. content: "";.. line-height: 0;.. }.. .row:after {.. clear: both;.. }.. [class="span"] {.. float: left;.. margin-left: 30px;.. }.. .container,.. .navbar-static-top .container,.. .navbar-fixed-top .container,.. .navbar-fixed-bottom .container {.. width: 1170px;.. }.. .span12 {.. width: 1170px;.. }.. .span11 {.. width: 1070px;.. }.. .span10 {.. width: 970px;.. }.. .span9 {.. width: 870px;.. }.. .span8 {.. width: 770px;.. }.. .span7 {.. width: 670px;.. }.. .span6 {.. width: 570px;.. }.. .span5 {.. width: 470px;.. }.. .span4 {.. width: 370px;.. }.. .span3 {.. width: 270px;.. }.. .span2 {.. width: 170px;.. }.. .span1 {.. width: 70px;.. }.. .offset12 {.. margin-left: 1230px;.. }.. .offset11 {.. margin-l

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21092, version 1.1
Category:	downloaded
Size (bytes):	21092
Entropy (8bit):	7.969760168265764
Encrypted:	false
SSDEEP:	384:Y2UIzBX+T74IMnIRgLWA/RwaTkC2YRabG5oG4FJtshb6dddddv0PDIbSPl:XUI9OT7cIRwR5wck2mIGXtIbQm
MD5:	1AFD1D044D8AD47A0E7DFEB1AC9F33DA
SHA1:	8EA3B4A7A1969629964BC02A5DED8F12A1107589
SHA-256:	BA392ABF7AA1D006749331FA8E97AC2202596A819DD382B46D051A28DCA74875
SHA-512:	1186D5973CF63A655313EC01B129DC51972F214152F193D0F1928AD42357F7B822EB6AB6EAC0DFF122F073BEB9E8CF7A09751F7CE9805218FC501C67741697D6
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk.woff
Preview:	wOFF......Rd.......p........................FFTM...l........\.LOS/2.......]...`.L..cmap.......h.......cvt ...P...W........fpgm............~a..gasp...T...........#glyf...d..2B..I...U.head..:....3...6....hhea..:....!...$.?..hmtx..;........Xd.B2kern..=.......#.....loca..K0........[.JJmaxp..L.... ... .]..name..M........Ej...post..O....y....l..prep..Ql........T............o1.....cH........Zx.c`f.g......:....Q.B3_dHcb```.fccfeabby....A!.(.............k....0.p.2E(00...x.n.R@..OT.'...x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c..$KY...e@.,.."..........?.....g....Z...[..5..=.d.......p.a.C?C..L...FF~..,...x.uU.S.F......"S.0.!.n..`.t..@)lm..u.b.3+.A"&cz.C...H..'r19..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\zrt_lookup[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10950
Entropy (8bit):	5.478288987193067
Encrypted:	false
SSDEEP:	192:0jocGIxlVnhqg/+++phjs0aF95zLUEDhx2YUmUy3vBfq:j5IzSpZsBr/l2YUmUy3o
MD5:	97DD2A1116B2A9C8B383BD9E1F31227D
SHA1:	18031BE599E2A4F3C3C741028DB2039136083B02
SHA-256:	8699293BBBFCA9E80536AAB0965E4ED3F1FE916CD0B43ADD6097BBF280AD2262
SHA-512:	D8D176BB729434E2D4EDC3FB30A844BD941403C3D6E6395D511112F06708A0143ABC6F83B0B08507162F5E6E0B0DB3F64C726C698B1D84FCF790F21605F3CB7C
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Preview:	<!DOCTYPE html><html><head></head><body><script>.(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var ca="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},m;.if("function"==typeof Object.setPrototypeOf)m=Object.setPrototypeOf;else{var p;a:{var da={i:!0},ia={};try{ia.__proto__=da;p=ia.i;break a}catch(a){}p=!1}m=p?function(a,b){a.__proto__=b;if(a.__proto__!==b)throw new TypeError(a+" is not extensible");return a}:null}var ja=m;.function r(a,b){a.prototype=ca(b.prototype);a.prototype.constructor=a;if(ja)ja(a,b);else for(var c in b)if("prototype"!=c)if(Object.defineProperties){var d=Object.getOwnPropertyDe

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\NewErrorPageTemplate[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1612
Entropy (8bit):	4.869554560514657
Encrypted:	false
SSDEEP:	24:5Y0bQ573pHpACtUZtJD0lFBopZleqw87xTe4D8FaFJ/Doz9AtjJgbCzg:5m73jcJqQep89TEw7Uxkk
MD5:	DFEABDE84792228093A5A270352395B6
SHA1:	E41258C9576721025926326F76063C2305586F76
SHA-256:	77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075
SHA-512:	E256F603E67335151BB709294749794E2E3085F4063C623461A0B3DECBCCA8E620807B707EC9BCBE36DCD7D639C55753DA0495BE85B4AE5FB6BFC52AB4B284FD
Malicious:	false
IE Cache URL:	res://ieframe.dll/NewErrorPageTemplate.css
Preview:	.body..{.. background-repeat: repeat-x;.. background-color: white;.. font-family: "Segoe UI", "verdana", "arial";.. margin: 0em;.. color: #1f1f1f;..}.....mainContent..{.. margin-top:80px;.. width: 700px;.. margin-left: 120px;.. margin-right: 120px;..}.....title..{.. color: #54b0f7;.. font-size: 36px;.. font-weight: 300;.. line-height: 40px;.. margin-bottom: 24px;.. font-family: "Segoe UI", "verdana";.. position: relative;..}.....errorExplanation..{.. color: #000000;.. font-size: 12pt;.. font-family: "Segoe UI", "verdana", "arial";.. text-decoration: none;..}.....taskSection..{.. margin-top: 20px;.. margin-bottom: 28px;.. position: relative; ..}.....tasks..{.. color: #000000;.. font-family: "Segoe UI", "verdana";.. font-weight:200;.. font-size: 12pt;..}....li..{.. margin-top: 8px;..}.....diagnoseButton..{.. outline: none;.. font-size: 9pt;..}.....launchInternetOptionsButton..{.. outline: none;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\YaMN4Oy8AhH-iW3da0J-Nuczn6meMMc-yumwdmwIUIQ[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	21984
Entropy (8bit):	5.5594185274243
Encrypted:	false
SSDEEP:	384:T7PhU5RRSU8QcV74RNeiDhSnK2XYylSohrNsHKTqM0s+LbYHiw52hK0Ud:HkRTcV0ZQNUqShK4QTd
MD5:	C3B7FD6FD68E34D3619107F3C29921D8
SHA1:	91E1FB9AF705728CF2B995E7058B5B8D362F27E2
SHA-256:	61A30DE0ECBC0211FE896DDD6B427E36E7339FA99E30C73ECAE9B0766C085084
SHA-512:	1821103406952E044454C250419656318B5BEB89D70522A154E8016BBD7596763373777AA2EA0A043E47449EBB204CC13D81E59EC24196F8A82F7C3525BC77D1
Malicious:	false
IE Cache URL:	https://pagead2.googlesyndication.com/bg/YaMN4Oy8AhH-iW3da0J-Nuczn6meMMc-yumwdmwIUIQ.js
Preview:	(function(){var J=function(Q,l){if(!(l=(Q=null,v).trustedTypes,l)\|\|!l.createPolicy)return Q;try{Q=l.createPolicy("bg",{createHTML:r,createScript:r,createScriptURL:r})}catch(h){v.console&&v.console.error(h.message)}return Q},r=function(Q){return Q},v=this\|\|self;(0,eval)(function(Q){return(Q=J())&&1===eval(Q.createScript("1"))?function(l){return Q.createScript(l)}:function(l){return""+l}}()(Array(7824*Math.random()\|0).join("\n")+'(function(){var QX,m=function(Q,l){return(l=typeof Q,"object")==l&&null!=Q\|\|"function"==l},R=this\|\|self,lo=function(Q,l){return l<Q?-1:l>Q?1:0},vB=function(Q,l){function v(){}((Q.prototype=(Q.U5=(v.prototype=l.prototype,l).prototype,new v),Q).prototype.constructor=Q,Q).D$=function(h,H,r){for(var J=Array(arguments.length-2),U=2;U<arguments.length;U++)J[U-2]=arguments[U];return l.prototype[H].apply(h,J)}},rg=function(Q){for(Q=0;64>Q;++Q)Z[Q]="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_".charAt(Q),B["ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\_default[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 350 x 66, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	10114
Entropy (8bit):	7.94935968400013
Encrypted:	false
SSDEEP:	192:7Y6X0bi5oGDmtesj2V2cCTWaT6s1/DJjDlL5yD:7kM+y2cUWs1/4D
MD5:	E921A8E1D20BA7F03128EC0A60930A4D
SHA1:	8475ED1BB4E7EB193894E639D5BA4F084C0588A0
SHA-256:	F9A0552056CD5D78776E2A1370C72DE012FDCE189F83F32C7D09689E8ABEEDBC
SHA-512:	66E7CD81F1C74E94F7CA2B62CB2B38278382A4478379AB5432A3D80CE04A7D9F3A5977657AEA4A0E7264A020DEEACA8DD9161AACA9799DBBFADD005BDCF3746C
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/logo/_default.png
Preview:	.PNG........IHDR...^...B......H.N....tEXtSoftware.Adobe ImageReadyq.e<...$iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Macintosh)" xmpMM:InstanceID="xmp.iid:E5C54BFE72FD11E3B68DD6B56002D772" xmpMM:DocumentID="xmp.did:E5C54BFF72FD11E3B68DD6B56002D772"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4C600AFF72FA11E3B68DD6B56002D772" stRef:documentID="xmp.did:4C600B0072FA11E3B68DD6B56002D772"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>3.Z...#.IDATx..}..........oFx (.......b.F...........,&Q.\|nA.q}..+..."qAE....ddgVf......=........bf.....S_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\ads[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.405163895446358
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fRq9tFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2fsnF5Kpp3iZd5F5G
MD5:	6FDE8854813ECEE69AD78CEDDC866BD7
SHA1:	3B91FE06DF763473ED862650570D4BCD316E2269
SHA-256:	DF205F2B2CC3C13C420E809B5642F050074D60725D884BC41F01EF9EBFC177F3
SHA-512:	2F70A86F24CACDD88E7A67E0CDD673D224D567690CE7EBDFF1F37F22664A2DFD642B0430F2F49391D24E3776432691F0C0960C844C0234A509A438D16ED2C157
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417345&rafmt=1&to=qs&pwprc=4778228967&psa=0&format=1200x280&url=https%3A%2F%2Fykm.de%2F&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417344851&bpp=10&bdt=455&idt=288&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=4708315792234&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417345&ga_hid=1361912638&ga_fc=0&u_tz=-480&u_his=2&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=3832476064384589&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=G4HFDHg4kX&p=https%3A//ykm.de&dtd=377
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"CIval7WvlO4CFay83godDkUD3w"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\ads[2].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556388878043573
Encrypted:	false
SSDEEP:	192:TtjY0I6p44JlVyjORGpM8O6njXIVhSa0pZrPhoG8FZ7BGUSczOZeYmfJ5iJRLJxP:TG0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI
MD5:	524C4EB9FD782257406546FF4F14F138
SHA1:	DCC91AFF7289F7743B2BB8BDA1D58B528530C015
SHA-256:	0D23F4A226212BD190A27972F8DCCD95180C79AFD6BC1AF982DE12722E1454D1
SHA-512:	1AEDEC383BD77152B8DDCE5E1D2E1ABB97E0B9B53E213E491F09B6D769D53C68CBBAF6A5F23E871A957AF3668611AEB7EE14D984160D25AE85CA084559E9901A
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417356&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Fbookmarklet.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417355288&bpp=567&bdt=1174&idt=1315&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=3148513740256&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417357&ga_hid=1239670737&ga_fc=0&u_tz=-480&u_his=6&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068084%2C21068769&oid=3&pvsid=3892857858872053&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C86%2C0%2C86%2C1280%2C%2C1280%2C906%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=1621
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1263,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\ads[3].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.410555385397081
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fR5StFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2f/aF5Kpp3iZd5F5G
MD5:	EA86EFF9D8EF76BCAE90D7E71D4C822F
SHA1:	ABB6E2B4B846DDB6B422F284B48732CD9C3BE590
SHA-256:	62B9198CC6EBAE7EEC6AFF94207654F9BCCA28F0EC01DC7B354ED73BCC50954D
SHA-512:	D91C669A553C8072DC9537C549E761A04F3055E1B8165C6354833842C2421D5788C8035E37A730BAA989F75174471404DC339F575EC4F510A7D537FD782FAF5A
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417357&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Fbookmarklet.html&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417355859&bpp=199&bdt=1738&idt=1062&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=3148513740256&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417357&ga_hid=1239670737&ga_fc=0&u_tz=-480&u_his=6&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068084%2C21068769&oid=3&pvsid=3892857858872053&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=tPjHeGrQq6&p=https%3A//ykm.de&dtd=1467
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"CMTn-rqvlO4CFVl84AodyToH1Q"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\analytics[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	47051
Entropy (8bit):	5.516264124030958
Encrypted:	false
SSDEEP:	768:ryOveCSBZfsnt5XqY/yPndFTkoWY3SoavqVy2rlebYUDTJC6g0stZm:ryJNDfs5hYdFTwY3SorSg0su
MD5:	53EE95B384D866E8692BB1AEF923B763
SHA1:	A82812B87B667D32A8E51514C578A5175EDD94B4
SHA-256:	E441C3E2771625BA05630AB464275136A82C99650EE2145CA5AA9853BEDEB01B
SHA-512:	C1F98A09A102BB1E87BFDF825A725B0E2CC1DBEDB613D1BD9E8FD9D8FD8B145104D5F4CACA44D96DB14AC20F2F51B4C653278BFC87556E7F00E48A5FA6231FAD
Malicious:	false
IE Cache URL:	https://www.google-analytics.com/analytics.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var l=this\|\|self,m=function(a,b){a=a.split(".");var c=l;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};var q=function(a,b){for(var c in b)b.hasOwnProperty(c)&&(a[c]=b[c])},r=function(a){for(var b in a)if(a.hasOwnProperty(b))return!0;return!1};var t=/^(?:(?:https?\|mailto\|ftp):\|[^:/?#]*(?:[/?#]\|$))/i;var u=window,v=document,w=function(a,b){v.addEventListener?v.addEventListener(a,b,!1):v.attachEvent&&v.attachEvent("on"+a,b)};var x={},y=function(){x.TAGGING=x.TAGGING\|\|[];x.TAGGING[1]=!0};var z=/:[0-9]+$/,A=function(a,b,c){a=a.split("&");for(var d=0;d<a.length;d++){var e=a[d].split("=");if(decodeURIComponent(e[0]).replace(/\+/g," ")===b)return b=e.slice(1).join("="),c?b:decodeURIComponent(b).replace(/\+/g," ")}},D=function(a,b){b&&(b=String(b).toLowerCase());if("p

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\arr-right-mini[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 4 x 7, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1019
Entropy (8bit):	5.86282245201599
Encrypted:	false
SSDEEP:	24:b01hpunQWwylZ82lYSqMHYWV0+T3+yJ7m13aGVqc:b6itinNu/2+hJ7+3a0qc
MD5:	DD53CD84ACD58C9BBCBC4CFBB8A09C2E
SHA1:	C00D2715257A82F112C3A0CF0EF78C6BE8DD95E4
SHA-256:	D2338264D0A534C6C39C080C07CF773E613E3C769CEF96E5E6529F0988FFBDCB
SHA-512:	9E4F0204547D0F13991A8021DE628BEE05ABB2DF988C1D14341593F5B6FF22BDB3E32DF6FD8C1C7441B1D7009819D4E15D307655F71F526202609591E92EB38F
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/img/arr-right-mini.png
Preview:	.PNG........IHDR............./e......tEXtSoftware.Adobe ImageReadyq.e<...kiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:DocumentID="xmp.did:43042CA3FCC811E1A539F73B60535F15" xmpMM:InstanceID="xmp.iid:43042CA2FCC811E1A539F73B60535F15" xmp:CreatorTool="Adobe Photoshop CS3 Macintosh"> <xmpMM:DerivedFrom stRef:instanceID="uuid:3E695737A39CDD11AB88C712DCA05FFB" stRef:documentID="uuid:9A4888C3A09CDD11AB88C712DCA05FFB"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......&IDATx.b```....?..C.$A8.N.p.4~.(f.0@....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bootstrap-responsive[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	15263
Entropy (8bit):	4.90662225040839
Encrypted:	false
SSDEEP:	384:Y5tfL5ewutv5+D9XiRCSzrzoQodya315rEn55eZzhPX:kowutv5+D9XisSz7odya315rEnTUzhPX
MD5:	21E43C8235EAB669CE02B795D804D4EE
SHA1:	CCB63D92C825CDE70D0745EC9455ED676A6C7B57
SHA-256:	D9BF9BCBD42D52FBB94B6468ECAA7B038C6F5B8A76D807960A214E61E84166E9
SHA-512:	F3D0B453B46EA5B83161D94CB4B4FA4A51EB9007A697AB0625300712B469FE9D139E06BC137405E0CD2E0B2C6BF9D7F9CB726348971384052254E386668369A4
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css
Preview:	/!.. Bootstrap Responsive v2.2.2.. .. Copyright 2012 Twitter, Inc.. * Licensed under the Apache License v2.0.. * http://www.apache.org/licenses/LICENSE-2.0.. .. Designed and built with all the love in the world @twitter by @mdo and @fat... /.....clearfix {.. zoom: 1;..}.....clearfix:before,...clearfix:after {.. display: table;.. content: "";..}.....clearfix:after {.. clear: both;..}.....hide-text {.. font: 0/0 a;.. color: transparent;.. text-shadow: none;.. background-color: transparent;.. border: 0;..}.....input-block-level {.. display: block;.. width: 100%;.. min-height: 28px;.. -webkit-box-sizing: border-box;.. -moz-box-sizing: border-box;.. -ms-box-sizing: border-box;.. box-sizing: border-box;..}.....hidden {.. display: none;.. visibility: hidden;..}.....visible-phone {.. display: none !important;..}.....visible-tablet {.. display: none !important;..}.....hidden-desktop {.. display: none !important;..}....@media (max-width: 767px) {..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bootstrap.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	31601
Entropy (8bit):	5.007153998946497
Encrypted:	false
SSDEEP:	768:DOJFNV1BvGUXPY4GEhsLGV83mzGBsTDHekXMt2qmwho62Zs:DA1gUXPQgqBx
MD5:	562415B628859EADE00978C537CA6DF6
SHA1:	FCDE81A736C86C0215BBB3863EF07E798A27B72B
SHA-256:	D37880E1CEBD4F4DF68E26475D8FCF50E43C7E83921E3C69627797F1861AFE3B
SHA-512:	68761736CA5BDB254C473C3E043ED57D44B81CB5A73A947D374CF25640DDB07E6151E0579AE211CFD97E25C08A6D53EE2C4F506BEBB6F12F806DD27479741A24
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/theme/bootstrap.min.js
Preview:	/!.. Bootstrap.js by @fat & @mdo..* Copyright 2012 Twitter, Inc...* http://www.apache.org/licenses/LICENSE-2.0.txt../..!function($){"use strict";$(function(){$.support.transition=function(){var transitionEnd=function(){var name,el=document.createElement("bootstrap"),transEndEventNames={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(name in transEndEventNames)if(void 0!==el.style[name])return transEndEventNames[name]}();return transitionEnd&&{end:transitionEnd}}()})}(window.jQuery),!function($){"use strict";var dismiss='[data-dismiss="alert"]',Alert=function(el){$(el).on("click",dismiss,this.close)};Alert.prototype.close=function(e){function removeElement(){$parent.trigger("closed").remove()}var $parent,$this=$(this),selector=$this.attr("data-target");selector\|\|(selector=$this.attr("href"),selector=selector&&selector.replace(/.(?=#[^\s]*$)/,"")),$parent=$(selector),e&&e.preventDefault()

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\bootstrap[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	130253
Entropy (8bit):	5.118690248284717
Encrypted:	false
SSDEEP:	768:CoePsKjF89RnUcZyjixUKPfZPtGR1sqYGRdoi:CoeEH9RTl3TGRmji
MD5:	B047B1FCCD40B148EF9068F20FA168A3
SHA1:	272E21835187B78FFF797B1DFD40B9B8E7F72C1D
SHA-256:	9941B266507324255374ABD0339654F182DA08BF75E0411E26F89D0BB8B5722C
SHA-512:	E0A104A77800E089FE216BA8A9788A79F42B7B0B7892653AA342926B97B34942067489435667790D944E8CC354883526B5D2A41B87FBA5AA6281E700DBB863A8
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/bootstrap.css
Preview:	/!.. Bootstrap v2.2.2.. .. Copyright 2012 Twitter, Inc.. * Licensed under the Apache License v2.0.. * http://www.apache.org/licenses/LICENSE-2.0.. .. Designed and built with all the love in the world @twitter by @mdo and @fat... /....article,..aside,..details,..figcaption,..figure,..footer,..header,..hgroup,..nav,..section {.. display: block;..}....audio,..canvas,..video {.. display: inline-block;.. display: inline;.. *zoom: 1;..}....audio:not([controls]) {.. display: none;..}....html {.. font-size: 100%;.. -webkit-text-size-adjust: 100%;.. -ms-text-size-adjust: 100%;..}....a:focus {.. outline: thin dotted #333;.. outline: 5px auto -webkit-focus-ring-color;.. outline-offset: -2px;..}....a:hover,..a:active {.. outline: 0;..}....sub,..sup {.. position: relative;.. font-size: 75%;.. line-height: 0;.. vertical-align: baseline;..}....sup {.. top: -0.5em;..}....sub {.. bottom: -0.25em;..}....img {.. width: auto\9;.. height: auto;.. max-width: 100%;.. vert

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\de[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	545
Entropy (8bit):	6.8751191017236
Encrypted:	false
SSDEEP:	12:6v/7s3LI5gBNUwbrGppm1h6DjFuTkkATIi4sLOsltL8c:Q5WH/SQ1h6DjFuTtQ4zsboc
MD5:	DDABAE687ECAE5EDAAEB808D440543E6
SHA1:	1DAF2D67CCAA5BE01A330A231AC996A9D5575594
SHA-256:	3323814006FE6739493D27057954941830B59EFF37EBAAC994310E17C522DD57
SHA-512:	5BFBE453E635EDE38A7E495BADB349A2EBAA152A794D26D5B69B657F8E8FD5188436542BFE8C35D0C1117C3A25500D0404069D4B854FAECE914E07684D07A928
Malicious:	false
IE Cache URL:	https://ykm.de/admin/assets/images/icons/flags/de.png
Preview:	.PNG........IHDR................n....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b..qf.....?.f._.............p...b...{qq9........./..........~.^.n5@..011.U.8y.$.....?A..~......N@....".. ..,X.._.@:~.."...?~.........@....Ne..@b.....@.....7...h4.LVg.2-...K..,..z..#............2..........P.`.@..;D?H%..@...1..?.....?.........T...../..@....b`P................P..I.......@...a...b...._...A.*...$...B..$..b`...a...........?...FL...A..........@....@..@....... .X~.e.3o.?.6f...A1.......?`@03...b.21..........@...wt...._X....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dnserror[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	dropped
Size (bytes):	2997
Entropy (8bit):	4.4885437940628465
Encrypted:	false
SSDEEP:	48:u7u5V4VyhhV2lFUW29vj0RkpNc7KpAP8Rra:vIlJ6G7Ao8Ra
MD5:	2DC61EB461DA1436F5D22BCE51425660
SHA1:	E1B79BCAB0F073868079D807FAEC669596DC46C1
SHA-256:	ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
SHA-512:	A88BECB4FBDDC5AFC55E4DC0135AF714A3EEC4A63810AE5A989F2CECB824A686165D3CEDB8CBD8F35C7E5B9F4136C29DEA32736AABB451FE8088B978B493AC6D
Malicious:	false
Preview:	.<!DOCTYPE HTML>..<html>.. <head>.. <link rel="stylesheet" type="text/css" href="NewErrorPageTemplate.css" >.. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>Can’t reach this page</title>.. <script src="errorPageStrings.js" language="javascript" type="text/javascript">.. </script>.. <script src="httpErrorPagesScripts.js" language="javascript" type="text/javascript">.. </script>.. </head>.... <body onLoad="getInfo(); initMoreInfo('infoBlockID');">.. <div id="contentContainer" class="mainContent">.. <div id="mainTitle" class="title">Can’t reach this page</div>.. <div class="taskSection" id="taskSection">.. <ul id="cantDisplayTasks" class="tasks">.. <li id="task1-1">Make sure the web address <span id="webpage" class="webpageURL"></span>is correct</li>.. <li id="task1-2">Search for this site on Bing</li>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\down[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 15 x 15, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	748
Entropy (8bit):	7.249606135668305
Encrypted:	false
SSDEEP:	12:6v/7/2QeZ7HVJ6o6yiq1p4tSQfAVFcm6R2HkZuU4fB4CsY4NJlrvMezoW2uONroc:GeZ6oLiqkbDuU4fqzTrvMeBBlE
MD5:	C4F558C4C8B56858F15C09037CD6625A
SHA1:	EE497CC061D6A7A59BB66DEFEA65F9A8145BA240
SHA-256:	39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781
SHA-512:	D60353D3FBEA2992D96795BA30B20727B022B9164B2094B922921D33CA7CE1634713693AC191F8F5708954544F7648F4840BCD5B62CB6A032EF292A8B0E52A44
Malicious:	false
Preview:	.PNG........IHDR...............ex....PLTE....W..W..W..W..W..W..W..W..W..W..W..W..W.U..............W..W.!Y.#Z.$\.'].<r.=s.P..Q..Q..U..o..p..r..x..z..~.............................................b.............................................................................................................................................................................................................$..s...7tRNS.a.o(,.s....e......q*...................................F.Z....IDATx^%.S..@.C..jm.mTk...m.?\|;.y..S....F.t...,.......D.>..LpX=f.M...H4........=...=..xy.[h..7....7.....<.q.kH....#+....I..z.....'.ksC...X<.+..J>....%3BmqaV...h..Z._.:<.Y_jG...vN^.<>.Nu.u@.....M....?...1D.m~)s8..&....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\f[1].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	271185
Entropy (8bit):	5.526807337793055
Encrypted:	false
SSDEEP:	3072:5SocAkHIGEs9PaRUoKcXPao1i7lHjeidORuSocAkHIGE29PaRUoKcXPao1i7lHjl:uponKcCMi7lDeBRhpoVKcCMi7lDeBR2
MD5:	07A470B6DFACA905FCE9F43C1886E2D2
SHA1:	00131CFBBA873AB6616F7AB24C64252EC261FA59
SHA-256:	91DB2CBF8EFE4EA26AF0E0F126F4C5E948126ED9350E42928E30B6D5F9E5C692
SHA-512:	7A86DE1CF83B0A0F6D729E42B30F4E3947BFF930BBF6B256C4098E4BD7E27A2E590287FD93398A31B701AB5E2C3C48BA3114C6F556C1A80225A1B6C247422EDC
Malicious:	false
Preview:	(function(){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var n;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a}; .function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var da=ca(this),ea="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),q={},fa={};function t(a,b){var c=fa[b];if(null==c)return a[b];c=a[c];return void 0!==c?c:a[b]} .function x(a,b,c){if(b)a:{var d=a.split(".");a=1===d.length;var e=d[0],f;!a&&e in q?f=q:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=ea&&"es6"===c?f[d]:null;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\favicon[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors
Category:	downloaded
Size (bytes):	1078
Entropy (8bit):	1.6703658928570473
Encrypted:	false
SSDEEP:	3:etFEh9HYflvlNl/AXll1pe//k0pk0pk0pk0pk0pk0pk0pk0pk0pk0pk0pk0pk0pn:QNtdFlclKVRn
MD5:	9FF1B0ADC3F708079403DA950BCD9B45
SHA1:	2EEB10C9033EEB7A5DA3131612324289CE7D2467
SHA-256:	084BFA7389098FAEC2BBA0B2F92186219845B0863A8B6F4DF10DB595F1058D60
SHA-512:	9161AA6ABB77597F75B139F20439ED22CD8AA17925852284CF112187F5D6780E4F7E0ADDD198E43B9CAD5E7C7E6966B1705211BE1E949CAA340449C08911B977
Malicious:	false
IE Cache URL:	https://ykm.de/favicon.ico
Preview:	..............(...&... ..........N...(....... ...............................................................................................................................................................................................................................................................................................(... ...@.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\fonts[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2756
Entropy (8bit):	5.358525023836259
Encrypted:	false
SSDEEP:	48:SOWo8j23yOLo8A23oOxTodk23YOCovC23PcS6Ow6ozo2344Y3QWoKl238gY3QLov:SOWeiOL54OxTSIOCq36Ow6oNYgWQMgYv
MD5:	A42D87C2FA348A0D0AA7A6415DCBF169
SHA1:	F0FAAD1BF08E071B1C69FCAEC197B3FC3D73B150
SHA-256:	36106A5D22FC9F434BBFD8D601EB933D4ABA6A3BD3064F3E88040FE77D89F391
SHA-512:	7959E6CB0875342990F985C0CA9A71EA8BBF7268E37DE0708580E760B4EE57D6DE27327E19C7CA857BA1ADAF8CD1D599AE1B9B6EE8E6DAFA3642B123CBBFAF87
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/fonts.css
Preview:	@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. src: local('Open Sans Light'), local('OpenSans-Light'), url(//themes.googleusercontent.com/static/fonts/opensans/v6/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff) format('woff');.}.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. src: local('Open Sans'), local('OpenSans'), url(//themes.googleusercontent.com/static/fonts/opensans/v6/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff) format('woff');.}.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 600;. src: local('Open Sans Semibold'), local('OpenSans-Semibold'), url(//themes.googleusercontent.com/static/fonts/opensans/v6/MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff) format('woff');.}.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 700;. src: local('Open Sans Bold'), local('OpenSans-Bold'), url(//themes.googleusercontent.com/static/fonts/opensans/v6/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	75311
Entropy (8bit):	4.936439147996216
Encrypted:	false
SSDEEP:	768:NSf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkenna+:Nptur+2qW2lJTo2+jMRHUnkvPhEBX7B
MD5:	72F06A4700874345C6DF1AA9FB1C21E6
SHA1:	E289B00CA6563BFD716A9B7B3FEAC0FCF2CD15B8
SHA-256:	222148358721A8E5F8D1411EB3663796711DFEF11FDABAB98156908AEF049A55
SHA-512:	F306ED43912BE071DE6B208A11A1741BD70710363F4064B0F45570240263E1F9C04F2235FD40CB6640928AAE76FAB5535C297CD1F6E448A43A7A75B24DF78155
Malicious:	false
IE Cache URL:	https://ykm.de/index.html?_t=English+%28en%29
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Create short url - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Create short urls from your longer website urls. No registration required. Completely free to use." />. <meta name="keywords" content="shorturl, short, url, tiny, href, link, path, twitter, post, facebook, longurl" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index[2].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	60708
Entropy (8bit):	4.894718574210675
Encrypted:	false
SSDEEP:	768:y8/+h2pN522GGH7yfY06GWECuup7WDctQO3DaUHg10J3o2+jMbQsSlI+kOlPo8tX:y8WY7H/uupj2UfJ3o2+jMDujhEBGzz
MD5:	24B57A440593FB16DB1D418937AC4B52
SHA1:	C16C65680B18BCFA99E7607020B04AC6FA49AF38
SHA-256:	C263F9636E6DC26A81104162EF3816BDA937B13AA186577551FEF0D070D68680
SHA-512:	EB8400809931049034393DDA103D41D23692AB6611FA5006A3204FC9A9DFFBBDBE020F7FDB21D3D723736AF4693C1735DFAE96333DC849788EE8EFAD38A14B70
Malicious:	false
IE Cache URL:	https://ykm.de/index.html?_t=Deutsch+%28de%29
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Erstelle Short URL - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Erstelle kostenlose Short URL.s aus Deinen bestehenden Website URLs. Eine Registrierung ist nicht n.tig." />. <meta name="keywords" content="shorturl, short, url, tiny, href, link, path, twitter, post, facebook, longurl, ykm.de" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jquery.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	268381
Entropy (8bit):	5.072141999174343
Encrypted:	false
SSDEEP:	6144:UvD8eq9mPKl4OfKcknEHZciGhjZPdDwjdwTJFPk78vmAnhZSxwI14i:UE4OfcaZhfOeATG14i
MD5:	08C235D357750C657AC1DB7D1CF656A9
SHA1:	9257AFD2D46C3A189EC0D40A45722701D47E9CA5
SHA-256:	7BD80D06C01C0340C1B9159B9B4A197DB882CA18CBAC8E9B9AA025E68F998D40
SHA-512:	D62700E7A1FF41F9D6326CA024BA2BE1D391BC8FBB2AEAE0F427D74837899B230940BF7C2DF3D193F5300A68BB3686706D4C31328234B5CDA026A1BF52EF9E70
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/jquery.min.js
Preview:	/!. jQuery JavaScript Library v1.9.1. * http://jquery.com/. . Includes Sizzle.js. * http://sizzlejs.com/. . Copyright 2005, 2012 jQuery Foundation, Inc. and other contributors. * Released under the MIT license. * http://jquery.org/license. . Date: 2013-2-4. */.(function( window, undefined ) {..// Can't do this because several apps including ASP.NET trace.// the stack via arguments.caller.callee and Firefox dies if.// you try to trace through "use strict" call chains. (#13335).// Support: Firefox 18+.//"use strict";.var..// The deferred used on DOM ready..readyList,...// A central reference to the root jQuery(document)..rootjQuery,...// Support: IE<9..// For `typeof node.method` instead of `node.method !== undefined`..core_strundefined = typeof undefined,...// Use the correct document accordingly with window argument (sandbox)..document = window.document,..location = window.location,...// Map over jQuery in case of overwrite.._jQuery = window.jQuery,...// Map over the $ in c

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22748, version 1.1
Category:	downloaded
Size (bytes):	22748
Entropy (8bit):	7.974510041396077
Encrypted:	false
SSDEEP:	384:DUhV65+QZ9V10EgArAjWkyJeCduRMTE7EQDhovgra6bBvshb6dddddvDj4c:DUj659ZSaAjWkyJeCduRMUYUb5Ib48c
MD5:	49A3D5AFD563A8A3BBEDBF0D0632122D
SHA1:	48E4BFA29B019EE7F1F5A4215BE15AF87AD52DBD
SHA-256:	CD0E6F9FBE497B6A0346FDE3934CBCBD7C557A334C27BB34E69C7ED430ED4A45
SHA-512:	9007970C75565D9F6C67431D05FFB104C22FC7656A04DA5DA47A6B2169A0B17D68B852C1E3285673C0FB27BC9B1212356C765DBBF7BC38C36CA6898277790972
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
Preview:	wOFF......X.................................FFTM...l........\._"OS/2.......^...`.t.Bcmap.......h.......cvt ...P...].....-..fpgm............s.ugasp...d............glyf...p..8...Wd`...head..AT...4...6.C..hhea..A........$....hmtx..A........X..J.kern..C.......#.....loca..Q.............maxp..Sp... ... .O.<name..S........-...post..Vx...x....x..prep..W............k.........o1.....B.........Px.c`f.a......:....Q.B3_dHc.................B4.....3.:.;3(0((.a..'.........8.$....H....@....x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J..j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g``..$KY...e@.,q@.j...o@<..O.D.u.................c .p@..........3lbd.....-.}.M...!...!....x..U.O.G..Y..0d.....2.].vI...Jaj{..nZ.A.%=.A...r.Z.=..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\options[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	11328
Entropy (8bit):	5.124248379872691
Encrypted:	false
SSDEEP:	96:DpplPE/WQl/TzqyU1JgIwxIA7bFcZYf9g9B9nc2d+EChrXEfIWHJE9yDTeh6htGG:D8zkvDAS/qJbTZw
MD5:	1014D6EC4EEBA0B9E1569ED8BF67755F
SHA1:	F71E6A7D3E665103277A1C7DED1414BC5C225CF2
SHA-256:	876B5B972D3E5472167CAEEB01F398464FB7C4C2F48B898936F2F61084FD42C4
SHA-512:	6DDC50F0637A0B71381CE800FBED4703B2E6E604D95B706E022863698B7584584E59EA29869DAE2163C7B03DE60407B6DAF302E2EF38B6B8C5A12CCB7F0B6F20
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/options.css
Preview:	........wide_cont { max-width:1240px !important; margin:0px auto; box-shadow:0px 0px 3px #b4b4b4 !important;}..body {.. background: #fdfdfd url("../../images/diagonal-noise.png") fixed !important;..}.......caption.commander_heading{.color:#0097CA;}...caption.commander_small_heading{ color:#0097CA;}....a { color: #0097CA;}..a:hover {color:#000000;}.....wide_cont {background-color:#fdfdfd;}.....colored {color: #0097CA !important;}...top_line {background-color: #F12635 !important; background-image: url("") !important;}...top_line p {color: #FFFFFF !important;}...top_line a {color: #FFFFFF !important;}...top_line a:hover {color: #FFFFFF !important;}.....page_head {padding-top: 0px !important;.. padding-bottom: 0px !important;.. background-image: url("") !important;.. background-color: #F9F9F9 !important;..}...logo {margin: 10px 0 !important;}...page_head .menu {margin-top: 0px !important; }...page_head .menu li { margin-left:0px !important;.background

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\register[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	68336
Entropy (8bit):	4.964411578671296
Encrypted:	false
SSDEEP:	768:nSf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkennaG:nptur+2qW2lJTo2+jMRHUnkRdrrhgX7B
MD5:	B183187BB0A97FA5AF12CD060B8C7580
SHA1:	C82B88EF6A6C0671A1802673EC964F95671CA766
SHA-256:	E5A5F55A6BA1F3713F0A6622425CC02BB7E28DBBF65B7A47D8B81F16958DE0E9
SHA-512:	A537886E51345C81B094582F02D3C917B383312F95DE8C15EA8B6E27F6EFFD062597519B73C263013E41617BC6078B9E3B57BBF216725A5A08732E67C8279095
Malicious:	false
IE Cache URL:	https://ykm.de/register.html
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Register - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Register for an account" />. <meta name="keywords" content="register, account, short, url, user" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/wide_layout.css" rel="stylesheet"/>. <link href="https://ykm.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\twitter_icon[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1570
Entropy (8bit):	7.816228686227136
Encrypted:	false
SSDEEP:	48:iP/6KkXyXTkNyy/07hxGH02nswe0rQIU98:i/XjXQA7GUUsweAx9
MD5:	51CA3F8E3385E8A47859E246D65D74DA
SHA1:	C8FB0122C2CDCD27D7D92272A05F8A477E789A81
SHA-256:	A291FBD6A29B44AAEE1BAFCD5974028181BF056B627C95B2DBB841E3EA9F4F16
SHA-512:	47968ABF2220DE33A609C2D1CDB22C3516F89E32948D6B609CFE3FC337A1FC628137DA07E581772D514B73EA3AF79C73052BD087D9A44277651930E47F2D6AD9
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/twitter_icon.png
Preview:	.PNG........IHDR...............c....sBIT....\|.d.....pHYs...........~.....tEXtCreation Time.18/01/2010..H....tEXtSoftware.Adobe FireworksO..N...\|IDATH.e.k.]W...k..s.sg.tLg....J}5.-...A.T..(Z...CQT.+.........`..........".i...i.:s..;s.....9w.I.a..c......Zk..1.....uS.L...H!.. {.v.-..8.v.../.y...bf.#?.O<..o..]...$.....ME...z..(0..o...~.....+v.C&f..?..so;.\|..:.n.LC..N.(.P.D`!RTnC....R....1.\..}...Z..{V.{..#.]m...6&d.P.q......w.y...../..D.'..Y.w..2............g..n..B,.....4#._x.[........K)G;1?.:D..f...A.0...e..H......\|...,. ....x.H......Rn.....9.-$l.i0.!.......LC.V.\4........XkF8..[.~....=.1..Z......K23....J_0.@..PsUg;.....B.f...lqb..H.>.p.7......R'..j.....&.wh4.l..Ue..`....f.J.....Z15H..Xi..(.^..FE..40.Lyqc.(.0.<.0.. ...iUJr ...\.!.\M....8.../58....1.....0G..q...$.....FR....^.....+....(Y0Z.:G..S"..("J..D.X......Jya./..@D8V#....c..T.UA.#..YP..P=......0h....%.=$.h;a^...>....S....AE...(N.G...9.o...VbEo)'.2..z...=.p...dV..E.H......*D23bL<LJ..zv.hE

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\us[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	609
Entropy (8bit):	7.201602309090487
Encrypted:	false
SSDEEP:	12:6v/7s3LJ3ieymUGK3y3b9M7eGUMCDU3M2fRtL7Mh/hW+/URN/6/lN:3TUl3yr9MTvHLf7OpW+8K7
MD5:	968591E0050981BE9FA94BD2597AFB48
SHA1:	DD9E149E2B5AD59DD8B4B262F5FDEB5CC10ECF43
SHA-256:	36CCE5CAE3D2E0045B2B2B6CBFFDAD7A0ABA3E99919CC219BBF0578EFDC45585
SHA-512:	BA8E09654CFF264D428B1B3CF6DF764699C6A754F2DB329643881FB75CC8647A9C2777F05BB8C0D81B9D648D345796FFDB14FD231E2BB1CAF71530098D12F219
Malicious:	false
IE Cache URL:	https://ykm.de/admin/assets/images/icons/flags/us.png
Preview:	.PNG........IHDR................n....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.bLN?.....1........?..%.....o^......P. ..rn....@..+0.Dc.0P,J...e..>.{.2}R..j..L...{D...`....b.j...X~.....@......A.....e.fx....G./...}c..q..@..m..4.h.}.._.ZU.\|...~......>}....w..y..o../.N.<..@,.....wof...k.....-.W.~..z.+n..`./_....../..?W....Cr....m.~~..........>~....+..W.^.\|.........e.@....d...?...[..../.......i............'......7.... .G..JJ..-..t.........!...0e....b.^0..#.i../_2\|..t1......._....@.K...... .[....}fe........q.Q..?....b`x...?.I......U..?(.?A"...?..>30\|...`.D. ....[..0.+....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\IUE4OCQZ.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	75311
Entropy (8bit):	4.936439147996216
Encrypted:	false
SSDEEP:	768:NSf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkenna+:Nptur+2qW2lJTo2+jMRHUnkvPhEBX7B
MD5:	72F06A4700874345C6DF1AA9FB1C21E6
SHA1:	E289B00CA6563BFD716A9B7B3FEAC0FCF2CD15B8
SHA-256:	222148358721A8E5F8D1411EB3663796711DFEF11FDABAB98156908AEF049A55
SHA-512:	F306ED43912BE071DE6B208A11A1741BD70710363F4064B0F45570240263E1F9C04F2235FD40CB6640928AAE76FAB5535C297CD1F6E448A43A7A75B24DF78155
Malicious:	false
IE Cache URL:	https://ykm.de/
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Create short url - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Create short urls from your longer website urls. No registration required. Completely free to use." />. <meta name="keywords" content="shorturl, short, url, tiny, href, link, path, twitter, post, facebook, longurl" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\NewErrorPageTemplate[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	dropped
Size (bytes):	1612
Entropy (8bit):	4.869554560514657
Encrypted:	false
SSDEEP:	24:5Y0bQ573pHpACtUZtJD0lFBopZleqw87xTe4D8FaFJ/Doz9AtjJgbCzg:5m73jcJqQep89TEw7Uxkk
MD5:	DFEABDE84792228093A5A270352395B6
SHA1:	E41258C9576721025926326F76063C2305586F76
SHA-256:	77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075
SHA-512:	E256F603E67335151BB709294749794E2E3085F4063C623461A0B3DECBCCA8E620807B707EC9BCBE36DCD7D639C55753DA0495BE85B4AE5FB6BFC52AB4B284FD
Malicious:	false
Preview:	.body..{.. background-repeat: repeat-x;.. background-color: white;.. font-family: "Segoe UI", "verdana", "arial";.. margin: 0em;.. color: #1f1f1f;..}.....mainContent..{.. margin-top:80px;.. width: 700px;.. margin-left: 120px;.. margin-right: 120px;..}.....title..{.. color: #54b0f7;.. font-size: 36px;.. font-weight: 300;.. line-height: 40px;.. margin-bottom: 24px;.. font-family: "Segoe UI", "verdana";.. position: relative;..}.....errorExplanation..{.. color: #000000;.. font-size: 12pt;.. font-family: "Segoe UI", "verdana", "arial";.. text-decoration: none;..}.....taskSection..{.. margin-top: 20px;.. margin-bottom: 28px;.. position: relative; ..}.....tasks..{.. color: #000000;.. font-family: "Segoe UI", "verdana";.. font-weight:200;.. font-size: 12pt;..}....li..{.. margin-top: 8px;..}.....diagnoseButton..{.. outline: none;.. font-size: 9pt;..}.....launchInternetOptionsButton..{.. outline: none;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21184, version 1.1
Category:	downloaded
Size (bytes):	21184
Entropy (8bit):	7.970096608596562
Encrypted:	false
SSDEEP:	384:+UR65+ANmq916qjceU024ty3IzD3nnG52TDroQX3qpPshb6dddddvT67pcfg:+UR658q91H1VK3IX3nGUlXa5IbP8g
MD5:	7E6BD757C25345E2DDD6C1B2D04BF9E1
SHA1:	8B5F8192C734F7A696391DE9637A19F6FDDFD853
SHA-256:	88C27F2A933B428F5A13403157E395A9D869D176C8DD256A5F28A042E4F863B4
SHA-512:	943EB2D14EA5B898FD639A3B97DEEF201572E9BC250710A124E82EB7D39F6ABFF37C1B05216BD1E40F6CB9C62D1F426ADBC9F12556403A753536AB726A3EACED
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0.woff
Preview:	wOFF......R.................................FFTM...l........\..OS/2.......]...`.x..cmap.......h.......cvt ...P...b.....g.ifpgm............s.ugasp...h............glyf...t..2...I.\|..ohead..;....4...6....hhea..;4...!...$.x..hmtx..;X.......X..0.kern..=l......#.....loca..K.........s.a.maxp..M0... ... .V..name..MP.......~^.k.post..PP...y....l..prep..Q.....................o1.....cI........Rx.c`f.g......:....Q.B3_dHcb```..`cfeabby....A!.(.............k....0.p.2E(00....n.R@..{......x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c..$KY...e@.,q........x........3...........%..=.d.......#..6.e..L@6.3.e.....1._....#...x..U.O.G..Y..0d.....2.].vI...Jaj{..nZ.A.%=.A...r.Z

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\PRmiXeptR36kaC0GEAetxn5HxGBcBvicCpTp6spHfNo[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21252, version 1.1
Category:	downloaded
Size (bytes):	21252
Entropy (8bit):	7.969913560662711
Encrypted:	false
SSDEEP:	384:FURzNtKzELeQPM5abidbX0wyze6BTM2h3shb6dddddv6sxeXSPEw:FUR5tKICQPsa2bwdN5Ibe8m
MD5:	C15FD9FDF231992B8BF96CC88E3B00C5
SHA1:	2578DA01E98CCE98AFB94742ED146B31AEFC8F15
SHA-256:	868A21C493DF0E5DA1622B319E915303B1AA2B72F3CB836057EED5699F522693
SHA-512:	09F7B91DC1D5FBE720589E3B8D58A67A3AF6E06F1C8CD4C820EEC00865C0998D730B1529A7F3B60E0721FD4D4002A3BF13143ECF4F9A786F404BF4C00AFD9CDA
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/PRmiXeptR36kaC0GEAetxn5HxGBcBvicCpTp6spHfNo.woff
Preview:	wOFF......S........\........................FFTM...l........\.,OS/2.......]...`....cmap.......h.......cvt ...P...^........fpgm............~a..gasp...\............glyf...h..2...H.S...head..:....4...6....hhea..;$...!...$.[..hmtx..;H.......X..9.kern..=h......#.....loca..K\|........U.DPmaxp..M,... ... .i..name..ML...1...,....post..P....y....l..prep..Q.........x..%.........o1.....cH........dx.c`f.g.``e.`..j...(.../2.11000q..1s.01.<``z........b.C.`g.E...5l..D.Z8z.".....X.X..) ..L..>...x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c..$KY...e@.,A.".m....x........3........[.o....=.d...u.a......S....G..3.b..h...."...x.uU.S.F......"S.0.!.n..`.t..@)lm..u.b.3+.A"&cz.C...H

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ads[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14107
Entropy (8bit):	5.556725325036768
Encrypted:	false
SSDEEP:	192:TFjY0I6p44JlVyjORGpM8O6njXIVhSa0pZrPhoG8FZ7BGUSczOZeYmfJ5iJRLJxP:Tu0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI
MD5:	FCD905D8C32B987D33570FCC159215B3
SHA1:	CAFF32AE72A99201F474C000FCB380EE32601093
SHA-256:	8B8A9312DB1108941665F2F689D4D8A433AD05685A343ED23D7B0E16263CCA2E
SHA-512:	5BB787F829C69537570ED7A2EDE321C9D654EA26ED6EB5D3191081D0F1A57B06DB58256CB0A9702C3C9E3BC3FABFCDDA8C401F93E67E254162C81E4ED5F0CA00
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417313&plat=1%3A8%2C2%3A8%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Ferror.html%3Fe%3DThis%2Bshort%2Burl%2Bis%2Bno%2Blonger%2Bactive&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417312647&bpp=23&bdt=1917&idt=203&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3795111739530&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417313&ga_hid=1413249661&ga_fc=0&u_tz=-480&u_his=1&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=784&bih=554&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21069719%2C21069711&oid=3&pvsid=3174753432673237&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=44%2C114%2C36%2C36%2C1280%2C%2C800%2C640%2C784%2C554&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=438
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":784,"adHeight":554,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto__

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ads[2].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556388878043573
Encrypted:	false
SSDEEP:	192:TtjY0I6p44JlVyjORGpM8O6njXIVhSa0pZrPhoG8FZ7BGUSczOZeYmfJ5iJRLJxP:TG0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI
MD5:	524C4EB9FD782257406546FF4F14F138
SHA1:	DCC91AFF7289F7743B2BB8BDA1D58B528530C015
SHA-256:	0D23F4A226212BD190A27972F8DCCD95180C79AFD6BC1AF982DE12722E1454D1
SHA-512:	1AEDEC383BD77152B8DDCE5E1D2E1ABB97E0B9B53E213E491F09B6D769D53C68CBBAF6A5F23E871A957AF3668611AEB7EE14D984160D25AE85CA084559E9901A
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417347&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Findex.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417346814&bpp=42&bdt=478&idt=197&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=5281413869788&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417347&ga_hid=113105145&ga_fc=1&u_tz=-480&u_his=3&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=1654621586386755&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=335
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1263,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ads[3].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	14108
Entropy (8bit):	5.556388878043573
Encrypted:	false
SSDEEP:	192:TtjY0I6p44JlVyjORGpM8O6njXIVhSa0pZrPhoG8FZ7BGUSczOZeYmfJ5iJRLJxP:TG0MHqR2Baca8ZrPuGiZ1OZmfTiJVfUI
MD5:	524C4EB9FD782257406546FF4F14F138
SHA1:	DCC91AFF7289F7743B2BB8BDA1D58B528530C015
SHA-256:	0D23F4A226212BD190A27972F8DCCD95180C79AFD6BC1AF982DE12722E1454D1
SHA-512:	1AEDEC383BD77152B8DDCE5E1D2E1ABB97E0B9B53E213E491F09B6D769D53C68CBBAF6A5F23E871A957AF3668611AEB7EE14D984160D25AE85CA084559E9901A
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&adk=1812271804&adf=3025194257&lmt=1610417352&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fykm.de%2Ffaq.html&ea=0&flash=29.0.0&pra=5&wgl=1&dt=1610417351264&bpp=490&bdt=1179&idt=1063&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&nras=1&correlator=231920626093&frm=20&pv=2&ga_vid=2041299598.1610417313&ga_sid=1610417352&ga_hid=1944095220&ga_fc=1&u_tz=-480&u_his=5&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=-12245933&ady=-12245933&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=2452295567712244&pem=30&rx=0&eae=2&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=1&ifi=0&uci=a!0&dtd=1148
Preview:	<script>window.sra_later_blocks = [];</script><script>window.sra_later_blocks.push({creative:'',reactiveConfig:{"adClient":"ca-pub-8989771679754051","adFormat":8,"adKey":1812271808,"adWidth":1263,"adHeight":906,"fillMessage":[]},trafficSource:2});</script><script data-jc="39" data-jc-version="r20201203">(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){if(!(a instanceof Array)){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];a=b?b.call(a):{next:aa(a)};for(var c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}var fa="function"==typeof Object.create?Object.create:function(a){function b(){}b.prototype=a;return new b},n; if("function"==typeof Object.setPrototypeOf)n=Object.setPrototypeOf;else{var p;a:{var ha={i:!0},ia={};try{ia.__proto__=ha;p=ia.i;break a}catch(a){}p=!1}n=p?function(a,b){a.__proto__=b;if(a.__proto_

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ads[4].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.433965149761668
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fRJFtFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2fb/F5Kpp3iZd5F5G
MD5:	C6FC0A25081E8B4F915123476D0831D6
SHA1:	9AE913012BE191530E04CC507D922460A43B6F78
SHA-256:	C77018658F777B718CE0DE0AA7E907D6053B9CEB7E2B357C204462588CF4C88D
SHA-512:	16C11B8D9F46DF29B52F4EA3640F8CBFD82B0D4FC9E993B76FCBB60A8903CCC17188A579B8B6DC489DC21DF6D0C4C85E002391E3205420C526D00A505FCBDFFB
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417352&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Ffaq.html&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417351757&bpp=191&bdt=1672&idt=664&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=231920626093&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417352&ga_hid=1944095220&ga_fc=0&u_tz=-480&u_his=5&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=32&ady=85&biw=1263&bih=906&scr_x=0&scr_y=0&eid=21068769%2C21068945&oid=3&pvsid=2452295567712244&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=g1z1Oy9fvx&p=https%3A//ykm.de&dtd=904
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"CNec3bivlO4CFZOQOAodUwML1w"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ads[5].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.414237437614252
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fRhd0/tFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2fuF5Kpp3iZd5F5G
MD5:	935B9F6C93A604D864D516895CEFB5DD
SHA1:	2049302F6DE1E31253B9691C5F16790E92729D98
SHA-256:	7D5A6624298AEFE4E291FE7422E5209EBD529BEE210DB392FE747833E3A4071B
SHA-512:	5BCF3F323E79BC874AC84529736E205D0B5515E8638965ACE949D552EABB9B66B9484598DE7342DD5F0E5A5A69359D48E35AFCD93DA86AE3153FB97327162141
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417360&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Frecent_urls.html&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417360380&bpp=1&bdt=655&idt=278&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=464880232668&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417361&ga_hid=361796023&ga_fc=0&u_tz=-480&u_his=7&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=40&ady=85&biw=1280&bih=906&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=1862184718256542&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=lRpbH1o6Ny&p=https%3A//ykm.de&dtd=680
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"CMmr3byvlO4CFbVdFQgdPpAF9w"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ads[6].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	405
Entropy (8bit):	5.436237787082441
Encrypted:	false
SSDEEP:	12:hax/XKB0OoLu4UIJ2fRtktFiYSB0Fgdu43o9fZdZrhtFiYG:haoDCfJ2fQF5Kpp3iZd5F5G
MD5:	B5A6353064642965FB9CCB2E97E011C6
SHA1:	07408415A30B732551AC6998E27831A204783914
SHA-256:	C138654EC3FEF0462F4AF46513D436CCB07A6EE12736E3E68FB99BC9712B3E64
SHA-512:	49D3D8EE6943DEC47586B169212C0B6E3E640B71AD9552AE11382E1A6604E9586453090ED40523E5D82C0BE5BDB04899C492F1EE040F4DFA9554952D38D07F1B
Malicious:	false
IE Cache URL:	https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8989771679754051&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.1255761255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1610417369&rafmt=1&to=qs&pwprc=4778228967&psa=1&format=1200x280&url=https%3A%2F%2Fykm.de%2Findex.html%3F_t%3DDeutsch%2B%2528de%2529&flash=29.0.0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1610417368987&bpp=12&bdt=451&idt=234&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8b5e4409b88a7409-224663149da600da%3AT%3D1610384913%3ART%3D1610384913%3AS%3DALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA&prev_fmts=0x0&nras=1&correlator=2042136898454&frm=20&pv=1&ga_vid=2041299598.1610417313&ga_sid=1610417369&ga_hid=18271482&ga_fc=0&u_tz=-480&u_his=14&u_java=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_nplug=1&u_nmime=2&adx=40&ady=85&biw=1280&bih=906&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068946&oid=3&pvsid=2852579933633363&pem=30&rx=0&eae=0&fc=1920&docm=11&brdim=0%2C78%2C-8%2C-8%2C1280%2C%2C1296%2C1000%2C1280%2C906&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=1&ifi=1&uci=a!1&xpc=P1haLuG0fJ&p=https%3A//ykm.de&dtd=402
Preview:	<!DOCTYPE html><html><head><script>window.top.postMessage('{"msg_type":"resize-me","key_value":[{"key":"r_nh","value":"0"},{"key":"qid","value":"CIT22sCvlO4CFTnFEQgdhj0GwA"}],"googMsgType":"sth"}', '');</script><script>window.top.postMessage('{"msg_type":"adsense-labs","key_value":[{"key":"settings","value":"[\\\"ca-pub-8989771679754051\\\",[[1]]]"}],"googMsgType":"sth"}', '');</script></head></html>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\builder[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	28753
Entropy (8bit):	4.993860295942691
Encrypted:	false
SSDEEP:	768:hc++mP0W5Ok75+shQYClbddhHTPav3+dgT79PdnMNPUs7K:G+djt+shQNlBHTPav3dddnMNPUs7K
MD5:	7FCCD72DCEA4E79C2452FF96C200DBB0
SHA1:	F3B85DAE6E7B13A0C1557C8CC7CCCC5B509C2A8D
SHA-256:	6C8DDFAD20E38BE0C8D5EC9682E4FC923CAA79E973651DB3A9AE7B0D8C0537E0
SHA-512:	65C10A98A126B00AEEC62E19859B5E47315E71B362725DBA13389A86DE4F6984881EF21F1024B0BBE5DD73F10603BE475DFC8B860F152A7944F079A7982E5372
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/builder.css
Preview:	.clearfix {.. zoom: 1;..}...clearfix:before,...clearfix:after {.. display: table;.. content: "";..}...clearfix:after {.. clear: both;..}...hide-text {.. font: 0/0 a;.. color: transparent;.. text-shadow: none;.. background-color: transparent;.. border: 0;..}...input-block-level {.. display: block;.. width: 100%;.. min-height: 28px;.. -webkit-box-sizing: border-box;.. -moz-box-sizing: border-box;.. -ms-box-sizing: border-box;.. box-sizing: border-box;..}...row-fluid [class="span"] {.. min-height: 5px;..}...alert p:last-child,..#content .alert p:last-child,...builder_text_column p:last-child,...builder_text_column :last-child,..#content .builder_text_column p:last-child,..#content .builder_text_column :last-child,...builder_toggle_content p:last-child,...builder_tab .row-fluid:last-child .builder_content_element,...builder_accordion .ui-accordion .ui-accordion-content .row-fluid:last-child .builder_content_element {.. margin-bottom: 0;..}...builder_text_column,...bui

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21956, version 1.1
Category:	downloaded
Size (bytes):	21956
Entropy (8bit):	7.971858923092755
Encrypted:	false
SSDEEP:	384:UUAzOARVqPhcEBht09b4FoVNRCgWSCZnq3Jxshb6dddddvyFRCi79Z:UUAq3hck0SMNRsZnq3JxIb/F0ipZ
MD5:	3EB14F3838ADA50E10F062A895C3B9CF
SHA1:	F570B2FE0688332CF8C4A9127DB25433D9A1EBAA
SHA-256:	90556675373EA9ED1D0E9B5678426D69296B6801C906CA378BB426AA3D6ACDC3
SHA-512:	CEE1E0F1A0903ABE5D00E0CBF1150E990494F950EC7B1F5DC50A832562DB30DC1DC6AE437E49C13F50E75274B11703251D0018CDD340BA3544D3A16D319EA6B1
Malicious:	false
IE Cache URL:	https://themes.googleusercontent.com/static/fonts/opensans/v6/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
Preview:	wOFF......U.................................FFTM...l........\.y.OS/2.......]...`.=..cmap.......h.......cvt ...P...Y.....M..fpgm............~a..gasp...X...........#glyf...h..5...QT....head..>(...3...6.6..hhea..>\.......$....hmtx..>\|.......X.wW.kern..@.......#.....loca..N.........v.cLmaxp..PP... ... .].Jname..Pp.........r.post..ST...x....x..prep..T.........C............o1.....51........`x.c`f.c......:....Q.B3_dHc.................B4.....3.:.;3.......ah..e.P``...c.`....\........x.c```f.`..F..X..1..,.........:......L.n1.Q.Q.R.SPR.RpQ(QX..?X.... ..a......K.......?........}.`.M.6>X.`.....4.....l.pe.L@..]..+,.l...\.<.\|...B.".b...R.2.r...J.*.j...Z.:.z...F.&.f...V.6.v...N...n...^.>.~...A.!.a...Q.1.q....m..g.[.h...W.^.f..u.6n.e..{v...P...y.baA6CY.C.,.b...r..rj.V.jL...sk...Z..>r...s.N.d8.p...K@..3..Zz.{..'L.:.a.....=^..p..(...K{.x.c.a.g.c..$KY...e@.,.."..........?....%.g....Z.....(".o..Y..Bu342.e......0..........M=.....x.uU.S.F......"S.0.!.n..`.t..@)lm..u.b.3+.A"&cz.C...H..'r

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\diagonal-noise[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	8401
Entropy (8bit):	7.925668887845829
Encrypted:	false
SSDEEP:	192:J1BJM5tLMi19oVSWEBlPuQrX5VuDGX5uDKgTZq:Jd0awWEBljrXrueyKj
MD5:	82DCCAAC0EFB91E53D7723EC14BF00D5
SHA1:	3E1F0ECCCBF3CB9200EF2711421E63D06FB5FC37
SHA-256:	CD973C2B1EF865B051FC1845DE9AE66CBB072A601E4BDA7157F3A986B1FEA0DF
SHA-512:	8FE4C577D8CBA9E1382CAD8A46EF451D85B07626A29DE9A740641358394B790F15C9F7CFE4B8EA4289C5B87B9E8CC58C9C37C4AA9E8CAB6677E8128975E7BE0D
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/diagonal-noise.png
Preview:	.PNG........IHDR...d...d.....p.T.. .IDATx.m.i.$..Q...(.").K.G..7.......P?.."#.....n..~../.~.._...........o.....?..e..._..........?.........g............._~..........h........g..G................h....n....{?....w{f....1................wo.m..^.k.xv..o...}.........g..........6.=d.k\|/or....$w....^.1......{......].y{...........k.p..q...~@.Mb..w..1...1....{c...>.l....?...6~...........;....\7.=..=Sz....?.....=...&b...7.u..7`..{..$l #.."$I$ekc....'y..k.....8.g.....a.....9l>.a~.o.c.....g...c..k.n....i.#...........o7tN.7.M...3I.K.....#..@.!f.......H..!....?......$..Cr=?...k.. ....A I.=.~..M\{..0.....i>m..F.7h.x.....{.....k....=..=..l..... ....IDL....t..M.M1...v6....1\|..~......LZ.k....=.......4.Z.i...q...0}.Q+8.k.%...F....vjS....8..M...}..T..K......G.Ri<{om..}.(3.l.....Z.{...c`g..o...;..j_...s....#...}..L!...[..gv.OI.-!i.a.O.a,Hs....{..`..5"...L......a..G...PD3....{....n6.S..<....{......Cr....}h..$.e.....Y..d.-..wI#.h.v...>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\dnserror[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	2997
Entropy (8bit):	4.4885437940628465
Encrypted:	false
SSDEEP:	48:u7u5V4VyhhV2lFUW29vj0RkpNc7KpAP8Rra:vIlJ6G7Ao8Ra
MD5:	2DC61EB461DA1436F5D22BCE51425660
SHA1:	E1B79BCAB0F073868079D807FAEC669596DC46C1
SHA-256:	ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993
SHA-512:	A88BECB4FBDDC5AFC55E4DC0135AF714A3EEC4A63810AE5A989F2CECB824A686165D3CEDB8CBD8F35C7E5B9F4136C29DEA32736AABB451FE8088B978B493AC6D
Malicious:	false
IE Cache URL:	res://ieframe.dll/dnserror.htm?ErrorStatus=0x800C0005&DNSError=1460
Preview:	.<!DOCTYPE HTML>..<html>.. <head>.. <link rel="stylesheet" type="text/css" href="NewErrorPageTemplate.css" >.. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>Can’t reach this page</title>.. <script src="errorPageStrings.js" language="javascript" type="text/javascript">.. </script>.. <script src="httpErrorPagesScripts.js" language="javascript" type="text/javascript">.. </script>.. </head>.... <body onLoad="getInfo(); initMoreInfo('infoBlockID');">.. <div id="contentContainer" class="mainContent">.. <div id="mainTitle" class="title">Can’t reach this page</div>.. <div class="taskSection" id="taskSection">.. <ul id="cantDisplayTasks" class="tasks">.. <li id="task1-1">Make sure the web address <span id="webpage" class="webpageURL"></span>is correct</li>.. <li id="task1-2">Search for this site on Bing</li>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\docs[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	55654
Entropy (8bit):	5.139721038851552
Encrypted:	false
SSDEEP:	768:Py5FdTzls5GfRzXOo9o6Vr0r1rB8G9HmPQ1ZbrZSPwUhOW:PydTx66Vr0r1rxgOrZq
MD5:	FAC899C99C200F074728B73D2D544601
SHA1:	B30FD8826D0FA1BA5F09D690D38A6E33676FC333
SHA-256:	66776669D402C1F3E051DD1C6E2F9DC6B5FF619C810FC81B285439A27A65C9FE
SHA-512:	4F461C06751D2352DEF9C39865E0E86077CA17CA3267433641794D53931D6EF7C3E5B52FF2BCE51979E8D2A41C1A321C8E522FC9FFD719FB732648049AC855A6
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/css/docs.css
Preview:	/..Builder - CSS..Copyrights - orange-idea.com..Creator: OrangeIdea..SEPTEMBER - 2012..Portfolio - http://themeforest.net/user/OrangeIdea/portfolio..Version 1.0..../ Body and structure..-------------------------------------------------- */..body {.. position: relative;.. background-position:center bottom;.. font-family: Arial, Helvetica, sans-serif;.. color:#666666;.. font-size:13px;.. padding:0px !important;..}....h1,h2,h3,h4,h5,h6 { font-family:"Open Sans"; font-weight:400 !important; color:#555; margin-top:0px;}...btn {font-family:"Open Sans" !important;} ..h3 { margin-bottom:5px;}..p { margin-bottom:20px !important; margin-top:0px !important;}..iframe { border:none !important; padding:0px; background:#fff;}...blog_item iframe { border:none !important; padding:0px !important; background:#fff;}...slider_area iframe { border:none !important; padding:0px !important; background:#fff;}...blog_item_page iframe { border:none !important; padding:0px !important; background:#fff;}...c

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\errorPageStrings[1] Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	4720
Entropy (8bit):	5.164796203267696
Encrypted:	false
SSDEEP:	96:z9UUiqRxqH211CUIRgRLnRynjZbRXkRPRk6C87Apsat/5/+mhPcF+5g+mOQb7A9o:JsUOG1yNlX6ZzWpHOWLia16Cb7bk
MD5:	D65EC06F21C379C87040B83CC1ABAC6B
SHA1:	208D0A0BB775661758394BE7E4AFB18357E46C8B
SHA-256:	A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F
SHA-512:	8A166D26B49A5D95AEA49BC649E5EA58786A2191F4D2ADAC6F5FBB7523940CE4482D6A2502AA870A931224F215CB2010A8C9B99A2C1820150E4D365CAB28299E
Malicious:	false
IE Cache URL:	res://ieframe.dll/errorPageStrings.js
Preview:	.//Split out for localization...var L_GOBACK_TEXT = "Go back to the previous page.";..var L_REFRESH_TEXT = "Refresh the page.";..var L_MOREINFO_TEXT = "More information";..var L_OFFLINE_USERS_TEXT = "For offline users";..var L_RELOAD_TEXT = "Retype the address.";..var L_HIDE_HOTKEYS_TEXT = "Hide tab shortcuts";..var L_SHOW_HOTKEYS_TEXT = "Show more tab shortcuts";..var L_CONNECTION_OFF_TEXT = "You are not connected to the Internet. Check your Internet connection.";..var L_CONNECTION_ON_TEXT = "It appears you are connected to the Internet, but you might want to try to reconnect to the Internet.";....//used by invalidcert.js and hstscerterror.js..var L_CertUnknownCA_TEXT = "Your PC doesn\u2019t trust this website\u2019s security certificate.";..var L_CertExpired_TEXT = "The website\u2019s security certificate is not yet valid or has expired.";..var L_CertCNMismatch_TEXT = "The hostname in the website\u2019s security certificate differs from the website you are trying to visit.";..var L

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\f[1].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	271185
Entropy (8bit):	5.526807337793055
Encrypted:	false
SSDEEP:	3072:5SocAkHIGEs9PaRUoKcXPao1i7lHjeidORuSocAkHIGE29PaRUoKcXPao1i7lHjl:uponKcCMi7lDeBRhpoVKcCMi7lDeBR2
MD5:	07A470B6DFACA905FCE9F43C1886E2D2
SHA1:	00131CFBBA873AB6616F7AB24C64252EC261FA59
SHA-256:	91DB2CBF8EFE4EA26AF0E0F126F4C5E948126ED9350E42928E30B6D5F9E5C692
SHA-512:	7A86DE1CF83B0A0F6D729E42B30F4E3947BFF930BBF6B256C4098E4BD7E27A2E590287FD93398A31B701AB5E2C3C48BA3114C6F556C1A80225A1B6C247422EDC
Malicious:	false
Preview:	(function(){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ .var n;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a}; .function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var da=ca(this),ea="function"===typeof Symbol&&"symbol"===typeof Symbol("x"),q={},fa={};function t(a,b){var c=fa[b];if(null==c)return a[b];c=a[c];return void 0!==c?c:a[b]} .function x(a,b,c){if(b)a:{var d=a.split(".");a=1===d.length;var e=d[0],f;!a&&e in q?f=q:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))break a;f=f[g]}d=d[d.length-1];c=ea&&"es6"===c?f[d]:null;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\f[2].txt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	196
Entropy (8bit):	5.423957995867931
Encrypted:	false
SSDEEP:	3:tDptoBWs56TESPshDRddRHZWUR7KMaKYVa2GJB4XmL9WKH6AX26DUuRN6PXIZu2W:tDpuPTZRHZWIJ54whHrX22MPOWn
MD5:	498C873F7F789600DAA832597F1DDAB2
SHA1:	CBC85E35BEC3DEA977E5E21C5EDD7DEB2ECC9584
SHA-256:	5F3861D7E670C1E504A9C81022487B24C1C0998E5AC829C4B95E400263FDCDBD
SHA-512:	0ABA80F770335ADAE48C3860D74418D4815EA27ADE463EC874A1E488E2C86607097D5E2EB61E31187B6FD31B4817C651F3B934E57E2DFFD44286B0FEBF7768CA
Malicious:	false
IE Cache URL:	https://partner.googleadservices.com/gampad/cookie.js?domain=ykm.de&callback=_gfp_s_&client=ca-pub-8989771679754051
Preview:	_gfp_s_({"_cookies_":[{"_value_":"ID=8b5e4409b88a7409-224663149da600da:T=1610384913:RT=1610384913:S=ALNI_MaRpNz1-0IYcClgw8Hhh0iIAUFJCA","_expires_":1644080913,"_path_":"/","_domain_":"ykm.de"}]});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\index[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	75311
Entropy (8bit):	4.936439147996216
Encrypted:	false
SSDEEP:	768:NSf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkenna+:Nptur+2qW2lJTo2+jMRHUnkvPhEBX7B
MD5:	72F06A4700874345C6DF1AA9FB1C21E6
SHA1:	E289B00CA6563BFD716A9B7B3FEAC0FCF2CD15B8
SHA-256:	222148358721A8E5F8D1411EB3663796711DFEF11FDABAB98156908AEF049A55
SHA-512:	F306ED43912BE071DE6B208A11A1741BD70710363F4064B0F45570240263E1F9C04F2235FD40CB6640928AAE76FAB5535C297CD1F6E448A43A7A75B24DF78155
Malicious:	false
IE Cache URL:	https://ykm.de/index.html
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Create short url - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Create short urls from your longer website urls. No registration required. Completely free to use." />. <meta name="keywords" content="shorturl, short, url, tiny, href, link, path, twitter, post, facebook, longurl" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jquery-ui-1.10.2.custom.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	40341
Entropy (8bit):	5.327253074425947
Encrypted:	false
SSDEEP:	768:pIBk4mvOXmOClw2kfsdNQpCj4wpTY9u5LFNh2oYE8Sbv:pIG4WOXmOClw2kf7wpfTYE8Sbv
MD5:	6979CF75481360F7F088D2AF3A2F4A96
SHA1:	A3D5D65CB72F33A609433B3AB0CFCBBC260B0241
SHA-256:	DF4432172533296E1270A70A80D47D6E388EA75FED18BF975E0840405EE23294
SHA-512:	88721F4655EC7A32DFCAB659162FFCD5E5CF26A1E60DD1356D6E9F13736DB9F99CFA22E341382D970B6669F607D3BD8E210FF4D870F03D5E44B87AFD4E3D42E5
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/js/jquery-ui-1.10.2.custom.min.js
Preview:	/! jQuery UI - v1.10.2 - 2013-04-02. http://jqueryui.com.* Includes: jquery.ui.core.js, jquery.ui.datepicker.js.* Copyright 2013 jQuery Foundation and other contributors Licensed MIT */..(function(e,t){function i(t,i){var a,n,r,o=t.nodeName.toLowerCase();return"area"===o?(a=t.parentNode,n=a.name,t.href&&n&&"map"===a.nodeName.toLowerCase()?(r=e("img[usemap=#"+n+"]")[0],!!r&&s(r)):!1):(/input\|select\|textarea\|button\|object/.test(o)?!t.disabled:"a"===o?t.href\|\|i:i)&&s(t)}function s(t){return e.expr.filters.visible(t)&&!e(t).parents().addBack().filter(function(){return"hidden"===e.css(this,"visibility")}).length}var a=0,n=/^ui-id-\d+$/;e.ui=e.ui\|\|{},e.extend(e.ui,{version:"1.10.2",keyCode:{BACKSPACE:8,COMMA:188,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,LEFT:37,NUMPAD_ADD:107,NUMPAD_DECIMAL:110,NUMPAD_DIVIDE:111,NUMPAD_ENTER:108,NUMPAD_MULTIPLY:106,NUMPAD_SUBTRACT:109,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SPACE:32,TAB:9,UP:38}}),e.fn.extend({focus:function(t){return functio

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\js[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	98729
Entropy (8bit):	5.5143609415670465
Encrypted:	false
SSDEEP:	3072:JB4bXR7peBY042JqUgumBlTjw/UTYBpN+:PmixQGBj+
MD5:	8AC225D00443BF62F59AA174AB0BCCD6
SHA1:	A404C5B0AB9A4CE8FFF15EF04163D655810AA15D
SHA-256:	CBD2D4352A667B837B72781F377A2555EA0DAE01190F7F797D190D6BBAFC4C42
SHA-512:	4AB928AE6209F2CED82DAF231FEC29BEECC8F8862F48D82A25BA845135EDFE6C9DB27F432F2FEAE80EF7C557C9B691CAA21DA5A85896368D92379F09BE9B7666
Malicious:	false
IE Cache URL:	https://www.googletagmanager.com/gtag/js?id=UA-406118-10
Preview:	.// Copyright 2012 Google Inc. All rights reserved..(function(){..var data = {."resource": {. "version":"1",. . "macros":[{. "function":"__e". },{. "function":"__cid". }],. "tags":[{. "function":"__rep",. "once_per_event":true,. "vtp_containerId":["macro",1],. "tag_id":1. }],. "predicates":[{. "function":"_eq",. "arg0":["macro",0],. "arg1":"gtm.js". }],. "rules":[. [["if",0],["add",0]]].},."runtime":[].....};./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var ba,ca=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},da=function(a){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];return b?b.call(a):{next:ca(a)}},ea="function"==typeof Object.create?Object.create:function(a){var b=function(){};b.prototype=a;return new b},ha;.if("function"==typeof Object.setPrototypeOf)ha=Object.setPrototypeOf;else{var ia;a:{var ja={wg:!0},la={};

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\recent_urls[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	66877
Entropy (8bit):	4.97889391506852
Encrypted:	false
SSDEEP:	768:PSf5IDJrNPzq2aZwurmWLctQkDaqW26b0JTo2+jM2QsSDx+k49ixfHVkYCkennap:Pptur+2qW2lJTo2+jMRHUnk1X7B
MD5:	4A0C0C01DF703E7EE6E7496CDBE91B17
SHA1:	7B94756F0414D16A3BC7137C0B4DF980CAC25F25
SHA-256:	8F96AF613001FE2F2675C9D4938E19B819D23718BA4FB75C69BBDDEEF07D7292
SHA-512:	AD76917ED390DDD1F38D31B2DCA835B08A18C4CE8AECE479A7FF8DFA5A4F1DC01AC11EC5DA0664D06ED40B55368DED0FC60E3DF700F36B1B7FEB3171500E82B5
Malicious:	false
IE Cache URL:	https://ykm.de/recent_urls.html
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html dir="ltr" lang="en-US">. <head>. <meta charset="utf-8">. <title>Recent Urls - YKM.de ✔ Quickly Shorten Url</title>. <meta content="width=device-width, initial-scale=1.0" name="viewport">. <meta name="description" content="Recent Urls" />. <meta name="keywords" content="recent, urls, home, shorturl, your, interface, short, url, site" />. <meta name="copyright" content="Copyright © 2021 - YKM.de ✔ Quickly Shorten Url" />.. styles -->. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/bootstrap-responsive.css" rel="stylesheet"/>. <link href="https://ykm.de/themes/ykm/styles/css/wide_layout.css" rel="stylesheet"/>. <link

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\redirect[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	556
Entropy (8bit):	5.0165714932342444
Encrypted:	false
SSDEEP:	12:nlc8MxxMJImslcmdafdIprL5/PcNGMxxlEiAFE8+RL:nm8MxxMAmrFIpfiUMxxlED+RL
MD5:	F52938729F54698BCDB3EA95F377414F
SHA1:	7BD8D2FA34C0622C392AAC25FF72661AFB90CA82
SHA-256:	F2132261CFF7C1E43DC529243027F3F13281B01BF6B4DB3088977F54D67AB64A
SHA-512:	B4E04E05C801E8BDA17BD009082602BFC17142A377F83835E82D56E927CCC8A8724D3265608E5CBB230510B43CB35A22880AA48ED584DE430B30C47117D50301
Malicious:	false
IE Cache URL:	https://t.umblr.com/redirect?z=https%3A%2F%2Fykm.de%2F65f0a4768a364c17&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTAzZWMzZCwwY2IyNWEwNWYyMzA5MGNlNzYxMzg5ZTFhMTcwMTA4Y2U5NmEwYzZl&ts=1610149120
Preview:	<noscript><meta name="referrer" content="origin" /><meta http-equiv="refresh" content="0;URL=https://href.li/?https://ykm.de/65f0a4768a364c17" /></noscript><meta name="referrer" content="origin" /><title>Redirecting...</title><script>. window.opener = null;. let urlMatches = document.querySelector('noscript').textContent.match(/^<meta name="referrer" content="origin" \/><meta http-equiv="refresh" content="0;URL=((?:https?\|mailto):[^"]+)/),. url = urlMatches && urlMatches[1];.. if (url) {. location.replace(url);. }.</script>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\screen[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	39562
Entropy (8bit):	4.915158306407265
Encrypted:	false
SSDEEP:	384:djPFFvpFWO+NZNsWCyPyHGgOZyTZ5C7KzS2598Gb:djPFFvpFCyWCdmfYhzS2N
MD5:	ADF93727C6A7166D89D489015796612A
SHA1:	DCF8BD3939A7C11C486B243B71B76D1DA21C3175
SHA-256:	E967A6B79F4CE0D05F26D4F80733D8AEEFBFBBCE9FE0B86AA1B4E9940637DCBE
SHA-512:	664DE5EC119C5870FF2E7AD3250FDD36EF46ED406659BA4F327AE3265FA99291999B5277ADBDB7F6118035222029FFF52B0F6C8C6542CE68890A7C398A13652B
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/styles/screen.css
Preview:	.clear.{. clear: both;.}...clearLeft.{. clear: left;.}...clearRight.{. clear: right;.}..input[type=text], input[type=password], textarea, select.{. width: 98%;.}...createUrlWrapper .termsWrapper.{. margin-top: 3px;.}...form .termsWrapper input, .termsWrapper label.{. float: left;.}...createUrlWrapper .termsWrapper label.{. margin-left: 6px;.}...form .fiftyPercent, .form .fiftyPercentLast.{. width: 47%;. float: left;. padding-right: 23px;.}...form .third, .form .thirdLast.{. width: 30%;. float: left;. padding-right: 23px;.}...form .fiftyPercentLast, .form .thirdLast.{. padding-right: 0px;.}...form .buttonWrapper.{. padding-top: 10px;.}...form .footerLinkWrapper.{. padding-top: 18px;.}..div#demoBanner.{ . background-color: #333333; . width: 100%; . text-align: center;. padding: 7px; . font-weight: bold;. color: #ffffff;. opacity:0.5;. filter:alpha(opacity=50); /* For IE8 and earlier */.}..div#demoBanner span.{. cu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ui-bg_flat_75_ffffff_40x100[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 40 x 100, 1-bit grayscale, non-interlaced
Category:	downloaded
Size (bytes):	208
Entropy (8bit):	5.438401677856156
Encrypted:	false
SSDEEP:	6:6v/lhPYOljVztlNQkn7DvF2zgN+7OU0g2EMHOCp:6v/7PxtlGqDvkzS+7OU0g2EMHOI
MD5:	1A9DB2358C19EEC311B8D87B08ED585B
SHA1:	A967E9174986D36E0D8A474D718D4E4674023832
SHA-256:	C5554A715913AD8FE8AA31FD0141233F53B216EAFF04C882BE90C29EFA006337
SHA-512:	D828B73D2C1D7838706198EEC8E276330692B45182CF1D5EFBFCCAE75B1D4AEB511C8730407EA49F630FD8A2A86D4E9AB6E3A6720850302A1840D0384B23C6A2
Malicious:	false
IE Cache URL:	https://ykm.de/themes/ykm/images/layout/ui-bg_flat_75_ffffff_40x100.png
Preview:	.PNG........IHDR...(...d.......O.....bKGD.........pHYs...H...H.F.k>....IDAT(.c......(IU........{...%tEXtdate:create.2013-03-31T19:55:55-07:00.......%tEXtdate:modify.2013-03-31T19:55:55-07:00.Jpp....IEND.B`.

C:\Users\user\AppData\Local\Temp\~DF006BB75F40C378F3.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	385955
Entropy (8bit):	2.932597335603008
Encrypted:	false
SSDEEP:	3072:kIA6xC0+7Ps9M5Qe/gxGxC0+7Ps9M5Qe/gxBG1:
MD5:	021FBBA9D2BB0902BD2351B5FE5E0D64
SHA1:	D2BC1E1276727FDCB666DB3DED3CD0C66CECEA29
SHA-256:	DA44D94E6D02B7B1F945D411585BBA36E7F72E69C6D048996A544B2AD02FCC4C
SHA-512:	E9E34383F5AD48C36AA80CAC89C3B8BF0A8101715CB1493EBC125270014177FCC8609E2B8D8921B563C17C6B4C8AF6B77A8CC78E6BF08CDD140CA47A6E125494
Malicious:	false
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DFDDBE3FA9B01BA827.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	25441
Entropy (8bit):	0.27918767598683664
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab
MD5:	AB889A32AB9ACD33E816C2422337C69A
SHA1:	1190C6B34DED2D295827C2A88310D10A8B90B59B
SHA-256:	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
SHA-512:	BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6
Malicious:	false
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DFF66ACEFC2A3D685C.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	13077
Entropy (8bit):	0.5019861246029842
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lowF9lo49lWpBGXHVBwFvckdl:kBqoID1pBGXHVBQt
MD5:	CA76153BCF2A9B51A52E754CE02F861A
SHA1:	A4C94CEF9AC90F93370E7ECB2FC9FDBEE8733C61
SHA-256:	E25E3FCF920ECE38D1D6E335B0BF555E5443764FC37C8E460966B7B5EAFCA2D3
SHA-512:	935A4680D377477D04BEB35846F918D17F87F7270678C30D044AD3B7F8990B5CB43BF3F6794B19102498420723086A3FD004F43D7E0B44250F39C00DB40FDF99
Malicious:	false
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\9J3QCP8LROBB1V9KMKPB.temp Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	3440
Entropy (8bit):	3.1733120346837755
Encrypted:	false
SSDEEP:	48:gbdiywPcIpC9GrIobAsASF7ZbdiywPcIph683GrIobAczH:KwPcf9S7AJawPcU3S7AG
MD5:	DFBD8B3B2C17D570B605E98EB578EDE1
SHA1:	7EDBD549E892F4DDA79DA8783B842761439C996D
SHA-256:	F4CC31CAF8395B5038608F71F0FE6CBC9BBA33C3DBE976005B18D431F1542E3C
SHA-512:	29CDF0591A62AED6DC3B5717F50EDF1149F597F6300BC7E0FECB314EF888A9F9CECADBC03DBDC9236010FE7F3280FE81045BB3199A600746BDB038CA8CDBEF1D
Malicious:	false
Preview:	...................................FL..................F.@.. .....@.>....*.......?.c................................P.O. .:i.....+00.../C:\.....................1.....>Qxx..PROGRA~1..t......L.>Qxx....E...............J.....3..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....l.1......L.J..INTERN~1..T......L.,R................................i.n.t.e.r.n.e.t. .e.x.p.l.o.r.e.r.....f.2......L.9 .iexplore.exe..J......L.J,R.......R..........x.............i.e.x.p.l.o.r.e...e.x.e.......^...............-.......]..............x.....C:\Program Files\internet explorer\iexplore.exe....-.p.r.i.v.a.t.e...C.:.\.W.i.n.d.o.w.s.\.S.Y.S.T.E.M.3.2.\.I.E.F.R.A.M.E...d.l.l.........%SystemRoot%\SYSTEM32\IEFRAME.dll...................................................................................................................................................................................................................................%.S.y.s.t.e.m.R.o.o.t.%.\.S.Y.S.T.E.M.3.2.\.I

Static File Info

General
File type:	PDF document, version 1.5
Entropy (8bit):	7.991996531902045
TrID:	Adobe Portable Document Format (5005/1) 100.00%
File name:	Information-Account-Prime-Disable-Service.pdf
File size:	197654
MD5:	7ef4760a44a8cc65c4261a5227fdad25
SHA1:	19af34bf781eb79717cc1db64d3d1923da115fe6
SHA256:	29c631b5ce054c8b4b11fbaa06aa26d5edeb9e06d53315d7eddbe18469b15b20
SHA512:	5950c1c0e62f68ebf3467022c9fa0893b120ba6a832de4f58a3dcf5580387938cf71ed26ea5d0fd7f951cc076959c0b4780784f0cc02ca172b3dd19ae068e8f7
SSDEEP:	3072:XV++GPt/KcCzjYpV5ICPFIi1sUNfHJwcWQeuUtI+v52dVE5LXQtBqSmqWY96Pi3A:X0huj05ICtIDUV+QZUd52mXQDRd6jLj
File Content Preview:	%PDF-1.5..%......2 0 obj..<</Outlines 4 0 R /AcroForm 5 0 R /Pages 6 0 R /StructTreeRoot 7 0 R /Type/Catalog/MarkInfo 8 0 R /Lang(en-US)>>..endobj..11 0 obj..<</StructParents 0/Resources 17 0 R /MediaBox[ 0 0 612 792]/Contents[ 18 0 R 19 0 R 20 0 R ]/Pa

File Icon


Icon Hash:	74ecccdcd4ccccf0

Static PDF Info

General
Header:	%PDF-1.5
Total Entropy:	7.991997
Total Bytes:	197654
Stream Entropy:	7.992311
Stream Bytes:	194726
Entropy outside Streams:	5.376200
Bytes outside Streams:	2928
Number of EOF found:	1
Bytes after EOF:

Keywords Statistics

Name	Count
obj	22
endobj	22
stream	15
endstream	15
xref	0
trailer	0
startxref	1
/Page	1
/Encrypt	0
/ObjStm	3
/URI	0
/JS	0
/JavaScript	0
/AA	0
/OpenAction	0
/AcroForm	1
/JBIG2Decode	0
/RichMedia	0
/Launch	0
/EmbeddedFile	0

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 11, 2021 18:08:29.679091930 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.679336071 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.811475039 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.811723948 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.815804005 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.815958023 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.829678059 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.829741955 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.961832047 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.962877989 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.962896109 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.962904930 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.962965965 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.963021994 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.966074944 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.967022896 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.967052937 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.967061996 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:29.967145920 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:29.967190981 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.007456064 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.007581949 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.013442039 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.013617039 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.013752937 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.139843941 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.139863014 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.140055895 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.141961098 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.144124031 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.144144058 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.144294024 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.145456076 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.145592928 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.145612001 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.150314093 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.150572062 CET	49743	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.185497046 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.242336035 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.242358923 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.242487907 CET	49744	443	192.168.2.3	74.114.154.21
Jan 11, 2021 18:08:30.274169922 CET	443	49744	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.321077108 CET	443	49743	74.114.154.21	192.168.2.3
Jan 11, 2021 18:08:30.520701885 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.520772934 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.560379028 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.560560942 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.560735941 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.560868979 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.561495066 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.562606096 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.601162910 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.602421999 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.602686882 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.602730989 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.602766991 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.602804899 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.602838039 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.602835894 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.602890015 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.602895975 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.602900982 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.602905989 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.604007959 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.604048967 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.604095936 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.604109049 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.604127884 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.604146957 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.604154110 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.604155064 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.604177952 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.604198933 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.614984989 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.615323067 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.615569115 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.615814924 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.615948915 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.654861927 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.654917955 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.655034065 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.655062914 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.655075073 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.655178070 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.655297041 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.655333996 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.655385017 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.655428886 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.655793905 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.655822992 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.655916929 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.656451941 CET	49745	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.694619894 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.737988949 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.738162041 CET	443	49745	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.741610050 CET	443	49746	192.0.78.27	192.168.2.3
Jan 11, 2021 18:08:30.741688967 CET	49746	443	192.168.2.3	192.0.78.27
Jan 11, 2021 18:08:30.913810968 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:30.913988113 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:30.964390993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:30.964461088 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:30.964540958 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:30.964577913 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:30.965486050 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:30.965548992 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.015840054 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.015877008 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.019368887 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.019426107 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.019525051 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.019576073 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.022191048 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.022233963 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.022340059 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.022380114 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.029778957 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.030194998 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.030343056 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.030967951 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.031382084 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.080332994 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.080409050 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.080497026 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.080523014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.080625057 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.081186056 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.081279993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.081358910 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.081512928 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.081530094 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.081543922 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.081598997 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.081785917 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.082175970 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.082269907 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.082643032 CET	49748	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.132062912 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.132829905 CET	443	49748	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.158413887 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.158761978 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.163304090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.255002022 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.255031109 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.255049944 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.255065918 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.255085945 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.255108118 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.255136013 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.255171061 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.256191015 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.256223917 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.256333113 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.257316113 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.257349014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.257443905 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.258513927 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.258974075 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.263263941 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.263348103 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.265062094 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.265080929 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.265187979 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.265315056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.265335083 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.265377045 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.265438080 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.266211987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.266232967 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.266386032 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.267147064 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.267167091 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.267255068 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.273488045 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.273946047 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.274698019 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.275168896 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.275923014 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.276410103 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.277045012 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.277643919 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.279109955 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.279280901 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.280720949 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.282614946 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.290823936 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291161060 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291296005 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291543961 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291621923 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291719913 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291800022 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291882992 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.291999102 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.305872917 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.306361914 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.307131052 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.324877977 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.325561047 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.326587915 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.327920914 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.330465078 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.333297968 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.341763020 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.343456030 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.356750011 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.376065016 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.376089096 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.376208067 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.376250982 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.376267910 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.376346111 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.376982927 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.377091885 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.381848097 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.381867886 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.381959915 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.382064104 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.382122040 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.382405043 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.382492065 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.382802963 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.382827044 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.382873058 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.382889032 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.383995056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.384018898 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.384105921 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.385168076 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.385193110 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.385256052 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.385286093 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.386173010 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.386185884 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.386358976 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.387337923 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.387358904 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.387418985 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.388504982 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.388526917 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.388969898 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.389719963 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.389744997 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.389801979 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.389822006 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.390912056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.390938044 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.391005039 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.392055988 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.392076969 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.392148972 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.393191099 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.393224955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.393274069 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.393309116 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.393811941 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.393837929 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.394373894 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.394393921 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.394474030 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.395611048 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.395628929 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.395695925 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.395725012 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.396780014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.396800995 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.396873951 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.397922993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.397947073 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.398006916 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.399239063 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.399264097 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.399331093 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.399369001 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.400516033 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.400542021 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.400660992 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.401456118 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.401483059 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.401547909 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.401571989 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.402669907 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.402693987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.402755022 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.427073002 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.427108049 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.427129984 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.427153111 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.427161932 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.427190065 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.427217960 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.428297997 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.428330898 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.428431988 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.429434061 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.429464102 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.429538965 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.430541039 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.430560112 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.430708885 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.430727959 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.432091951 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.432112932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.432183981 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.433000088 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.433023930 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.433070898 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.433124065 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.434124947 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.434146881 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.434241056 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.435281992 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.435317993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.435451031 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.436322927 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.436470985 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.436490059 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.436503887 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.436589956 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.436623096 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.436623096 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.436630011 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.437671900 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.437700033 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.437756062 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.438749075 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.438874006 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.438894033 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.438977957 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.439591885 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.440102100 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.440124989 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.440181971 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.441176891 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.441201925 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.441277981 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.442379951 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.442404985 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.442476988 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.443537951 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.443579912 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.443623066 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.443653107 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.444727898 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.444751978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.444828033 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.445895910 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.445919991 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.445992947 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.447087049 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.447110891 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.447155952 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.447195053 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.448251963 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.448276043 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.448324919 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.448347092 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.449450970 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.449474096 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.449529886 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.450613976 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.450637102 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.450686932 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.451819897 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.451843977 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.451910019 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.452970028 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.452992916 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.453063011 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.453100920 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.454178095 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.454200983 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.454240084 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.454277992 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.455327034 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.455352068 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.455405951 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.456533909 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.456572056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.456634998 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.457685947 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.457714081 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.457770109 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.458889961 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.458918095 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.459006071 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.459943056 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.460052013 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.460079908 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.460130930 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.460153103 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.461226940 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.461250067 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.461308002 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.461334944 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.462440968 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.462470055 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.462531090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.462563038 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.463588953 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.463613987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.463732958 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.464818954 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.464845896 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.464915037 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.465945005 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.465970039 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.466029882 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.467111111 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.467138052 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.467204094 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.468303919 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.468334913 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.468384981 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.468431950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.469558001 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.469580889 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.469660997 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.470658064 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.470683098 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.470741034 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.470779896 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.477370024 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.477415085 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.477519035 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.477732897 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.477751970 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.477839947 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.478564024 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.478589058 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.478663921 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.478714943 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.479315042 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.479336977 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.479468107 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.480212927 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.480233908 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.480324030 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.480824947 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.480848074 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.480916023 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.480937004 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.481108904 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.481605053 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.481630087 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.481699944 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.482363939 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.482387066 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.482403994 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.482511044 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.483127117 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.483150005 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.483205080 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.483237982 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.483858109 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.483881950 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.483988047 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.484630108 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.484663963 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.484745026 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.485318899 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.485341072 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.485455990 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.485474110 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.486047983 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.486068964 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.486138105 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.486700058 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.486722946 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.486773968 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.486809969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.487478018 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.487500906 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.487585068 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.488169909 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.488192081 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.488250971 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.488301039 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.488755941 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.488778114 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.488852978 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.489466906 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.489487886 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.489542961 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.489589930 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.490144968 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.490165949 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.490261078 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.490806103 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.490822077 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:31.490885973 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.490926027 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:31.495043993 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.495069981 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.495081902 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.495435953 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.495465994 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.496040106 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.496062040 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.496073961 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.496165991 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.507870913 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.509057999 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.516666889 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.518241882 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.534463882 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.550587893 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.550610065 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.550745010 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.550776005 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.551513910 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.551573992 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.552459955 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.561678886 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.561709881 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.561784029 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.562472105 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.564728022 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.577236891 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.577320099 CET	49752	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.584754944 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.584783077 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.584858894 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.584875107 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.584897995 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.584897995 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.584923029 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.584970951 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.585045099 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.586956024 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.587089062 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.587197065 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.589029074 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.589059114 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.589154959 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.589212894 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.591131926 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.591152906 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.591218948 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.591250896 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.593318939 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.593343973 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.593513966 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.593533993 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.595468998 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.595494032 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.595541000 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.595561028 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.597605944 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.597630978 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.597732067 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.599694014 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.599714994 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.599798918 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.601892948 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.601921082 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.601995945 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.604036093 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.604062080 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.604150057 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.609752893 CET	443	49752	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.627409935 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.627439022 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.627499104 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.627536058 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.628357887 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.628413916 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.628434896 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.628460884 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.630561113 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.630585909 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.630691051 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.632711887 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.632739067 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.632811069 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.634810925 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.634835005 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.634912014 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.636976957 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.637001991 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.637092113 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.637115002 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.639101028 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.639130116 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.639225006 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.641180992 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:31.641725063 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.642204046 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:31.689768076 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.185045004 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.227493048 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.264659882 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.264699936 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.264772892 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.264803886 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.265311003 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.265398026 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.265451908 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.265502930 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.266522884 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.266583920 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.266594887 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.266649008 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.267765045 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.267807007 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.267837048 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.267859936 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.268991947 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.269032001 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.269074917 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.269098997 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.270205021 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.270246983 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.270275116 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.270296097 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.271429062 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.271471977 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.271529913 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.272646904 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.272697926 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.272726059 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.272751093 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.273864031 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.273901939 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.273977041 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.274019957 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.275099039 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.275137901 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.275167942 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.275199890 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.276333094 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.276371956 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.276403904 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.276432991 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.277534962 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.277575970 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.277597904 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.277621031 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.278772116 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.278810978 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.278844118 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.278868914 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.279967070 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.280009031 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.280019999 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.280050993 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.281188965 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.281232119 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.281255960 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.281286001 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.282458067 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.282509089 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.282525063 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.282556057 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.283629894 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.283680916 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.283696890 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.283730030 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.284859896 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.284861088 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.284909010 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.284924030 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.284960985 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.286120892 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.286164045 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.286210060 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.286228895 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.287322044 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.287364960 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.287400961 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.287441015 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.287446022 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.288547993 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.288597107 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.288654089 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.288676977 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.289763927 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.289807081 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.289866924 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.289894104 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.290667057 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.290986061 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.291028023 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.291094065 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.291115999 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.292188883 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.292227030 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.292259932 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.292284012 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.293461084 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.293502092 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.293576956 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.293629885 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.294648886 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.294671059 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.294744015 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.295847893 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.295867920 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.295917988 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.296001911 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.297071934 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.297091007 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.297151089 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.297190905 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.298317909 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.298336029 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.298401117 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.298443079 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.299611092 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.299633026 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.299742937 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.299751043 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.307296038 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.307326078 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.307399988 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.307452917 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.307847023 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.307867050 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.307933092 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.309076071 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.309103012 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.309165955 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.309191942 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.310261965 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.310286045 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.310359955 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.310384035 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.311480999 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.311503887 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.311583042 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.311609983 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.312699080 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.312721968 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.312798023 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.312820911 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.313929081 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.313952923 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.314028025 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.314054966 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.315237999 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.315259933 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.315315962 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.315345049 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.319401026 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:33.327620029 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.327728987 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.328423023 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.328584909 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.328706980 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.329190969 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.340361118 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.366728067 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:33.371126890 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.371510029 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.381057978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.384938955 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.384989023 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.385014057 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.385037899 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.385063887 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.385070086 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.385641098 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.385695934 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.385726929 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.385726929 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.385782957 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.385905027 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.388592005 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.388634920 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.388684034 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.388693094 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.388716936 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.388726950 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.388729095 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.388765097 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.388778925 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.388828039 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.389110088 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.389142036 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.389173031 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.389192104 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.389291048 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.389343023 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.390872955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.390893936 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.391743898 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.392047882 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.393558979 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.397635937 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.403620958 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.405031919 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.405339956 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.405466080 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.405592918 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.405656099 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.433846951 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.433876991 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.433945894 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.433994055 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.435086966 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.435211897 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.435805082 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.435825109 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.435837030 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.435854912 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.435869932 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.435869932 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.435915947 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.435971022 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.436048985 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.436513901 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.436578035 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.436825991 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.437534094 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.440223932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.440248966 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:33.440268040 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.440287113 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.440356970 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.440356016 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.440393925 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.440408945 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:33.444355965 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.447082996 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.447176933 CET	49753	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.447774887 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.447890997 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.447913885 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.447987080 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.447993040 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.448003054 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.448060036 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.448098898 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.448098898 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.448183060 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.457726955 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.458215952 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.458574057 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.461350918 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.466423988 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.479520082 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.479899883 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.489623070 CET	443	49753	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.493606091 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.493643045 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.493666887 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.493690968 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.493715048 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.493756056 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.500502110 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.500869036 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.500916958 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.503818035 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.508913994 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.512732029 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.513493061 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.513823032 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514015913 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514218092 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514255047 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514277935 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514293909 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514311075 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514364004 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514411926 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514522076 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514734030 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514760971 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514785051 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514806986 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.514868975 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514903069 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514908075 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.514983892 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.515011072 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.515065908 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.515100956 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.515141964 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.515201092 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.515621901 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.515819073 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.516001940 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.516287088 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.516298056 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.516304970 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.516379118 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.516546011 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.517749071 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.517777920 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.517800093 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.517822981 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.517849922 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.517913103 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.517920017 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.520104885 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.520204067 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.520689964 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.520834923 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.522641897 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.522670984 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.522689104 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.522711039 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.522780895 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.522799015 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.522815943 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.524466991 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.524954081 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.526729107 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.527177095 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.530414104 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.530810118 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.549786091 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.555598974 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.555618048 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.555692911 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.555907965 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.555977106 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.556829929 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.558753967 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.558907032 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.559092999 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.560518026 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.560538054 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.560554981 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.560570955 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.560584068 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.560616970 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.560647964 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.562719107 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.562797070 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.562997103 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.563009977 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.563070059 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.563105106 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.563215971 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.563277006 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.563322067 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.563410997 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.563407898 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.563455105 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.563725948 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.563746929 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.563788891 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.563819885 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.565793991 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.565821886 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.565897942 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.565912962 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.565915108 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.565965891 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.566555977 CET	49758	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.566629887 CET	49756	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.567290068 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.567306042 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.567326069 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.567351103 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.567387104 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.567975998 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.568003893 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.568042040 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.568068027 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.569534063 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.569612980 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.569618940 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.569678068 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.569785118 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.569837093 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.569983959 CET	49760	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.570132017 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.570154905 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.570193052 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.570224047 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.571000099 CET	49759	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.572278023 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.572305918 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.572356939 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.572377920 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.573754072 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.573837996 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.573920012 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.573966980 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.574156046 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.574223042 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.574409008 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.574430943 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.574472904 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.574489117 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.576543093 CET	49757	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.592216969 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.592327118 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.593296051 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.598295927 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.598345995 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.598395109 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.598417044 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.599159956 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.599226952 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.599293947 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.599344969 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.600496054 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.601409912 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.601469040 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.601471901 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.601528883 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.601768970 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.601871967 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.603565931 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.603606939 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.603662014 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.603683949 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.605638981 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.605680943 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.605716944 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.605739117 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.607923031 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.607979059 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.607995987 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.608026028 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.609894991 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.609934092 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.609976053 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.610032082 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.613624096 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.613665104 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.613770008 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.614800930 CET	443	49758	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.614835024 CET	443	49756	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.614872932 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.614907980 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.614938974 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.614959955 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.616235971 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.616275072 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.616307974 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.616338015 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.617472887 CET	443	49760	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.617552996 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.617741108 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.618273020 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.618352890 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.618434906 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.618462086 CET	443	49759	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.618489027 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.620312929 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.620440006 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.620475054 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.620492935 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.620502949 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.620527983 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.621592045 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.622570038 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.622606039 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.622643948 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.622680902 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.623003006 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.625363111 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.625458956 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.625473022 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.625490904 CET	443	49757	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.625509024 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.626903057 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.626949072 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.627043009 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.627067089 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.628937960 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.628977060 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.629019022 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.629036903 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.631052017 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.631094933 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.631134033 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.631155968 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.633232117 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.633291006 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.633335114 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.633358002 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.635332108 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.635373116 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.635478973 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.635499001 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.635662079 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.637454033 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.637496948 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.637530088 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.637559891 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.640830040 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.640872955 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.640913963 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.640935898 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.641608953 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.641649961 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.641681910 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.641702890 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.643158913 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.643198013 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.643254995 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.643276930 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.644506931 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.644546032 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.644557953 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.644592047 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.645952940 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.645994902 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.646018028 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.646042109 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.647332907 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.647372007 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.647391081 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.647414923 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.648741961 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.648782969 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.648808002 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.648828983 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.649622917 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.649666071 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.649719000 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.649741888 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.650007010 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.650048971 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.650064945 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.650098085 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.651268959 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.651307106 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.651339054 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.651359081 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.652549028 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.652590990 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.652597904 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.652635098 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.653868914 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.653908014 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.653939009 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.653961897 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.655045033 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.655082941 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.655116081 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.655143976 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.656320095 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.656358957 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.656390905 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.656413078 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.657557011 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.657597065 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.657628059 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.657649040 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.658868074 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.658906937 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.658937931 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.658965111 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.660072088 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.660113096 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.660155058 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.660185099 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.660192966 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.660221100 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.660274029 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.660336971 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.661484957 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.661526918 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.661559105 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.661597013 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.662574053 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.662611008 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.662642002 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.662663937 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.663206100 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.663237095 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.663286924 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.663332939 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.663853884 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.663892984 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.663925886 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.663955927 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.665117025 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.665158033 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.665190935 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.665211916 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.665714979 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.666357994 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.666398048 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.666429043 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.666449070 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.667634964 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.667676926 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.667705059 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.667742014 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.668284893 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.668309927 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.668720007 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.668915987 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.668962955 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.668977022 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.669024944 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.670172930 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.670213938 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.670224905 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.670254946 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.671360016 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.671399117 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.671406031 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.671439886 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.671983957 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.672092915 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.672629118 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.672677994 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.672694921 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.672719955 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.673860073 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.673899889 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.673922062 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.673945904 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.675122023 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.675163031 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.675200939 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.675221920 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.676318884 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.676357031 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.676382065 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.676415920 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.677561045 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.677603006 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.677624941 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.677649975 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.678551912 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.678641081 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.678689003 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.678694010 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.678730965 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.679757118 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.679797888 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.679811001 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.679841995 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.680951118 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.680993080 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.681051016 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.681343079 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.681428909 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.681495905 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.681545973 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.682084084 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.682126999 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.682157993 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.682178020 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.682377100 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.683161974 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.683209896 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.683227062 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.683269978 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.683394909 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.684267998 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.684309006 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.684334993 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.684355021 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.685400009 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.685451031 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.685467005 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.685492992 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.686486006 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.686526060 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.686567068 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.686588049 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.687222004 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.687263966 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.687272072 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.687305927 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.687910080 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.687949896 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.687983036 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.688003063 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.688601017 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.688642979 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.688658953 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.688687086 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.688977957 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.689368010 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.689399958 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.689486980 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.689500093 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.689528942 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.690033913 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.690077066 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.690104008 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.690124035 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.690730095 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.690769911 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.690800905 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.690820932 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.691435099 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.691477060 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.691503048 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.691523075 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.692147970 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.692187071 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.692212105 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.692230940 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.692805052 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.692847013 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.692876101 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.692895889 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.693480015 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.693517923 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.693536043 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.693559885 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.694192886 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.694235086 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.694258928 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.694278955 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.694823027 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.694864035 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.694883108 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.694904089 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.695508003 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.695552111 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.695558071 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.695596933 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.696177959 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.696225882 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.696239948 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.696269035 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.696849108 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.696890116 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.696904898 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.696938992 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.697530985 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.697568893 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.697602987 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.697623968 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.698152065 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.698189974 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.698221922 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.698247910 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.698787928 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.698827982 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.698856115 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.698860884 CET	443	49755	172.217.23.1	192.168.2.3
Jan 11, 2021 18:08:33.698869944 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.698904991 CET	49755	443	192.168.2.3	172.217.23.1
Jan 11, 2021 18:08:33.710932970 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.711123943 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.714672089 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.714757919 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.720676899 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.721329927 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.721429110 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.721684933 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.723299980 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.724746943 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.724786043 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.724822044 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.724870920 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.725040913 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.725065947 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.725234985 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.725270987 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.725444078 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.728058100 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.728107929 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.728147984 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.728204966 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.728249073 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.728450060 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.728492975 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.728528976 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.728578091 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.728631973 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.731139898 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.733099937 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.733148098 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.733259916 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.733361959 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.735342979 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.735456944 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.740983963 CET	49764	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.741169930 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.741219997 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.741285086 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.741347075 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.742280006 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.742324114 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.742413044 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.742432117 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.744436026 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.744472980 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.744508982 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.744533062 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.745940924 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.746025085 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.754076004 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.754116058 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.754178047 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.754221916 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.754549026 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.754600048 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.754636049 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.754662037 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.763165951 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.763348103 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.764833927 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.765158892 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.765734911 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.765909910 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.768038034 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.773449898 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.775469065 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:08:33.776438951 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.776482105 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.777421951 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.779081106 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.779221058 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.779542923 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.779890060 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.780034065 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.780200005 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.780256033 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.788235903 CET	443	49764	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.808361053 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.808413029 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.808439970 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.808470964 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.808475971 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.808480978 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.808512926 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.808523893 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.811347961 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.812238932 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.812688112 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.817926884 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:08:33.818892002 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.818970919 CET	49766	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.819166899 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.819256067 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.821496964 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.822406054 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.822444916 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.822545052 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.822576046 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.822585106 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.822617054 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.822681904 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.822691917 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.822726011 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.822770119 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.822824955 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.822971106 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.823038101 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.823156118 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.823683023 CET	49767	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.824421883 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.828310013 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.835557938 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.835603952 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.835633039 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.835644007 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.835700989 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.835707903 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.836460114 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.836500883 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.836529016 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.836605072 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.836657047 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.836666107 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.839101076 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.839134932 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.839164019 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.839190006 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.839257956 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.839299917 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.839744091 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.840615988 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.840991020 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.841202021 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.841484070 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.841527939 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.841557980 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.841614962 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.841684103 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.841691971 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.842494011 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:08:33.845649958 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:08:33.854579926 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.854949951 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.859590054 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.859630108 CET	443	49766	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.871351004 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.871592999 CET	443	49767	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.883474112 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.883528948 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.883656025 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.883730888 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.883850098 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.884283066 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.884362936 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.884496927 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.885152102 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:08:33.888453007 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:08:33.897866964 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.897927999 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.898000002 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.898123980 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.898533106 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.898799896 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.898998022 CET	49769	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.921542883 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.921598911 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.921631098 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.921659946 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.921791077 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.921848059 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.923640966 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.923681974 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.923749924 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.923800945 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.925729990 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.925772905 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.925893068 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.925940037 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.927877903 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.927930117 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.927988052 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.928037882 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.930016041 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.930067062 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.930162907 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.930233955 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.932132959 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.932184935 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.932269096 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.932326078 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.934277058 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.934329033 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.934411049 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.934458017 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.936408043 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.936458111 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.936486959 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.936517954 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.938740969 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.938785076 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.938886881 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.938935041 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.940680027 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.940723896 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.940759897 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.940782070 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.942795038 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.942868948 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.945965052 CET	443	49769	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.964327097 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:33.964445114 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:33.964589119 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:08:34.012806892 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:08:34.063529968 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:34.066561937 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.109121084 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.113823891 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:34.131530046 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.131561995 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.131598949 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.131618023 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.131623030 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.131653070 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.131685972 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.131724119 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.132332087 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.132353067 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.132407904 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.132792950 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.132822990 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.132857084 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.132972956 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.133838892 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.171237946 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:34.171281099 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:08:34.171358109 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:34.171406984 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:08:34.181747913 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.515475035 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.558140039 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.558453083 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.558491945 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.558581114 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.558618069 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.558768034 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.558809042 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.558850050 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.558878899 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.558981895 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.559484005 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.559528112 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.559556007 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.559566975 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.559588909 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.559597969 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.559626102 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.559689999 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.560221910 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.560391903 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.561142921 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.608879089 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.896157026 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.938868999 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.973530054 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.973628998 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.973994970 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.974059105 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:08:34.974078894 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.974131107 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:34.974524975 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:08:35.022954941 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:04.796869993 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.847671032 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.925935030 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.925995111 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.926033020 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.926070929 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.926104069 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.926129103 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.926198959 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.926290035 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.933168888 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.933193922 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.933250904 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.933341980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.933415890 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.934098959 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.934144020 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.934182882 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.934220076 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.934227943 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.934257030 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.934298992 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.934413910 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.934567928 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.934600115 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.934653044 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.934704065 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.935601950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.936295033 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.938452005 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.939812899 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.940637112 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.941472054 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.942154884 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.943340063 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.945713043 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.945753098 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.945791006 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.945828915 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.945864916 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.945902109 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.945955992 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.946101904 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.946182966 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.984178066 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.986486912 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.987261057 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.989430904 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.990401983 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.990920067 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.992332935 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.993743896 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.995497942 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.995630980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.996540070 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.996622086 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.998820066 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.998905897 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.999042034 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.999104977 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:04.999563932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:04.999641895 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.002407074 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.002484083 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.002511024 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.002538919 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.004581928 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.004659891 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.005820036 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.005970955 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.073483944 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.076742887 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.077789068 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.079315901 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.080908060 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.082832098 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.084702969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.086554050 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.088423014 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.090415001 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.092391968 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.093274117 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.094224930 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:05.097665071 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.097855091 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.098706007 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.099601984 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.100600004 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.101583958 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.124145031 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.127216101 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.127973080 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.129614115 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.131129026 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.131450891 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.131567955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.131724119 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.133116961 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.133280993 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.133573055 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.133683920 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.134773970 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.134887934 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.136616945 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:05.136694908 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.140738964 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.141168118 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.141252041 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.141268015 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.141328096 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.142508984 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.142632961 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.143536091 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.145342112 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.145447969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.145935059 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.146024942 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.148262978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.148688078 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.148780107 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.150182962 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.150456905 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.150554895 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.151777029 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.152550936 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.152642965 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.152899027 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:05.152930975 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:05.152967930 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:05.152990103 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:05.153033018 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:05.153080940 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:05.153264999 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:05.153665066 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.153747082 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.156879902 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.156960964 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.157181978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.157288074 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.193712950 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.193768978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.193800926 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.193928003 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.194895029 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.194953918 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.194986105 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.195043087 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.195089102 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.195097923 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.195105076 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.198203087 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.198255062 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.198285103 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.198321104 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.198354959 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.200767994 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:05.426772118 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.481617928 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.486475945 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.545202017 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.577558041 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.577770948 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:05.579780102 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:05.620516062 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:05.622678041 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:05.625097036 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.636884928 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:05.636936903 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:05.636980057 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.637058973 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:05.637094975 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:05.637099028 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:05.637164116 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:05.637343884 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:05.637454033 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:05.639353991 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:05.639467001 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:05.639559984 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:05.639573097 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:05.639679909 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:05.639753103 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:05.639806032 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:05.641256094 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:05.641417027 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:05.642231941 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.642270088 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:05.642329931 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.642383099 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:05.648232937 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.648266077 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.648472071 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.648665905 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.648740053 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.648770094 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.650458097 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.650573969 CET	49763	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.669908047 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.672362089 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:05.686594963 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:05.688621044 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:05.698127031 CET	443	49763	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.712877989 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.715038061 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:05.748043060 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:05.748085022 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:05.748212099 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:05.748224020 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:05.748286963 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:05.750108004 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:05.767851114 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.797626972 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:05.810791969 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.827353954 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.827390909 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.827553034 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.827615023 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.828471899 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.828596115 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.829488993 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.829515934 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.829607010 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.831604958 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.831691027 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.844794989 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.891804934 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.996694088 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.996746063 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.996882915 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.996937990 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.997159004 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.997190952 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:05.997277021 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:05.997571945 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:06.040471077 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:06.462213039 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:06.504897118 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:06.539974928 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:06.540180922 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:06.540246964 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:06.540272951 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:06.540395975 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:06.540895939 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:06.588826895 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:06.743263006 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.793540001 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.869601965 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.869623899 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.869636059 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.869652033 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.869663000 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.869815111 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.869909048 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.878063917 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.878068924 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.878086090 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.878103018 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.878168106 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.878182888 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.878200054 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.878263950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.882069111 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.883757114 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.885441065 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.886075020 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.886132956 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.886152983 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.886168003 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.886173010 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.886207104 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.886239052 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.886657953 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.888449907 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.889209986 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.890460014 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.891630888 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.894186020 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.894215107 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.894241095 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.894268036 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.894293070 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.894325972 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.894373894 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.894664049 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.894788980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.928222895 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.932356119 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.936716080 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.944479942 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.946122885 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.946274042 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.946289062 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.946372032 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.948503971 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.948630095 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.949232101 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.949331045 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.950295925 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.950496912 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.950890064 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.950953960 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.952617884 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.952701092 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.952718019 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.952754974 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:06.953758001 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:06.953833103 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.110394955 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.118911028 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.120143890 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.123526096 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.124627113 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.125747919 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.126775980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.129967928 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.131062984 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.132138014 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.133230925 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.134264946 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.135962963 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.139360905 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.140340090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.141493082 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.143291950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.146548033 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.147830963 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.162305117 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.168375969 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.168451071 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.169102907 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.170553923 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.175097942 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.175920010 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.176028967 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.177254915 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.177473068 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.177545071 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.178273916 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.181169033 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.181864023 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.181952953 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.182137012 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.182210922 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.182775021 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.182866096 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.184427977 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.185589075 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.185659885 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.185736895 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.185797930 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.189220905 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.189335108 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.189632893 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.189708948 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.190579891 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.190671921 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.192312002 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.192406893 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.194794893 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.195064068 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.198075056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.198870897 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.198973894 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.199268103 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.199363947 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.199790955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.199870110 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.199908018 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.199973106 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.202600002 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.202723980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.203557968 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.203664064 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.203948975 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204000950 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204034090 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.204071045 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.204253912 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204293966 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204354048 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.204385042 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.204771996 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204813004 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204849958 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204855919 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.204898119 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.204910040 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.204945087 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.204972029 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.205719948 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.205760002 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.205796003 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.205816984 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.205841064 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.205842018 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.205893993 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.206671000 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.206758022 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.206886053 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.206954956 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.207150936 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.207191944 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.207218885 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.207228899 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.207252979 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.207278013 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.207969904 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.208012104 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.208050966 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.208058119 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.208086014 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.208096981 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.208112001 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.208152056 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.208890915 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.208930016 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.208971977 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.208976030 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.209007025 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.209017992 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.209041119 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.209074974 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.209918976 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.209968090 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.210007906 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.210014105 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.210045099 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.210051060 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.210068941 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.210094929 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.210804939 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.210846901 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.210882902 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.210890055 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.210920095 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.210920095 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.210943937 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.210967064 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.211812973 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.211850882 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.211884975 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.211891890 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.211916924 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.211929083 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.211941004 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.211978912 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.212769032 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.212881088 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.214462996 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:07.261682034 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:07.444633007 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.502235889 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.502386093 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.595057011 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.630237103 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:07.648430109 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:07.651288986 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:07.651398897 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:07.673063993 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:07.689877987 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:07.689903021 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:07.690023899 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:07.690047979 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:07.690125942 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:07.690165043 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:07.690300941 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:07.690347910 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:07.691229105 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:07.696484089 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.696737051 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:07.696974039 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:07.707935095 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:07.707950115 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:07.708038092 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:07.708081961 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:07.708123922 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:07.708167076 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:07.708268881 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:07.708317995 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:07.710191011 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:07.739255905 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.739316940 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:07.744575977 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:07.757348061 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:07.771886110 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.772686005 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:07.772723913 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:07.772777081 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:07.772790909 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:07.772804976 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:07.772850990 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:07.773160934 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:07.812180996 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.812233925 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.812400103 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.813093901 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.813137054 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.813790083 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.815280914 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.815316916 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.816575050 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.816608906 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.820430994 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:07.823807955 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.824084044 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.872853994 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.915829897 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.915882111 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.915985107 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.916009903 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.916035891 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.916093111 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.916254997 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:07.916309118 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.924504042 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:07.967401981 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:08.457784891 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.500300884 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.535856009 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.536009073 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.536103010 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.536176920 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.536185026 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.536216974 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.536672115 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.584739923 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.708303928 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.799169064 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.803106070 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804239035 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804266930 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804292917 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804311037 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.804317951 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804344893 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804410934 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.804512978 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.804685116 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804714918 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804735899 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.804784060 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.804877996 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.811835051 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.813261986 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.819777966 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.819803953 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.820238113 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.820274115 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.820306063 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.820348024 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.820385933 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.820661068 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.820687056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.823817968 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.835550070 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.837323904 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.838447094 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.839596033 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.840596914 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.841412067 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.842469931 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.844201088 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.849284887 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.850073099 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.850498915 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.851248026 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.852019072 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.852813005 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.853579044 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.854301929 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.855062962 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.855830908 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.856585026 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.857423067 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.862042904 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.864574909 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.864587069 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.869429111 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.870671988 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.870731115 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.870781898 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.874392033 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.874517918 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.886159897 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.888551950 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.889491081 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.893852949 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.894377947 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.895313978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.895447969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.896348000 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.896440029 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.897682905 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.897751093 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.897945881 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.898009062 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.899555922 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.899652958 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.899718046 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.899732113 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.899847984 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.900336981 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.900574923 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.901349068 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.902184010 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.902234077 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.903470993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.903631926 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.904500961 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.904815912 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.905195951 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.905298948 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.905462980 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.905540943 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.909286022 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.909368992 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.909830093 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.909890890 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.909933090 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.909986019 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.910110950 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.910171032 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.910217047 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.910281897 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.911953926 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.912094116 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.912178040 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.913800001 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.918548107 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.919693947 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.923995972 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.924880981 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.924995899 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.925086021 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.926444054 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:08.926541090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:08.927901030 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.927952051 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.927994013 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.928021908 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.928214073 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.928257942 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.928293943 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.928319931 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.928365946 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.928910017 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.928950071 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.928991079 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.928997040 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.929018974 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.929651022 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.929693937 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.929729939 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.929732084 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.929766893 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.929778099 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.929852009 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.930562019 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.930646896 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.939419985 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.939462900 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.939502001 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.939563036 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.939605951 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.939894915 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.939938068 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.939974070 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.940000057 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.940011024 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.940036058 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.940069914 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.940871954 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.940911055 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.940943956 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.940948009 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.940968037 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.940984964 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.940995932 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.941808939 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.941844940 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.941881895 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.941924095 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.944533110 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.944597006 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.944634914 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.944674015 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.944708109 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.945099115 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.945138931 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.945174932 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.945200920 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.945235968 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.945837975 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.945878029 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.945915937 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.945941925 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.945954084 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.945986986 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.946013927 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.946809053 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.946846962 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:08.946907997 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.947586060 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:08.995771885 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.367326021 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:09.391122103 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.422724009 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:09.422921896 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:09.433701992 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.466747999 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.466871977 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.467154980 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.467226982 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.467231035 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.467289925 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.467423916 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.514774084 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.598826885 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:09.601645947 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:09.630399942 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.635965109 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:09.641640902 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:09.644361019 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:09.657854080 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:09.657897949 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:09.658003092 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:09.658025026 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:09.658051968 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:09.658076048 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:09.658128977 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:09.658181906 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:09.658340931 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:09.663162947 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:09.663194895 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:09.663290024 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:09.663311005 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:09.663381100 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:09.663422108 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:09.663575888 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:09.663634062 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:09.663865089 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:09.673593998 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.678422928 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:09.705523014 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:09.711352110 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:09.714926958 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:09.715033054 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:09.716685057 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:09.716773033 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:09.716913939 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:09.716985941 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:09.717109919 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:09.726073980 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.764527082 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:09.768820047 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.780889988 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.780936003 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.780977964 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.780999899 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.781960011 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.782001972 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.782042027 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.782064915 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.784101963 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.784214973 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.785140991 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.785226107 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.787096977 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.834729910 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.847240925 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.847276926 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.847414970 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.847594976 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.847631931 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.847647905 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.847697020 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.847745895 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.847946882 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:09.850090027 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.892721891 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.895864010 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:09.925823927 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.925857067 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.925925970 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:09.926001072 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.926048994 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.926326036 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:09.973701000 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.236088037 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.278693914 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.313462019 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.313685894 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.313813925 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.313883066 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.313956022 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.314016104 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.314344883 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.361809969 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.475363970 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.566126108 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614396095 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614427090 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614444971 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614464045 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614480019 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614552021 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.614634991 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.614782095 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614804029 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614828110 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614850998 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614867926 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.614870071 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.614893913 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.614947081 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.622987032 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.625586987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.625632048 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.625648975 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.625715971 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.625741959 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.625807047 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.625987053 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.626065969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.626521111 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.626552105 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.626571894 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.626614094 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.626665115 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.626780987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.626801014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.626849890 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.626898050 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.637037039 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.637226105 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.640650988 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.641479969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.662537098 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.662765980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.662980080 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.663203001 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.663438082 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.663666964 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.663913965 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.664146900 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.664388895 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.664593935 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.664793968 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.664993048 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.665183067 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.665395975 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.665600061 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.665791988 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.666030884 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.666282892 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.666651964 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.667628050 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.673512936 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.681307077 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.681456089 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.687345028 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.687386036 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.691360950 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.691704035 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.691834927 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.691931009 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.692013025 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.696393967 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.696472883 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.698999882 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.699132919 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.708503962 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.713012934 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.713259935 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.713666916 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.714518070 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.715214968 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.715750933 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.715879917 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.716278076 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.716428041 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.716831923 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.717288971 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.717381001 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.717835903 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.717916965 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.718446016 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.718539953 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.718554020 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.718621969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.719367981 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.719446898 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.719800949 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.719873905 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.719993114 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.720074892 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.721245050 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.721316099 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.721318007 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.721379995 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.721636057 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.721710920 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.722731113 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.722814083 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.722999096 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.723062038 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.723071098 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.723136902 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.723315001 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.723376036 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.725011110 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.725116014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.725136042 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.725182056 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.728209972 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.728301048 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.730551004 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.730619907 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.737261057 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.737298965 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.737373114 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.737412930 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.737440109 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.737464905 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.737479925 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.737509966 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.738126040 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.738168955 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.738182068 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.738193035 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.738231897 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.738281012 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.738887072 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.738912106 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.738931894 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.738950968 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.738955021 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.738987923 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.739033937 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.739856958 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.739880085 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.739898920 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.739924908 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.739928961 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.739983082 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.740015984 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.740814924 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.740838051 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.740861893 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.740883112 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.740885019 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.740919113 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.740962029 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.741935968 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.741997957 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.742012024 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.742034912 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.742038012 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.742079973 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.742084026 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.742127895 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.742794037 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.742845058 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.742871046 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.742885113 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.742887974 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.742923021 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.742933035 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.742971897 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.743741989 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.743782997 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.743794918 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.743824005 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.743830919 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.743870020 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.743875980 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.743917942 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.744713068 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.744755983 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.744781017 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.744793892 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.744800091 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.744837046 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.744838953 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.744877100 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.745707035 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.745739937 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:10.745774031 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.745795012 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.746037960 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:10.754992962 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:10.755084038 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:10.793741941 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:12.868007898 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:12.920056105 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:12.921689034 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:12.923026085 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:12.923188925 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:12.948282003 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:12.954188108 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:12.962869883 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:12.964373112 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:12.979727030 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:12.979760885 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:12.979816914 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:12.979842901 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:12.979882956 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:12.979917049 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:12.980024099 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:12.980101109 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:12.980741024 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:12.980896950 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:12.980925083 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:12.980977058 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:12.981005907 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:12.981070042 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:12.981137991 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:12.981190920 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:12.981246948 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:12.981504917 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:12.991158962 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:12.996594906 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:13.028466940 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:13.028502941 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:13.029905081 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:13.030019045 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:13.030040026 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:13.030085087 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:13.030163050 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:13.030236006 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:13.041738987 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:13.090107918 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:13.107475042 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.107523918 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.107547045 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.107577085 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.107691050 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.107736111 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.108726978 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.108769894 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.108855009 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.108906031 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.110100031 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.110198975 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.110388041 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.153139114 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.198021889 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.241120100 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.382316113 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.382363081 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.382488012 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.382488012 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.382519007 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.382525921 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.382563114 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.382591963 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.382783890 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:13.425648928 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:13.687944889 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:13.730866909 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:13.763911963 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:13.764045000 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:13.764507055 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:13.764596939 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:13.764617920 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:13.764681101 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:13.767482996 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:13.815879107 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.290173054 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.332850933 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.368062019 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.368659973 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.368762970 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.368784904 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.368835926 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.373987913 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.421845913 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.449906111 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.542248964 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.550033092 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.550133944 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.551379919 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.601675987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649075985 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649147987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649190903 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.649209023 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.649230957 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649282932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649296999 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.649336100 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649339914 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.649411917 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649451971 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.649475098 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649478912 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.649532080 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.649740934 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649794102 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.649857044 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.657273054 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.658154011 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.658854961 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.659868002 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.660584927 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.661379099 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.662425041 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663237095 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663290977 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663331985 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663336992 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663351059 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663377047 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663389921 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663433075 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663719893 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663769960 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663781881 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663820028 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663821936 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663856030 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.663870096 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.663904905 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.664072990 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.664227009 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.665189981 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.667301893 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.668303967 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.669063091 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.669816017 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.671930075 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.674438953 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.677311897 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.679970026 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.680671930 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.681405067 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.682351112 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.683046103 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.683871031 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.703387022 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.704893112 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.705765009 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.706645012 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.707587004 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.707634926 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.710099936 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.710890055 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.711967945 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.712930918 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.713696957 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.714272022 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.714397907 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.716027975 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.716404915 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.716511011 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.716799021 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.716921091 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.717024088 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.717370033 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.717432976 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.717535019 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.717551947 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.717598915 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.718197107 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.718272924 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.718513966 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.719301939 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.719731092 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.719846964 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.720700026 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.721705914 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.721719027 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.721771955 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.721908092 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.723547935 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.723639011 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.724497080 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.724577904 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.726253986 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.727492094 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.728692055 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.728796005 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.731133938 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.731215954 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.731637001 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.731708050 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.732742071 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.734956026 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.735023975 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.735924959 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.735999107 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.736958981 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.737034082 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.738759041 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.738826036 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.742734909 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.742834091 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.752573967 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.752649069 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.752780914 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.752818108 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.752818108 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.752845049 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.752856016 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.752875090 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.752917051 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.753544092 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.753583908 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.753623009 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.753659964 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.753695965 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.753696918 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.753770113 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.754451990 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.754497051 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.754525900 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.754549980 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.754554033 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.754606009 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.754622936 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.754662991 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.755131960 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.755450010 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.755517006 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.755569935 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.755599976 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.755625010 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.755645990 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.755686998 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.756419897 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.756481886 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.756500959 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.756542921 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.756542921 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.756586075 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.756604910 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.756696939 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.756846905 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.757356882 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.757436991 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.757484913 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.757519960 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.757524967 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.757570982 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.757606983 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.758419991 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.758462906 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.758498907 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.758500099 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.758537054 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.758537054 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.758569956 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.758594990 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.759341002 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.759385109 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.759418964 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.759437084 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.759465933 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.759491920 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.759510040 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.759541988 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.759558916 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.759622097 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.760253906 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.760298014 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.760334969 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.760365963 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.760370016 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.760389090 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.760422945 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.761293888 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:14.761334896 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.761432886 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.761434078 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.762545109 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.763283968 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.763369083 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:14.765748978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.765799046 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:14.765888929 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:14.810811043 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:16.717955112 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:16.721416950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:16.772114038 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:16.779953003 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:16.780060053 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:16.828465939 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:16.828511953 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:16.828541994 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:16.828552008 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:16.828577995 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:16.828599930 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:17.320359945 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:17.322238922 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:17.363087893 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:17.364988089 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:17.380048990 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:17.380089045 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:17.380146027 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:17.380150080 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:17.380192995 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:17.380199909 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:17.380271912 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:17.380323887 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:17.381825924 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:17.381858110 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:17.381877899 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:17.381922007 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:17.381959915 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:17.382141113 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:17.382195950 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:17.392988920 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:17.393105030 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:17.440438986 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:17.440464973 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:17.468385935 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.468617916 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:17.511246920 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:17.511291981 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.546196938 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:17.546240091 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:17.546267033 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:17.546369076 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:17.546406031 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:17.614360094 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.614434958 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.614533901 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.614582062 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.615314007 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.615364075 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.615381956 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.615417004 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.617455959 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.617490053 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.617527962 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.617552996 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.618905067 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.618977070 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.701080084 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:17.704348087 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.747275114 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:17.748532057 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:17.876221895 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:17.919086933 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:18.061295033 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:18.061347961 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:18.061425924 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:18.061486959 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:18.061489105 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:18.061517954 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:18.061537027 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:18.069442987 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:18.112251997 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:20.135505915 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.150332928 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.192953110 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.227176905 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.227861881 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.227941990 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.228220940 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.228251934 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.228318930 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.228338957 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.228863955 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.256872892 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.256966114 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.257004976 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.257055998 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.257081985 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.257101059 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.257112026 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.257136106 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.257282972 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.262343884 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.263103962 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.263890028 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.264187098 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.264230967 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.264272928 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.264278889 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.264305115 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.264326096 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.264326096 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.264373064 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.265579939 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.266308069 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.267143965 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.267993927 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.268819094 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.269854069 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.273062944 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.273113966 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.273155928 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.273183107 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.273202896 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.273241997 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.276772976 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.279448986 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.279576063 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.279907942 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.279952049 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.279978991 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.279985905 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.280009985 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.280034065 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.280103922 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.280147076 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.312716007 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.313261032 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.314143896 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.317015886 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.317456007 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.319578886 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.320362091 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.320486069 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.324949026 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.325094938 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.325186014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.325202942 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.325238943 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.325257063 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.325264931 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.325299025 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.327820063 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.327898026 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.328038931 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.328083038 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.329869032 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.329940081 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.336209059 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.336374044 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.640609026 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.643408060 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.644452095 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.645176888 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.646205902 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.647468090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.648077965 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.649100065 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.650115967 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.650846958 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.651878119 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.653269053 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.654449940 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.656562090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.658710957 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.660008907 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.690901041 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.693629980 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.694586039 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.695261955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.696345091 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.696778059 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.697498083 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.698213100 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.699135065 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.700186014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.700867891 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.700954914 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.701050043 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.701766968 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.701843023 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.702266932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.702341080 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.702905893 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.702982903 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.704444885 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.704524994 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.706275940 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.706362963 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.706461906 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.706516027 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.707266092 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.707336903 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.707783937 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.707851887 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.711419106 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.711842060 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.711916924 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.712033987 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.712096930 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.713090897 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.713179111 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.715398073 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.715511084 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.716707945 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.716801882 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.719902039 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:20.720045090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:20.721086979 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.721122980 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.721164942 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.721211910 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.721307993 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.721328974 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.721345901 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.721368074 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.721415997 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.722043037 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.722062111 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.722078085 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.722093105 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.722100973 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.722150087 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.723028898 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.723052025 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.723071098 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.723090887 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.723090887 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.723140955 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.723974943 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.723997116 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.724015951 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.724030972 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.724040985 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.724067926 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.724102020 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.724973917 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.724997044 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.725017071 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.725033998 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.725035906 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.725069046 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.725119114 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.725912094 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.725935936 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.725950956 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.725971937 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.725994110 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.726032972 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.726895094 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.726916075 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.726936102 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.726954937 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.726957083 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.726979017 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.727014065 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.727850914 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.727873087 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.727890968 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.727910042 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.727910995 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.727936029 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.727982044 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.728847980 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.728871107 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.728889942 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.728904009 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.728910923 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.728931904 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.728970051 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.729830980 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:20.729906082 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.730942965 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:20.778688908 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:21.117429972 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:21.164319992 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:21.165327072 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:21.175522089 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:21.175740957 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:21.191314936 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.194113016 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:21.207340956 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:21.208182096 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:21.222738028 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:21.222793102 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:21.222860098 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:21.222902060 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:21.223443985 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:21.223474979 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:21.223531008 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:21.223577976 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:21.223833084 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:21.223913908 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:21.223922014 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:21.223994017 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:21.224370956 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:21.225462914 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:21.225560904 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:21.225560904 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:21.225624084 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:21.225985050 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:21.234253883 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.236474991 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:21.269692898 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:21.269715071 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:21.269723892 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:21.269792080 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:21.269831896 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:21.270128965 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:21.271271944 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:21.273482084 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:21.317585945 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:21.325956106 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.326015949 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.326124907 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.326143026 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.326920033 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.326961994 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.326998949 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.327029943 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.329082012 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.329113007 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.329159021 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.329185009 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.330583096 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.330657959 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.332309961 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.368699074 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:21.375164032 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.453778028 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:21.453824043 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:21.453849077 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:21.453943014 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:21.453984976 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:21.597524881 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.640588045 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.719007969 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.719031096 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.719134092 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.719161034 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.719172001 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.719213963 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.719368935 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:21.719414949 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.719708920 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:21.762866020 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:22.497014046 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.539539099 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.574516058 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.574706078 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.574955940 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.574989080 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.575047016 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.575081110 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.575514078 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.623733044 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.772181034 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.864109993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.865736961 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.865758896 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.865776062 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.865794897 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.865807056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.865842104 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.865891933 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.866205931 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.866228104 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.866269112 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.866281986 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.866287947 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.866342068 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.866395950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.874808073 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.874828100 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.874842882 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.874865055 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.874881983 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.875017881 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.875322104 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.875339031 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.875372887 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.875401974 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.875428915 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.875452995 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.875482082 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.884031057 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.884864092 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.885987043 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.886941910 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.887582064 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.888406038 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.889180899 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.889962912 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.891715050 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.892339945 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.893157959 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.895519018 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.896805048 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.897645950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.898436069 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.900161028 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.901174068 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.902235985 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.903595924 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.907434940 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.911619902 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.913168907 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.921096087 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.922354937 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.923523903 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.934376955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.935080051 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.936160088 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.937232018 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.937697887 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.938611984 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.939320087 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.940170050 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.940274000 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.940972090 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.941061020 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.941354990 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.941459894 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.941519022 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.941598892 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.941857100 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.942472935 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.943233013 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.943281889 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.943310022 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.943325043 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.943423986 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.944785118 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.944868088 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.945328951 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.945461035 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.945677996 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.946240902 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.946346045 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.947215080 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.947839975 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.949510098 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.949611902 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.950120926 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.950197935 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.951406956 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.952404976 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.952497959 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.952850103 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.952936888 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.953330994 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.953454018 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.954977989 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.955076933 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.955410957 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.955498934 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.955682993 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.955802917 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.955950022 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.957633972 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.957731009 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.959180117 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.959295034 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.965548038 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.965728045 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.967175007 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.967343092 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.971211910 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.971242905 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.971270084 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:22.971401930 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.971434116 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.971729040 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:22.972744942 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.976146936 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.976243973 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.977226973 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.977303982 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:22.977946043 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:22.978038073 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:23.019882917 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:23.511841059 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:23.569488049 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:23.569941044 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:23.639950991 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:23.667278051 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:23.667926073 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:23.699404955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:23.704112053 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:23.704112053 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:23.707274914 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:23.709911108 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:23.710517883 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:23.726027012 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:23.726058960 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:23.726166964 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:23.726253033 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:23.726281881 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:23.726281881 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:23.726332903 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:23.727035046 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:23.727058887 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:23.727174044 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:23.727245092 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:23.727257013 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:23.727446079 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:23.729166985 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:23.729331970 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:23.747036934 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:23.749820948 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:23.776396036 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:23.777379036 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:23.782246113 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:23.782341003 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:23.782383919 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:23.782416105 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:23.782422066 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:23.782507896 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:23.782803059 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:23.830440044 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:23.831795931 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:23.831824064 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:23.831875086 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:23.831921101 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:23.832586050 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:23.832705975 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:23.832773924 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:23.847291946 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:23.890316963 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:24.250785112 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:24.293708086 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:24.328263044 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:24.328620911 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:24.328686953 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:24.328721046 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:24.328805923 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:24.328876972 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:24.329230070 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:24.376912117 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:26.586765051 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.679078102 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.694056988 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.694083929 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.694108009 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.694123983 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.694134951 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.694199085 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.694247007 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.694354057 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.702358961 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.702387094 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.702398062 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.702409983 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.702590942 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.703345060 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.703366995 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.703380108 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.703388929 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.703463078 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.703485012 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.705856085 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.707386971 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.713018894 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.715203047 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.715235949 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.715248108 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.715264082 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.715276957 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.715406895 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.715441942 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.715522051 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.715586901 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.721255064 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.723845005 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.727340937 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.736275911 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.737821102 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.739221096 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.740606070 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.741681099 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.742736101 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.743731022 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.744874954 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.747807980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.752434969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.753711939 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.754853964 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.755949974 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.756093979 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.757189989 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.757455111 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.760797977 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.761748075 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.761845112 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.763217926 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.763259888 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:26.764595032 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.765089989 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.765211105 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.765935898 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.766978979 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.768095016 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.770900965 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.771976948 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.773190975 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.773746967 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.773838043 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.777534962 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.780028105 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.780138969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.780169010 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.780226946 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.781776905 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.781876087 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.788120985 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.790741920 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.792903900 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.793787003 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.793865919 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.795034885 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.797348022 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.797492027 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.798193932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.798270941 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.798865080 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.798927069 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.800159931 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.800240040 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.800266027 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.800321102 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.802371979 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.802458048 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.803312063 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.803395987 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.805738926 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:26.806902885 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.807543039 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.807604074 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.809998989 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.810133934 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.812505960 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.812685013 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.812908888 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.812984943 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.813266993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.813344002 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.814625025 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.815489054 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.816523075 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.817471981 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.817584991 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.821046114 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.821182013 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.821403027 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.821492910 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.821583033 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:26.821614981 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:26.821644068 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:26.821670055 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:26.821698904 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:26.821754932 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:26.822464943 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:26.824069977 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.824192047 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.824806929 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.824875116 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.826565981 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.826642990 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.839942932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:26.840022087 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:26.869721889 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:27.559784889 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:27.618886948 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:27.620415926 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:27.712814093 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:27.715240955 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:27.748893023 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:27.755533934 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:27.757993937 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:27.762267113 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:27.772000074 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:27.772017956 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:27.772221088 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:27.772310972 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:27.772349119 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:27.772460938 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:27.772891998 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:27.773252964 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:27.774777889 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:27.774795055 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:27.774899960 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:27.774935007 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:27.775010109 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:27.775053024 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:27.775079012 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:27.775269032 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:27.791764021 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.804702044 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:27.820533037 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:27.822391033 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:27.837647915 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:27.837750912 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:27.837913036 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:27.837970972 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:27.838076115 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:27.838129997 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:27.855643034 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:27.855722904 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:27.903444052 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:27.905348063 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.905406952 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.905571938 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:27.906471014 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.906506062 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.906552076 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:27.906624079 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:27.908572912 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.908596039 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.908665895 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:27.909960985 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.910033941 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:27.910238981 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:27.910316944 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:27.915765047 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:27.958655119 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:27.969737053 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:28.012541056 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:28.151839018 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:28.151891947 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:28.152057886 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:28.152084112 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:28.152108908 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:28.152159929 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:28.155131102 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:28.197946072 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:28.649931908 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:28.692567110 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:28.727197886 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:28.727456093 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:28.727488995 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:28.727521896 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:28.727813959 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:28.728060961 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:28.775810003 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:28.933207035 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.024097919 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.065668106 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.065697908 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.065710068 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.065928936 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.067586899 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.067622900 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.067631960 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.067827940 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.076756954 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.079090118 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.080384016 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.081794977 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.083115101 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.084789991 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.085854053 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.085880995 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.085894108 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.085905075 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.085916996 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.085998058 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.086056948 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.086214066 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.086289883 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.086309910 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.086323023 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.086365938 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.087740898 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.088144064 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.089864969 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.092087984 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.095447063 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.097152948 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.098205090 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.099164009 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.099812031 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.099841118 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.099854946 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.099931002 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.099962950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.099971056 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.100018978 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.100455999 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.102369070 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.103228092 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.104306936 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.105405092 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.110167980 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.112946987 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.113903046 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.120731115 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.127073050 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.129348993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.130630970 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.131946087 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.132637978 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.132745981 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.133327961 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.134968042 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.136347055 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.137123108 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.137204885 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.137634993 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.137716055 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.138263941 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.139308929 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.139379978 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.141117096 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.141217947 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.141628027 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.141701937 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.143037081 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.143126011 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.143232107 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.143295050 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.143794060 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.143861055 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.147603989 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.149544001 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.151180029 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.151292086 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.151643991 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.151725054 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.153373003 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.153879881 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.153965950 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.154145956 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.154225111 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.154230118 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.154290915 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.155993938 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.156227112 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.156510115 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.156584024 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.157000065 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.157071114 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.158973932 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.159085989 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.161324024 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.161429882 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.164145947 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.164305925 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.167171955 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.167310953 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.169214964 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.169294119 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.177196980 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.177388906 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.186491966 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.186517954 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.186530113 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.186549902 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.186563015 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.186644077 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.186680079 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.187264919 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.187283993 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.187298059 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.187313080 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.187360048 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.187387943 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.188254118 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.188271999 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.188288927 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.188304901 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.188328028 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.188345909 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.189222097 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.189296007 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.189440012 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.189465046 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.189501047 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.189521074 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.189975023 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.189991951 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.190004110 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.190021992 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.190043926 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.190058947 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.190104961 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.190901041 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.190927982 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.190941095 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.190953016 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.190993071 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.191015005 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.191874027 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.191894054 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.191967964 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.201987982 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202012062 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202112913 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.202286959 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202306986 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202363014 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.202404976 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.202795029 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202816963 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202831984 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202848911 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.202871084 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.202915907 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.203766108 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.203788996 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.203804016 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.203819990 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.203850031 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.203893900 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.204652071 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.204725981 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.206161022 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.253807068 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.673144102 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.705952883 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:29.710146904 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:29.734352112 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.734529972 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.748784065 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:29.752273083 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.753046036 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:29.753458023 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:29.764018059 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:29.764044046 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:29.764236927 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:29.764266968 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:29.764322996 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:29.764336109 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:29.764379025 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:29.764420033 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:29.764692068 CET	49765	443	192.168.2.3	172.217.23.2
Jan 11, 2021 18:09:29.768537998 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:29.768558979 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:29.768731117 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:29.768790007 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:29.768917084 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:29.768949032 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:29.769057035 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:29.769402027 CET	49768	443	192.168.2.3	172.217.23.66
Jan 11, 2021 18:09:29.795255899 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.795989037 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:29.812988043 CET	443	49765	172.217.23.2	192.168.2.3
Jan 11, 2021 18:09:29.816389084 CET	443	49768	172.217.23.66	192.168.2.3
Jan 11, 2021 18:09:29.828789949 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:29.828854084 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:29.828864098 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:29.828913927 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:29.828947067 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:29.829015017 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:29.886717081 CET	49770	443	192.168.2.3	172.217.22.194
Jan 11, 2021 18:09:29.891405106 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.891596079 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.891725063 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.899147987 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.910310984 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.915007114 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.915097952 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.915157080 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.915201902 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.915222883 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.916230917 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.916253090 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.916387081 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.916910887 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.918667078 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.918689013 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.918756008 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.918778896 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.919639111 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.919713020 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.919886112 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.929184914 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:29.933928013 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.934469938 CET	443	49770	172.217.22.194	192.168.2.3
Jan 11, 2021 18:09:29.942332029 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.946465969 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.946626902 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.947201014 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.947293997 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.959695101 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.959752083 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.959810972 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.959816933 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.959829092 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.959892035 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.959949017 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.959969044 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.960001945 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.960021019 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.960031986 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.960072041 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.960685968 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.960709095 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.960726023 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.960737944 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.960762024 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.960794926 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.961664915 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.961688042 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.961699963 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.961710930 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.961852074 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.962456942 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.962613106 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.962630987 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.962646008 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.962661982 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.962681055 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.962697983 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.962743998 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.963735104 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.963754892 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.963768959 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.963783979 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.963800907 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.963835001 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.964643002 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.964663029 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.964677095 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.964692116 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.964720964 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.964755058 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.964973927 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.965121984 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:29.965549946 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.965569973 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.965584993 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.965600967 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.965635061 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.965655088 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.966542006 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.966562033 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.966581106 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.966598034 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.966644049 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.966680050 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.967494011 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.967515945 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.967530966 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.967545986 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.967561007 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.967588902 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.968487978 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:29.968564987 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.968833923 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:29.971900940 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:29.971916914 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:29.972069025 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:30.016721010 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:30.063344002 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:30.118576050 CET	443	49747	104.28.25.219	192.168.2.3
Jan 11, 2021 18:09:30.118860006 CET	49747	443	192.168.2.3	104.28.25.219
Jan 11, 2021 18:09:30.127389908 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:30.127409935 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:30.127562046 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:30.127633095 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:30.127758980 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:30.127840042 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:30.127902985 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:30.127973080 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:30.128146887 CET	49754	443	192.168.2.3	172.217.23.34
Jan 11, 2021 18:09:30.170892954 CET	443	49754	172.217.23.34	192.168.2.3
Jan 11, 2021 18:09:30.663074017 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:30.705584049 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:30.740297079 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:30.740427017 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:30.740812063 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:30.740890980 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:30.740919113 CET	443	49751	172.217.20.226	192.168.2.3
Jan 11, 2021 18:09:30.741033077 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:30.741353989 CET	49751	443	192.168.2.3	172.217.20.226
Jan 11, 2021 18:09:30.788760900 CET	443	49751	172.217.20.226	192.168.2.3

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 11, 2021 18:07:15.082787037 CET	63492	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:15.133477926 CET	53	63492	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:17.848589897 CET	60831	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:17.899476051 CET	53	60831	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:18.689126968 CET	60100	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:18.739985943 CET	53	60100	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:19.551877022 CET	53195	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:19.600889921 CET	53	53195	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:20.352287054 CET	50141	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:20.402973890 CET	53	50141	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:21.390645027 CET	53023	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:21.447299957 CET	53	53023	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:22.411628962 CET	49563	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:22.459542036 CET	53	49563	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:23.247694969 CET	51352	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:23.295924902 CET	53	51352	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:24.236397028 CET	59349	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:24.284581900 CET	53	59349	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:25.407299995 CET	57084	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:25.455385923 CET	53	57084	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:26.174740076 CET	58823	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:26.222839117 CET	53	58823	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:28.544013977 CET	57568	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:28.591912031 CET	53	57568	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:30.834924936 CET	50540	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:30.886509895 CET	53	50540	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:32.637150049 CET	54366	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:32.685198069 CET	53	54366	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:37.471669912 CET	53034	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:37.523184061 CET	57762	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:37.531240940 CET	53	53034	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:37.579356909 CET	53	57762	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:38.476430893 CET	53034	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:38.532776117 CET	53	53034	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:38.554502964 CET	57762	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:38.610837936 CET	53	57762	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:39.513818026 CET	53034	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:39.570086002 CET	53	53034	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:39.603315115 CET	57762	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:39.659866095 CET	53	57762	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:41.551980972 CET	53034	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:41.601960897 CET	57762	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:41.610306978 CET	53	53034	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:41.662192106 CET	53	57762	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:45.560746908 CET	53034	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:45.607273102 CET	57762	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:45.609107018 CET	53	53034	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:45.663758993 CET	53	57762	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:47.522798061 CET	55435	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:47.570918083 CET	53	55435	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:47.827960014 CET	50713	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:47.889096975 CET	53	50713	8.8.8.8	192.168.2.3
Jan 11, 2021 18:07:57.834151983 CET	56132	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:07:57.893569946 CET	53	56132	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:04.344733000 CET	58987	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:04.392877102 CET	53	58987	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:05.635572910 CET	56579	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:05.683706045 CET	53	56579	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:16.188895941 CET	60633	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:16.248855114 CET	53	60633	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:17.386396885 CET	61292	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:17.448159933 CET	53	61292	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:19.350106955 CET	63619	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:19.406378984 CET	53	63619	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:28.328044891 CET	64938	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:28.370690107 CET	61946	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:28.385905981 CET	53	64938	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:28.429976940 CET	53	61946	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:29.576900005 CET	64910	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:29.634318113 CET	53	64910	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:30.461541891 CET	52123	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:30.512422085 CET	53	52123	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:30.820807934 CET	56130	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:30.903435946 CET	53	56130	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:31.322091103 CET	56338	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:31.322222948 CET	59420	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:31.378379107 CET	53	56338	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:31.386152029 CET	53	59420	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:33.223202944 CET	63978	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:33.279501915 CET	53	63978	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:33.318430901 CET	62938	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:33.385756016 CET	53	62938	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:33.479324102 CET	55708	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:33.483834982 CET	56803	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:33.534841061 CET	57145	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:33.535969973 CET	53	55708	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:33.544028044 CET	55359	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:33.548053980 CET	53	56803	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:33.598793030 CET	53	57145	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:33.613570929 CET	53	55359	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:33.635623932 CET	58306	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:33.712842941 CET	53	58306	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:34.162838936 CET	64124	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:34.227082968 CET	53	64124	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:50.585608006 CET	63150	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:50.633673906 CET	53	63150	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:58.298696041 CET	53279	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:58.349755049 CET	53	53279	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:59.266722918 CET	56881	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:59.314686060 CET	53	56881	8.8.8.8	192.168.2.3
Jan 11, 2021 18:08:59.315339088 CET	53279	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:08:59.366202116 CET	53	53279	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:00.266427040 CET	56881	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:00.323133945 CET	53	56881	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:00.340462923 CET	53279	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:00.391385078 CET	53	53279	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:00.749717951 CET	53642	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:00.818535089 CET	53	53642	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:01.369740009 CET	56881	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:01.417722940 CET	53	56881	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:02.330012083 CET	53279	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:02.380928993 CET	53	53279	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:03.360776901 CET	56881	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:03.408582926 CET	53	56881	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:06.330986023 CET	53279	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:06.381650925 CET	53	53279	8.8.8.8	192.168.2.3
Jan 11, 2021 18:09:07.362776041 CET	56881	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:09:07.410654068 CET	53	56881	8.8.8.8	192.168.2.3
Jan 11, 2021 18:10:03.609783888 CET	55667	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:10:03.668994904 CET	53	55667	8.8.8.8	192.168.2.3
Jan 11, 2021 18:10:04.197865963 CET	54833	53	192.168.2.3	8.8.8.8
Jan 11, 2021 18:10:04.256731987 CET	53	54833	8.8.8.8	192.168.2.3

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jan 11, 2021 18:08:17.386396885 CET	192.168.2.3	8.8.8.8	0x5cc1	Standard query (0)	umblr.com	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:28.370690107 CET	192.168.2.3	8.8.8.8	0x6ae3	Standard query (0)	t.umblr.com	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:29.576900005 CET	192.168.2.3	8.8.8.8	0xf008	Standard query (0)	t.umblr.com	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:30.461541891 CET	192.168.2.3	8.8.8.8	0xe5f4	Standard query (0)	href.li	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:30.820807934 CET	192.168.2.3	8.8.8.8	0x1be6	Standard query (0)	ykm.de	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.223202944 CET	192.168.2.3	8.8.8.8	0x15c	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.318430901 CET	192.168.2.3	8.8.8.8	0xa103	Standard query (0)	themes.googleusercontent.com	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.534841061 CET	192.168.2.3	8.8.8.8	0x8115	Standard query (0)	adservice.google.co.uk	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.635623932 CET	192.168.2.3	8.8.8.8	0x34ba	Standard query (0)	www.googletagservices.com	A (IP address)	IN (0x0001)
Jan 11, 2021 18:09:00.749717951 CET	192.168.2.3	8.8.8.8	0x3781	Standard query (0)	ykm.de	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jan 11, 2021 18:08:17.448159933 CET	8.8.8.8	192.168.2.3	0x5cc1	No error (0)	umblr.com		74.114.154.17	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:17.448159933 CET	8.8.8.8	192.168.2.3	0x5cc1	No error (0)	umblr.com		74.114.154.21	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:28.429976940 CET	8.8.8.8	192.168.2.3	0x6ae3	No error (0)	t.umblr.com		74.114.154.21	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:28.429976940 CET	8.8.8.8	192.168.2.3	0x6ae3	No error (0)	t.umblr.com		74.114.154.17	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:29.634318113 CET	8.8.8.8	192.168.2.3	0xf008	No error (0)	t.umblr.com		74.114.154.21	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:29.634318113 CET	8.8.8.8	192.168.2.3	0xf008	No error (0)	t.umblr.com		74.114.154.17	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:30.512422085 CET	8.8.8.8	192.168.2.3	0xe5f4	No error (0)	href.li		192.0.78.27	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:30.512422085 CET	8.8.8.8	192.168.2.3	0xe5f4	No error (0)	href.li		192.0.78.26	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:30.903435946 CET	8.8.8.8	192.168.2.3	0x1be6	No error (0)	ykm.de		104.28.25.219	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:30.903435946 CET	8.8.8.8	192.168.2.3	0x1be6	No error (0)	ykm.de		172.67.153.240	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:30.903435946 CET	8.8.8.8	192.168.2.3	0x1be6	No error (0)	ykm.de		104.28.24.219	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:31.386152029 CET	8.8.8.8	192.168.2.3	0xe0fd	No error (0)	pagead46.l.doubleclick.net		172.217.20.226	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.279501915 CET	8.8.8.8	192.168.2.3	0x15c	No error (0)	googleads.g.doubleclick.net	pagead46.l.doubleclick.net		CNAME (Canonical name)	IN (0x0001)
Jan 11, 2021 18:08:33.279501915 CET	8.8.8.8	192.168.2.3	0x15c	No error (0)	pagead46.l.doubleclick.net		172.217.23.34	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.385756016 CET	8.8.8.8	192.168.2.3	0xa103	No error (0)	themes.googleusercontent.com	googlehosted.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)
Jan 11, 2021 18:08:33.385756016 CET	8.8.8.8	192.168.2.3	0xa103	No error (0)	googlehosted.l.googleusercontent.com		172.217.23.1	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.548053980 CET	8.8.8.8	192.168.2.3	0x476a	No error (0)	partnerad.l.doubleclick.net		172.217.23.34	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.598793030 CET	8.8.8.8	192.168.2.3	0x8115	No error (0)	adservice.google.co.uk	pagead46.l.doubleclick.net		CNAME (Canonical name)	IN (0x0001)
Jan 11, 2021 18:08:33.598793030 CET	8.8.8.8	192.168.2.3	0x8115	No error (0)	pagead46.l.doubleclick.net		172.217.23.2	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.613570929 CET	8.8.8.8	192.168.2.3	0x4ca4	No error (0)	pagead46.l.doubleclick.net		172.217.23.66	A (IP address)	IN (0x0001)
Jan 11, 2021 18:08:33.712842941 CET	8.8.8.8	192.168.2.3	0x34ba	No error (0)	www.googletagservices.com	pagead46.l.doubleclick.net		CNAME (Canonical name)	IN (0x0001)
Jan 11, 2021 18:08:33.712842941 CET	8.8.8.8	192.168.2.3	0x34ba	No error (0)	pagead46.l.doubleclick.net		172.217.22.194	A (IP address)	IN (0x0001)
Jan 11, 2021 18:09:00.818535089 CET	8.8.8.8	192.168.2.3	0x3781	No error (0)	ykm.de		172.67.153.240	A (IP address)	IN (0x0001)
Jan 11, 2021 18:09:00.818535089 CET	8.8.8.8	192.168.2.3	0x3781	No error (0)	ykm.de		104.28.24.219	A (IP address)	IN (0x0001)
Jan 11, 2021 18:09:00.818535089 CET	8.8.8.8	192.168.2.3	0x3781	No error (0)	ykm.de		104.28.25.219	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jan 11, 2021 18:08:29.962896109 CET	74.114.154.21	443	192.168.2.3	49744	CN=umblr.com CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US	CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Mon Nov 30 14:00:38 CET 2020 Thu Mar 17 17:40:46 CET 2016	Sun Feb 28 14:00:38 CET 2021 Wed Mar 17 17:40:46 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:29.962896109 CET	74.114.154.21	443	192.168.2.3	49744	CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Thu Mar 17 17:40:46 CET 2016	Wed Mar 17 17:40:46 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:29.967052937 CET	74.114.154.21	443	192.168.2.3	49743	CN=umblr.com CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US	CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Mon Nov 30 14:00:38 CET 2020 Thu Mar 17 17:40:46 CET 2016	Sun Feb 28 14:00:38 CET 2021 Wed Mar 17 17:40:46 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:29.967052937 CET	74.114.154.21	443	192.168.2.3	49743	CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Thu Mar 17 17:40:46 CET 2016	Wed Mar 17 17:40:46 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:30.602766991 CET	192.0.78.27	443	192.168.2.3	49746	CN=tls.automattic.com CN=R3, O=Let's Encrypt, C=US	CN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Sun Dec 13 22:13:03 CET 2020 Wed Oct 07 21:21:40 CEST 2020	Sat Mar 13 22:13:03 CET 2021 Wed Sep 29 21:21:40 CEST 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:30.602766991 CET	192.0.78.27	443	192.168.2.3	49746	CN=R3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Oct 07 21:21:40 CEST 2020	Wed Sep 29 21:21:40 CEST 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:30.604095936 CET	192.0.78.27	443	192.168.2.3	49745	CN=tls.automattic.com CN=R3, O=Let's Encrypt, C=US	CN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Sun Dec 13 22:13:03 CET 2020 Wed Oct 07 21:21:40 CEST 2020	Sat Mar 13 22:13:03 CET 2021 Wed Sep 29 21:21:40 CEST 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:30.604095936 CET	192.0.78.27	443	192.168.2.3	49745	CN=R3, O=Let's Encrypt, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Oct 07 21:21:40 CEST 2020	Wed Sep 29 21:21:40 CEST 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.019426107 CET	104.28.25.219	443	192.168.2.3	49747	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Thu Jul 09 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Fri Jul 09 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.019426107 CET	104.28.25.219	443	192.168.2.3	49747	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.022233963 CET	104.28.25.219	443	192.168.2.3	49748	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Thu Jul 09 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Fri Jul 09 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.022233963 CET	104.28.25.219	443	192.168.2.3	49748	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.495069981 CET	172.217.20.226	443	192.168.2.3	49751	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:47 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:46 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.495069981 CET	172.217.20.226	443	192.168.2.3	49751	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.496062040 CET	172.217.20.226	443	192.168.2.3	49752	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:47 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:46 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:31.496062040 CET	172.217.20.226	443	192.168.2.3	49752	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.384989023 CET	172.217.23.34	443	192.168.2.3	49754	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:47 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:46 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.384989023 CET	172.217.23.34	443	192.168.2.3	49754	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.385695934 CET	172.217.23.34	443	192.168.2.3	49753	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:47 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:46 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.385695934 CET	172.217.23.34	443	192.168.2.3	49753	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.493690968 CET	172.217.23.1	443	192.168.2.3	49755	CN=*.googleusercontent.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:47:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:47:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.493690968 CET	172.217.23.1	443	192.168.2.3	49755	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.514311075 CET	172.217.23.1	443	192.168.2.3	49757	CN=*.googleusercontent.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:47:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:47:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.514311075 CET	172.217.23.1	443	192.168.2.3	49757	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.514806986 CET	172.217.23.1	443	192.168.2.3	49758	CN=*.googleusercontent.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:47:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:47:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.514806986 CET	172.217.23.1	443	192.168.2.3	49758	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.516001940 CET	172.217.23.1	443	192.168.2.3	49756	CN=*.googleusercontent.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:47:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:47:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.516001940 CET	172.217.23.1	443	192.168.2.3	49756	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.517822981 CET	172.217.23.1	443	192.168.2.3	49760	CN=*.googleusercontent.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:47:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:47:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.517822981 CET	172.217.23.1	443	192.168.2.3	49760	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.522711039 CET	172.217.23.1	443	192.168.2.3	49759	CN=*.googleusercontent.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:47:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:47:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.522711039 CET	172.217.23.1	443	192.168.2.3	49759	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.649666071 CET	172.217.23.34	443	192.168.2.3	49763	CN=*.googleadservices.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:46:48 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:46:47 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.649666071 CET	172.217.23.34	443	192.168.2.3	49763	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.681428909 CET	172.217.23.34	443	192.168.2.3	49764	CN=*.googleadservices.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:46:48 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:46:47 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.681428909 CET	172.217.23.34	443	192.168.2.3	49764	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.724786043 CET	172.217.23.2	443	192.168.2.3	49766	CN=*.google.co.uk, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:51:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:51:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.724786043 CET	172.217.23.2	443	192.168.2.3	49766	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.725270987 CET	172.217.23.2	443	192.168.2.3	49765	CN=*.google.co.uk, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:51:09 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:51:08 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.725270987 CET	172.217.23.2	443	192.168.2.3	49765	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.728147984 CET	172.217.23.66	443	192.168.2.3	49768	CN=*.google.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:53 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:52 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.728147984 CET	172.217.23.66	443	192.168.2.3	49768	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.728528976 CET	172.217.23.66	443	192.168.2.3	49767	CN=*.google.com, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:53 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:52 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.728528976 CET	172.217.23.66	443	192.168.2.3	49767	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.835603952 CET	172.217.22.194	443	192.168.2.3	49769	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:47 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:46 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.835603952 CET	172.217.22.194	443	192.168.2.3	49769	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.836500883 CET	172.217.22.194	443	192.168.2.3	49770	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Dec 15 15:42:47 CET 2020 Thu Jun 15 02:00:42 CEST 2017	Tue Mar 09 15:42:46 CET 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jan 11, 2021 18:08:33.836500883 CET	172.217.22.194	443	192.168.2.3	49770	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: AcroRd32.exe PID: 5948 Parent PID: 5544

General

Start time:	18:07:20
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Information-Account-Prime-Disable-Service.pdf'
Imagebase:	0x3a0000
File size:	2571312 bytes
MD5 hash:	B969CF0C7B2C443A99034881E8C8740A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: AcroRd32.exe PID: 5956 Parent PID: 5948

General

Start time:	18:07:21
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Information-Account-Prime-Disable-Service.pdf'
Imagebase:	0x3a0000
File size:	2571312 bytes
MD5 hash:	B969CF0C7B2C443A99034881E8C8740A
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 5060 Parent PID: 5948

General

Start time:	18:07:27
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
Imagebase:	0xe50000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6344 Parent PID: 5060

General

Start time:	18:07:30
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13817734648253318396 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13817734648253318396 --renderer-client-id=2 --mojo-platform-channel-handle=1720 --allow-no-sandbox-job /prefetch:1
Imagebase:	0xe50000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6372 Parent PID: 5060

General

Start time:	18:07:31
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=11890072385820109879 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Imagebase:	0xe50000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6424 Parent PID: 5060

General

Start time:	18:07:33
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=1881667437359436119 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1881667437359436119 --renderer-client-id=4 --mojo-platform-channel-handle=1860 --allow-no-sandbox-job /prefetch:1
Imagebase:	0xe50000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6560 Parent PID: 5060

General

Start time:	18:07:37
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=5458918827524385669 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5458918827524385669 --renderer-client-id=5 --mojo-platform-channel-handle=1864 --allow-no-sandbox-job /prefetch:1
Imagebase:	0xe50000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6676 Parent PID: 5060

General

Start time:	18:07:39
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1676,6902283869037015468,17832798338356840690,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13143280483817159406 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13143280483817159406 --renderer-client-id=6 --mojo-platform-channel-handle=2140 --allow-no-sandbox-job /prefetch:1
Imagebase:	0xe50000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: iexplore.exe PID: 4736 Parent PID: 5948

General

Start time:	18:08:27
Start date:	11/01/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' https://t.umblr.com/redirect?z=https%3A%2F%2Fykm.de%2F65f0a4768a364c17&t=MDZmNTEyZmUxYzY5ZjJkNjc3MDI5MTI0MjhiODVlNzBhYTAzZWMzZCwwY2IyNWEwNWYyMzA5MGNlNzYxMzg5ZTFhMTcwMTA4Y2U5NmEwYzZl&ts=1610149120
Imagebase:	0x7ff702c60000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: iexplore.exe PID: 1048 Parent PID: 4736

General

Start time:	18:08:27
Start date:	11/01/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4736 CREDAT:17410 /prefetch:2
Imagebase:	0x1b0000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Disassembly

Code Analysis

Reset < >

Analysis Process: AcroRd32.exe PID: 5956 Parent PID: 5948 AcroRd32.exeCOMMON

Execution Graph

Execution Coverage:	13.2%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	100%
Total number of Nodes:	1
Total number of Limit Nodes:	0

Callgraph

Executed
Not Executed
Opacity -> Relevance
Disassembly available

Executed Functions

Function 0503F003, Relevance: 1.5, APIs: 1, Instructions: 10
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F01A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 7c8cf664ccd47bb813473da6fd3ad5726a5ea098fbad13ff0b817d9726a1ca73
Instruction ID: 46e6717796ff8fc3c4ae4a4b4d424918a61b2be7d6cea5bcb186dc41157674e7
Opcode Fuzzy Hash: 7c8cf664ccd47bb813473da6fd3ad5726a5ea098fbad13ff0b817d9726a1ca73
Instruction Fuzzy Hash: 6DC0026518E7D15EC30353310C7A9A23F640E9310275F81DBD080CB0ABC90809699372

Uniqueness

Uniqueness Score: -1.00%

Function 0503F790, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F79A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: ca610c29548365b14193f4b3733efc108bc5fba3ea4f85a3fdda65596795f4ca
Instruction ID: 24c222a81b5e1cdc8929526d861eb7b7469039e69b5b0c81c8aede3c95c81b83
Opcode Fuzzy Hash: ca610c29548365b14193f4b3733efc108bc5fba3ea4f85a3fdda65596795f4ca
Instruction Fuzzy Hash: 1F9002B138100413D540B15A541D6064109A7E1341FA9D011E0508554CDD55887662A2

Uniqueness

Uniqueness Score: -1.00%

Function 0503F490, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F49A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 27f39f725fbc4ddf4ed6edbdbaf2fb901154df17dbddf5cfe2b0171797882fc8
Instruction ID: ed9f01ea0f7c23bd89b61a385316db703e49615f704c05367ebdf9426b085d9c
Opcode Fuzzy Hash: 27f39f725fbc4ddf4ed6edbdbaf2fb901154df17dbddf5cfe2b0171797882fc8
Instruction Fuzzy Hash: 409002B138100812D500A19A4409706010957D0241FA9C412E0618558DCE95887175B1

Uniqueness

Uniqueness Score: -1.00%

Function 0503F310, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F31A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 94fe9238a1e4ce733e42958529fbd4d5e349bfa2a5c7ed018426c4686885a88d
Instruction ID: 9447b12b62010385d9d3105b563272ad9021b1b32defda6667d104bdddd03be6
Opcode Fuzzy Hash: 94fe9238a1e4ce733e42958529fbd4d5e349bfa2a5c7ed018426c4686885a88d
Instruction Fuzzy Hash: 079002F13C100852D500A15A4419B06010997E1341FA9C015E1158554DCE59CC7271A6

Uniqueness

Uniqueness Score: -1.00%

Function 0503F110, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F11A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 974553679e260ee94105ede55221de7ebabb8bf32f6d2476e9886545627095af
Instruction ID: e9e25a79da4b49eba1e8d7fe18c27522da9b3995b9a6b5d6e8808763a65d6502
Opcode Fuzzy Hash: 974553679e260ee94105ede55221de7ebabb8bf32f6d2476e9886545627095af
Instruction Fuzzy Hash: 699002B138504852D500A55A540DA06010957D0245FA9D011A1158595DCE758871B1B1

Uniqueness

Uniqueness Score: -1.00%

Function 0503F750, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F75A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 29a4828123023646854a7bbbcb48b4819c91ec2835c90ceab7cf9a40c6c5dfcf
Instruction ID: afc34d6a9a137a3c542639b049d78ead32c0aee77a63480a3447406eeacafe08
Opcode Fuzzy Hash: 29a4828123023646854a7bbbcb48b4819c91ec2835c90ceab7cf9a40c6c5dfcf
Instruction Fuzzy Hash: F89002B939300412D580B15A540D60A010957D1242FE9D415A0109558CCD55887963A1

Uniqueness

Uniqueness Score: -1.00%

Function 0503F350, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F35A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 8d89eae79bf23fd2470a217f38d913a545bfe8558363e65addd2e62fded9dca4
Instruction ID: 5ea3d84543781284fe2818d238d8025bab4dbd911074f17dbebd2ae9ea90420b
Opcode Fuzzy Hash: 8d89eae79bf23fd2470a217f38d913a545bfe8558363e65addd2e62fded9dca4
Instruction Fuzzy Hash: 1C9002F138504492D511A25A4409F0A420D57E0285FE9C016A0148594CCD658972E1A1

Uniqueness

Uniqueness Score: -1.00%

Function 0503F050, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F05A

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 4c84151277232184f4ece1caff9d03736cb5b2ac7b5af92573ec6003a39c157d
Instruction ID: c167b7542daf6858573f5189dc2cfda649c436be1ab1a95d524171969364458c
Opcode Fuzzy Hash: 4c84151277232184f4ece1caff9d03736cb5b2ac7b5af92573ec6003a39c157d
Instruction Fuzzy Hash: 5B9002B178500812D541B15A4459706011D57D0281FE9C012A0118554DCE958B76B6E1

Uniqueness

Uniqueness Score: -1.00%

Function 0503F1D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F1DA

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 7e47dad86479da47a279e07b6665d510168b853dcf6ee2752cb09e064007092b
Instruction ID: f712c09118f7ab06895c2f92f54f831258102bbc0871f5471167a53f10353a1b
Opcode Fuzzy Hash: 7e47dad86479da47a279e07b6665d510168b853dcf6ee2752cb09e064007092b
Instruction Fuzzy Hash: 4C9002B138100C52D500A15A4409B46010957E0341FA9C016A0218654DCE55C87175A1

Uniqueness

Uniqueness Score: -1.00%

Function 0503F2D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F2DA

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: b2a3f88fabd24f7c8c3c2fafaa86054f15987965036c94671819ae633b8cb8be
Instruction ID: 595b96017b642c6488b1f85f8e50c5a5e77438745a2681b1e6536427cda0bd29
Opcode Fuzzy Hash: b2a3f88fabd24f7c8c3c2fafaa86054f15987965036c94671819ae633b8cb8be
Instruction Fuzzy Hash: 0D9002B139114812D510A15A8409706010957D1241FA9C411A0918558DCED588B171A2

Uniqueness

Uniqueness Score: -1.00%

Function 0503F6D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0503F6DA

Memory Dump Source

Source File: 00000001.00000002.374328997.000000000503F000.00000020.00000001.sdmp, Offset: 0503F000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_503f000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: dfe2004c431489e9de8f4bf325dee0477a038e150051f59701c81b6116e10e0f
Instruction ID: 410af6811aa0a808a77b91965b216cec03cf9dd7cdf36a1e6e8a0aa3957d8b51
Opcode Fuzzy Hash: dfe2004c431489e9de8f4bf325dee0477a038e150051f59701c81b6116e10e0f
Instruction Fuzzy Hash: 499002B138100812D500A59A540D646010957E0341FA9D011A5118555ECEA588B171B1

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Description:	Adversaries may send spearphishing emails with a malicious link in an attempt to elicit sensitive information and/or gain access to victim systems. Spearphishing with a link is a specific variant of spearphishing. It is different from other forms of spearphishing in that it employs the use of links to download malware contained in email, instead of attaching malicious files to the email itself, to avoid defenses that may inspect email attachments.
Tactics:	Initial Access
Data Sources:	DNS records, Detonation chamber, Email gateway, Mail server, Packet capture, SSL/TLS inspection, Web proxy
Platforms:	Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Network device logs, Network intrusion detection system, Packet capture, Process use of network, SSL/TLS inspection, Web proxy
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report Information-Account-Prime-Disable-Service.pdf

Overview

General Information

Detection

Signatures

Classification

Analysis Advice

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Anti Debugging:

HIPS / PFW / Operating System Protection Evasion:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Static PDF Info

General

Keywords Statistics

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

CPU Usage

Memory Usage

High Level Behavior Distribution

back

Behavior

System Behavior

Analysis Process: AcroRd32.exe PID: 5948 Parent PID: 5544

General

Analysis Process: AcroRd32.exe PID: 5956 Parent PID: 5948

General

Function 0503F003, Relevance: 1.5, APIs: 1, Instructions: 10
libraryCOMMON

Function 0503F790, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F490, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F310, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F110, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F750, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F350, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F050, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F1D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F2D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 0503F6D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON