Play interactive tour

Edit tour

Analysis Report https://securepay.mysellful.com/

Overview

General Information

Sample URL:	https://securepay.mysellful.com/
Analysis ID:	383544
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Yara detected HtmlPhish6

Phishing site detected (based on image similarity)

Phishing site detected (based on logo template match)

HTML body contains low number of good links

HTML title does not match URL

Classification

Startup

System is w10x64

iexplore.exe (PID: 4460 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 2160 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

iexplore.exe (PID: 5576 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:82952 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

Source	Rule	Description	Author	Strings
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[1].htm	JoeSecurity_HtmlPhish_6	Yara detected HtmlPhish_6	Joe Security
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[2].htm	JoeSecurity_HtmlPhish_6	Yara detected HtmlPhish_6	Joe Security

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus detection for URL or domain

Show sources

Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish6

Show sources

Source: Yara match	File source: 849224.0.links.csv, type: HTML
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[1].htm, type: DROPPED
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[2].htm, type: DROPPED

Phishing site detected (based on image similarity)

Show sources

Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/files/logo.png

Matcher: Found strong image similarity, brand: Microsoft

Jump to dropped file

Phishing site detected (based on logo template match)

Show sources

Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f

Matcher: Template: microsoft matched

Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: Number of links: 0
Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: Number of links: 0

Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: Title: Validation does not match URL
Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: Title: Validation does not match URL

Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: No <meta name="author".. found
Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: No <meta name="author".. found

Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: No <meta name="copyright".. found
Source: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 104.26.11.161:443 -> 192.168.2.7:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.11.161:443 -> 192.168.2.7:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.12.213:443 -> 192.168.2.7:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.12.213:443 -> 192.168.2.7:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.143.156:443 -> 192.168.2.7:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.143.156:443 -> 192.168.2.7:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49764 version: TLS 1.2

Source: MC8R5KA7.htm.2.dr	String found in binary or memory: }, false);</script><script data-no-minify="1" async src="https://cdn1.sellful.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js"></script><script>function lazyLoadThumb(e){var t='<img data-lazy-src="https://i.ytimg.com/vi/ID/hqdefault.jpg" alt="" width="480" height="360"><noscript><img src="https://i.ytimg.com/vi/ID/hqdefault.jpg" alt="" width="480" height="360"></noscript>',a='<div class="play"></div>';return t.replace("ID",e)+a}function lazyLoadYoutubeIframe(){var e=document.createElement("iframe"),t="https://www.youtube.com/embed/ID?autoplay=1";t+=0===this.dataset.query.length?'':'&'+this.dataset.query;e.setAttribute("src",t.replace("ID",this.dataset.id)),e.setAttribute("frameborder","0"),e.setAttribute("allowfullscreen","1"),this.parentNode.replaceChild(e,this)}document.addEventListener("DOMContentLoaded",function(){var e,t,a=document.getElementsByClassName("rll-youtube-player");for(t=0;t<a.length;t++)e=document.createElement("div"),e.setAttribute("data-id",a[t].dataset.id),e.setAttribute("data-query", a[t].dataset.query),e.innerHTML=lazyLoadThumb(a[t].dataset.id),e.onclick=lazyLoadYoutubeIframe,a[t].appendChild(e)});</script> <script type="text/javascript">(function(){window['__CF$cv$params']={r:'63c5f7eb3d62592e',m:'5b2b182e265696655316fdd90396806cce8eecfd-1617826951-1800-AZTTThY0OvsmqZbFn10kKm/SkiRlAWoExDliPZdSvYYJe+RAfXkZV/8t72nIORSxB6qPJcyls8cfd3sOcJV2F/ki+ywiM82Gjn/1Rjp/X4+NGk2KlzMG2DKfdWauiYxwFA==',s:[0xfd130a1f11,0x47f720f7b6],}})();</script></body></html> equals www.youtube.com (Youtube)
Source: share-link.min-3.1.1[1].js.2.dr	String found in binary or memory: (function(a){window.ShareLink=function(b,c){var d,e={},f=function(a){var b=a.substr(0,e.classPrefixLength);return b===e.classPrefix?a.substr(e.classPrefixLength):null},g=function(a){d.on("click",function(){h(a)})},h=function(a){var b="";if(e.width&&e.height){var c=screen.width/2-e.width/2,d=screen.height/2-e.height/2;b="toolbar=0,status=0,width="+e.width+",height="+e.height+",top="+d+",left="+c}var f=ShareLink.getNetworkLink(a,e),g=/^https?:\/\//.test(f),h=g?"":"_self";open(f,h,b)},i=function(){a.each(b.classList,function(){var a=f(this);if(a)return g(a),!1})},j=function(){a.extend(e,ShareLink.defaultSettings,c),["title","text"].forEach(function(a){e[a]=e[a].replace("#","")}),e.classPrefixLength=e.classPrefix.length},k=function(){d=a(b)};(function(){j(),k(),i()})()},ShareLink.networkTemplates={twitter:"https://twitter.com/intent/tweet?text={text}\x20{url}",pinterest:"https://www.pinterest.com/pin/create/button/?url={url}&media={image}",facebook:"https://www.facebook.com/sharer.php?u={url}",vk:"https://vkontakte.ru/share.php?url={url}&title={title}&description={text}&image={image}",linkedin:"https://www.linkedin.com/shareArticle?mini=true&url={url}&title={title}&summary={text}&source={url}",odnoklassniki:"https://connect.ok.ru/offer?url={url}&title={title}&imageUrl={image}",tumblr:"https://tumblr.com/share/link?url={url}",google:"https://plus.google.com/share?url={url}",digg:"https://digg.com/submit?url={url}",reddit:"https://reddit.com/submit?url={url}&title={title}",stumbleupon:"https://www.stumbleupon.com/submit?url={url}",pocket:"https://getpocket.com/edit?url={url}",whatsapp:"https://api.whatsapp.com/send?text={title}\n{text}\n{url}",xing:"https://www.xing.com/app/user?op=share&url={url}",print:"javascript:print()",email:"mailto:?subject={title}&body={text}\n{url}",telegram:"https://telegram.me/share/url?url={url}&text={text}",skype:"https://web.skype.com/share?url={url}"},ShareLink.defaultSettings={title:"",text:"",image:"",url:location.href,classPrefix:"s_",width:640,height:480},ShareLink.getNetworkLink=function(a,b){var c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,c){return b[c]\|\|""});if("email"===a){if(-1<b.title.indexOf("&")\|\|-1<b.text.indexOf("&")){var d={text:b.text.replace(/&/g,"%26"),title:b.title.replace(/&/g,"%26"),url:b.url};c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,b){return d[b]})}return c.indexOf("?subject=&body")&&(c=c.replace("subject=&","")),c}return c},a.fn.shareLink=function(b){return this.each(function(){a(this).data("shareLink",new ShareLink(this,b))})}})(jQuery); equals www.facebook.com (Facebook)
Source: share-link.min-3.1.1[1].js.2.dr	String found in binary or memory: (function(a){window.ShareLink=function(b,c){var d,e={},f=function(a){var b=a.substr(0,e.classPrefixLength);return b===e.classPrefix?a.substr(e.classPrefixLength):null},g=function(a){d.on("click",function(){h(a)})},h=function(a){var b="";if(e.width&&e.height){var c=screen.width/2-e.width/2,d=screen.height/2-e.height/2;b="toolbar=0,status=0,width="+e.width+",height="+e.height+",top="+d+",left="+c}var f=ShareLink.getNetworkLink(a,e),g=/^https?:\/\//.test(f),h=g?"":"_self";open(f,h,b)},i=function(){a.each(b.classList,function(){var a=f(this);if(a)return g(a),!1})},j=function(){a.extend(e,ShareLink.defaultSettings,c),["title","text"].forEach(function(a){e[a]=e[a].replace("#","")}),e.classPrefixLength=e.classPrefix.length},k=function(){d=a(b)};(function(){j(),k(),i()})()},ShareLink.networkTemplates={twitter:"https://twitter.com/intent/tweet?text={text}\x20{url}",pinterest:"https://www.pinterest.com/pin/create/button/?url={url}&media={image}",facebook:"https://www.facebook.com/sharer.php?u={url}",vk:"https://vkontakte.ru/share.php?url={url}&title={title}&description={text}&image={image}",linkedin:"https://www.linkedin.com/shareArticle?mini=true&url={url}&title={title}&summary={text}&source={url}",odnoklassniki:"https://connect.ok.ru/offer?url={url}&title={title}&imageUrl={image}",tumblr:"https://tumblr.com/share/link?url={url}",google:"https://plus.google.com/share?url={url}",digg:"https://digg.com/submit?url={url}",reddit:"https://reddit.com/submit?url={url}&title={title}",stumbleupon:"https://www.stumbleupon.com/submit?url={url}",pocket:"https://getpocket.com/edit?url={url}",whatsapp:"https://api.whatsapp.com/send?text={title}\n{text}\n{url}",xing:"https://www.xing.com/app/user?op=share&url={url}",print:"javascript:print()",email:"mailto:?subject={title}&body={text}\n{url}",telegram:"https://telegram.me/share/url?url={url}&text={text}",skype:"https://web.skype.com/share?url={url}"},ShareLink.defaultSettings={title:"",text:"",image:"",url:location.href,classPrefix:"s_",width:640,height:480},ShareLink.getNetworkLink=function(a,b){var c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,c){return b[c]\|\|""});if("email"===a){if(-1<b.title.indexOf("&")\|\|-1<b.text.indexOf("&")){var d={text:b.text.replace(/&/g,"%26"),title:b.title.replace(/&/g,"%26"),url:b.url};c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,b){return d[b]})}return c.indexOf("?subject=&body")&&(c=c.replace("subject=&","")),c}return c},a.fn.shareLink=function(b){return this.each(function(){a(this).data("shareLink",new ShareLink(this,b))})}})(jQuery); equals www.linkedin.com (Linkedin)
Source: share-link.min-3.1.1[1].js.2.dr	String found in binary or memory: (function(a){window.ShareLink=function(b,c){var d,e={},f=function(a){var b=a.substr(0,e.classPrefixLength);return b===e.classPrefix?a.substr(e.classPrefixLength):null},g=function(a){d.on("click",function(){h(a)})},h=function(a){var b="";if(e.width&&e.height){var c=screen.width/2-e.width/2,d=screen.height/2-e.height/2;b="toolbar=0,status=0,width="+e.width+",height="+e.height+",top="+d+",left="+c}var f=ShareLink.getNetworkLink(a,e),g=/^https?:\/\//.test(f),h=g?"":"_self";open(f,h,b)},i=function(){a.each(b.classList,function(){var a=f(this);if(a)return g(a),!1})},j=function(){a.extend(e,ShareLink.defaultSettings,c),["title","text"].forEach(function(a){e[a]=e[a].replace("#","")}),e.classPrefixLength=e.classPrefix.length},k=function(){d=a(b)};(function(){j(),k(),i()})()},ShareLink.networkTemplates={twitter:"https://twitter.com/intent/tweet?text={text}\x20{url}",pinterest:"https://www.pinterest.com/pin/create/button/?url={url}&media={image}",facebook:"https://www.facebook.com/sharer.php?u={url}",vk:"https://vkontakte.ru/share.php?url={url}&title={title}&description={text}&image={image}",linkedin:"https://www.linkedin.com/shareArticle?mini=true&url={url}&title={title}&summary={text}&source={url}",odnoklassniki:"https://connect.ok.ru/offer?url={url}&title={title}&imageUrl={image}",tumblr:"https://tumblr.com/share/link?url={url}",google:"https://plus.google.com/share?url={url}",digg:"https://digg.com/submit?url={url}",reddit:"https://reddit.com/submit?url={url}&title={title}",stumbleupon:"https://www.stumbleupon.com/submit?url={url}",pocket:"https://getpocket.com/edit?url={url}",whatsapp:"https://api.whatsapp.com/send?text={title}\n{text}\n{url}",xing:"https://www.xing.com/app/user?op=share&url={url}",print:"javascript:print()",email:"mailto:?subject={title}&body={text}\n{url}",telegram:"https://telegram.me/share/url?url={url}&text={text}",skype:"https://web.skype.com/share?url={url}"},ShareLink.defaultSettings={title:"",text:"",image:"",url:location.href,classPrefix:"s_",width:640,height:480},ShareLink.getNetworkLink=function(a,b){var c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,c){return b[c]\|\|""});if("email"===a){if(-1<b.title.indexOf("&")\|\|-1<b.text.indexOf("&")){var d={text:b.text.replace(/&/g,"%26"),title:b.title.replace(/&/g,"%26"),url:b.url};c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,b){return d[b]})}return c.indexOf("?subject=&body")&&(c=c.replace("subject=&","")),c}return c},a.fn.shareLink=function(b){return this.each(function(){a(this).data("shareLink",new ShareLink(this,b))})}})(jQuery); equals www.twitter.com (Twitter)
Source: share-link.min-3.1.1[1].js.2.dr	String found in binary or memory: (function(a){window.ShareLink=function(b,c){var d,e={},f=function(a){var b=a.substr(0,e.classPrefixLength);return b===e.classPrefix?a.substr(e.classPrefixLength):null},g=function(a){d.on("click",function(){h(a)})},h=function(a){var b="";if(e.width&&e.height){var c=screen.width/2-e.width/2,d=screen.height/2-e.height/2;b="toolbar=0,status=0,width="+e.width+",height="+e.height+",top="+d+",left="+c}var f=ShareLink.getNetworkLink(a,e),g=/^https?:\/\//.test(f),h=g?"":"_self";open(f,h,b)},i=function(){a.each(b.classList,function(){var a=f(this);if(a)return g(a),!1})},j=function(){a.extend(e,ShareLink.defaultSettings,c),["title","text"].forEach(function(a){e[a]=e[a].replace("#","")}),e.classPrefixLength=e.classPrefix.length},k=function(){d=a(b)};(function(){j(),k(),i()})()},ShareLink.networkTemplates={twitter:"https://twitter.com/intent/tweet?text={text}\x20{url}",pinterest:"https://www.pinterest.com/pin/create/button/?url={url}&media={image}",facebook:"https://www.facebook.com/sharer.php?u={url}",vk:"https://vkontakte.ru/share.php?url={url}&title={title}&description={text}&image={image}",linkedin:"https://www.linkedin.com/shareArticle?mini=true&url={url}&title={title}&summary={text}&source={url}",odnoklassniki:"https://connect.ok.ru/offer?url={url}&title={title}&imageUrl={image}",tumblr:"https://tumblr.com/share/link?url={url}",google:"https://plus.google.com/share?url={url}",digg:"https://digg.com/submit?url={url}",reddit:"https://reddit.com/submit?url={url}&title={title}",stumbleupon:"https://www.stumbleupon.com/submit?url={url}",pocket:"https://getpocket.com/edit?url={url}",whatsapp:"https://api.whatsapp.com/send?text={title}\n{text}\n{url}",xing:"https://www.xing.com/app/user?op=share&url={url}",print:"javascript:print()",email:"mailto:?subject={title}&body={text}\n{url}",telegram:"https://telegram.me/share/url?url={url}&text={text}",skype:"https://web.skype.com/share?url={url}"},ShareLink.defaultSettings={title:"",text:"",image:"",url:location.href,classPrefix:"s_",width:640,height:480},ShareLink.getNetworkLink=function(a,b){var c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,c){return b[c]\|\|""});if("email"===a){if(-1<b.title.indexOf("&")\|\|-1<b.text.indexOf("&")){var d={text:b.text.replace(/&/g,"%26"),title:b.title.replace(/&/g,"%26"),url:b.url};c=ShareLink.networkTemplates[a].replace(/{([^}]+)}/g,function(a,b){return d[b]})}return c.indexOf("?subject=&body")&&(c=c.replace("subject=&","")),c}return c},a.fn.shareLink=function(b){return this.each(function(){a(this).data("shareLink",new ShareLink(this,b))})}})(jQuery); equals www.vkontakte.ru (VKontakte)

Source: unknown

DNS traffic detected: queries for: securepay.mysellful.com

Source: position.min-1.11.4[1].js.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: position.min-1.11.4[1].js.2.dr	String found in binary or memory: http://jquery.org/license
Source: position.min-1.11.4[1].js.2.dr	String found in binary or memory: http://jqueryui.com
Source: swiper.min-5.3.6[1].js.2.dr	String found in binary or memory: http://swiperjs.com
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://adservice.google.com/ddm/regclk
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: ~DF7A51840F262B8417.TMP.1.dr	String found in binary or memory: https://atendiendochagas.mundosano.org//kcontrol-inti/continue/new
Source: {70535A4C-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newRoot
Source: {70535A4C-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newas.mundosano.org/kcontrol-inti/con
Source: new[1].htm.7.dr	String found in binary or memory: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/
Source: ~DF827A3CCA513061E4.TMP.1.dr	String found in binary or memory: https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998
Source: {67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://atendiendochagllful.com/b
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://cdn1.sellful.com/wp-content/cache/busting/google-tracking/ga-0a4e309b5f2d7439b4f8876b19f37fc
Source: MC8R5KA7.htm.2.dr	String found in binary or memory: https://cdn1.sellful.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js
Source: ccaf1bb7df93920b7090e89ad7f87719[1].css.2.dr	String found in binary or memory: https://elementor.com/?utm_source=wp-themes&utm_campaign=author-uri&utm_medium=wp-dash
Source: ccaf1bb7df93920b7090e89ad7f87719[1].css.2.dr	String found in binary or memory: https://elementor.com/hello-theme/?utm_source=wp-themes&utm_campaign=theme-uri&utm_medium=wp-dash
Source: v4-shims.min-3.1.1[1].js.2.dr	String found in binary or memory: https://fontawesome.com
Source: v4-shims.min-3.1.1[1].js.2.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: css[2].css.7.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhv.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOiCnqEu92Fr1Mu51QrEzAdKQ.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsI.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TLBCc6CsI.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TjASc6CsI.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsI.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1MmgVxIIzQ.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzQ.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc-.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc-.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc-.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjo0oSmb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoDIOmb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoDISmb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoJYOmb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoUoOmb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojIWmb2Rl.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjovoSmb2Rl.woff)
Source: api[1].js.2.dr	String found in binary or memory: https://github.com/antoinevastel/picasso-like-canvas-fingerprinting
Source: dialog.min-4.8.1[1].js.2.dr	String found in binary or memory: https://github.com/kobizz/dialogs-manager/blob/master/LICENSE.txt
Source: MC8R5KA7.htm.2.dr	String found in binary or memory: https://i.ytimg.com/vi/ID/hqdefault.jpg
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/
Source: {67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://securepay.mysellful.com/
Source: {67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	String found in binary or memory: https://securepay.mysellful.com/Root
Source: ~DF827A3CCA513061E4.TMP.1.dr	String found in binary or memory: https://securepay.mysellful.com/b
Source: ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: share-link.min-3.1.1[1].js.2.dr	String found in binary or memory: https://twitter.com/intent/tweet?text=
Source: ccaf1bb7df93920b7090e89ad7f87719[1].css.2.dr	String found in binary or memory: https://www.gnu.org/licenses/gpl-3.0.html
Source: ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://www.google.com
Source: gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: share-link.min-3.1.1[1].js.2.dr	String found in binary or memory: https://www.pinterest.com/pin/create/button/?url=
Source: MC8R5KA7.htm.2.dr	String found in binary or memory: https://www.youtube.com/embed/ID?autoplay=1

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: unknown	HTTPS traffic detected: 104.26.11.161:443 -> 192.168.2.7:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.11.161:443 -> 192.168.2.7:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.13.213:443 -> 192.168.2.7:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.12.213:443 -> 192.168.2.7:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.12.213:443 -> 192.168.2.7:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.143.156:443 -> 192.168.2.7:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 74.125.143.156:443 -> 192.168.2.7:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.246.16.250:443 -> 192.168.2.7:49764 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.win@5/58@9/5

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{67FCA27F-982A-11EB-90E6-ECF4BB82F7E0}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user~1\AppData\Local\Temp\~DFDB692E0DABAF91D0.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:82952 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:17410 /prefetch:2	Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:82952 /prefetch:2	Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Next
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Next

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://securepay.mysellful.com/	1%	Virustotal		Browse
https://securepay.mysellful.com/	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
atendiendochagas.mundosano.org	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newRoot	0%	Avira URL Cloud	safe
http://swiperjs.com	0%	URL Reputation	safe
http://swiperjs.com	0%	URL Reputation	safe
http://swiperjs.com	0%	URL Reputation	safe
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/new	0%	Avira URL Cloud	safe
https://securepay.mysellful.com/b	0%	Avira URL Cloud	safe
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/	0%	Avira URL Cloud	safe
https://cdn1.sellful.com/wp-content/cache/busting/google-tracking/ga-0a4e309b5f2d7439b4f8876b19f37fc	0%	Avira URL Cloud	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
https://cdn1.sellful.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js	0%	Avira URL Cloud	safe
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newas.mundosano.org/kcontrol-inti/con	0%	Avira URL Cloud	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://atendiendochagllful.com/b	0%	Avira URL Cloud	safe
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998	0%	Avira URL Cloud	safe
https://securepay.mysellful.com/Root	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
stateless.sellful.com	104.26.12.213	true	false		unknown
stats.l.doubleclick.net	74.125.143.156	true	false		high
atendiendochagas.mundosano.org	162.246.16.250	true	false	0%, Virustotal, Browse	unknown
www.google.ch	216.58.215.227	true	false		high
cdn1.sellful.com	104.26.13.213	true	false		unknown
securepay.mysellful.com	104.26.11.161	true	false		unknown
stats.g.doubleclick.net	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=eb74f312212be18a263f555439392ab2f19be7815afbdfc1069c245ec67f3c3c7067c33f	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://securepay.mysellful.com/	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newRoot	{70535A4C-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://jquery.org/license	position.min-1.11.4[1].js.2.dr	false		high
http://swiperjs.com	swiper.min-5.3.6[1].js.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://twitter.com/intent/tweet?text=	share-link.min-3.1.1[1].js.2.dr	false		high
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/new	~DF7A51840F262B8417.TMP.1.dr	false	Avira URL Cloud: safe	unknown
https://securepay.mysellful.com/b	~DF827A3CCA513061E4.TMP.1.dr	false	Avira URL Cloud: safe	unknown
https://github.com/antoinevastel/picasso-like-canvas-fingerprinting	api[1].js.2.dr	false		high
http://jqueryui.com	position.min-1.11.4[1].js.2.dr	false		high
http://api.jqueryui.com/position/	position.min-1.11.4[1].js.2.dr	false		high
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/	new[1].htm.7.dr	false	Avira URL Cloud: safe	unknown
https://securepay.mysellful.com/	{67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false		unknown
https://cdn1.sellful.com/wp-content/cache/busting/google-tracking/ga-0a4e309b5f2d7439b4f8876b19f37fc	gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	false	Avira URL Cloud: safe	unknown
https://www.youtube.com/embed/ID?autoplay=1	MC8R5KA7.htm.2.dr	false		high
https://elementor.com/hello-theme/?utm_source=wp-themes&utm_campaign=theme-uri&utm_medium=wp-dash	ccaf1bb7df93920b7090e89ad7f87719[1].css.2.dr	false		high
https://cct.google/taggy/agent.js	gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://github.com/kobizz/dialogs-manager/blob/master/LICENSE.txt	dialog.min-4.8.1[1].js.2.dr	false		high
https://cdn1.sellful.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js	MC8R5KA7.htm.2.dr	false	Avira URL Cloud: safe	unknown
https://fontawesome.com/license/free	v4-shims.min-3.1.1[1].js.2.dr	false		high
https://fontawesome.com	v4-shims.min-3.1.1[1].js.2.dr	false		high
https://www.gnu.org/licenses/gpl-3.0.html	ccaf1bb7df93920b7090e89ad7f87719[1].css.2.dr	false		high
https://atendiendochagas.mundosano.org//kcontrol-inti/continue/newas.mundosano.org/kcontrol-inti/con	{70535A4C-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://www.google.%/ads/ga-audiences	ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	low
https://atendiendochagllful.com/b	{67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/?signin=d41d8cd98f00b204e9800998	~DF827A3CCA513061E4.TMP.1.dr	false	Avira URL Cloud: safe	unknown
https://i.ytimg.com/vi/ID/hqdefault.jpg	MC8R5KA7.htm.2.dr	false		high
https://stats.g.doubleclick.net/j/collect	ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js.2.dr	false		high
https://securepay.mysellful.com/Root	{67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://elementor.com/?utm_source=wp-themes&utm_campaign=author-uri&utm_medium=wp-dash	ccaf1bb7df93920b7090e89ad7f87719[1].css.2.dr	false		high
https://www.pinterest.com/pin/create/button/?url=	share-link.min-3.1.1[1].js.2.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
104.26.12.213	stateless.sellful.com	United States	13335	CLOUDFLARENETUS	false
104.26.11.161	securepay.mysellful.com	United States	13335	CLOUDFLARENETUS	false
162.246.16.250	atendiendochagas.mundosano.org	United States	19318	IS-AS-1US	false
74.125.143.156	stats.l.doubleclick.net	United States	15169	GOOGLEUS	false
104.26.13.213	cdn1.sellful.com	United States	13335	CLOUDFLARENETUS	false

General Information

Joe Sandbox Version:	31.0.0 Emerald
Analysis ID:	383544
Start date:	07.04.2021
Start time:	22:21:36
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 4m 23s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://securepay.mysellful.com/
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	25
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.phis.win@5/58@9/5
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://atendiendochagas.mundosano.org//kcontrol-inti/continue/new
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe Excluded IPs from analysis (whitelisted): 104.42.151.234, 23.54.113.53, 40.88.32.150, 13.88.21.125, 23.60.220.29, 52.147.198.201, 172.217.168.10, 216.58.215.227, 172.217.168.78, 172.217.168.4, 88.221.16.97, 104.43.193.48, 20.82.210.154, 152.199.19.161, 23.10.249.26, 23.10.249.43, 51.103.5.186, 52.155.217.156 Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, arc.msn.com.nsatc.net, store-images.s-microsoft.com-c.edgekey.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, skypedataprdcoleus15.cloudapp.net, wns.notify.trafficmanager.net, go.microsoft.com, www.google.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, www.google-analytics.com, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, fonts.googleapis.com, client.wns.windows.com, fs.microsoft.com, www-google-analytics.l.google.com, fonts.gstatic.com, ie9comview.vo.msecnd.net, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, displaycatalog.md.mp.microsoft.com.akadns.net, e1723.g.akamaiedge.net, skypedataprdcolcus15.cloudapp.net, skypedataprdcoleus16.cloudapp.net, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, skypedataprdcolwus16.cloudapp.net, skypedataprdcolwus15.cloudapp.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net, cs9.wpc.v0cdn.net Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{67FCA27F-982A-11EB-90E6-ECF4BB82F7E0}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	45768
Entropy (8bit):	1.9934580088962113
Encrypted:	false
SSDEEP:	192:rAZBVZo2XWcthifKYSzMzfKBQkD6EB3tbctIxauWFexafyYxat4uxKu3jxK+g:rwBb/mo+z+7Hoviy
MD5:	14A4CADDB82EC0E781777E9540CF67BE
SHA1:	FDD1D8AE005A0C2B12FBEE428D6574230E1CC568
SHA-256:	B9A57E10F8A7509B7772EB29C8C4A9824822BF25880560EB75808BE96D73CCBE
SHA-512:	915CD1CFC53FFEAC08529C0ED1AAAC272B9EF8CC78E53292618636F390F57DD343284409092771F6E948663E358EC1EC806531A4C344BFBE596F03349E0C9B94
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{67FCA281-982A-11EB-90E6-ECF4BB82F7E0}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	44580
Entropy (8bit):	2.1573209378759914
Encrypted:	false
SSDEEP:	192:rSZFQp6LkHj929vWNMR8TvA0tGz0YZ6zEjZFNG4n16Qxvtd3:rO6EQD04eaTA0kz0ULlZpn
MD5:	48ABD361C1E7AF1235DBCF825A658FFD
SHA1:	A2667BB84DD449F8C2F59FBB9E36271E641F3C93
SHA-256:	23A16B270E183C69DA64EA0229D7424769FEF466F8102A35D918FCE6418C79FD
SHA-512:	3AB2C6298474954FE85F5FFB38A6C55DFFA8C2AEA53DDA7EAD7F2444AB43E0F2C417DB35EBB84D7CBFD1169E46CD93547B1FB83280291ECE2A0066859B278FCC
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{70535A4C-982A-11EB-90E6-ECF4BB82F7E0}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	31880
Entropy (8bit):	2.035537912163108
Encrypted:	false
SSDEEP:	192:r+ZtQ86WkejN21WUMUn1ZDAi+UXqr1qbUg:rKyHXYEMBm7DL5Xqr1qz
MD5:	AC7FA7415DC1FD0F06E1C73270CFFF97
SHA1:	856F3003777909A3EF7DDB6BB3A9094C0F88D13D
SHA-256:	A1357FC570883FD6BCF0AF4BB84313C72AA7F6D9D44C2759DC1CAF96ACBEF91D
SHA-512:	7B07EC6097811E88EFEA98A65ED75433A07F385F620123D1E226448F1D556C6BC480588B23F68CB6B6B2744A5E80637152FB559AA646628F4C60F593F457B7F2
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{70535A4D-982A-11EB-90E6-ECF4BB82F7E0}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.565539420426121
Encrypted:	false
SSDEEP:	48:IwGGcprHGwpacG4pQkGrapbS7GQpKm1xG7HpRPTGIpG:raZRQ86yBS1AZTtA
MD5:	2E5D0E625F4F8D24E88D38350C3F5C76
SHA1:	B32E3918530AFE574D665497266BC47E3D68D155
SHA-256:	26F16C139274B01EDB4CA9375A9D39D937CBECC24E87FB050E4E3221A579F4CA
SHA-512:	6F4F154D9642719BD3B836C9C4D1FB02C470F1B5F8614CA213F8C2A68F19E6D300CE98FCEA677AB784744D6C4CDB73E1B41C463F25B99914137F61A3CBEB3BCB
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	4028
Entropy (8bit):	5.2943615654303535
Encrypted:	false
SSDEEP:	96:UYgS7NAYgWNkYgLNuYggNwYgCNpYgMNlOS7NhOWNROLNKCOgNbOCNGOMNyOS7NIB:937NBlNtkN7PNRpNuTNz7NFNUNKcN3Ni
MD5:	775906B0B3B1AB6C28A494E1C39BAD70
SHA1:	EA02161815087057FAAD5AD45C8AFC53A3C5E4AD
SHA-256:	1A8242357B58770FCA34F6B86921FF5BAFB8C0F536891E7A86A04451350A544C
SHA-512:	DC54EDA99FD2154E13C87360B51026873EB82ACDA3DC5EC5D05A903F765D2C6698A217E7C711A640A35AC73AAF3A30F1BE6D409871A260C9B56BD76FE90218D4
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.9
Preview:	@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v27/KFOiCnqEu92Fr1Mu51QrEzAdKQ.woff) format('woff');.}.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TjASc6CsI.woff) format('woff');.}.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzQ.woff) format('woff');.}.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 500;. src: url(https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsI.woff) format('woff');.}.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 700;. src: url(https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsI.woff) format('woff');.}.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 900;. src: url(http

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\css[2].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	188
Entropy (8bit):	5.119072399147113
Encrypted:	false
SSDEEP:	3:0SYWFFWlIYCiF15RI5XwDKLRIHDfFTo/TfqzrZqcdJ2dTi8EuRlGlL+9JYARNin:0IFFm15+56ZTo/Tizlpd0celdJNin
MD5:	4CFC4658F748E1FC67D2EA27F9B3692F
SHA1:	82C520D112F48E337E99DF00067BFAA75D0F9CA2
SHA-256:	ABC5A61E85F95E54C925FE9589099AD680912480E7C97052AF0496CBC6D111B8
SHA-512:	BFDDD6D4E0225EF444FD621B2CC20D022C02E30AB3E8AACA197E8F6304AA95E8C253815C6DC329646E5F39BBAF0B953A0667B296D15AB6BCECE788D1BFDC614B
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.googleapis.com/css?family=Open+Sans:600
Preview:	@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 600;. src: url(https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhv.woff) format('woff');.}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\dialog.min-4.8.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10863
Entropy (8bit):	5.1613915002906126
Encrypted:	false
SSDEEP:	192:sEPwJdswSRibO6JSplZn41SFzpYK2p7ESa/TI9w0uV6uSnotk+nWEdpTARHrLG4/:FH6JElZn4WpYKC7E5rI9oV6ultk6tIe6
MD5:	58BAF0F238D7AFC7AB926B8D51E5B559
SHA1:	8515E5F578269E29C048450F78C107935D325DFF
SHA-256:	2989E0B9E836CB9DE3274D641EC6A58C2052F039E790DDD59B22303930BFDEEB
SHA-512:	A15D0799C93D0C93789582D5330BDA9AEB5332A2EF4917FE0F6A758EA77A1231B976DC960BA17D0038BD16ACB34C62400EC4213AB458D1B301FB6141958FA005
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/lib/dialog/dialog.min-4.8.1.js
Preview:	/! dialogs-manager v4.8.1 \| (c) Kobi Zaltzberg \| https://github.com/kobizz/dialogs-manager/blob/master/LICENSE.txt . 2020-08-17 18:55 /.!function(a,b){"use strict";var c={widgetsTypes:{},createWidgetType:function(b,d,e){e\|\|(e=this.Widget);var f=function(){e.apply(this,arguments)},g=f.prototype=new e(b);return g.types=g.types.concat([b]),a.extend(g,d),g.constructor=f,f.extend=function(a,b){return c.createWidgetType(a,b,f)},f},addWidgetType:function(a,b,c){return b&&b.prototype instanceof this.Widget?this.widgetsTypes[a]=b:this.widgetsTypes[a]=this.createWidgetType(a,b,c)},getWidgetType:function(a){return this.widgetsTypes[a]}};c.Instance=function(){var b=this,d={},e={},f=function(){d.body=a("body")},g=function(b){var c={classPrefix:"dialog",effects:{show:"fadeIn",hide:"fadeOut"}};a.extend(e,c,b)};this.createWidget=function(a,d){var e=c.getWidgetType(a),f=new e(a);return d=d\|\|{},f.init(b,d),f},this.getSettings=function(a){return a?e[a]:Object.create(e)},this.init=function(a){return g(a

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\frontend-modules.min-3.1.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
Category:	downloaded
Size (bytes):	64914
Entropy (8bit):	5.3578444056002485
Encrypted:	false
SSDEEP:	1536:ODFdqcFjyAlENEeDq6/9m59Clae6dxx7A6htTF38tzfFKQt4RcSS/Yq31pC:2qcFjy5Yq3TC
MD5:	2AA14A960A066B954DFACB7CE9B6D192
SHA1:	525BBDDC67ADDA7E9B1960FF5AAC621922ABDEB3
SHA-256:	DEA0AD73F4973782017880F1DCE0AF21A946D0E21A07DF4C5B98ECED5EBB40B1
SHA-512:	95941BD8FD973B2D49AEC7F12031E452A07352EE3BECF2D4012D021584B77337C9EE25D40718EE99BA1234EECB9B3DE52BC3C2545407073F1062C2B650D2319C
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/js/frontend-modules.min-3.1.1.js
Preview:	/! elementor - v3.1.1 - 31-01-2021 /.(self.webpackChunkelementor=self.webpackChunkelementor\|\|[]).push([[354],{9396:(t,e,r)=>{t.exports=r(9862)},5091:(t,e,r)=>{t.exports=r(7060)},8401:(t,e,r)=>{t.exports=r(9043)},7394:(t,e,r)=>{t.exports=r(3679)},3587:(t,e,r)=>{t.exports=r(7092)},2055:(t,e,r)=>{t.exports=r(8473)},3452:(t,e,r)=>{t.exports=r(671)},8274:(t,e,r)=>{t.exports=r(7629)},3493:(t,e,r)=>{t.exports=r(3966)},4176:(t,e,r)=>{t.exports=r(4969)},5499:(t,e,r)=>{t.exports=r(990)},8282:(t,e,r)=>{t.exports=r(6760)},1281:(t,e,r)=>{t.exports=r(9280)},9363:(t,e,r)=>{t.exports=r(9551)},93:(t,e,r)=>{t.exports=r(2194)},8852:t=>{t.exports=function _assertThisInitialized(t){if(void 0===t)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return t}},1959:t=>{t.exports=function _classCallCheck(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}},846:(t,e,r)=>{var n=r(5499),o=r(6870),i=r(898);function _construct(e,r,s){return i()?t.e

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\frontend.min-3.1.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	80963
Entropy (8bit):	5.241137249036391
Encrypted:	false
SSDEEP:	1536:rQeCyqmeXKVZVb9/qI1xz8rQ3SeugaB7r3WggqYZ3RSo+fY9QHqD+fxX5YlakVCg:0RTcv+0PZfP
MD5:	DCE958AFB428DD3DC78F203EF99BAE42
SHA1:	36EC6A22853E4212CFA7D150E9486200C943FE63
SHA-256:	26D2072B425A61E1ED81ED2B3F254888531E62060C7C4B3C788FFB925A8C864E
SHA-512:	FA90CC9502E52FB631BD7C691EC6C3A9A7B81FC479C7B7F5FE0ABF94B8BD3A1375D0C65067AE342F35981E4937740E11BAFBC37CF51FE655C50316DC066B3422
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/js/frontend.min-3.1.1.js
Preview:	/! elementor - v3.1.1 - 31-01-2021 /.(self.webpackChunkelementor=self.webpackChunkelementor\|\|[]).push([[819],{5453:(e,t,n)=>{e.exports=n(6802)},4680:(e,t,n)=>{e.exports=n(1792)},1888:(e,t,n)=>{e.exports=n(2555)},2009:(e,t,n)=>{e.exports=n(2771)},2937:(e,t,n)=>{e.exports=n(7841)},8923:(e,t,n)=>{e.exports=n(5948)},5657:(e,t,n)=>{e.exports=n(1995)},3220:(e,t,n)=>{e.exports=n(9485)},2292:e=>{e.exports=function _arrayLikeToArray(e,t){(null==t\|\|t>e.length)&&(t=e.length);for(var n=0,i=new Array(t);n<t;n++)i[n]=e[n];return i}},9479:(e,t,n)=>{var i=n(9396);e.exports=function _arrayWithHoles(e){if(i(e))return e}},9117:(e,t,n)=>{var i=n(3220);function asyncGeneratorStep(e,t,n,o,r,a,s){try{var l=e[a](s),d=l.value}catch(e){return void n(e)}l.done?t(d):i.resolve(d).then(o,r)}e.exports=function _asyncToGenerator(e){return function(){var t=this,n=arguments;return new i((function(i,o){var r=e.apply(t,n);function _next(e){asyncGeneratorStep(r,i,o,_next,_throw,"next",e)}function _throw(e){asyncGenerato

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\gtm-479609c18ecd923ecdd3ed096cb1cd91[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	99212
Entropy (8bit):	5.521881513645312
Encrypted:	false
SSDEEP:	1536:JoUK1bOl+0E+HlUnK+sCEOkKQfn2zeWgzvC6sruTAin1U9aKPh52QsnyAC7iHg:JoUKxu+04nvs+SWnrRiLhg
MD5:	7EDF89BCE763DAE748007CC1141380D7
SHA1:	C60F42B0D042E5D3A07A2EBA19C2ADCC1963DB3F
SHA-256:	F823A747AEE70B21C44208FC0B5413A7512557E5188A2AA64529241A5B4C4E4E
SHA-512:	BFBEB4D2D7D2742D60602A8F99E713B6A1F459E11E2493488F14C0CD65B2C6E3F2CC84FF4593F2A1E9FF46BA66F6D9C71C84B533A88A9E2907704107652F19C5
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/gtm-479609c18ecd923ecdd3ed096cb1cd91.js
Preview:	.// Copyright 2012 Google Inc. All rights reserved..(function(){..var data = {."resource": {. "version":"1",. . "macros":[{. "function":"__e". },{. "function":"__cid". }],. "tags":[{. "function":"__rep",. "once_per_event":true,. "vtp_containerId":["macro",1],. "tag_id":1. }],. "predicates":[{. "function":"_eq",. "arg0":["macro",0],. "arg1":"gtm.js". }],. "rules":[. [["if",0],["add",0]]].},."runtime":[].....};../.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var aa,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ca=function(a){var b="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];return b?b.call(a):{next:ba(a)}},da="function"==typeof Object.create?Object.create:function(a){var b=function(){};b.prototype=a;return new b},ea;.if("function"==typeof Object.setPrototypeOf)ea=Object.setPrototypeOf;else{var ia;a:{var ja={a:!0},ma={};

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\jet-blocks.min-1.2.4[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	13937
Entropy (8bit):	5.194590837918052
Encrypted:	false
SSDEEP:	192:1LJbl09ztPA/QhP0RBA2CbGtg0eXpzNxUV6a5xF6+ZhkcEWLs44W1cu2WzaB6Dmt:1wxAQB6DmRht
MD5:	A4F2716EEDDAAB1AB3F91DF8A53743BD
SHA1:	864F3205952350B27668E1FBEB300173FA1BFD9F
SHA-256:	42123FA141C9B3B24EA7AFA9028E5407324018F168CB68CA04FA46D51180E89F
SHA-512:	1412B997FD3791682783DF8682ADF9FD610AE9F2B97113C0B1C9E44807D68019D699C608E5E236042112A7F0AD51B6593A8D9DC335C5C7D086842DE577F77CFB
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min-1.2.4.js
Preview:	!function(h,m,o){"use strict";var c={init:function(){var e={"jet-nav-menu.default":c.navMenu,"jet-search.default":c.searchBox,"jet-auth-links.default":c.authLinks,"jet-hamburger-panel.default":c.hamburgerPanel,"jet-blocks-cart.default":c.refreshCart};h.each(e,function(e,t){m.hooks.addAction("frontend/element_ready/"+e,t)}),h(document).on("click.jetBlocks",".jet-search__popup-trigger",c.searchPopupSwitch).on("click.jetBlocks",".jet-search__popup-close",c.searchPopupSwitch),m.hooks.addAction("frontend/element_ready/section",c.setStickySection),h(document).on("ready",c.stickySection)},refreshCart:function(e){if(o&&window.JetBlocksEditor&&window.JetBlocksEditor.activeSection){var t=window.JetBlocksEditor.activeSection;-1!==["cart_list_style","cart_list_items_style","cart_buttons_style"].indexOf(t)?e.find(".jet-blocks-cart").addClass("jet-cart-hover"):e.find(".jet-blocks-cart").removeClass("jet-cart-hover"),h(".widget_shopping_cart_content").empty(),h(document.body).trigger("wc_fragment_ref

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\jet-elements.min-2.5.5[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	61303
Entropy (8bit):	5.457784118707286
Encrypted:	false
SSDEEP:	1536:oZRoxSpg4k8S5LugZRopr2oKzm+Hs3xeDz:oZjS5Urr3xeDz
MD5:	AA0D6562E66188D42D8B4EB243D5AEAE
SHA1:	269ED4B11B57DB0B520CEA0F5895EAABF778F022
SHA-256:	56DD17B91E80F419356B9519459F99E939F846BAB801BE32A15719293131DE4C
SHA-512:	85FB2C7490D4D909225F8C49E113C5ADEA299E9967D2CAA9B2F58BF2D43EBD433A5A82BA4A461C63750BC8393375C3AE76EE93F83D7426D206DBF5D39B549BA4
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/jet-elements/assets/js/jet-elements.min-2.5.5.js
Preview:	!function(e,t){"use strict";var i={init:function(){var a={"jet-carousel.default":i.widgetCarousel,"jet-circle-progress.default":i.widgetProgress,"jet-map.default":i.widgetMap,"jet-countdown-timer.default":i.widgetCountdown,"jet-posts.default":i.widgetPosts,"jet-animated-text.default":i.widgetAnimatedText,"jet-animated-box.default":i.widgetAnimatedBox,"jet-images-layout.default":i.widgetImagesLayout,"jet-slider.default":i.widgetSlider,"jet-testimonials.default":i.widgetTestimonials,"jet-image-comparison.default":i.widgetImageComparison,"jet-instagram-gallery.default":i.widgetInstagramGallery,"jet-scroll-navigation.default":i.widgetScrollNavigation,"jet-subscribe-form.default":i.widgetSubscribeForm,"jet-progress-bar.default":i.widgetProgressBar,"jet-portfolio.default":i.widgetPortfolio,"jet-timeline.default":i.widgetTimeLine,"jet-table.default":i.widgetTable,"jet-dropbar.default":i.widgetDropbar,"jet-video.default":i.widgetVideo,"jet-audio.default":i.widgetAudio,"jet-horizontal-timeline.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\pdf[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6830
Entropy (8bit):	7.849424154989951
Encrypted:	false
SSDEEP:	192:n6ND9AxRGozwHD0Ksf+GQUAU6Z0WoYGoKUcsgYRU:6xWRXwHmtfYGLUYIU
MD5:	F1E3F187F7C23FA8D1555004F3800356
SHA1:	E71E52A142E754399AE39EF38584789B66E9EA00
SHA-256:	DB307FCEF7F95139689007D7A623B340EC21282BD421C4E4B2BA09078F230545
SHA-512:	BD568B1C92D7C3B586E2EA7E9C47B08FD1171FF6615FA4F670F12950DC62315B58E6BB5336F50B111FF42B27558398DFF9715054A8E44F0A8B9CD1541F0BC07D
Malicious:	false
Reputation:	low
IE Cache URL:	https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/files/pdf.png
Preview:	.PNG........IHDR.............\r.f... cHRM..z&..............u0...`..:....p..Q<....bKGD.............7IDATx..K....j.[....{..&....V6....np3...-.. $.qF..0.a....a6y...........&D.g.#.........;..aC..q.5.k....n..SU.T...Oj.[..w......:.....Nz....P.0..,..................b`..X........`10..,..................b`..X......U.@...?...Dfs..S....''.....y.I.'q.s...^.9........u.~qnn.......p.........?\u..Pz..&.>.E....)O....zzz.?..k.q#...;0..`Y...jaA.....S.\HF...#"...".dY:.O./..@.C)........f.I...<..;o.9..0... ..B.....I..&`.4...\|..1..9z...o.E...P..h...R..P.q...l....1....8....$..v.....q.q.j6.4555Vw.g..=:TJ......v\.6.%.).H(...._'.._.>.f...s].&.......j.U]..?2..-..rs....U.....7T0._.p..<........4.".\|S...C....L@=...Q..(,.^.S...`?@...f...1x......w.6.~....F......7....{.\....z..B.....d..;........F.&.... 3\.T........q..Fcq...9\|.&....A.....<........{..L 3,. ..1a...!(.`- .F.ASK&px..<p...D...d....W~g].........h.j.0.Y.....d...4dK. .F...`.Y`j..\.7SQ{_.f.AS.............\....S..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\preloaded-elements-handlers.min-3.1.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	37256
Entropy (8bit):	5.259484656179558
Encrypted:	false
SSDEEP:	768:0b49qeNT6bqYu4LqGaHWTo3dk5bqKWypqI1Qad+q7jukqgN8O8IDyq1HP3f69WmQ:0b4VKqYu4LqzHWTo3dSqKWypqI1Qad+W
MD5:	ED8DE4F9A94259E5BC6E81D7857C76E4
SHA1:	0F9330D1551934BF28E3AFC4BD63366DF88E9CA7
SHA-256:	420AD608FCB00C75B037C32408D72FABD863EB70B707A36F93DD00F4BDA513E9
SHA-512:	BA1C334DEB4F5333E304BF7EFF82ECBC070E7E032369E351153DEA28C23AE8028154117392EA1FC7E847F40C19EB6B1495C84CFEE5C7145696521D35A9B73797
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min-3.1.1.js
Preview:	/! elementor - v3.1.1 - 31-01-2021 /.(self.webpackChunkelementor=self.webpackChunkelementor\|\|[]).push([[995,209,745,120,192,520,181,791,268,357],{2937:(e,t,n)=>{e.exports=n(7841)},3774:(e,t,n)=>{e.exports=n(5966)},5315:(e,t,n)=>{e.exports=n(9406)},3220:(e,t,n)=>{e.exports=n(9485)},9117:(e,t,n)=>{var r=n(3220);function asyncGeneratorStep(e,t,n,i,a,o,s){try{var l=e[o](s),u=l.value}catch(e){return void n(e)}l.done?t(u):r.resolve(u).then(i,a)}e.exports=function _asyncToGenerator(e){return function(){var t=this,n=arguments;return new r((function(r,i){var a=e.apply(t,n);function _next(e){asyncGeneratorStep(a,r,i,_next,_throw,"next",e)}function _throw(e){asyncGeneratorStep(a,r,i,_next,_throw,"throw",e)}_next(void 0)}))}}},8042:(e,t,n)=>{var r=n(7394);e.exports=function _defineProperty(e,t,n){return t in e?r(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}},4899:(e,t,n)=>{var r=n(7394),i=n(2937),a=n(3774),o=n(3587),s=n(5315),l=n(3452),u=n(8042);function ownKeys(e,t){var n=l

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\swiper.min-5.3.6[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	139153
Entropy (8bit):	5.2146927200642335
Encrypted:	false
SSDEEP:	1536:Fj2qhgxfeuGMfoqi2ZLjK8ieVlLXCiiSsWRLK7A3dnaKBjY4vHgZsUOUTqiqpBgA:wxoo6desFshaKi+HgZsUOUTqiqM37ER
MD5:	15BB2B8491FC7E84137D65F610E1685A
SHA1:	CD76B70A5426893E9C022B9A75C50A7C1348E2D0
SHA-256:	B23F49F504FAA32AAC548B6662FFD64412F6738496FAB8BE38DA46C5B7121804
SHA-512:	95C05110B29101C84DF71C54172269F478D9CD14965B3DE987613E11E0F1CCF01C1B7D2BF290D97EF11373F24DCCD677F8710E1555D332903181F469D0F2B0BB
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/lib/swiper/swiper.min-5.3.6.js
Preview:	/*. Swiper 5.3.6. * Most modern mobile touch slider and framework with hardware accelerated transitions. * http://swiperjs.com. . Copyright 2014-2020 Vladimir Kharlampidi. . Released under the MIT License. . Released on: February 29, 2020. */..!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e=e\|\|self).Swiper=t()}(this,(function(){"use strict";var e="undefined"==typeof document?{body:{},addEventListener:function(){},removeEventListener:function(){},activeElement:{blur:function(){},nodeName:""},querySelector:function(){return null},querySelectorAll:function(){return[]},getElementById:function(){return null},createEvent:function(){return{initEvent:function(){}}},createElement:function(){return{children:[],childNodes:[],style:{},setAttribute:function(){},getElementsByTagName:function(){return[]}}},location:{hash:""}}:document,t="undefined"==typeof window?{document:e,navigator:{userAgent:""},

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\wu-visit-counter.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	451
Entropy (8bit):	4.887002620324048
Encrypted:	false
SSDEEP:	12:sE5OWQdRVMq3osE2jlYcW7hpQzXQXwlx8XQ1RFw3KeGXr7dzkZGXYMCjJn:sE5EBBEilYVVJwAXURFw3/GXr7Fk8XYr
MD5:	BD2D3003A2FF56FFE8D773738166C4E8
SHA1:	038E00D4CC39EC3B07034BDE7D183488A327D93D
SHA-256:	E0D101D1C3EAA67495D8A04D1D4A2D84B02B44CE6C9B060C323A5534CD83D59C
SHA-512:	AF545977FE96BCE0F8CCFF024BC101EB6E3E7BF218D173EEEE1D2694FF20CB0E69C1D05BA3300234A6B205CD7D5079FCBBA34F05427BFB5FEA43100493A9E541
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/plugins/wp-ultimo/assets/js/wu-visit-counter.min.js
Preview:	!function(n){var o,t=!1,i=function(){return console.log("Counting Visit..."),n.ajax({type:"GET",url:wu_visit_counter.ajaxurl,data:{action:"wu_count_visits",code:wu_visit_counter.code}}).done(function(){t=!0,console.log("Visit registered.")})};setTimeout(function(){console.log("Listening for unloads..."),n(window).on("unload",function(){"null"==typeof o&&(t\|\|(o=i()))})},3e3),n(document).ready(function(){setTimeout(function(){o=i()},1e4)})}(jQuery);

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOiCnqEu92Fr1Mu51QrEzAdKQ[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21776, version 1.1
Category:	downloaded
Size (bytes):	21776
Entropy (8bit):	7.972467440478283
Encrypted:	false
SSDEEP:	384:G+oO9eMm6IbA7qJx9w3/TVd3fr5KjEid8pTN4TbOwyFPhgGRw9:zl9eMm6eKsHwpdPr5K+Pu6wsPaGRU
MD5:	E21019768EE6D334593AA1EBCA028ACF
SHA1:	DFE80B4CB13F47ECED9236E33AB360DB41711B0C
SHA-256:	75D75439F2A7EA1851A3E5B621320B9DFA1399861D2EC6D443A3C2919B93AFB7
SHA-512:	CFE0237C61D61CD630A1F9E05C2A00DEE1C2006811ADAB19162F2BCB890E2F126054EC01131CD2642D2D2398C0F56C7D2D9A25A56C2BAD6FF4BC6FB21029C6E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOiCnqEu92Fr1Mu51QrEzAdKQ.woff
Preview:	wOFF......U.................................GDEF.......G...d....GPOS...............!GSUB................OS/2...L...O...`t..'cmap...............#cvt .......H...H.2..fpgm.......3...._...gasp...0............glyf...<..A...u....hdmx..M....q.....#.&head..Np...6...6.\|.hhea..N....#...$.}.[hmtx..N..........rQ.loca..QX........ .._maxp..SP... ... .4..name..Sp........ G= post..TL....... .a.dprep..Td........+6.x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x...l\..F..3...N..q)..a\|.....^..33..c......p"y.iT....<Gg...!.3...T1...{.g0.u.y........m.\|.k..NF......mox.;...7&.Y..C.R_[.T.c..-.=...9:...aj.G...............O.Q".6...>...(?...~...._.2:..K4....S%...jbr).........e.U..-..X.3.ILQ....z..!.f:...<.W.#...e.c=...&6...lc;;..3<.s<....H.i2..N..t..)Ns...#`..".).[...._.T..T.....+l..=..O.....Z..F...r..eM.f.Y.....-...r.\.s6.r..,...:.<$..#.l..F.$.2#.e..].[.....yR...e.\|{..O..`)..U.0.e.50.Z.b../cM..i.&O._..+.Y.W...;z....j.p._.o..[CL.)n'.UGx..>).X..MJ..Fr..v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOjCnqEu92Fr1Mu51TLBCc6CsI[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22360, version 1.1
Category:	downloaded
Size (bytes):	22360
Entropy (8bit):	7.975733480737877
Encrypted:	false
SSDEEP:	384:afBIIA0zhsqLW3UAI+x+VH9cxS8XwZtyOOCiKCu5s7YRKWIrfu/oiQfTO4TPg:aG0zhsqLSUAI+xi2s8XwZtuKJzE6/qfg
MD5:	C2E42D1EAC2DE2B58A2358686E6ED73C
SHA1:	24760369053031DF1F2BE831E067E3D9E37F0B3A
SHA-256:	B31B421BAFE532F6B6BDBB6F680FB11BD3968F23C7FE09A29B1A22F4C8DD2A7E
SHA-512:	BFB71B0B6DE51CD1E643733A14B5CD4342F4E93A1732E9AAF6F3A6012DD85EEC5F660F409474C55751B28D122BA202875A325D72F0B7CF327660577C7C1DC9D7
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TLBCc6CsI.woff
Preview:	wOFF......WX.......h........................GDEF.......G...d....GPOS..............oGSUB................OS/2...p...O...`v...cmap...............#cvt .......Z...Z...=fpgm...4...3......#.gasp...h............glyf...t..C...t..,..hdmx..O....n....25$8head..Pl...6...6.G.Whhea..P....#...$.H..hmtx..P..........B(Cloca..Sd............maxp..Ud... ... .4..name..U...........>.post..Vd....... .a.dprep..V\|.......8...Cx...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x....%Y....Wm=..mo..k.m....rl...m.g"^..../..[.}.S...\.mD...1..G>..giz...=C..}.y....\|o..c.x.R.r"B........m....../.&./6..5D.AGX.....)<'.)....?.... .Y4>\|1...ES.Gc...FO.>$.../...}RCl..T.zD..uZ4~D.._OK.$.Z.(..JR...\..\..\..\.\......*'n..6:x...b,..$...?.g:./y.iLg.3..l.0.y.g..X..V...d.#O...0....b7{..>.n.iD.V....." e.\A..OR.kwp.].....6p..."ZE..%...e.u3..L..V...W.7b..L.3.L1K...Ts..$6.-b.......9...b@..!1,...v.C....{...dox.G(...\|a%E:.Fn.Nn.^n.........Sf..E)...k....<g..){....\|......DT..N....Hy.F.Jez......._?7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOjCnqEu92Fr1Mu51TzBic6CsI[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 21656, version 1.1
Category:	downloaded
Size (bytes):	21656
Entropy (8bit):	7.971138981009303
Encrypted:	false
SSDEEP:	384:vfqIIA0zh/VF0+5SLHCK+yo5HHx/KnMpljPSiQZxLZtspfA9JaXWWyBuM9rgaSJV:vJ0zh/VFv0Hm15HHtKnalaiQfZtsp49o
MD5:	147F4E11CE73A22AAC9C6C2822290953
SHA1:	EEFEA89A9C36F8B1A7CA99372A7E0E05C92EADD6
SHA-256:	A22585CFD64238EF14B1B383B5B9A8BAD7C89E354C09FC0886067E876687A38C
SHA-512:	3D7ADA26B281864CE394CB49974A9EA59D28FA8C2EFB006DF31DCAE66DB4684223BDB42B8234A5135BF1B4F834E91DE415E44558EB2CF2346086C88793970589
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsI.woff
Preview:	wOFF......T.................................GDEF.......G...d....GPOS..............oGSUB................OS/2...p...O...`u...cmap...............#cvt .......J...J..,ofpgm...$...3....c...gasp...X............glyf...d..@...o.H.6.hdmx..MD...n....,..0head..M....6...6...`hhea..M....#...$....hmtx..N...........1)loca..P.............maxp..R.... ... .4..name..R......... .=$post..S........ .a.dprep..S.........9..Bx...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x....%Y....Wm=..mo..k.m....rl...m.g"^..../..[.}.S...\.mD...1..G>..giz...=C..}.y....\|o..c.x.R.r"B........m....../.&./6..5D.AGX.....)<'.)....?.... .Y4>\|1...ES.Gc...FO.>$.../...}RCl..T.zD..uZ4~D.._OK.$.Z.(..JR...\..\..\..\.\......*'n..6:x...b,..$...?.g:./y.iLg.3..l.0.y.g..X..V...d.#O...0....b7{..>.n.iD.V....." e.\A..OR.kwp.].....6p..."ZE..%...e.u3..L..V...W.7b..L.3.L1K...Ts..$6.-b.......9...b@..!1,...v.C....{...dox.G(...\|a%E:.Fn.Nn.^n.........Sf..E)...k....<g..){....\|......DT..N....Hy.F.Jez......._?7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\KFOkCnqEu92Fr1MmgVxIIzQ[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20424, version 1.1
Category:	downloaded
Size (bytes):	20424
Entropy (8bit):	7.973322748597765
Encrypted:	false
SSDEEP:	384:UaoO8n3eceZ+fUC1WCz8P+IgjhYSHA/fFb4+hQC:Bl8nOcBfUqT/jOgAiC
MD5:	04B7FD97F88B82DCCCE5EC446CCC29E6
SHA1:	9A3C1CE2EAB659A91AF7016570287428CC82C458
SHA-256:	A38AD0B609E4D2039D18B0F9DC89E9060F2E2E05F2F42764A6A93354346A6C37
SHA-512:	4B71614F447F4E250AB8060026BA002F3F0DAA9286F207AA4B0652201D9053BD72865C09D1AB90155CF932E17D5897D7A1F659C98F1B1AACFDF6397D6DB47DA8
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1MmgVxIIzQ.woff
Preview:	wOFF......O.................................GDEF.......G...d....GPOS...............!GSUB................OS/2...L...P...`t..{cmap...............#cvt .......H...H.2..fpgm.......3...._...gasp...0............glyf...<..<...q....Lhdmx..H....q...."&.(head..I@...6...6.G..hhea..Ix... ...$...whmtx..I....y......lCloca..L.........X.;.maxp..N.... ... .4..name..N4.......x..9.post..O........ .m.dprep..O.........+6.x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x...l\..F..3...N..q)..a\|.....^..33..c......p"y.iT....<Gg...!.3...T1...{.g0.u.y........m.\|.k..NF......mox.;...7&.Y..C.R_[.T.c..-.=...9:...aj.G...............O.Q".6...>...(?...~...._.2:..K4....S%...jbr).........e.U..-..X.3.ILQ....z..!.f:...<.W.#...e.c=...&6...lc;;..3<.s<....H.i2..N..t..)Ns...#`..".).[...._.T..T.....+l..=..O.....Z..F...r..eM.f.Y.....-...r.\.s6.r..,...:.<$..#.l..F.$.2#.e..].[.....yR...e.\|{..O..`)..U.0.e.50.Z.b../cM..i.&O._..+.Y.W...;z....j.p._.o..[CL.)n'.UGx..>).X..MJ..Fr..v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\api[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	35662
Entropy (8bit):	5.289565799540458
Encrypted:	false
SSDEEP:	768:eIEo7x4VqTHUlEulsfi+P1u0C9tJXTPDbYYFfct/1VMp9JddY8PmE4k7DgGSB:e2yYYac1TssM
MD5:	6C6281C15CBC981BC05942BAC40BCD7E
SHA1:	6015D314D852ECC0C0158731D8E06724805E38E5
SHA-256:	0D3118E306C6A26F1D2EFCB698984E6922C5E7E155C94A84760E36E5592A3C11
SHA-512:	7DB423D081304661C5981C6FC6D37CE2F32DBE8B8C38A9D2791DBD6110DB36261FA249A1662F667B58AA5B1A88446AD65D90B6EFBBEE0DA1378BD39BB1FE0DB2
Malicious:	false
Reputation:	low
IE Cache URL:	https://securepay.mysellful.com/cdn-cgi/bm/cv/669835187/api.js
Preview:	/*. @license. * Copyright (c) 2015 Andr. Cruz <amdfcruz@gmail.com>. * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:. * The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.. * THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, A

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	15526
Entropy (8bit):	5.721275823828831
Encrypted:	false
SSDEEP:	384:Ox5T7PuUyxgg2Ctjo/kohz2YDDD1fSCRdVI37Sm9:OjT7GDxgg2GE/kohz2YDDD1fS8oh9
MD5:	63DF83784CADD3A339B776520600C21A
SHA1:	69BB829612F3E3CB2F521323945C9284A2B0DCDE
SHA-256:	2EE69AEF3AFB10B368BDE9FEA7E97CC75C030C890E3D2B8DC4AD19D498234DBF
SHA-512:	FC1C4F31A0817471D1D2CA8ADEA7F3C39B67B0EA688CC58EB4F6C68F5F6558E236B9D3D2D8BA95EE296CFBF3C0197CE54DFECADBCCCE1B7497542FEE291441D5
Malicious:	false
Reputation:	low
IE Cache URL:	https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/files/css.css
Preview:	html {...line-height: 1.15;...-ms-text-size-adjust: 100%;...-webkit-text-size-adjust: 100%..}..body {...height: 100%;...margin: 0..}..article, aside, footer, header, nav, section {...display: block..}..h1 {...font-size: 2em;...margin: .67em 0..}..figcaption, figure, main {...display: block..}..figure {...margin: 1em 40px..}..hr {...box-sizing: content-box;...height: 0;...overflow: visible..}..pre {...font-family: monospace, monospace;...font-size: 1em..}..a {...background-color: transparent;...-webkit-text-decoration-skip: objects..}..abbr[title] {...border-bottom: none;...text-decoration: underline;...text-decoration: underline dotted..}..b, strong {...font-weight: inherit..}..b, strong {...font-weight: bolder..}..code, kbd, samp {...font-family: monospace, monospace;...font-size: 1em..}..dfn {...font-style: italic..}..mark {...background-color: #ff0;...color: #000..}..small {...font-size: 80%..}..sub, sup {...font-size: 75%;...line-height: 0;...position: relative;...vertical-align: b

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\ga-0a4e309b5f2d7439b4f8876b19f37fc7[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	48759
Entropy (8bit):	5.5215063523389265
Encrypted:	false
SSDEEP:	768:/yR3fYFBLbfsce5XqY1TyPnHpX/KWY3SoavPVRhwmCgYUD0lgEw0stZc:/y9gZfA5h1UHpXxY3Soiuw0sU
MD5:	0A4E309B5F2D7439B4F8876B19F37FC7
SHA1:	7AC30F933A2B889EDBE5D3449F4EC90049B0E2A9
SHA-256:	F79723478F4C48501CD49AC52B81D6244A6562B9D3F08CE8AB208A8B8878D4C4
SHA-512:	891337D9CD308331BD0166BAA7C99C2B856D47F0ADE8AF596F71AFFC962546BBE0952554C51CC9A10E28BB4CEE3648AEC819D83A8935E69E95F53F5CBF141C44
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/google-tracking/ga-0a4e309b5f2d7439b4f8876b19f37fc7.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};var q={},r=function(){q.TAGGING=q.TAGGING\|\|[];q.TAGGING[1]=!0};var t=function(a,b){for(var c in b)b.hasOwnProperty(c)&&(a[c]=b[c])},v=function(a){for(var b in a)if(a.hasOwnProperty(b))return!0;return!1};var x=/^(?:(?:https?\|mailto\|ftp):\|[^:/?#]*(?:[/?#]\|$))/i;var y=window,z=document,A=function(a,b){z.addEventListener?z.addEventListener(a,b,!1):z.attachEvent&&z.attachEvent("on"+a,b)};var B=/:[0-9]+$/,C=function(a,b,c){a=a.split("&");for(var d=0;d<a.length;d++){var e=a[d].split("=");if(decodeURIComponent(e[0]).replace(/\+/g," ")===b)return b=e.slice(1).join("="),c?b:decodeURIComponent(b).replace(/\+/g," ")}},F=function(a,b){b&&(b=String(b).toLowerCase());if("p

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\jet-blog.min-2.2.9[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	8501
Entropy (8bit):	5.0870306196602
Encrypted:	false
SSDEEP:	192:lKkO7xbWHSmyPEidPddSWneQAm9g3AFS7e78Q:lKh1myPEid+yeTm9TFi2p
MD5:	BDB89C23157E96CE0A6978293CE0EBFA
SHA1:	B4D7C5D9FAE848643FB9B283D424626A71D50D01
SHA-256:	047370A77F43B356CC417AFAF4B959E9B2C47F7DCFF73271A99EFAC3F25E665C
SHA-512:	C50E0D50C0CB0A96829D81FF3B76DE15388E51DC0B7350AEB3D6268613F1DCCBBBBE1AB8C9053CEB57BF4FD02A72ADB57E30729A5C37323FB5DF56C5C0667B7E
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/jet-blog/assets/js/jet-blog.min-2.2.9.js
Preview:	if(!function(c,i,a){"use strict";var o={YT:null,init:function(){var t={"jet-blog-smart-listing.default":o.initSmartListing,"jet-blog-smart-tiles.default":o.initSmartTiles,"jet-blog-text-ticker.default":o.initTextTicker,"jet-blog-video-playlist.default":o.initPlayList};c.each(t,function(t,e){i.hooks.addAction("frontend/element_ready/"+t,e)})},initPlayList:function(i){void 0!==YT.Player?o.initPlayListCb(i,YT):c(document).on("JetYouTubeIframeAPIReady",function(t,e){o.initPlayListCb(i,e)})},initPlayListCb:function(t,e){null===o.YT&&(o.YT=e),t.hasClass("players-initialized")\|\|(t.addClass("players-initialized"),o.switchVideo(t.find(".jet-blog-playlist__item.jet-blog-active")),t.on("click.JetBlog",".jet-blog-playlist__item",function(){t.find(".jet-blog-playlist__canvas").addClass("jet-blog-canvas-active"),o.switchVideo(c(this))}),t.on("click.JetBlog",".jet-blog-playlist__canvas-overlay",o.stopVideo))},initTextTicker:function(t){var r=null,d=t.find(".jet-text-ticker__posts"),e=d.data("typing")

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\lazyload.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	5273
Entropy (8bit):	5.071642558938907
Encrypted:	false
SSDEEP:	96:IncwFK9HqOq0tioPJUQuyhaFBx7Plpr2AVS1h3os81YwgDJf/55haS5OXqfQ9zm6:M9YH9qEJDcrx7Pll2qSPfRtDhaGOX79T
MD5:	B906C7B5D31EFDE9C615DE31CF4C089C
SHA1:	721540E4BABC25B6F245B92AEEF70E993E408D80
SHA-256:	FD9B21475370627E77A6988F76C0BF93A005F9E66C4F2E9FD62E5C2DE5976DC9
SHA-512:	EF912F012E72F697157368BC68636BA86CA945342A894378B08AEFFC12E95809B17E204EE9E397A59BAD7CF1B22CA7E4E85904FF81541837B8120DBDEBBCE062
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js
Preview:	function _extends(){return(_extends=Object.assign\|\|function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(t[o]=n[o])}return t}).apply(this,arguments)}function _typeof(t){return(_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}!function(t,e){"object"===("undefined"==typeof exports?"undefined":_typeof(exports))&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):t.LazyLoad=e()}(this,function(){"use strict";var t="undefined"!=typeof window,e=t&&!("onscroll"in window)\|\|"undefined"!=typeof navigator&&/(gle\|ing\|ro)bot\|crawl\|spider/i.test(navigator.userAgent),n=t&&"IntersectionObserver"in window,o=t&&"classList"in document.createElement("p"),r={elements_selector:"img",container:e\|\|t?document:null,threshold:300,threshol

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\logo[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
IE Cache URL:	https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/s/files/logo.png
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17394
Entropy (8bit):	3.324079896074607
Encrypted:	false
SSDEEP:	384:rKp84GZw7WZ1v5jBi1FnJICqWqjbTSIHaTPqsHkEiroLOweZnZq5fy6CJP:r+WfhjDUS
MD5:	474A9980C4D204E7D4B593832B226BEA
SHA1:	DBDB72D920A55C1AB76FDA122271C9986C8F9389
SHA-256:	163589FCFF3F5D67836D8DF3EC13D11E561E93C25B9679D3BA92B98F9D34EABF
SHA-512:	DFC58C88418F96A98009D0FF7BF626C5679A20BD63B0FE20C7B792D6EB95CD26C3206978DAB6DE70DA6CDDEAA612663C3972BAB5930DC84ADF1820F407A5EB14
Malicious:	true
Yara Hits:	Rule: JoeSecurity_HtmlPhish_6, Description: Yara detected HtmlPhish_6, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[1].htm, Author: Joe Security
Reputation:	low
Preview:	..<script type="text/javascript">....document.write(unescape('%3c%6d%65%74%61%20%63%68%61%72%73%65%74%3d%22%55%54%46%2d%38%22%20%6e%61%6d%65%3d%22%76%69%65%77%70%6f%72%74%22%20%63%6f%6e%74%65%6e%74%3d%22%77%69%64%74%68%3d%64%65%76%69%63%65%2d%77%69%64%74%68%2c%20%69%6e%69%74%69%61%6c%2d%73%63%61%6c%65%3d%31%2e%30%2c%20%6d%61%78%69%6d%75%6d%2d%73%63%61%6c%65%3d%31%2e%30%2c%20%6d%69%6e%69%6d%75%6d%2d%73%63%61%6c%65%3d%31%2e%30%2c%20%75%73%65%72%2d%73%63%61%6c%61%62%6c%65%3d%6e%6f%22%3e%0d%0a%09%3c%74%69%74%6c%65%3e%56%61%6c%69%64%61%74%69%6f%6e%3c%2f%74%69%74%6c%65%3e%0d%0a%09%3c%6c%69%6e%6b%20%72%65%6c%3d%22%73%74%79%6c%65%73%68%65%65%74%20%70%72%65%66%65%74%63%68%22%20%68%72%65%66%3d%22%68%74%74%70%73%3a%2f%2f%66%6f%6e%74%73%2e%67%6f%6f%67%6c%65%61%70%69%73%2e%63%6f%6d%2f%63%73%73%3f%66%61%6d%69%6c%79%3d%4f%70%65%6e%2b%53%61%6e%73%3a%36%30%30%22%3e%0d%0a%09%3c%6c%69%6e%6b%20%72%65%6c%3d%22%73%74%79%6c%65%73%68%65%65%74%22%20%68%72%65%66%3d%22%2e%2f%66%69%6c%65%73%2f%63%73%73%2e%63%73%7

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[2].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17394
Entropy (8bit):	3.324079896074607
Encrypted:	false
SSDEEP:	384:rKp84GZw7WZ1v5jBi1FnJICqWqjbTSIHaTPqsHkEiroLOweZnZq5fy6CJP:r+WfhjDUS
MD5:	474A9980C4D204E7D4B593832B226BEA
SHA1:	DBDB72D920A55C1AB76FDA122271C9986C8F9389
SHA-256:	163589FCFF3F5D67836D8DF3EC13D11E561E93C25B9679D3BA92B98F9D34EABF
SHA-512:	DFC58C88418F96A98009D0FF7BF626C5679A20BD63B0FE20C7B792D6EB95CD26C3206978DAB6DE70DA6CDDEAA612663C3972BAB5930DC84ADF1820F407A5EB14
Malicious:	true
Yara Hits:	Rule: JoeSecurity_HtmlPhish_6, Description: Yara detected HtmlPhish_6, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\s[2].htm, Author: Joe Security
Reputation:	low
Preview:	..<script type="text/javascript">....document.write(unescape('%3c%6d%65%74%61%20%63%68%61%72%73%65%74%3d%22%55%54%46%2d%38%22%20%6e%61%6d%65%3d%22%76%69%65%77%70%6f%72%74%22%20%63%6f%6e%74%65%6e%74%3d%22%77%69%64%74%68%3d%64%65%76%69%63%65%2d%77%69%64%74%68%2c%20%69%6e%69%74%69%61%6c%2d%73%63%61%6c%65%3d%31%2e%30%2c%20%6d%61%78%69%6d%75%6d%2d%73%63%61%6c%65%3d%31%2e%30%2c%20%6d%69%6e%69%6d%75%6d%2d%73%63%61%6c%65%3d%31%2e%30%2c%20%75%73%65%72%2d%73%63%61%6c%61%62%6c%65%3d%6e%6f%22%3e%0d%0a%09%3c%74%69%74%6c%65%3e%56%61%6c%69%64%61%74%69%6f%6e%3c%2f%74%69%74%6c%65%3e%0d%0a%09%3c%6c%69%6e%6b%20%72%65%6c%3d%22%73%74%79%6c%65%73%68%65%65%74%20%70%72%65%66%65%74%63%68%22%20%68%72%65%66%3d%22%68%74%74%70%73%3a%2f%2f%66%6f%6e%74%73%2e%67%6f%6f%67%6c%65%61%70%69%73%2e%63%6f%6d%2f%63%73%73%3f%66%61%6d%69%6c%79%3d%4f%70%65%6e%2b%53%61%6e%73%3a%36%30%30%22%3e%0d%0a%09%3c%6c%69%6e%6b%20%72%65%6c%3d%22%73%74%79%6c%65%73%68%65%65%74%22%20%68%72%65%66%3d%22%2e%2f%66%69%6c%65%73%2f%63%73%73%2e%63%73%7

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\share-link.min-3.1.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	2578
Entropy (8bit):	5.177015723485366
Encrypted:	false
SSDEEP:	48:mPTblyuvUkJipDUGr207o/9QZOF1JzOTPUzGbe2yhL4rXpDeiUkLTj7fWfPfpC7X:mPnlyuv/IpDUGr20KqZOFPOzUb2nrXpZ
MD5:	9BB8540493A7FE11B229870EB37BE165
SHA1:	D77F17CB9057DC8F622B8C0BF23F6ACB739B3B8E
SHA-256:	4A7EE62EB33F3BBB66C2151E5CAC6BF4904E28302EFC36128F3E3CCAE6FDE580
SHA-512:	FB245059108EE476BFBCA60A96D401C2796EE44B646E0874D41B5FDB1204A66E3BEC6A4AB8E155E50489B3ADF48BD609683B3D1C020B9F39D084A915F8377773
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/lib/share-link/share-link.min-3.1.1.js
Preview:	(function(a){window.ShareLink=function(b,c){var d,e={},f=function(a){var b=a.substr(0,e.classPrefixLength);return b===e.classPrefix?a.substr(e.classPrefixLength):null},g=function(a){d.on("click",function(){h(a)})},h=function(a){var b="";if(e.width&&e.height){var c=screen.width/2-e.width/2,d=screen.height/2-e.height/2;b="toolbar=0,status=0,width="+e.width+",height="+e.height+",top="+d+",left="+c}var f=ShareLink.getNetworkLink(a,e),g=/^https?:\/\//.test(f),h=g?"":"_self";open(f,h,b)},i=function(){a.each(b.classList,function(){var a=f(this);if(a)return g(a),!1})},j=function(){a.extend(e,ShareLink.defaultSettings,c),["title","text"].forEach(function(a){e[a]=e[a].replace("#","")}),e.classPrefixLength=e.classPrefix.length},k=function(){d=a(b)};(function(){j(),k(),i()})()},ShareLink.networkTemplates={twitter:"https://twitter.com/intent/tweet?text={text}\x20{url}",pinterest:"https://www.pinterest.com/pin/create/button/?url={url}&media={image}",facebook:"https://www.facebook.com/sharer.php?u={u

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\MC8R5KA7.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text, with very long lines
Category:	downloaded
Size (bytes):	23111
Entropy (8bit):	5.290380324630683
Encrypted:	false
SSDEEP:	384:oaiTh2gpHvHO5H9AO6jogtqJ6JPJeJuWJAJTtWJ6JPJeJS/N5uYu7nTgdePPqvmJ:oaiTbpPu5H9AnGJ6JPJeJuWJAJgJ6JPO
MD5:	A1195EB5C3C6D7B2258505A0B11FC1A2
SHA1:	96DC8419032CD521DA33E4AD76DCFBCABCB157AE
SHA-256:	C401366641ABCD9E1856FC7D2641CF14F77CE5A9009C5C378E9E50ABDAA95CC4
SHA-512:	2E36F4C65D359BF76F6860579C2F24EECF94AF55EA8156C595D822E18F7E7C65E0B618F676959F9CAA023F4556DB483BF49A9FCD439FA22EC0B214CA85C6C066
Malicious:	false
Reputation:	low
IE Cache URL:	https://securepay.mysellful.com/
Preview:	<!doctype html><html lang="en-US" prefix="og: http://ogp.me/ns#"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta http-equiv="x-dns-prefetch-control" content="on"><link rel="preconnect" crossorigin href="//stateless.sellful.com" /><link rel="preconnect" href="//cdn1.sellful.com" /><link rel="preconnect" crossorigin href="//fonts.googleapis.com" /><link rel="preconnect" crossorigin href="//ajax.googleapis.com" /><link rel="preconnect" crossorigin href="//apis.google.com" /><link rel="preconnect" crossorigin href="//google-analytics.com" /><link rel="preconnect" crossorigin href="//www.google-analytics.com" /><link rel="preconnect" crossorigin href="//ssl.google-analytics.com" /><link rel="dns-prefetch" href="//youtube.com" /><link rel="preconnect" crossorigin href="//fonts.gstatic.com" /><link rel="preconnect" crossorigin href="//fonts.gstatic.com/s/" /><style>#ub_global_footer_conten

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\admin-ajax[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	very short file (no magic)
Category:	downloaded
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:U:U
MD5:	C4CA4238A0B923820DCC509A6F75849B
SHA1:	356A192B7913B04C54574D18C28D46E6395428AB
SHA-256:	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
SHA-512:	4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
Malicious:	false
Reputation:	low
IE Cache URL:	https://securepay.mysellful.com/dashboard/admin-ajax.php?action=wu_count_visits&code=6132cfcf5a
Preview:	1

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\c6561660-new-remittance-785x800[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 785 x 800, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	152673
Entropy (8bit):	7.990638263266791
Encrypted:	true
SSDEEP:	3072:ytxeTRjbnkb3i/XeBAtdnmng/v2WQfWQTm7uffXYwvZ1oMEhvW/:y6TRHW+1AyGWIPboMEhS
MD5:	F3ABDCA15BFA18336CFC35F883491739
SHA1:	335C15AA3E10703589CE0CF0F64A9A373120F235
SHA-256:	67DFDFB4D1A369156EB7F956AE26B1FCE3634AC737DCEEFF5DAD5DAEDB0CE6BC
SHA-512:	2290035BE750566C90B946BBB16B58A8F76A553EFCF1DD49B9E289E7D8AA5AA11492E859A3BB8A7B150AABE19C056E4F803E792219763F348F137D207069E49C
Malicious:	false
Reputation:	low
IE Cache URL:	https://stateless.sellful.com/2021/04/c6561660-new-remittance-785x800.png
Preview:	.PNG........IHDR....... ......#x9..T(IDATx..}ac.6.,......?...E.x.@.4..L..nrG.\..Q.)u.,....;.X.b..+V..2x..+V.X.b...V.X.b..+.fZ.b..+V.X.i..+V.X.ba..+V.X.b...V.X.b..+.fZ.b..+V.X.i..+V.X.b..L+V.X.b...3.X.b..+V,.b..+V.X.0..+V.X.b..L+V.X.b...3.X.b..+V,.b..+V.X.8...}.._..^...b..+V.X...L>.....?.]....y..x.??H,...?t_t..+V.X..wl..Jr.]`....../...v?.._p.\|.?............#.]0t.?.........f.gc.O...........U.3n......}.tr'.;..}....~..6..}./...._......?1._.p.p9..Z0-..........v..;._D..X.\|..,......M1....?..Lk.8./..s..}.>.O..YW,..;...w'2......x.........h\|.i./......9......9..A....{..c.`.oq.b...S.".l.>..Oa.8xz...G..P..9............>YFZ....F...,O.$3.....n.0%...........0...>O..Mwx:r<>?..%.>..i...b^....9.).@.f..$..........3Pp.. l.=....s...........F....U .'.6.<._.....>..u....../...K.......u.?.8..w3wr....'O........V.]...L._...s..]..B...sm.@.V...i...a.]...7yb..{...jb...*.5..< ..x..+....Ot.3..P..! H.@,..T.....S.....#'#R.g..6.;....D\|.\|.=~.V.vQ...N`....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\ccaf1bb7df93920b7090e89ad7f87719[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	962960
Entropy (8bit):	4.9838251465791545
Encrypted:	false
SSDEEP:	24576:0akeSkXmBQ2hXTtK0sBCwRgwIsrS26LTFTF:xkeSkXmBQSXTSgwO
MD5:	94547D32CD5E7AFFFDF394055C5C767D
SHA1:	10E65A16AD492DFEF08374373BCAED3559159D61
SHA-256:	3BFA9CA8A9F68321B95EABB8E2401C2725C76E967A9C2A560C4C2014C351DA11
SHA-512:	93977CD46D315E8123831E3D37E081159F88821203B940267188DD60EAC8B957862C09F1D868621237C40607D683849DAEAF8947088B3C869C209FB57351E436
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/min/3146/ccaf1bb7df93920b7090e89ad7f87719.css
Preview:	.wp-block-audio figcaption{margin-top:.5em;margin-bottom:1em;color:#555d66;text-align:center;font-size:13px}.wp-block-audio audio{width:100%;min-width:300px}.block-editor-block-list__layout .reusable-block-edit-panel{align-items:center;background:#f8f9f9;color:#555d66;display:flex;flex-wrap:wrap;font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif;font-size:13px;top:-14px;margin:0 -14px;padding:8px 14px;position:relative;border:1px dashed rgba(145,151,162,.25);border-bottom:none}.block-editor-block-list__layout .block-editor-block-list__layout .reusable-block-edit-panel{margin:0 -14px;padding:8px 14px}.block-editor-block-list__layout .reusable-block-edit-panel .reusable-block-edit-panel__spinner{margin:0 5px}.block-editor-block-list__layout .reusable-block-edit-panel .reusable-block-edit-panel__info{margin-right:auto}.block-editor-block-list__layout .reusable-block-edit-panel .reusable-block-edit-panel__label{margin-right:8

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\frontend.min-3.0.5[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators
Category:	downloaded
Size (bytes):	172226
Entropy (8bit):	5.177850445576503
Encrypted:	false
SSDEEP:	1536:fUoTZWLyt96lLV35I00ytezfURlR/TgXrCn2kCA79hJUWpyLBYAyXEaan7Jd8dFS:fUoTZIymlEv6vGylDddi5knbM
MD5:	64A17E19546A8EAEB7449982967CFA69
SHA1:	B777FF3056A8DD8C79F93C0125F21EC3909C9802
SHA-256:	65115988F62E8284EBC9BBD735C7DE493F47ED8EA5A266FDDB4C86D4997472FB
SHA-512:	C3F3B69EF730C492AC5FED2313A334F72CA0C317EA9F3224A5BC780D18B766EFD4EEB1F4DAA024BBE0837A842E63B75C9E0A144A6E8FC4EA2A940E5595076971
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor-pro/assets/js/frontend.min-3.0.5.js
Preview:	/! elementor-pro - v3.0.5 - 23-09-2020 /.!function(e){var t={};function n(i){if(t[i])return t[i].exports;var r=t[i]={i:i,l:!1,exports:{}};return e[i].call(r.exports,r,r.exports,n),r.l=!0,r.exports}n.m=e,n.c=t,n.d=function(e,t,i){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:i})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var i=Object.create(null);if(n.r(i),Object.defineProperty(i,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)n.d(i,r,function(t){return e[t]}.bind(null,r));return i},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=474)}([function(e,t,n){e.exports=n(113)},function(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\jet-tricks-frontend-1.2.12[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	20554
Entropy (8bit):	5.001175704365427
Encrypted:	false
SSDEEP:	384:vPiXLzLL3fu7Dlof01DIwZtWSHyk5hAoALTKAI7NEdoALTwI3aoALTKpmIQLH83y:vPovHIDsSIktBHAoALTKPKdoALTzaoAn
MD5:	61EE94A46DB07B5D0ADDD2F1CB20AF10
SHA1:	513E714A9FA59ACBBE436EA70EAE7EC8DD5B87C1
SHA-256:	340CB3133FD2998435B655096B9DDFC1F24DB65D66F296A7369643C4256273B9
SHA-512:	604270F1291B03C65E85E4B3FC106D60FE7F7A73F110E55D668A502164F40D6A0FAC23A2A753F46BD3DCDE1B9FA34A44ABDC38E66A3864AF63F3315B3997B3E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend-1.2.12.js
Preview:	( function( $, elementor ) {...'use strict';...var JetTricks = {....init: function() {....elementor.hooks.addAction( 'frontend/element_ready/section', JetTricks.elementorSection );....elementor.hooks.addAction( 'frontend/element_ready/column', JetTricks.elementorColumn );....elementor.hooks.addAction( 'frontend/element_ready/widget', JetTricks.elementorWidget );.....var widgets = {.....'jet-view-more.default' : JetTricks.widgetViewMore,.....'jet-unfold.default' : JetTricks.widgetUnfold,.....'jet-hotspots.default' : JetTricks.widgetHotspots....};.....$.each( widgets, function( widget, callback ) {.....elementor.hooks.addAction( 'frontend/element_ready/' + widget, callback );....});...},....elementorSection: function( $scope ) {....var $target = $scope,.....sectionId = $scope.data( 'id' ),.....editMode = Boolean( elementor.isEditMode() ),.....settings = {};.....if ( window.JetTricksSettings && window.JetTricksSettings.elements_data.sections.hasOwnProperty( section

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\jquery-1.12.4-wp[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	96873
Entropy (8bit):	5.372169393547772
Encrypted:	false
SSDEEP:	1536:HYE1fGBiByJsbfXXeRJ/shgWCeLLccJdZVHk04ssx+/mvaSIFSet43tpXJIGVyp3:fsAg0psxTva/FSeKy2bDD5a98Hrq
MD5:	49EDCCEA2E7BA985CADC9BA0531CBED1
SHA1:	F8747F8EE704D9AF31D0950015E01D3F9635B070
SHA-256:	1DB21D816296E6939BA1F42962496E4134AE2B0081E26970864C40C6D02BB1DF
SHA-512:	F766DF685B673657BDF57551354C149BE2024385102854D2CA351E976684BB88361EAE848F11F714E6E5973C061440831EA6F5BE995B89FD5BD2D4559A0DC4A6
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-includes/js/jquery/jquery-1.12.4-wp.js
Preview:	/! jQuery v1.12.4 \| (c) jQuery Foundation \| jquery.org/license \| WordPress 2019-05-16 /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="1.12.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?a<0?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,fu

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\jquery-migrate.min-1.4.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10056
Entropy (8bit):	5.308628526814024
Encrypted:	false
SSDEEP:	192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR
MD5:	7121994EEC5320FBE6586463BF9651C2
SHA1:	90532AFF6D4121954254CDF04994D834F7EC169B
SHA-256:	48EB8B500AE6A38617B5738D2B3FAEC481922A7782246E31D2755C034A45CD5D
SHA-512:	B74A2F03C64E883B9A34DE43690429327DFB4AA230A7A6AFCA8150A16E3D84E98461245FF264C26368D9904562CC34FE219F71F951D364FA5C68C039B76776CD
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-includes/js/jquery/jquery-migrate.min-1.4.1.js
Preview:	/! jQuery Migrate v1.4.1 \| (c) jQuery Foundation and other contributors \| jquery.org/license /."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(a,b,c){function d(c){var d=b.console;f[c]\|\|(f[c]=!0,a.migrateWarnings.push(c),d&&d.warn&&!a.migrateMute&&(d.warn("JQMIGRATE: "+c),a.migrateTrace&&d.trace&&d.trace()))}function e(b,c,e,f){if(Object.defineProperty)try{return void Object.defineProperty(b,c,{configurable:!0,enumerable:!0,get:function(){return d(f),e},set:function(a){d(f),e=a}})}catch(g){}a._definePropertyBroken=!0,b[c]=e}a.migrateVersion="1.4.1";var f={};a.migrateWarnings=[],b.console&&b.console.log&&b.console.log("JQMIGRATE: Migrate is installed"+(a.migrateMute?"":" with logging active")+", version "+a.migrateVersion),a.migrateTrace===c&&(a.migrateTrace=!0),a.migrateReset=function(){f={},a.migrateWarnings.length=0},"BackCompat"===document.compatMode&&d("jQuery is not compatible with Quirks Mode");var g=a("<input/>",{size:1}).attr("size")&&a.attrFn,h=a.att

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\new[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	274
Entropy (8bit):	5.103985734252342
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwol6hEr6VX16hu9nPhoA2Lc+Q6Q+KqD:J0+ox0RJWWPh5ET
MD5:	0E241B8D33B2AE011B112941747BA154
SHA1:	1F027D10066871A789A960053D74B17B81843920
SHA-256:	2F3D726E8D6811D028A298E3BF49D01FBC0D12AD6D91993EE16CA5BDEC111295
SHA-512:	011C5578E3BEA4EBF8DE11F141F0044AEB7AF3608DB15B1545C4EF23A3B5B8187D7888978C76C87B48D1ED44DF28203D37395617F075254B8CE67D6D1EC7A9C8
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://atendiendochagas.mundosano.org/kcontrol-inti/continue/new/">here</a>.</p>.</body></html>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\v4-shims.min-3.1.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	15055
Entropy (8bit):	4.548869590540711
Encrypted:	false
SSDEEP:	192:bP6Vw28fajqZFSJtd4fxVOT2iQsVJqYqV5PnX9dUWFjWqh2P9e93f7POD3o:OX8fajqZFwtdykZwRXcoWI2P9o7S3o
MD5:	7A5DEA0A705CC2F4CD87DBAAA6666BC6
SHA1:	678BC6F750F13ADB29BBC158EB0D9CD813B736FA
SHA-256:	97CF1307C16A437B77B5F7F5C9BC0B985D0745A14BE5A279019ACA5A3432E264
SHA-512:	7C19D0EDC28FE8733075534DE6176483416BB3535F37B7607536AEA2DDF9C5591D864225049C9A74735C1DAF44C72688D91C1133BB018683ADE11F16EA596807
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min-3.1.1.js
Preview:	/!. Font Awesome Free 5.15.1 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.var l,a;l=this,a=function(){"use strict";var l={},a={};try{"undefined"!=typeof window&&(l=window),"undefined"!=typeof document&&(a=document)}catch(l){}var e=(l.navigator\|\|{}).userAgent,r=void 0===e?"":e,n=l,o=a,u=(n.document,!!o.documentElement&&!!o.head&&"function"==typeof o.addEventListener&&o.createElement,~r.indexOf("MSIE")\|\|r.indexOf("Trident/"),"___FONT_AWESOME___"),t=function(){try{return"production"===process.env.NODE_ENV}catch(l){return!1}}();var f=n\|\|{};f[u]\|\|(f[u]={}),f[u].styles\|\|(f[u].styles={}),f[u].hooks\|\|(f[u].hooks={}),f[u].shims\|\|(f[u].shims=[]);var i=f[u],s=[["glass",null,"glass-martini"],["meetup","fab",null],["star-o","far","star"],["remove",null,"times"],["close",null,"times"],["gear",null,"cog"],["trash-o","far","trash-alt"],["file-o","far","file"],["clock-o","far","clock"],["arro

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\webpack.runtime.min-3.1.1[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	4626
Entropy (8bit):	5.358820430051677
Encrypted:	false
SSDEEP:	96:BcQS4KssNLRu/QLXluU/MxV/LUVHwK2U2fdkGltCX:fS4kPJLNMxdQeTFHk
MD5:	7423529C58B1A1BF4EE735F7AFBB59BD
SHA1:	52D72A236F4925E5BD2C0A173A03C7CA8A92BBA8
SHA-256:	E9286A9B5C5047627AFB876EBE1C90933EE1C438164D529D01D80C4636C4B405
SHA-512:	820F4F987F67BC271BB7C098E21BED9F14F5528D6DBD30F62E90F5D331AA9475434EA54602F24BC80EBE7FF4E673059D7E4493049064B029BAC463826609D039
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/js/webpack.runtime.min-3.1.1.js
Preview:	/! elementor - v3.1.1 - 31-01-2021 /.(()=>{"use strict";var e,r,_={},t={};function __webpack_require__(e){if(t[e])return t[e].exports;var r=t[e]={exports:{}};return _[e](r,r.exports,__webpack_require__),r.exports}__webpack_require__.m=_,__webpack_require__.t=function(e,r){if(1&r&&(e=this(e)),8&r)return e;if(4&r&&"object"==typeof e&&e&&e.__esModule)return e;var _=Object.create(null);__webpack_require__.r(_);var t={};if(2&r&&"object"==typeof e&&e)for(const r in e)t[r]=()=>e[r];return t.default=()=>e,__webpack_require__.d(_,t),_},__webpack_require__.d=(e,r)=>{for(var _ in r)__webpack_require__.o(r,_)&&!__webpack_require__.o(e,_)&&Object.defineProperty(e,_,{enumerable:!0,get:r[_]})},__webpack_require__.f={},__webpack_require__.e=e=>Promise.all(Object.keys(__webpack_require__.f).reduce(((r,_)=>(__webpack_require__.f[_](e,r),r)),[])),__webpack_require__.u=e=>209===e?"accordion.959b6d3705116b2a55b1.bundle.min.js":745===e?"alert.f4e7a6df1283698dea78.bundle.min.js":120===e?"counter.99f87b466b

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOjCnqEu92Fr1Mu51S7ACc6CsI[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22080, version 1.1
Category:	downloaded
Size (bytes):	22080
Entropy (8bit):	7.970620647480227
Encrypted:	false
SSDEEP:	384:BfnIIA0zhdg/5oXRAZDRsZObG141wGUaBgKYADioTCgZM6+HJtWjbmMbQMbL2nNQ:B00zhdW7ZDRsR141wYAoTCGUptzMbqnu
MD5:	FA8878D8872A2AC4BEB377CDAE15566A
SHA1:	34EE72B0E553C3EFA41A7E0DF4EB710596469A10
SHA-256:	8411023A027610AEB3DC333438E12A17222163AE78817C5395DA04548ED30150
SHA-512:	112ED53A4A18EB3378A57B154566C0F1AF438FF400EBE453253F5E2465B6A07370B447736EACB99114ED43E05CAE5A3A019BE6886D50EB15FA1E2D6F35D9AFBA
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsI.woff
Preview:	wOFF......V@.......0........................GDEF.......G...d....GPOS..............oGSUB................OS/2...p...N...`t..dcmap...............#cvt .......\...\1..Mfpgm...4...2......$.gasp...h............glyf...t..Bf..s...hdmx..N....l....(/./head..OH...6...6...vhhea..O....#...$....hmtx..O..........:8loca..R@..........imaxp..T8... ... .4..name..TX........!.>gpost..U4....... .a.dprep..UL.......X9..x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x....%Y....Wm=..mo..k.m....rl...m.g"^..../..[.}.S...\.mD...1..G>..giz...=C..}.y....\|o..c.x.R.r"B........m....../.&./6..5D.AGX.....)<'.)....?.... .Y4>\|1...ES.Gc...FO.>$.../...}RCl..T.zD..uZ4~D.._OK.$.Z.(..JR...\..\..\..\.\......*'n..6:x...b,..$...?.g:./y.iLg.3..l.0.y.g..X..V...d.#O...0....b7{..>.n.iD.V....." e.\A..OR.kwp.].....6p..."ZE..%...e.u3..L..V...W.7b..L.3.L1K...Ts..$6.-b.......9...b@..!1,...v.C....{...dox.G(...\|a%E:.Fn.Nn.^n.........Sf..E)...k....<g..){....\|......DT..N....Hy.F.Jez......._?7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOjCnqEu92Fr1Mu51TjASc6CsI[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22280, version 1.1
Category:	downloaded
Size (bytes):	22280
Entropy (8bit):	7.9727639867534075
Encrypted:	false
SSDEEP:	384:P9oOx7sdtvlKnxdf5DGTHz3uPGia2ghi4OEiO+KdRialMgTC3YS95HbcW8Y:1lZsdKnxdBDwz++ia2l4OEi7KCquoS9J
MD5:	6E949B62AF2E8B6F705E35EE4DBC17F4
SHA1:	31BC06C0C932EC0176F42C6864C58D7450BBF97E
SHA-256:	917A5159BE44DE9A82072F6A1C52EF645844D6BEDF42F8FD1549CD99D6DB2CC5
SHA-512:	109EF637EF3C4FB1670DD328466BF1507F0E92D97153A71CA045F3F17F924CC92FF75777B3730CF722825C755D646A796F429F50973C64B543AA13C174D8921B
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TjASc6CsI.woff
Preview:	wOFF......W........x........................GDEF.......G...d....GPOS...............!GSUB................OS/2...L...N...`t6.<cmap...............#cvt .......X...X/...fpgm.......4......".gasp...@............glyf...L..C`..tP>.e%hdmx..O....m....$+.-head..P....6...6...mhhea..PT...#...$...zhmtx..Px.........3J.loca..S............maxp..U.... ... .4..name..U0..........>.post..V........ .a.dprep..V$.......?.1 .x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x...l\..F..3...N..q)..a\|.....^..33..c......p"y.iT....<Gg...!.3...T1...{.g0.u.y........m.\|.k..NF......mox.;...7&.Y..C.R_[.T.c..-.=...9:...aj.G...............O.Q".6...>...(?...~...._.2:..K4....S%...jbr).........e.U..-..X.3.ILQ....z..!.f:...<.W.#...e.c=...&6...lc;;..3<.s<....H.i2..N..t..)Ns...#`..".).[...._.T..T.....+l..=..O.....Z..F...r..eM.f.Y.....-...r.\.s6.r..,...:.<$..#.l..F.$.2#.e..].[.....yR...e.\|{..O..`)..U.0.e.50.Z.b../cM..i.&O._..+.Y.W...;z....j.p._.o..[CL.)n'.UGx..>).X..MJ..Fr..v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOkCnqEu92Fr1Mu51xIIzQ[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 22036, version 1.1
Category:	downloaded
Size (bytes):	22036
Entropy (8bit):	7.974581575530646
Encrypted:	false
SSDEEP:	384:WhoOtWgD0GjcBsPSQSQhzT8EeFVJDOFKA3t1pLXhj8gGddsbnDX1F:4l30GI/cRMzqKA91pNj89WnDX1F
MD5:	522AECAD450B10CE647739BC8D9AA1C6
SHA1:	6C3528F1BDD5B980F41BDCD1D9FCD812FE0C6D61
SHA-256:	2B5FB1F0EE063320196A64157AE9A949BB4656BC48604914175F1EDA636DCE07
SHA-512:	33AAAE71C92278EE04102EE59B3856DB9EB7C6F187EC35BBD302492619CA47811FF379A2B469DAF670407ADEA10B3BCF56A7B883CD1241447957471263CF95B3
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzQ.woff
Preview:	wOFF......V........x........................GDEF.......G...d....GPOS...............!GSUB................OS/2...L...O...`t..Rcmap...............#cvt .......R...R..-.fpgm.......4....s...gasp...<............glyf...H..Bd..rp}..hdmx..N....m....#-.,head..O....6...6...ehhea..OT...#...$....hmtx..Ox.........cC.loca..R.......... \|.maxp..T.... ... .4..name..T0..........:.post..U........ .a.dprep..U .......D..].x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x...l\..F..3...N..q)..a\|.....^..33..c......p"y.iT....<Gg...!.3...T1...{.g0.u.y........m.\|.k..NF......mox.;...7&.Y..C.R_[.T.c..-.=...9:...aj.G...............O.Q".6...>...(?...~...._.2:..K4....S%...jbr).........e.U..-..X.3.ILQ....z..!.f:...<.W.#...e.c=...&6...lc;;..3<.s<....H.i2..N..t..)Ns...#`..".).[...._.T..T.....+l..=..O.....Z..F...r..eM.f.Y.....-...r.\.s6.r..,...:.<$..#.l..F.$.2#.e..].[.....yR...e.\|{..O..`)..U.0.e.50.Z.b../cM..i.&O._..+.Y.W...;z....j.p._.o..[CL.)n'.UGx..>).X..MJ..Fr..v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20532, version 1.1
Category:	downloaded
Size (bytes):	20532
Entropy (8bit):	7.966425322589798
Encrypted:	false
SSDEEP:	384:tfEIIA0zhnegvIQxhXmqd8lpP/FwL0cV8yP1JSRHbNHlZL7qwZkoEu3HTbpXcyKd:tr0zhnewHxRmqd8PdwLLeR/ZLGwZLbTA
MD5:	DA2721C68B4BC80DB8D4C404F76B118C
SHA1:	3A32E8B7EFBC9DFB52F024D657B8C8C0A80E5804
SHA-256:	BD811625271ACCA47F7DAC48B460F13E08EE947B2A8E17E278C4D5CCB5D9323C
SHA-512:	5110656E41A261BD2A06F8B5B2A362FF8836B4289E1DE0777D83DB8E9D709C4C4248B67653A28FA47AD4AE823021ADBFC587900E142BF6887C2A7C936F7F4C33
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc-.woff
Preview:	wOFF......P4.......l........................GDEF.......G...d....GPOS..............oGSUB................OS/2...p...Q...`t...cmap...............#cvt .......\...\1..Kfpgm...8...2......$.gasp...l............glyf...x..<e..n..W..hdmx..H....m....+1.3head..IP...6...6...rhhea..I.... ...$....hmtx..I...........S.loca..L8...........maxp..N4... ... .4..name..NT..........:.post..O0....... .m.dprep..OD.......S...)x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x....%Y....Wm=..mo..k.m....rl...m.g"^..../..[.}.S...\.mD...1..G>..giz...=C..}.y....\|o..c.x.R.r"B........m....../.&./6..5D.AGX.....)<'.)....?.... .Y4>\|1...ES.Gc...FO.>$.../...}RCl..T.zD..uZ4~D.._OK.$.Z.(..JR...\..\..\..\.\......*'n..6:x...b,..$...?.g:./y.iLg.3..l.0.y.g..X..V...d.#O...0....b7{..>.n.iD.V....." e.\A..OR.kwp.].....6p..."ZE..%...e.u3..L..V...W.7b..L.3.L1K...Ts..$6.-b.......9...b@..!1,...v.C....{...dox.G(...\|a%E:.Fn.Nn.^n.........Sf..E)...k....<g..){....\|......DT..N....Hy.F.Jez......._?7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmSU5fBBc-[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20404, version 1.1
Category:	downloaded
Size (bytes):	20404
Entropy (8bit):	7.970248785137973
Encrypted:	false
SSDEEP:	384:8uFoOxqigBacqKz8RGLv6K5a+jZ/rFSyeM5B8r/WjRy0BsM16t/PJ:PFlIvUKz8R+t5N53eGar/gY0Bv6tp
MD5:	BF0F407102FAF3A0B521D3B545F547A5
SHA1:	CA357CD0DE5DD0242E8EFACFB8D24AB60FDC86AB
SHA-256:	855A06974032BB69157D469ABA6F63440E8BE47C421F45C3F396F4E0B87B6DE8
SHA-512:	85359028F7FE49B1DF90B72E48DC7DE4B21F1B65E8BF109595705A3F4EAF9FA79854B5AEF060FE266291C5ECE9D04FCEAD1DE09BAA2C5E20601E1579212520C8
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc-.woff
Preview:	wOFF......O........x........................GDEF.......G...d....GPOS...............!GSUB................OS/2...L...P...`t6..cmap...............#cvt .......X...X/...fpgm.......4......".gasp...@............glyf...L..<'..m..]5Yhdmx..Ht...m....),..head..H....6...6.Y.ihhea..I.... ...$....hmtx..I<.........Dd.loca..K............maxp..M.... ... .4.\name..M........\|..9.post..N........ .m.dprep..N........:z/.Wx...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x...l\..F..3...N..q)..a\|.....^..33..c......p"y.iT....<Gg...!.3...T1...{.g0.u.y........m.\|.k..NF......mox.;...7&.Y..C.R_[.T.c..-.=...9:...aj.G...............O.Q".6...>...(?...~...._.2:..K4....S%...jbr).........e.U..-..X.3.ILQ....z..!.f:...<.W.#...e.c=...&6...lc;;..3<.s<....H.i2..N..t..)Ns...#`..".).[...._.T..T.....+l..=..O.....Z..F...r..eM.f.Y.....-...r.\.s6.r..,...:.<$..#.l..F.$.2#.e..].[.....yR...e.\|{..O..`)..U.0.e.50.Z.b../cM..i.&O._..+.Y.W...;z....j.p._.o..[CL.)n'.UGx..>).X..MJ..Fr..v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmWUlfBBc-[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20396, version 1.1
Category:	downloaded
Size (bytes):	20396
Entropy (8bit):	7.974131663185347
Encrypted:	false
SSDEEP:	384:SfXdUIIA0zhyKR28ePpAwxZ5M3py8wtshtdf45DEVTGdYb7H2Q/VEgm:Svdj0zhbRmjIQ8wtsV4lEVGdY3/i/
MD5:	68D6DABFE54E245E7D5D5C16C3C4B1A9
SHA1:	7FDAB895EAEBECEDB3FB5473EAB94A1B292CEF19
SHA-256:	A01A632E56731A854F35701AA8C3A6A19A113290D9032FF9048F8064C45383BD
SHA-512:	44EB151F85178A2F9600E85AD43FAE470FABE0F247C9A03E67931B36028E600C7550D9DE2D69B3576A06577A5DEAF54822EE4BDC9DCBB47588D1972C8A959D43
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc-.woff
Preview:	wOFF......O.................................GDEF.......G...d....GPOS..............oGSUB................OS/2...p...Q...`u...cmap...............#cvt .......H...H+~..fpgm...$...3...._...gasp...X............glyf...d..< ..l..C^]hdmx..H....m....03#7head..H....6...6...\hhea..I,... ...$.&..hmtx..IL........".J.loca..K.............maxp..M.... ... .4..name..M........~..9.post..N........ .m.dprep..N........)v60x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x....%Y....Wm=..mo..k.m....rl...m.g"^..../..[.}.S...\.mD...1..G>..giz...=C..}.y....\|o..c.x.R.r"B........m....../.&./6..5D.AGX.....)<'.)....?.... .Y4>\|1...ES.Gc...FO.>$.../...}RCl..T.zD..uZ4~D.._OK.$.Z.(..JR...\..\..\..\.\......'n..6:x...b,..$...?.g:./y.iLg.3..l.0.y.g..X..V...d.#O...0....b7{..>.n.iD.V....." e.\A..OR.kwp.].....6p..."ZE..%...e.u3..L..V...W.7b..L.3.L1K...Ts..$6.-b.......9...b@..!1,...v.C....{...dox.G(...\|a%E:.Fn.Nn.^n.........Sf..E)...k....<g..){....\|......DT..N....Hy.F.Jez......._?7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOlCnqEu92Fr1MmYUtfBBc-[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20412, version 1.1
Category:	downloaded
Size (bytes):	20412
Entropy (8bit):	7.970834733902595
Encrypted:	false
SSDEEP:	384:af5t4IIA0zhLqV6fCjKK/bF+ituwbilrCG36/C4odv4QobGOo8y0rO+:arn0zhLqnDFbuwb0rCGPdv4QoKOByf+
MD5:	64BBA9C4E8156C152050C657E9D24BF1
SHA1:	90ECF87091FAABE7BC0FF54A43828FA4DD483278
SHA-256:	D33864E01E5103EBE439732BB606E694C73B6851F24DA25D41901EB17CB5D98E
SHA-512:	2456A688A4C51759293E482D434A324BA81EFAC9DC203226007C256D468E424A88C678D1B8BCAD9E3950C6AC4F7FF76CACAD71A730709A600CA45569586910CC
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc-.woff
Preview:	wOFF......O........\|........................GDEF.......G...d....GPOS..............oGSUB................OS/2...p...O...`v...cmap...............#cvt .......Z...Z...=fpgm...4...3......#.gasp...h............glyf...t..<...lL....hdmx..H....n....47(;head..H....6...6...Rhhea..I,... ...$.]..hmtx..IL........,.A.loca..K..........Bs.maxp..M.... ... .4..name..M........\|..9.post..N........ .m.dprep..N........8...Cx...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x....%Y....Wm=..mo..k.m....rl...m.g"^..../..[.}.S...\.mD...1..G>..giz...=C..}.y....\|o..c.x.R.r"B........m....../.&./6..5D.AGX.....)<'.)....?.... .Y4>\|1...ES.Gc...FO.>$.../...}RCl..T.zD..uZ4~D.._OK.$.Z.(..JR...\..\..\..\.\......*'n..6:x...b,..$...?.g:./y.iLg.3..l.0.y.g..X..V...d.#O...0....b7{..>.n.iD.V....." e.\A..OR.kwp.].....6p..."ZE..%...e.u3..L..V...W.7b..L.3.L1K...Ts..$6.-b.......9...b@..!1,...v.C....{...dox.G(...\|a%E:.Fn.Nn.^n.........Sf..E)...k....<g..){....\|......DT..N....Hy.F.Jez......._?7.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\KFOmCnqEu92Fr1Mu4mxM[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20332, version 1.1
Category:	downloaded
Size (bytes):	20332
Entropy (8bit):	7.970235088150752
Encrypted:	false
SSDEEP:	384:U0iwaxoOUPVkOJJSu6SsCKTIRDqG9oHKwZh98OSv+MsgkAOY:75mlUmOSu1guh+fZhLSxkAr
MD5:	DC3E086FC0C5ADDC09702E111D2ADB42
SHA1:	B1138B84FF19EAC5F43C4202297529D389BD09B7
SHA-256:	EA50AC7FDDB61A5CE248A7F8B3A31A98FE16285E076B16E6DA6B4E10910724BB
SHA-512:	10123C785C396CF0844751A014413ECF4D058AD0C00CAAEF5F8FFEF504C370F03EACD0B3C2A49211EEE0877B7AE7D0EF6E01264F04FC910C2660584B5E943BE0
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff
Preview:	wOFF......Ol.......x........................GDEF.......G...d....GPOS...............!GSUB................OS/2...L...P...`t...cmap...............#cvt .......T...T+...fpgm.......5....w.`.gasp...@............glyf...L..;...m.&.x.hdmx..H....m....'/./head..H....6...6.j.zhhea..H.... ...$....hmtx..H...........]uloca..Kp..........m,maxp..Mp... ... .4..name..M........t.U9.post..N`....... .m.dprep..Nt.......I.f..x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x...l\..F..3...N..q)..a\|.....^..33..c......p"y.iT....<Gg...!.3...T1...{.g0.u.y........m.\|.k..NF......mox.;...7&.Y..C.R_[.T.c..-.=...9:...aj.G...............O.Q".6...>...(?...~...._.2:..K4....S%...jbr).........e.U..-..X.3.ILQ....z..!.f:...<.W.#...e.c=...&6...lc;;..3<.s<....H.i2..N..t..)Ns...#`..".).[...._.T..T.....+l..=..O.....Z..F...r..eM.f.Y.....-...r.\.s6.r..,...:.<$..#.l..F.$.2#.e..].[.....yR...e.\|{..O..`)..U.0.e.50.Z.b../cM..i.&O._..+.Y.W...;z....j.p._.o..[CL.)n'.UGx..>).X..MJ..Fr..v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\jet-tabs-frontend.min-1.1.7[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	7481
Entropy (8bit):	5.0298003069756305
Encrypted:	false
SSDEEP:	96:kZa+oLlasGlMZoDJ0Vq5uvcWtCWNLXACWNWD+bIbYf+GTEGTj9b9REAk8aEQELEv:4oLlarMBWWGTn/hPyJM5PM5e7g
MD5:	1A3B3BDF021E39D1CEB582804793620B
SHA1:	823A875AA14387C45DA64842E8E883EC1F50069F
SHA-256:	8F66B0245A0249DF24108EECA809057C74121739DEA7F8A4FB35AE0B1180E41A
SHA-512:	BAE766BE1D85A84C5C9AB3E23829D109F4B18E4BBD0ECC7BBB18DAD140DED9E2B01547B5F8EA8789C2A5F3A7FC13E69E61285474046EEF3472987D6A6AB27A6A
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min-1.1.7.js
Preview:	!function(f,o,t){"use strict";var e={init:function(){var t={"jet-tabs.default":e.tabsInit,"jet-accordion.default":e.accordionInit,"jet-image-accordion.default":e.imageAccordionInit,"jet-switcher.default":e.switcherInit};f.each(t,function(t,e){o.hooks.addAction("frontend/element_ready/"+t,e)})},tabsInit:function(o){var i,t=f(".jet-tabs",o).first(),a=t.data("id"),c=f(window),e=f(".jet-tabs__control-wrapper",t).first(),s=f(".jet-tabs__content-wrapper",t).first(),r=f("> .jet-tabs__control",e),d=f("> .jet-tabs__content",s),n=t.data("settings")\|\|{},l=null,g=window.location.hash\|\|!1,h=!!g&&g.replace("#","").split("&");if("click"===n.event?r.on("click.jetTabs",function(){var t=f(this),e=+t.data("tab")-1;clearInterval(l),v(e)}):"ontouchend"in window\|\|"ontouchstart"in window?(r.on("touchstart",function(t){i=f(window).scrollTop()}),r.on("touchend",function(t){var e=f(this),o=+e.data("tab")-1;if(i!==f(window).scrollTop())return!1;clearInterval(l),v(o)})):r.on("mouseenter",function(t){var e=f(this)

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\jquery.sticky.min-3.0.5[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	6595
Entropy (8bit):	5.001833104960226
Encrypted:	false
SSDEEP:	192:y4C8yiXSZPQfaNkLjEMHJx8vqOS5Z3N71jgiqM1xocYjtCDIoiL3:y4xyiXSZPVNkvEMHf8itN71ciqM16c9k
MD5:	E16A8821E5F099C3A619889EA7CF0399
SHA1:	A38E0C736AAF0B019B29B63B00E68C1381502217
SHA-256:	A48DEA362116D7516A2CF97066A32758D353760EE02DBF900DDFF86B02A16473
SHA-512:	41CF1EABFCD3B4752EE9FD1A7E7F5719249053BCAD871254A9D9821E016B40A2FBC29797DC14035CDA01628FAD879C2FDA47337853219F31250B9C7020D43CFE
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min-3.0.5.js
Preview:	(function($){var Sticky=function(element,userSettings){var $element,isSticky=false,isFollowingParent=false,isReachedEffectsPoint=false,elements={},settings;var defaultSettings={to:"top",offset:0,effectsOffset:0,parent:false,classes:{sticky:"sticky",stickyActive:"sticky-active",stickyEffects:"sticky-effects",spacer:"sticky-spacer"}};var initElements=function(){$element=$(element).addClass(settings.classes.sticky);elements.$window=$(window);if(settings.parent){if("parent"===settings.parent){elements.$parent=$element.parent()}else{elements.$parent=$element.closest(settings.parent)}}};var initSettings=function(){settings=jQuery.extend(true,defaultSettings,userSettings)};var bindEvents=function(){elements.$window.on({scroll:onWindowScroll,resize:onWindowResize})};var unbindEvents=function(){elements.$window.off("scroll",onWindowScroll).off("resize",onWindowResize)};var init=function(){initSettings();initElements();bindEvents();checkPosition()};var backupCSS=function($elementBackupCSS,backup

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\position.min-1.11.4[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	6527
Entropy (8bit):	5.3218491668096926
Encrypted:	false
SSDEEP:	96:b23MB+YiLvmF7EoSrOJa8KKlLfWh0b1lo4frg4iGl6HPOpajlg6q4R6PUlutKH7O:b7eu7pa8fgEqouPNlguAp0bFH7r8f
MD5:	1C4A13EDEC1958817E83433AEAA42F62
SHA1:	851D4F36AC29A54F9AEB865E4772E10B941252D3
SHA-256:	49AF6B83569C5E8C707E93884D9BA619B402F0A115925951301E2E3C844F0AD8
SHA-512:	DD435E86BE26572719B209BB009522C97CDA4BF1D99CD3B1A777EDDFE55892250C3EE21CD3E6D693E0752B5F5A36C51ED2ABA10783B4E47A062645B64885045A
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-includes/js/jquery/ui/position.min-1.11.4.js
Preview:	/!. jQuery UI Position 1.11.4. * http://jqueryui.com. . Copyright jQuery Foundation and other contributors. * Released under the MIT license.. * http://jquery.org/license. . http://api.jqueryui.com/position/. /.!function(a){"function"==typeof define&&define.amd?define(["jquery"],a):a(jQuery)}(function(a){return function(){function b(a,b,c){return[parseFloat(a[0])(n.test(a[0])?b/100:1),parseFloat(a[1])*(n.test(a[1])?c/100:1)]}function c(b,c){return parseInt(a.css(b,c),10)\|\|0}function d(b){var c=b[0];return 9===c.nodeType?{width:b.width(),height:b.height(),offset:{top:0,left:0}}:a.isWindow(c)?{width:b.width(),height:b.height(),offset:{top:b.scrollTop(),left:b.scrollLeft()}}:c.preventDefault?{width:0,height:0,offset:{top:c.pageY,left:c.pageX}}:{width:b.outerWidth(),height:b.outerHeight(),offset:b.offset()}}a.ui=a.ui\|\|{};var e,f,g=Math.max,h=Math.abs,i=Math.round,j=/left\|center\|right/,k=/top\|center\|bottom/,l=/[\+\-]\d+(\.[\d]+)?%?/,m=/^\w+/,n=/%$/,o=a.fn.position;a.position={scr

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\waypoints.min-4.0.2[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	12198
Entropy (8bit):	5.031745242580206
Encrypted:	false
SSDEEP:	192:GngaW9ELBD26z861V/CvJiVKIsvfT+6EdpEsBpP9Qwo7Q4a99RfuzqXppc4mmm9t:Ggz9kBD26861V/wsVKIsvTEdpEsnmwoz
MD5:	3819C3569DA71DAEC283A75483735F7E
SHA1:	ECD40A5CC6F0B76200C454CA880210DC301CFAB8
SHA-256:	214674CC77ABA35AB3567B88E2739FD08E8E96C61D279559AD61874069683EA0
SHA-512:	2710655DFF46653DAEB3A6E3F6D36F885E51D5B375738EE353ACA40C6F66AE1A7DECE57039D58747012ED9EA2822191143C06F270123B8CC580F6A41B8E8AEF4
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdn1.sellful.com/wp-content/cache/busting/3146/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min-4.0.2.js
Preview:	!function(){"use strict";function Waypoint(options){if(!options)throw new Error("No options passed to Waypoint constructor");if(!options.element)throw new Error("No element option passed to Waypoint constructor");if(!options.handler)throw new Error("No handler option passed to Waypoint constructor");this.key="waypoint-"+keyCounter,this.options=Waypoint.Adapter.extend({},Waypoint.defaults,options),this.element=this.options.element,this.adapter=new Waypoint.Adapter(this.element),this.callback=options.handler,this.axis=this.options.horizontal?"horizontal":"vertical",this.enabled=this.options.enabled,this.triggerPoint=null,this.group=Waypoint.Group.findOrCreate({name:this.options.group,axis:this.axis}),this.context=Waypoint.Context.findOrCreateByElement(this.options.context),Waypoint.offsetAliases[this.options.offset]&&(this.options.offset=Waypoint.offsetAliases[this.options.offset]),this.group.add(this),this.context.add(this),allWaypoints[this.key]=this,keyCounter+=1}var keyCounter=0,allW

C:\Users\user\AppData\Local\Temp\dat3A40.tmp Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 2532, version 2.24904
Category:	modified
Size (bytes):	2532
Entropy (8bit):	7.627755614174705
Encrypted:	false
SSDEEP:	48:WGMiY6elIk7QuaqrjRh4pi6j4fN6+XRsnBBpr+bes:WRBLlIoQuHfRh4pi6sfPGnDFs
MD5:	10600F6B3D9C9BE2D2B2CE58D2C6508B
SHA1:	421CA4369738433E33348785FE776A0C839605D5
SHA-256:	29B7A9358ABDC68C51DB5A5AF4A4F4E2E041A67527ADEE2366B1F84F116FE9A5
SHA-512:	B6C04F3068EB7DAC8F782BDED0FE815B4FE5A9BECCF0B561D6CEAEAA7365919A39710B2D1AD58D252330476AA836629B3C62C84FABFA6DC4BCF1C8F055D66C1C
Malicious:	false
Reputation:	low
Preview:	wOFF..................aH....................OS/2...D...H...`1Wp.cmap.......I...b..ocvt ....... .......fpgm...........Y...gasp................glyf.............Whead.......2...6.tJ.hhea...........$....hmtx................loca.............X.hmaxp...,....... .y..name...L...........Mpost...D....... .Q.}prep...X........x...x.c`aog......:....Q.B3_dHc..`e.bdb... .`@..`.....,9.\|...V...)00...C..x.c```f.`..F.......\|... ........\..K..n.,..g`@.I\|.8"vYl.....p...0..........x.c.b.e(`h`X.......x............x.]..N.@..s$..'@:!.uC....K$.%%...J.......n..b.........\|.s...\|v..G*)V.7........!O.6eaL.yV.e.j..kN..M.h....Lm....-b....p.N.m.v.....U<..#...O.}.K..,V..&...^...L.c.x.....?ug..l9e..Ns.D....D...K........m..A.M....a.....g.P..`....d.............x..R.K.1...$....g-.B.Vq..m..Z..T..@\t.E...7X...:.).c... ].{.Q.[7'...`.^...&....{y<..N.....t...6..f....\.K1..Z}{.eA-..x.{....0P7p.....l........E...r....EVQ.....Q_.4.A.Z..;...PGs.o..Eo...{t...a.P.~...b,Dz.}.OXdp."d4."C.X..&,u.g.......r.c..j

C:\Users\user\AppData\Local\Temp\datF3B1.tmp Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 2532, version 2.24904
Category:	modified
Size (bytes):	2532
Entropy (8bit):	7.627755614174705
Encrypted:	false
SSDEEP:	48:WGMiY6elIk7QuaqrjRh4pi6j4fN6+XRsnBBpr+bes:WRBLlIoQuHfRh4pi6sfPGnDFs
MD5:	10600F6B3D9C9BE2D2B2CE58D2C6508B
SHA1:	421CA4369738433E33348785FE776A0C839605D5
SHA-256:	29B7A9358ABDC68C51DB5A5AF4A4F4E2E041A67527ADEE2366B1F84F116FE9A5
SHA-512:	B6C04F3068EB7DAC8F782BDED0FE815B4FE5A9BECCF0B561D6CEAEAA7365919A39710B2D1AD58D252330476AA836629B3C62C84FABFA6DC4BCF1C8F055D66C1C
Malicious:	false
Reputation:	low
Preview:	wOFF..................aH....................OS/2...D...H...`1Wp.cmap.......I...b..ocvt ....... .......fpgm...........Y...gasp................glyf.............Whead.......2...6.tJ.hhea...........$....hmtx................loca.............X.hmaxp...,....... .y..name...L...........Mpost...D....... .Q.}prep...X........x...x.c`aog......:....Q.B3_dHc..`e.bdb... .`@..`.....,9.\|...V...)00...C..x.c```f.`..F.......\|... ........\..K..n.,..g`@.I\|.8"vYl.....p...0..........x.c.b.e(`h`X.......x............x.]..N.@..s$..'@:!.uC....K$.%%...J.......n..b.........\|.s...\|v..G*)V.7........!O.6eaL.yV.e.j..kN..M.h....Lm....-b....p.N.m.v.....U<..#...O.}.K..,V..&...^...L.c.x.....?ug..l9e..Ns.D....D...K........m..A.M....a.....g.P..`....d.............x..R.K.1...$....g-.B.Vq..m..Z..T..@\t.E...7X...:.).c... ].{.Q.[7'...`.^...&....{y<..N.....t...6..f....\.K1..Z}{.eA-..x.{....0P7p.....l........E...r....EVQ.....Q_.4.A.Z..;...PGs.o..Eo...{t...a.P.~...b,Dz.}.OXdp."d4."C.X..&,u.g.......r.c..j

C:\Users\user\AppData\Local\Temp\~DF0A2A2977AA5B8124.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	25441
Entropy (8bit):	0.27918767598683664
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab
MD5:	AB889A32AB9ACD33E816C2422337C69A
SHA1:	1190C6B34DED2D295827C2A88310D10A8B90B59B
SHA-256:	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
SHA-512:	BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF7A51840F262B8417.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	41625
Entropy (8bit):	0.7241172419077708
Encrypted:	false
SSDEEP:	96:kBqoxKAuvScS+npLCJucOxcO0BOoFvOoFXAtOoFpOoFnOoF6HOoFNvD:kBqoxKAuqR+npLCJubKjdXqr1q
MD5:	B194237E369C3EFEA1DD3B523486D9E7
SHA1:	B672BB3691A94B2DE671AAC4E96B625F5ED69E26
SHA-256:	28C3CEFDB7AE04FDC597B88C33E74D4BE4CE7B193573F480361225345CFC44F4
SHA-512:	4A865B2BFDD5BD941B526260C41101370B8121D8FF6EE70CDF1FDDEF5C4E784E55ADE82E923F1B6BBC53CF09FA73D25C262637DE5A60A81BA25524091847C2C5
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF827A3CCA513061E4.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	modified
Size (bytes):	46925
Entropy (8bit):	0.9058593529263693
Encrypted:	false
SSDEEP:	192:kBqoxKAuqR+XZbS5pg040lOGxpQDn16Qx:kBqoxKAuqR+XZbS5pg040lOqi
MD5:	D42FC5B8267C2A66D266198C42197588
SHA1:	CA13CB6B924B323771E5E81535888E210030DB2A
SHA-256:	CC3A05FEE26D68C93BFE11A8448AF8D897DADD87AA4C3A45A9E854551BA10A50
SHA-512:	C6DB2B03BFB49D0FC09E53D7861C01068116E7E24B3FCC4596C1156B73791C1E84B2E4C1F9C8D20AA11698CCF03425AC199DB6BD58E620B66628EECED49A1081
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DFDB692E0DABAF91D0.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	13349
Entropy (8bit):	0.6732701015783877
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9loV9lo19lWZUoFZbM:kBqoIeAxHM
MD5:	89F5139BEA455C2D7D25734F22E6FE50
SHA1:	1A8C2714ABAF7ECF412BA09F0C57E63941BEBD74
SHA-256:	C96250606C29D3812A1A43436AF7BEE1688FCA3E87B61294A2C30D0D13BB2392
SHA-512:	91EC7879A411A5CC23849815FEF7D43E047C80ACAF2E58717285E3E37F21C1C7995705FE38BDEF5391AF0ED2F56B78ACAA1107EA06C0CF88D2CFA477AA073D48
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 7, 2021 22:22:30.448779106 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.450076103 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.570919991 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.571074009 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.693100929 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.797226906 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.797357082 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.797972918 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.808461905 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.812117100 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.812163115 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.812232018 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.814184904 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.848321915 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.854614973 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.854837894 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.964782000 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.964936972 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.965039015 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.965209007 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.965708017 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.966954947 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:30.970510006 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.970535040 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:30.971056938 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.011818886 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.082037926 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.147654057 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.153456926 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.153506994 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.153567076 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.153615952 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.189640999 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.189666986 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.189678907 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.189687014 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.189704895 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.189726114 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.189742088 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.189790964 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.189819098 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.192013025 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.192039967 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.192105055 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.192131042 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.194219112 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.194305897 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.232623100 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.236427069 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.396075010 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.397675991 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.398654938 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.437386990 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.469400883 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.471045017 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.473450899 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.581001043 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.583225965 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.583255053 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.583318949 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.583359957 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.584032059 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.584604979 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.584918022 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.584985971 CEST	49716	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.589698076 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.593632936 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.593765020 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.594459057 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.599055052 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.599133968 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.599841118 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.600389004 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.600518942 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.600524902 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.600575924 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.600754023 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.600789070 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.600806952 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.600830078 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.602593899 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.602646112 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.602684975 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.602721930 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.605351925 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.605429888 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.605459929 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.605511904 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.608031034 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.608069897 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.608105898 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.608127117 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:31.666222095 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.666316986 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.666951895 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.741997004 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.742151022 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.754622936 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.781842947 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.781981945 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.783113003 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.789835930 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.794677019 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.794702053 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.794797897 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.794832945 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.802840948 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.803508997 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804045916 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804238081 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804341078 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804438114 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804534912 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804627895 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804723024 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804822922 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.804925919 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805061102 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805113077 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805211067 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805308104 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805403948 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805502892 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805600882 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805705070 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805799007 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805896044 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.805993080 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.806124926 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.806180000 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.806281090 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.806376934 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.809114933 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.809123039 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.809226990 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.812839031 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.813262939 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.813833952 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.813926935 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.814502954 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.863411903 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.866106987 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.866132021 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.866244078 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.870310068 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.870769978 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.973045111 CEST	443	49716	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:31.998209953 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.998492956 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.998522997 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.998692036 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.998967886 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.998994112 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999016047 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.999052048 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999093056 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999106884 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.999140024 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999275923 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999351978 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999375105 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999516964 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:31.999836922 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999864101 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:31.999947071 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.000560045 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.000962973 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.001362085 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.003812075 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.014347076 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.014493942 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.014516115 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.014573097 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.014592886 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.014611959 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.014765978 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.014842987 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.015491962 CEST	49718	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.064009905 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.064034939 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.064054012 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.064069986 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.064124107 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.064831972 CEST	49725	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.097429991 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.104465008 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.104548931 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.104554892 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.104614019 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.108458042 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.108812094 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.128036022 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.134989023 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.135097980 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.135126114 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.135207891 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.157433033 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.162141085 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.162162066 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.162269115 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.196504116 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.232508898 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.232847929 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.236414909 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.242449045 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.259166956 CEST	443	49718	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.259594917 CEST	443	49725	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.456859112 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.456887960 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.457006931 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.457025051 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.457170963 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.457906961 CEST	49720	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.578819990 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.579374075 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.579410076 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.579421997 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.579463005 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.579513073 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.580158949 CEST	49723	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.580555916 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.581532001 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.581707954 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.581708908 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.581840038 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.582360983 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.586364031 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.586410999 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.586503029 CEST	49724	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:32.803874016 CEST	443	49720	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.924374104 CEST	443	49723	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:32.964884996 CEST	443	49724	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.074975014 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.075016975 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.075033903 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.075048923 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.075062037 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.075180054 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.075223923 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.140527964 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.140554905 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.140669107 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.141702890 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.141730070 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.141798019 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.144094944 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.144125938 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.144176960 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.144201040 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.147682905 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.147778988 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.156704903 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.156797886 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.157363892 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.157442093 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.182554007 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.182590008 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.182671070 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.182693958 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.183938026 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.183974981 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.183991909 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.184039116 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.184092045 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.185801029 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.185893059 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.204710007 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.204737902 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.204808950 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.204832077 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.205524921 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.205549955 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.205601931 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.205627918 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.207642078 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.207725048 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.215563059 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.215594053 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.215678930 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.215703011 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.216753960 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.216803074 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.216844082 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.216892958 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.218967915 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.219064951 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.224055052 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.224081993 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.224145889 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.224170923 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.224880934 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.224912882 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.224963903 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.225013018 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.245150089 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.245270967 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.270944118 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.270970106 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.271049976 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.271070957 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.272968054 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.273011923 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.273058891 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.273083925 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.277650118 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.277674913 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.277755976 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.277775049 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.282006025 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.282114029 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.283555031 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.283654928 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.335515022 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.335525036 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.335614920 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.337896109 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.337918997 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.337976933 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.338013887 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.342350960 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.342385054 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.342434883 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.342454910 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.362994909 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.363082886 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.378922939 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.379008055 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.380752087 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.380774021 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.380820036 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.380840063 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.384414911 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.384449005 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.384499073 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.384525061 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.389019012 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.389055967 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.389112949 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.392821074 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.393366098 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.393466949 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.393481970 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.393539906 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.400583029 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.400604963 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.400669098 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.402884960 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.402911901 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.402964115 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.407361984 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.407413960 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.407435894 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.407495022 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.412256002 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.412286997 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.412321091 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.412369013 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.416528940 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.416549921 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.416593075 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.416631937 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.421066046 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.421118975 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.421130896 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.421163082 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.425909996 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.425966024 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.425985098 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.426028013 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.430388927 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.430408955 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.430454969 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.430485010 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.434950113 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.434978008 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.435014963 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.435045004 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.439428091 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.439449072 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.439517021 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.439522982 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.444381952 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.444406033 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.444473028 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.449126005 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.449162006 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.449198008 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.449244022 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.453290939 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.453315020 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.453363895 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.453418016 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.457772017 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.457839966 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.457894087 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.457954884 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.462291956 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.462317944 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.462397099 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.468451023 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.468483925 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.468563080 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.471177101 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.471203089 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.471276045 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.471313000 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.475251913 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.475285053 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.475334883 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.475352049 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.479085922 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.479106903 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.479193926 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.483083010 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.483151913 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.483176947 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.483238935 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.487162113 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.487201929 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.487236977 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.487261057 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.490488052 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.490545988 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.490560055 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.490598917 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.494205952 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.494277954 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.494326115 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.494379044 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.530775070 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.530801058 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.532567024 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.532676935 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.532741070 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.532886028 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.536194086 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.536251068 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.536362886 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.540208101 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.540234089 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.540416956 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.543831110 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.543853998 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.544013977 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.546936035 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.546958923 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.547065973 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.559004068 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.559012890 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.559241056 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.574507952 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.574533939 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.574708939 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.576083899 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.576227903 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.578155994 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.578381062 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.580142021 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.580243111 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.581919909 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.582021952 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.584467888 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.584594965 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.589183092 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.589297056 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.590017080 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.590101004 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.591811895 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.591878891 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.596360922 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.596385956 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.596436977 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.596462011 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.599037886 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.599062920 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.599124908 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.604868889 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.604970932 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.605448008 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.605510950 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.609126091 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.609206915 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.609989882 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.610048056 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.613485098 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.613568068 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.614130020 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.614195108 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.618233919 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.618310928 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.618658066 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.618712902 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.622087002 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.622160912 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.622868061 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.622926950 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.626799107 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.626878977 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.628237963 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.628307104 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.631856918 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.631921053 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.632816076 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.632879019 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.636284113 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.636346102 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.636938095 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.637460947 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.641063929 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.641128063 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.641149044 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.641199112 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.645678997 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.645768881 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.646348000 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.646404982 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.649306059 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.649425030 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.649851084 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.650010109 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.652729988 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.652805090 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.653610945 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.653669119 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.657078028 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.657107115 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.657166958 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.657186031 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.663361073 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.663388968 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.663448095 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.663470030 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.666112900 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.666218996 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.670176983 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.670260906 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.670757055 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.670834064 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.671802998 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.671875000 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.674166918 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.674187899 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.674266100 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.677998066 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.678083897 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.678559065 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.678631067 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.682589054 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.682657003 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.683136940 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.683207035 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.686415911 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.686503887 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.687566042 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.687629938 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.689476013 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.689587116 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.690051079 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.690119982 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.728092909 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.728127956 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.728210926 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.728291035 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.729197025 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.729226112 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.729285955 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.729295015 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.731281042 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.731317043 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.731368065 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.731380939 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.735157013 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.735188961 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.735240936 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.735260963 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.738939047 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.738974094 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.739020109 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.739046097 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.742343903 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.742376089 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.742409945 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.742427111 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.755306959 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.755337000 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.755376101 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.755408049 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.770399094 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.770433903 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.770467997 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.770493984 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.771249056 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.771277905 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.771316051 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.771341085 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.773212910 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.773252964 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.773282051 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.773296118 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.776617050 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.776655912 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.776678085 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.776705027 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.778644085 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.778719902 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.778760910 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.778817892 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.781001091 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.781033993 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.781132936 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.785700083 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.785723925 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.785815954 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.786535978 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.786899090 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.786931038 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.787055016 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.788697004 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.788717031 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.788764000 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.788789988 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.792511940 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.792556047 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.792637110 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.793406010 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.793520927 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.793536901 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.793608904 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.795625925 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.795686007 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.795732021 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.795752048 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.797503948 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.797565937 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.797609091 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.797662020 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.801352978 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.801402092 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.801464081 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.802212000 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.802237034 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.802277088 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.802293062 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.804275990 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.804354906 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.804371119 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.804409981 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.806289911 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.806401968 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.807328939 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.807406902 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.807461977 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.807519913 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.809123039 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.809159040 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.809204102 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.809247017 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.811090946 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.811113119 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.811228037 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.813232899 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.813260078 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.813329935 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.813357115 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.815063953 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.815088987 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.815152884 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.815185070 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.817007065 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.817032099 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.817068100 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.817095995 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.818856955 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.818876028 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.818926096 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.818953991 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.822325945 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.822336912 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.822403908 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.823785067 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.823805094 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.823856115 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.826786995 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.826813936 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.826869011 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.826889038 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.827950001 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.827975035 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.828006983 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.828037024 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.831146002 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.831171036 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.831226110 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.831248045 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.832139969 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.832190990 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.832215071 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.832264900 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.836148024 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.836174011 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.836229086 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.836260080 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.837107897 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.837171078 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.837196112 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.837241888 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.840780020 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.840806961 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.840867043 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.840903997 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.841679096 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.841701031 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.841778994 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.844472885 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.844496965 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.844537973 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.844569921 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.845791101 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.845808029 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.845880985 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.848036051 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.848105907 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.848119020 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.848157883 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.849549055 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.849632025 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.849653006 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.849714994 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.853302956 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.853328943 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.853380919 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.853419065 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.853935957 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.853955984 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.853995085 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.854023933 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.858263969 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.858298063 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.858349085 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.858375072 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.859226942 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.859249115 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.859307051 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.861229897 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.861257076 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.861323118 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.861336946 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.865304947 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.865329981 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.865395069 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.865405083 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.865972042 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.865993023 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.866061926 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.868071079 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.868097067 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.868159056 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.868189096 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.869846106 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.869872093 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.869966984 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.872253895 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.872281075 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.872360945 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.873800993 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.873827934 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.873903990 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.875808954 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.875858068 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.875901937 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.875935078 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.877827883 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.877857924 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.877917051 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.877953053 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.879643917 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.879667997 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.879750013 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.881587029 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.881611109 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.881670952 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.883519888 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.883547068 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.883584023 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.883609056 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.885488987 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.885515928 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.885566950 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.887438059 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.887480021 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.887537956 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.887583017 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.923299074 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.923332930 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.923537970 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.923976898 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.924010992 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.924109936 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.926136971 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.926166058 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.926249027 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.927884102 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.927933931 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.927951097 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.927983999 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.929968119 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.929992914 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.930047035 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.931794882 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.931818962 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.931895971 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:33.933764935 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:33.933831930 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:34.165426970 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.166207075 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.190407038 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.190507889 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.194823980 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.217794895 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.223083973 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:34.224124908 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.224149942 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.224208117 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.224246979 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.240657091 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.244540930 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.244872093 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.262160063 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.262285948 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.262356997 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.262363911 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.262408972 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.263123035 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.265887976 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.265903950 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.265970945 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.283320904 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283343077 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283369064 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283400059 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.283412933 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283432961 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.283463955 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.283493996 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283521891 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283538103 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.283541918 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283571005 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.283586025 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.283966064 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.283994913 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.284022093 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.284022093 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.284063101 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.284857988 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.284898996 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.284934998 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.284939051 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.284975052 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.285001040 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.285686016 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.285707951 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.285727978 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.285792112 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.285797119 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.286457062 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.286492109 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.286530018 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.286534071 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.286567926 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.286588907 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.287532091 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.287600994 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.287611961 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.287647963 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.287661076 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.287691116 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.288105011 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.288149118 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.288162947 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.288188934 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.288198948 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.288233995 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.289094925 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.289133072 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.289160013 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.289186954 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.289225101 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.289278030 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.290002108 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.290039062 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.290066004 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.290080070 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.290081978 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.290124893 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.290827990 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.290877104 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.290890932 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.290910959 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.290921926 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.290951014 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.291462898 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.291523933 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.307400942 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.307444096 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.307485104 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.307487965 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.307509899 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.307524920 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.307531118 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.307573080 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.307576895 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.307615042 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.308207035 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.308240891 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.308267117 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.308291912 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.308326960 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.308372021 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309112072 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309151888 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309170008 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309192896 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309196949 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309231997 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309237003 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309266090 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309288025 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309309006 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309309959 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309350967 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309355974 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309401035 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309422016 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309456110 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309478998 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309495926 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309520006 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309541941 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309560061 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309586048 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309627056 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309761047 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309808969 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309860945 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309897900 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.309907913 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.309940100 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.310798883 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.310868979 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.310900927 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.310970068 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.310992956 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.311043024 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.311363935 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:34.311635017 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:34.311754942 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.311830044 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.311855078 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.311881065 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.311906099 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.311927080 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.312406063 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:34.312449932 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.312517881 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.312536955 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.312561035 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.312580109 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.312604904 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.313414097 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.313489914 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.313513994 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.313549042 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.313606977 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.313616991 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.314168930 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.314199924 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.314255953 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.314259052 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.314310074 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.314313889 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.314795971 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.314867973 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.314871073 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.314928055 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.314954042 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.314981937 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.315587044 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.315618038 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.315643072 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.315653086 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.315675020 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.315690994 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.316411972 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.316438913 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.316477060 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.316518068 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.316889048 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.317233086 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.317290068 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.317291021 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.317313910 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.317337990 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.317357063 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.318048000 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.318099976 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.318123102 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.318146944 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.318336964 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.318398952 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.318738937 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.318798065 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.318835974 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.318876982 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.318887949 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.318922043 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.319556952 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.319582939 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.319607019 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.319622040 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.319641113 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.319662094 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.329154968 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.329216957 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.329272985 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.329274893 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.329303980 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.329339027 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.329374075 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.329408884 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.329427958 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.329457045 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.329474926 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.329478979 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.329516888 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.329540968 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.330570936 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.330589056 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.330657959 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.330678940 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.330693960 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.330719948 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.330751896 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.331326962 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.331464052 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.331513882 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.331538916 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.331558943 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.331562996 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.331583023 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.331604004 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.331968069 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.331990957 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.332025051 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.332043886 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.332123995 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.332154989 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.332187891 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.332196951 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.332952976 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.332986116 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.333007097 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.333022118 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.333030939 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.333061934 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.333127975 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.333955050 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.333986044 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.334005117 CEST	443	49733	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.334014893 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.334043980 CEST	49733	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.352381945 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.352499008 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.353276014 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.420697927 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:34.426987886 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:34.427054882 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:34.432440042 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:34.433209896 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:34.433300018 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:34.541507959 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.544213057 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.544238091 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.544332981 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.548943043 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.549292088 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.733829975 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.734751940 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.734770060 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.734870911 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.735299110 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:34.735377073 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.736083984 CEST	49732	443	192.168.2.7	104.26.12.213
Apr 7, 2021 22:22:34.921114922 CEST	443	49732	104.26.12.213	192.168.2.7
Apr 7, 2021 22:22:35.741569996 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.741599083 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.741715908 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.741801977 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.741822958 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.741867065 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.741895914 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.742923021 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.742980003 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.742995024 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.743024111 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.743971109 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.744029999 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.744067907 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.744117022 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.744992971 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.745026112 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.745057106 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.745098114 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.746228933 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.746264935 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.746294022 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.746337891 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.747195005 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.747220993 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.747258902 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.747298956 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.748418093 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.748446941 CEST	443	49719	104.26.13.213	192.168.2.7
Apr 7, 2021 22:22:35.748480082 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:35.748509884 CEST	49719	443	192.168.2.7	104.26.13.213
Apr 7, 2021 22:22:36.933609962 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:37.011563063 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.012403965 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.036263943 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.036355972 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.036648989 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.036732912 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.036989927 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.037548065 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.048398972 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:37.061592102 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.061619997 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.061995029 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.062088013 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.062108040 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.062129021 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.062150002 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.062164068 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.062165976 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.062187910 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.062202930 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.062225103 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.062239885 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.062259912 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.069672108 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.070020914 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.070297956 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.074182987 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.074543953 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.096041918 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.096076012 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.096088886 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.096172094 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.096200943 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.098084927 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.098113060 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.098126888 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.098185062 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.098244905 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.100159883 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.100277901 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.100382090 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.100447893 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.100698948 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.100771904 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.199975014 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:37.200144053 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:37.200364113 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:37.200437069 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:37.226356030 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.226414919 CEST	49739	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.228530884 CEST	49738	443	192.168.2.7	74.125.143.156
Apr 7, 2021 22:22:37.250627041 CEST	443	49739	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:37.258618116 CEST	443	49738	74.125.143.156	192.168.2.7
Apr 7, 2021 22:22:44.892348051 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:45.007474899 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:45.584336996 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.585206985 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.678493023 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.678658962 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.679585934 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.679692030 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.750077009 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.750446081 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.844136000 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844428062 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844449043 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844463110 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844484091 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844496965 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844599962 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.844651937 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.844708920 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844779968 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844784975 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.844800949 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844815969 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.844831944 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.844868898 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.845652103 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.845690966 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:45.845767021 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:45.845807076 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.041157961 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.047384024 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.049119949 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.135713100 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.143028975 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.145605087 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.163023949 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.163033962 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.210731030 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:46.210937977 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:46.211074114 CEST	443	49717	104.26.11.161	192.168.2.7
Apr 7, 2021 22:22:46.211143970 CEST	49717	443	192.168.2.7	104.26.11.161
Apr 7, 2021 22:22:46.271208048 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.405030966 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.584028959 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.584211111 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.696338892 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.796010017 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.797831059 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.797872066 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.797897100 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.797915936 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.797920942 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.797947884 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.797950029 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.797954082 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.797972918 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.797982931 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.798002005 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.798002958 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.798022032 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.798027992 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.798046112 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.798053026 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.798067093 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.798079014 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.798100948 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.798134089 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.893501997 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.893534899 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.893551111 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.893564939 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:46.893625975 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.893656969 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.920696974 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.930320024 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:46.961915970 CEST	49754	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.015383005 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015415907 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015434980 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015441895 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015459061 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015475035 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015486002 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015531063 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.015533924 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015568972 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015585899 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015602112 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015608072 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.015639067 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.015707970 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.015758991 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.025863886 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.025868893 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.025872946 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.025964975 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.026012897 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.056962967 CEST	443	49754	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.057106018 CEST	49754	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.058031082 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.070116043 CEST	49754	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.156830072 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.156883001 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.156907082 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.156932116 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.156955004 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.156975985 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.157020092 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.157083035 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.166243076 CEST	443	49754	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.472136021 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:47.569039106 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:47.569202900 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:49.620213985 CEST	443	49754	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:49.621120930 CEST	49754	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:49.624511003 CEST	49754	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:49.719470024 CEST	443	49754	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:52.030102968 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:52.030138969 CEST	443	49753	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:52.030323029 CEST	49753	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:52.574321032 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:52.574358940 CEST	443	49752	162.246.16.250	192.168.2.7
Apr 7, 2021 22:22:52.574501038 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:22:52.574543953 CEST	49752	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.639441013 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.639507055 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.733825922 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.733839989 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.733937979 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.734010935 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.734972954 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.735811949 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.830856085 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.830957890 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831052065 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.831064939 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831115961 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.831191063 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831219912 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831243038 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.831374884 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.831418991 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831737995 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831759930 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831799984 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.831824064 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831828117 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.831836939 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.831892967 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.832465887 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.832659960 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.832739115 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.833725929 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.836733103 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.840761900 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.841988087 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.931209087 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.931315899 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.935201883 CEST	443	49764	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.936343908 CEST	49764	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.953007936 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:04.953691006 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:04.955885887 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:05.056493998 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056519032 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056545019 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056576967 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056612968 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056629896 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056812048 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056835890 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056859016 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.056874037 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.059943914 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:05.246994972 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.263735056 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:05.360162973 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.360203981 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.360224009 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.360295057 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:05.360338926 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:05.532365084 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:05.627515078 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:05.627692938 CEST	49765	443	192.168.2.7	162.246.16.250
Apr 7, 2021 22:23:10.632158995 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:10.632189035 CEST	443	49765	162.246.16.250	192.168.2.7
Apr 7, 2021 22:23:10.632436037 CEST	49765	443	192.168.2.7	162.246.16.250

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 7, 2021 22:22:21.097249985 CEST	63668	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:21.112400055 CEST	53	63668	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:21.242180109 CEST	54640	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:21.263341904 CEST	53	54640	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:22.215538025 CEST	58739	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:22.227956057 CEST	53	58739	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:22.909481049 CEST	60338	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:22.922755957 CEST	53	60338	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:24.455060005 CEST	58717	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:24.469839096 CEST	53	58717	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:25.266320944 CEST	59762	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:25.279947042 CEST	53	59762	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:26.360039949 CEST	54329	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:26.376730919 CEST	53	54329	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:27.604932070 CEST	58052	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:27.618017912 CEST	53	58052	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:28.018101931 CEST	54008	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:28.036384106 CEST	53	54008	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:28.285816908 CEST	59451	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:28.299582005 CEST	53	59451	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:29.141805887 CEST	52914	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:30.144201994 CEST	52914	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:30.436769962 CEST	53	52914	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:30.436796904 CEST	53	52914	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:31.332946062 CEST	64569	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:31.372749090 CEST	53	64569	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:31.406598091 CEST	52816	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:31.420141935 CEST	53	52816	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:33.346479893 CEST	50781	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:34.116445065 CEST	54230	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:34.129534006 CEST	53	54230	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:34.141232014 CEST	54911	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:34.163623095 CEST	53	54911	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:34.354475021 CEST	50781	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:34.374286890 CEST	53	50781	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:35.033653975 CEST	49958	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:35.047275066 CEST	53	49958	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:36.432656050 CEST	50860	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:36.447026014 CEST	53	50860	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:36.969053984 CEST	50452	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:37.008287907 CEST	53	50452	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:37.244966984 CEST	59730	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:37.250227928 CEST	59310	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:37.258914948 CEST	53	59730	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:37.264255047 CEST	53	59310	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:37.524648905 CEST	51919	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:37.538871050 CEST	53	51919	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:38.366089106 CEST	64296	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:38.385289907 CEST	53	64296	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:39.056340933 CEST	56680	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:39.069106102 CEST	53	56680	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:40.326116085 CEST	58820	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:40.338433027 CEST	53	58820	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:41.009813070 CEST	60983	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:41.022342920 CEST	53	60983	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:44.276968002 CEST	49247	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:44.297084093 CEST	53	49247	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:44.898049116 CEST	52286	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:45.571949959 CEST	53	52286	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:46.926276922 CEST	56064	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:46.939625978 CEST	53	56064	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:48.548099995 CEST	63744	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:48.561424017 CEST	53	63744	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:49.892529964 CEST	61457	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:49.907902956 CEST	53	61457	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:50.921454906 CEST	58367	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:50.944678068 CEST	53	58367	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:53.285141945 CEST	60599	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:53.300179005 CEST	53	60599	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:57.769819975 CEST	59571	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:57.782869101 CEST	53	59571	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:58.002757072 CEST	52689	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:58.015573978 CEST	53	52689	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:58.701379061 CEST	50290	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:58.713850021 CEST	53	50290	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:58.786317110 CEST	60427	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:58.799658060 CEST	53	60427	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:59.012726068 CEST	52689	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:59.025633097 CEST	53	52689	8.8.8.8	192.168.2.7
Apr 7, 2021 22:22:59.714608908 CEST	50290	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:22:59.729726076 CEST	53	50290	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:00.011640072 CEST	52689	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:00.024596930 CEST	53	52689	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:00.730509043 CEST	50290	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:00.752983093 CEST	53	50290	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:02.351576090 CEST	52689	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:02.364634037 CEST	53	52689	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:02.749933004 CEST	50290	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:02.763684034 CEST	53	50290	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:03.958374977 CEST	56209	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:04.634875059 CEST	53	56209	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:06.355966091 CEST	52689	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:06.370362043 CEST	53	52689	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:06.763026953 CEST	50290	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:06.775548935 CEST	53	50290	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:11.014693022 CEST	59582	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:11.036672115 CEST	53	59582	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:12.602880955 CEST	60949	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:12.617038012 CEST	53	60949	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:13.590917110 CEST	60949	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:13.603322983 CEST	53	60949	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:14.606479883 CEST	60949	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:14.619482040 CEST	53	60949	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:16.430238962 CEST	58542	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:16.456943035 CEST	53	58542	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:16.622251987 CEST	60949	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:16.636049986 CEST	53	60949	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:20.638232946 CEST	60949	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:22.274838924 CEST	53	60949	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:22.407684088 CEST	59179	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:22.423801899 CEST	53	59179	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:25.547008991 CEST	60927	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:25.565629005 CEST	53	60927	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:40.264508963 CEST	57854	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:40.348750114 CEST	53	57854	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:40.687227011 CEST	62026	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:40.772105932 CEST	53	62026	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:41.159405947 CEST	59453	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:41.234596968 CEST	53	59453	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:41.543239117 CEST	62468	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:41.557147980 CEST	53	62468	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:42.227324963 CEST	52563	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:42.301630020 CEST	53	52563	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:42.707890987 CEST	54721	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:42.722757101 CEST	53	54721	8.8.8.8	192.168.2.7
Apr 7, 2021 22:23:43.020591021 CEST	62826	53	192.168.2.7	8.8.8.8
Apr 7, 2021 22:23:43.033844948 CEST	53	62826	8.8.8.8	192.168.2.7

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Apr 7, 2021 22:22:29.141805887 CEST	192.168.2.7	8.8.8.8	0x452c	Standard query (0)	securepay.mysellful.com	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:30.144201994 CEST	192.168.2.7	8.8.8.8	0x452c	Standard query (0)	securepay.mysellful.com	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:31.332946062 CEST	192.168.2.7	8.8.8.8	0x89a	Standard query (0)	cdn1.sellful.com	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:34.141232014 CEST	192.168.2.7	8.8.8.8	0x71b8	Standard query (0)	stateless.sellful.com	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:36.969053984 CEST	192.168.2.7	8.8.8.8	0x2fbd	Standard query (0)	stats.g.doubleclick.net	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:37.250227928 CEST	192.168.2.7	8.8.8.8	0xb43f	Standard query (0)	www.google.ch	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:44.898049116 CEST	192.168.2.7	8.8.8.8	0x8794	Standard query (0)	atendiendochagas.mundosano.org	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:58.786317110 CEST	192.168.2.7	8.8.8.8	0x5505	Standard query (0)	securepay.mysellful.com	A (IP address)	IN (0x0001)
Apr 7, 2021 22:23:03.958374977 CEST	192.168.2.7	8.8.8.8	0x6600	Standard query (0)	atendiendochagas.mundosano.org	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Apr 7, 2021 22:22:30.436769962 CEST	8.8.8.8	192.168.2.7	0x452c	No error (0)	securepay.mysellful.com		104.26.11.161	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:30.436769962 CEST	8.8.8.8	192.168.2.7	0x452c	No error (0)	securepay.mysellful.com		104.26.10.161	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:30.436769962 CEST	8.8.8.8	192.168.2.7	0x452c	No error (0)	securepay.mysellful.com		172.67.73.36	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:30.436796904 CEST	8.8.8.8	192.168.2.7	0x452c	No error (0)	securepay.mysellful.com		104.26.10.161	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:30.436796904 CEST	8.8.8.8	192.168.2.7	0x452c	No error (0)	securepay.mysellful.com		172.67.73.36	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:30.436796904 CEST	8.8.8.8	192.168.2.7	0x452c	No error (0)	securepay.mysellful.com		104.26.11.161	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:31.372749090 CEST	8.8.8.8	192.168.2.7	0x89a	No error (0)	cdn1.sellful.com		104.26.13.213	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:31.372749090 CEST	8.8.8.8	192.168.2.7	0x89a	No error (0)	cdn1.sellful.com		104.26.12.213	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:31.372749090 CEST	8.8.8.8	192.168.2.7	0x89a	No error (0)	cdn1.sellful.com		172.67.68.1	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:34.163623095 CEST	8.8.8.8	192.168.2.7	0x71b8	No error (0)	stateless.sellful.com		104.26.12.213	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:34.163623095 CEST	8.8.8.8	192.168.2.7	0x71b8	No error (0)	stateless.sellful.com		104.26.13.213	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:34.163623095 CEST	8.8.8.8	192.168.2.7	0x71b8	No error (0)	stateless.sellful.com		172.67.68.1	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:37.008287907 CEST	8.8.8.8	192.168.2.7	0x2fbd	No error (0)	stats.g.doubleclick.net	stats.l.doubleclick.net		CNAME (Canonical name)	IN (0x0001)
Apr 7, 2021 22:22:37.008287907 CEST	8.8.8.8	192.168.2.7	0x2fbd	No error (0)	stats.l.doubleclick.net		74.125.143.156	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:37.008287907 CEST	8.8.8.8	192.168.2.7	0x2fbd	No error (0)	stats.l.doubleclick.net		74.125.143.155	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:37.008287907 CEST	8.8.8.8	192.168.2.7	0x2fbd	No error (0)	stats.l.doubleclick.net		74.125.143.157	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:37.008287907 CEST	8.8.8.8	192.168.2.7	0x2fbd	No error (0)	stats.l.doubleclick.net		74.125.143.154	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:37.264255047 CEST	8.8.8.8	192.168.2.7	0xb43f	No error (0)	www.google.ch		216.58.215.227	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:45.571949959 CEST	8.8.8.8	192.168.2.7	0x8794	No error (0)	atendiendochagas.mundosano.org		162.246.16.250	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:58.799658060 CEST	8.8.8.8	192.168.2.7	0x5505	No error (0)	securepay.mysellful.com		104.26.10.161	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:58.799658060 CEST	8.8.8.8	192.168.2.7	0x5505	No error (0)	securepay.mysellful.com		172.67.73.36	A (IP address)	IN (0x0001)
Apr 7, 2021 22:22:58.799658060 CEST	8.8.8.8	192.168.2.7	0x5505	No error (0)	securepay.mysellful.com		104.26.11.161	A (IP address)	IN (0x0001)
Apr 7, 2021 22:23:04.634875059 CEST	8.8.8.8	192.168.2.7	0x6600	No error (0)	atendiendochagas.mundosano.org		162.246.16.250	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Apr 7, 2021 22:22:30.812163115 CEST	104.26.11.161	443	192.168.2.7	49717	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Wed Aug 04 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:30.812163115 CEST	104.26.11.161	443	192.168.2.7	49717	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.153506994 CEST	104.26.11.161	443	192.168.2.7	49716	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Tue Aug 04 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Wed Aug 04 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.153506994 CEST	104.26.11.161	443	192.168.2.7	49716	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.794702053 CEST	104.26.13.213	443	192.168.2.7	49719	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.794702053 CEST	104.26.13.213	443	192.168.2.7	49719	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.809123039 CEST	104.26.13.213	443	192.168.2.7	49718	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.809123039 CEST	104.26.13.213	443	192.168.2.7	49718	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.866132021 CEST	104.26.13.213	443	192.168.2.7	49725	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:31.866132021 CEST	104.26.13.213	443	192.168.2.7	49725	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:32.104548931 CEST	104.26.13.213	443	192.168.2.7	49720	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:32.104548931 CEST	104.26.13.213	443	192.168.2.7	49720	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:32.135126114 CEST	104.26.13.213	443	192.168.2.7	49723	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:32.135126114 CEST	104.26.13.213	443	192.168.2.7	49723	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:32.162162066 CEST	104.26.13.213	443	192.168.2.7	49724	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:32.162162066 CEST	104.26.13.213	443	192.168.2.7	49724	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:34.224149942 CEST	104.26.12.213	443	192.168.2.7	49733	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:34.224149942 CEST	104.26.12.213	443	192.168.2.7	49733	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:34.544238091 CEST	104.26.12.213	443	192.168.2.7	49732	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Sat Jul 11 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Sun Jul 11 14:00:00 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:34.544238091 CEST	104.26.12.213	443	192.168.2.7	49732	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:37.062088013 CEST	74.125.143.156	443	192.168.2.7	49739	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Mar 16 20:28:05 CET 2021 Thu Jun 15 02:00:42 CEST 2017	Tue Jun 08 21:28:04 CEST 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:37.062088013 CEST	74.125.143.156	443	192.168.2.7	49739	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:37.062187910 CEST	74.125.143.156	443	192.168.2.7	49738	CN=*.g.doubleclick.net, O=Google LLC, L=Mountain View, ST=California, C=US CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GTS CA 1O1, O=Google Trust Services, C=US CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Tue Mar 16 20:28:05 CET 2021 Thu Jun 15 02:00:42 CEST 2017	Tue Jun 08 21:28:04 CEST 2021 Wed Dec 15 01:00:42 CET 2021	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:37.062187910 CEST	74.125.143.156	443	192.168.2.7	49738	CN=GTS CA 1O1, O=Google Trust Services, C=US	CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2	Thu Jun 15 02:00:42 CEST 2017	Wed Dec 15 01:00:42 CET 2021		9e10692f1b7f78228b2d4e424db3a98c
Apr 7, 2021 22:22:45.845652103 CEST	162.246.16.250	443	192.168.2.7	49753	CN=atendiendochagas.mundosano.org CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Sun Mar 21 01:00:00 CET 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Sun Jun 20 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029
Apr 7, 2021 22:22:45.845690966 CEST	162.246.16.250	443	192.168.2.7	49752	CN=atendiendochagas.mundosano.org CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Sun Mar 21 01:00:00 CET 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Sun Jun 20 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029
Apr 7, 2021 22:23:04.832465887 CEST	162.246.16.250	443	192.168.2.7	49765	CN=atendiendochagas.mundosano.org CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Sun Mar 21 01:00:00 CET 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Sun Jun 20 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029
Apr 7, 2021 22:23:04.832659960 CEST	162.246.16.250	443	192.168.2.7	49764	CN=atendiendochagas.mundosano.org CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Sun Mar 21 01:00:00 CET 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004	Sun Jun 20 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US	CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	Mon May 18 02:00:00 CEST 2015	Sun May 18 01:59:59 CEST 2025
					CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Jan 01 01:00:00 CET 2004	Mon Jan 01 00:59:59 CET 2029

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 4460 Parent PID: 792

General

Start time:	22:22:27
Start date:	07/04/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff70b860000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Analysis Process: iexplore.exe PID: 2160 Parent PID: 4460

General

Start time:	22:22:27
Start date:	07/04/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:17410 /prefetch:2
Imagebase:	0x11a0000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Analysis Process: iexplore.exe PID: 5576 Parent PID: 4460

General

Start time:	22:22:41
Start date:	07/04/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4460 CREDAT:82952 /prefetch:2
Imagebase:	0x11a0000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://securepay.mysellful.com/

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Dropped Files

Sigma Overview

Signature Overview

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 4460 Parent PID: 792

General

Chronological Activities

Analysis Process: iexplore.exe PID: 2160 Parent PID: 4460

General

Chronological Activities

Analysis Process: iexplore.exe PID: 5576 Parent PID: 4460

General

Chronological Activities

Disassembly