Play interactive tour
Edit tourAnalysis Report RemitSwift119353 xlsx.htm
Overview
General Information
| Sample Name: | RemitSwift119353 xlsx.htm |
| Analysis ID: | 385276 |
| MD5: | ca3a56c1d6eebe70576bb7196f53b1d0 |
| SHA1: | 72d5d6ef29bd345f17dcff7c299f47558e745d3e |
| SHA256: | 3a6422545bcba48ce42dcbce1838b7042d8e5546f2ae527af18e7cd8b53ee879 |
| Infos: | |
Most interesting Screenshot:  | |
Detection
HTMLPhisher
| Score: | 88 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Yara detected HtmlPhish14
Yara detected obfuscated html page
Obfuscated HTML file found
Phishing site detected (based on logo template match)
HTML title does not match URL
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
None HTTPS page querying sensitive user data (password, username or email)
Suspicious form URL found
Classification
Startup |
|---|
|
Malware Configuration |
|---|
| No configs have been found |
|---|
Yara Overview |
|---|
Initial Sample |
|---|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Obshtml | Yara detected obfuscated html page | Joe Security |
Sigma Overview |
|---|
| No Sigma rule has matched |
|---|
Signature Overview |
|---|
Click to jump to signature section
Show All Signature Results
AV Detection: |   |
|---|
| Multi AV Scanner detection for submitted file | Show sources | ||
| Source: | Virustotal: | Perma Link | ||
Phishing: | |
|---|
| Phishing site detected (based on favicon image match) | Show sources | ||
| Source: | Matcher: | ||
| Yara detected HtmlPhish10 | Show sources | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Yara detected HtmlPhish14 | Show sources | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Yara detected obfuscated html page | Show sources | ||
| Source: | File source: | ||
| Phishing site detected (based on logo template match) | Show sources | ||
| Source: | Matcher: | ||
| Source: | Matcher: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | JA3 fingerprint: | ||
| Source: | JA3 fingerprint: | ||
| Source: | DNS traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Classification label: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File read: | Jump to behavior | ||
| Source: | Virustotal: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Window detected: | ||
| Source: | File opened: | Jump to behavior | ||
Data Obfuscation: | |
|---|
| Obfuscated HTML file found | Show sources | ||
| Source: | Initial file: | ||
| Source: | Initial file: | ||
Mitre Att&ck Matrix |
|---|
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Valid Accounts | Scripting1 | Path Interception | Process Injection1 | Masquerading1 | OS Credential Dumping | File and Directory Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Encrypted Channel2 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
| Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Process Injection1 | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Non-Application Layer Protocol1 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
| Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Scripting1 | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Application Layer Protocol2 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
| Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Obfuscated Files or Information1 | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud |
Behavior Graph |
|---|
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetScreenshots |
|---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
|---|
Initial Sample |
|---|
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 20% | Virustotal | Browse |
Dropped Files |
|---|
| No Antivirus matches |
|---|
Unpacked PE Files |
|---|
| No Antivirus matches |
|---|
Domains |
|---|
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Virustotal | Browse | ||
| 0% | Virustotal | Browse | ||
| 2% | Virustotal | Browse | ||
| 1% | Virustotal | Browse |
URLs |
|---|
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | Avira URL Cloud | safe |
Domains and IPs |
|---|
Contacted Domains |
|---|
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| cs1100.wpc.omegacdn.net | 152.199.23.37 | true | false |
| unknown |
| cs1227.wpc.alphacdn.net | 192.229.221.185 | true | false |
| unknown |
| raktaxis.co.uk | 217.160.0.18 | true | false |
| unknown |
| logincdn.msauth.net | unknown | unknown | false |
| unknown |
| clientconfig.passport.net | unknown | unknown | false | unknown | |
| aadcdn.msftauth.net | unknown | unknown | false | unknown | |
| ajax.aspnetcdn.com | unknown | unknown | false | high | |
| privacy.microsoft | unknown | unknown | false | unknown |
Contacted URLs |
|---|
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| true | low | ||
| true | low | ||
| true | unknown |
URLs from Memory and Binaries |
|---|
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false | high | |||
| false | unknown | |||
| false |
| unknown | ||
| false | high | |||
| false | high | |||
| false | high | |||
| false | high | |||
| false |
| unknown | ||
| false | high |
Contacted IPs |
|---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
|---|
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 217.160.0.18 | raktaxis.co.uk | Germany | 8560 | ONEANDONE-ASBrauerstrasse48DE | false | |
| 192.229.221.185 | cs1227.wpc.alphacdn.net | United States | 15133 | EDGECASTUS | false | |
| 152.199.23.37 | cs1100.wpc.omegacdn.net | United States | 15133 | EDGECASTUS | false |
Private |
|---|
| IP |
|---|
| 192.168.2.1 |
General Information |
|---|
| Joe Sandbox Version: | 31.0.0 Emerald |
| Analysis ID: | 385276 |
| Start date: | 12.04.2021 |
| Start time: | 09:29:49 |
| Joe Sandbox Product: | CloudBasic |
| Overall analysis duration: | 0h 6m 33s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Sample file name: | RemitSwift119353 xlsx.htm |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
| Number of analysed new started processes analysed: | 17 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Detection: | MAL |
| Classification: | mal88.phis.evad.winHTM@3/31@9/4 |
| Cookbook Comments: |
|
| Warnings: | Show All
|
Simulations |
|---|
Behavior and APIs |
|---|
| No simulations |
|---|
Joe Sandbox View / Context |
|---|
IPs |
|---|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| 217.160.0.18 | Get hash | malicious | Browse | ||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| 192.229.221.185 | Get hash | malicious | Browse | ||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse | |||
| Get hash | malicious | Browse |
Domains |
|---|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| cs1227.wpc.alphacdn.net | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| cs1100.wpc.omegacdn.net | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
ASN |
|---|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| ONEANDONE-ASBrauerstrasse48DE | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| EDGECASTUS | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
JA3 Fingerprints |
|---|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
|---|---|---|---|---|---|
| 9e10692f1b7f78228b2d4e424db3a98c | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| 37f463bf4616ecd445d4a1937da06e19 | Get hash | malicious | Browse |
| |
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
| ||
| Get hash | malicious | Browse |
|
Dropped Files |
|---|
| No context |
|---|
Created / dropped Files |
|---|
| Process: | C:\Program Files\internet explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 33368 |
| Entropy (8bit): | 1.8739714500428286 |
| Encrypted: | false |
| SSDEEP: | 192:ruZWZa2zWCteif/8OzM32BqwDg2BmytI8Vj3:r6SZK6Piuhjdj |
| MD5: | C8C292B8B5BACD683D19368F82A787AD |
| SHA1: | 8F0A62051DDC02FC24F034F0482C9AC78A371209 |
| SHA-256: | C10510BF07209B830B7AF091739AC4DAF262515EBAE207AC66925917431CD22D |
| SHA-512: | F0EEF4917AC3B5E8BE707082AE84AE9BD373F5D3E1FEE15E5A02142667D74BF03456519061CFFBBFE231B622465469955D649C7C39C77F7D20D6360F5F5E1696 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
|
| Process: | C:\Program Files\internet explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 93386 |
| Entropy (8bit): | 2.8400079188313447 |
| Encrypted: | false |
| SSDEEP: | 384:r8o3r2YsCtE1yYuXYpR/CVlWP7r/U+6HgsikN18HAFw/XR69sTJIYTd:y |
| MD5: | C68BCEB38918C073850B0D5276686055 |
| SHA1: | CBED2EEB7A4BCF0823E8CD001D028B51EB5CA16A |
| SHA-256: | 896D29B3A193C64B318A3C631823ECCA7306809E4B310537F230BCF2A90EAC1D |
| SHA-512: | 2C6585B3B57EA16A935671C6A999DA2D661ACA265C6C07903CB0E2B95413D968741A61DF8355855A7E3AD1A88C4060B12D3199AB982CA632CF820BA3D301324A |
| Malicious: | false |
| Reputation: | low |
| Preview: |
|
| Process: | C:\Program Files\internet explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16984 |
| Entropy (8bit): | 1.5667094986279155 |
| Encrypted: | false |
| SSDEEP: | 48:IwmGcpr6GwpabG4pQHGrapbSEGQpKKG7HpR5TGIpG:r6ZiQ96bBScAlT/A |
| MD5: | 75B5A9AB3237E9F4EA3DD835B3215ECB |
| SHA1: | DEEB4698A9B3586AA6621F17D12EA60A2E4BB04C |
| SHA-256: | 2654C17E3D013DDFCBF03E4C3B7309EF9F6208506F0AA3FCD897DCAC32327C99 |
| SHA-512: | 8680F574811916FE6019D710821D71F93C2CB1260C5DDCBFEF72965FDA8F37FFCCD1C2A3B2ADC36F2E06B89A816E03DE4A3223FA4EE7446F7225B2508CF501DE |
| Malicious: | false |
| Reputation: | low |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 17876 |
| Entropy (8bit): | 3.032337724695834 |
| Encrypted: | false |
| SSDEEP: | 48:OAHAyAaAtgyyyyyyyyyyyyy7ADWAGQQQQQV:CQQQQQV |
| MD5: | E558BD37414FAC6546092E271CB36450 |
| SHA1: | D50CFF3D9E9CA962B89BA1F5A75F9F7EE83F4663 |
| SHA-256: | D8F2248353C1777FB8FC36B76173002F6495BF7F03D9710D00F71B10BF991D5A |
| SHA-512: | 67B6C0B62BE5047901519868BBF5FCD0030E95994B14150EDA2850BBE928214D5E893660116CBEFF51C0345DEDA543B278825CABFC5ADED73C11D1C8754C53E5 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 100970 |
| Entropy (8bit): | 5.304591030098493 |
| Encrypted: | false |
| SSDEEP: | 1536:IpHDgWeWJw+k4zazA/PWrF7qvEAFiQcpmP4may352:ORsy3A |
| MD5: | 0195C284F201E632378A3AE6A0D965E7 |
| SHA1: | BF2B78CCE5E09830A0F057FB6935E206333B752A |
| SHA-256: | 97EB235CAFA5525CEF7437B24548FB7936968778333DB62C0C661FFA8310090D |
| SHA-512: | 98D6CE4074FA8A5DD1C67308A8282268D4DF1DAF18E95C11C1F5DF94C00559B0DF5150054D00F3EF58ABE0E72C35130753EEE2A624F910FACAC4A756EF92E559 |
| Malicious: | false |
| Reputation: | moderate, very likely benign file |
| IE Cache URL: | https://logincdn.msauth.net/16.000/Converged_v21033_AZXChPIB5jI3ijrmoNll5w2.css |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 476 |
| Entropy (8bit): | 7.35124642782842 |
| Encrypted: | false |
| SSDEEP: | 12:6v/78/8QCeKXzjl5V6VQTdwbtsxET1SDQi7N:sNfF6VYd6tf1SdN |
| MD5: | B8E8859FCD4E43D51233559C17A3C7BD |
| SHA1: | F0CA023F26A84761995FA0BF6935DE6A3B8AE6F8 |
| SHA-256: | DC15A37B4015D0DECF639006E4F9002E742DDBFD7C669EC0AE469057F238B78D |
| SHA-512: | 3605E4C4FE22E6E05553F89D34CFE8B3E5CA72FBDADCCD8B279835A0ECEFCD10B1BF2AD1ACCEEB168EE369E23A8AD205720FBF33A184188A7F23AEA7B0F22005 |
| Malicious: | false |
| Reputation: | moderate, very likely benign file |
| IE Cache URL: | https://c.s-microsoft.com/en-gb/CMSImages/Print.png?version=03620f3a-5d1e-5a73-a117-a2f71eee437d |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 829 |
| Entropy (8bit): | 0.6055646407132698 |
| Encrypted: | false |
| SSDEEP: | 3:CKY1q/rylAxrt/laIFBYEQvyIFle:sGFaIFBYfvDfe |
| MD5: | 95B65C94F57061E15ECC8304D3E578D5 |
| SHA1: | A7483D668A780949FDA842F39877A3C08D0FC51C |
| SHA-256: | BDA2D6EB8E72B3DBCA5EEF086178033F8A2BB3481180B2C63295FCF23843D960 |
| SHA-512: | B17552D90D0038531A5F4E78DA553F9109346CB25851F38996BFAB54906A898DE848FEFFD31E8D0BF0A32D956513CA7ED72D2F4C3AE47922C6F9D370584288EF |
| Malicious: | false |
| Reputation: | moderate, very likely benign file |
| IE Cache URL: | https://c.s-microsoft.com/en-gb/CMSImages/arrow_px_up.gif?version=27f11222-771f-bb95-a744-f0b962f89b91 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3651 |
| Entropy (8bit): | 4.094801914706141 |
| Encrypted: | false |
| SSDEEP: | 96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO |
| MD5: | EE5C8D9FB6248C938FD0DC19370E90BD |
| SHA1: | D01A22720918B781338B5BBF9202B241A5F99EE4 |
| SHA-256: | 04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A |
| SHA-512: | C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58 |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| IE Cache URL: | https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 50466 |
| Entropy (8bit): | 5.403327253117392 |
| Encrypted: | false |
| SSDEEP: | 768:3Vs4A3c/bSKCzUm4D19h3j9UIAyjYXQgyjYXEoygRRsRnMtoafRnvdMIKebqH:h6c/bSKCzUm4DDh3j+9XQ4XE+BZdMIK9 |
| MD5: | 633B23CA8A850C508C146635DB4239F5 |
| SHA1: | CF78DA53BD7561F3ACB33710016ECBF60E9F0204 |
| SHA-256: | DAA1677D2640BE8A77F6C69EEE3911D2F8CF81DAA7BB604800A2D63A8F130C95 |
| SHA-512: | 82D4887AB9BB6A449FB0E5B6DEF80215B5F9E51058DCB1B8B7CD583A880F93428C3FB75B37C0E9481843203A4878FEF32424B5CD2EBCDD811D92604A1C1BCAEB |
| Malicious: | false |
| Reputation: | moderate, very likely benign file |
| IE Cache URL: | https://c.s-microsoft.com/en-gb/CMSScripts/script.jsx?k=1a053411-4f63-d069-d3b8-11d5d720eeb4 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 136271 |
| Entropy (8bit): | 5.355801424758139 |
| Encrypted: | false |
| SSDEEP: | 1536:2Fk5W0azHVaAgrBmeZCstBwB/BxBf9e969j9S9h919g9Z9C9f9g9Z9e979Q9t9Vn:2Fk5W0agiCK |
| MD5: | 9A3769F2253DF9AE29B12DC21062E2BC |
| SHA1: | 23E899CB0B626CD27ED59033E60E9FDF0B1E6CBF |
| SHA-256: | 9E2732FD685A5101AB8B3EA0EBDA9764A004F21538F40BD42FAC359490C4CF80 |
| SHA-512: | F1D26F368B55CEACD87243F9783D51927ED5520636B80D3AC98C649675602467F3988EF4C402048F77610525698EECB6E7C8C95A170BE81B127A29B639134ECD |
| Malicious: | false |
| IE Cache URL: | https://c.s-microsoft.com/en-gb/CMSStyles/style.csx?k=3c9ade18-bc6a-b6bd-84c3-fc69aaaa7520_f05cbaf8-1aa4-2e42-0beb-040a76f09433_e688a192-b2e5-4598-dec4-9340a1bb6723_6e5b2ac7-688a-4a18-9695-a31e8139fa0f_b3dad3e4-0853-1041-fa46-2e9d6598a584_fc29d27f-7342-9cf3-c2b5-a04f30605f03_28863b11-6a1b-a28c-4aab-c36e3deb3375_907fa087-b443-3de8-613e-b445338dad1f_a66bb9d1-7095-dfc6-5a12-849441da475c_1b0ca1a3-6da9-0dbf-9932-198c9f68caeb_ef11258b-15d1-8dab-81d5-8d18bc3234bc_11339d5d-cf04-22ad-4987-06a506090313_50edf96d-7437-c38c-ad33-ebe81b170501_8031d0e3-4981-8dbc-2504-bbd5121027b7_3f0c3b77-e132-00a5-3afc-9a2f141e9eae_aebeacd9-6349-54aa-9608-cb67eadc2d17_0cdb912f-7479-061d-e4f3-bea46f10a753_343d1ae8-c6c4-87d3-af9d-4720b6ea8f34_a905814f-2c84-2cd4-839e-5634cc0cc383_190a3885-bf35-9fab-6806-86ce81df76f6_05c744db-5e3d-bcfb-75b0-441b9afb179b_8beffb66-d700-2891-2c8d-02e40c7ac557_b1fe3f15-7512-0a8f-a55b-b316245621b5_f9c8eff0-3e34-2c33-6c0d-1fa7c5077eec |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 169145 |
| Entropy (8bit): | 5.043578345658209 |
| Encrypted: | false |
| SSDEEP: | 3072:jzCPZkTP3bDLH0tfRqQ0xtLfj4ZDSIpTt813viY8R1j35Ap7LQZLPPJH7PAbOCxq:jlZAjLkeeTC |
| MD5: | B5C29B4AC43102BF428D32BF9C12C76D |
| SHA1: | ED7C97F502484C62E5D2D8D098EE2A4D240FF991 |
| SHA-256: | 3673431352D7EAF65DEC60074374B6DF40EFA17997230B086A62D0688077E508 |
| SHA-512: | B43E7C24BAD43D8D1BEDCBECFA9CC59511A5F9CDD4876530D1A61576B6645AF70A4DBBD96086DDC61E611FF4FE2F59DE15FDAD8FFAB05FA3463AD56A6EB7A41A |
| Malicious: | false |
| IE Cache URL: | https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9f-350029/f7-19b3db/e7-5e6a15/18-5a610e/e9-86f957/42-f4e005/50-7d6580/d7-808fb1?ver=2.0 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2997 |
| Entropy (8bit): | 4.4885437940628465 |
| Encrypted: | false |
| SSDEEP: | 48:u7u5V4VyhhV2lFUW29vj0RkpNc7KpAP8Rra:vIlJ6G7Ao8Ra |
| MD5: | 2DC61EB461DA1436F5D22BCE51425660 |
| SHA1: | E1B79BCAB0F073868079D807FAEC669596DC46C1 |
| SHA-256: | ACDEB4966289B6CE46ECC879531F85E9C6F94B718AAB521D38E2E00F7F7F7993 |
| SHA-512: | A88BECB4FBDDC5AFC55E4DC0135AF714A3EEC4A63810AE5A989F2CECB824A686165D3CEDB8CBD8F35C7E5B9F4136C29DEA32736AABB451FE8088B978B493AC6D |
| Malicious: | false |
| IE Cache URL: | res://ieframe.dll/dnserror.htm?ErrorStatus=0x800C0005&DNSError=9003 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 12105 |
| Entropy (8bit): | 5.451485481468043 |
| Encrypted: | false |
| SSDEEP: | 192:x20iniOciwd1BtvjrG8tAGGGVWnvyJVUrUiki3ayimi5ezLCvJG1gwm3z:xPini/i+1Btvjy815ZVUwiki3ayimi5f |
| MD5: | 9234071287E637F85D721463C488704C |
| SHA1: | CCA09B1E0FBA38BA29D3972ED8DCECEFDEF8C152 |
| SHA-256: | 65CC039890C7CEB927CE40F6F199D74E49B8058C3F8A6E22E8F916AD90EA8649 |
| SHA-512: | 87D691987E7A2F69AD8605F35F94241AB7E68AD4F55AD384F1F0D40DC59FFD1432C758123661EE39443D624C881B01DCD228A67AFB8700FE5E66FC794A6C0384 |
| Malicious: | false |
| IE Cache URL: | res://ieframe.dll/httpErrorPagesScripts.js |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 35047 |
| Entropy (8bit): | 7.975792390307888 |
| Encrypted: | false |
| SSDEEP: | 768:I6ibzTDpOGuAJ63YB9eSzDtQEspfAzyNyuBmOfAJYCM:/iPMYJ4GEAZoTyglcM |
| MD5: | CAD76E4816AF6890C9BFD02A6D1EA899 |
| SHA1: | 9EDC91541C31034FCE0D83AABBAAD4C314CD3D33 |
| SHA-256: | D5794223D1A062E5DBE6C34C1994C8CE3792B24AFD5218D0644CB1F53DA4BE58 |
| SHA-512: | 24983A5856C2B4D8CBE2A4BD233A93B266A03D4218942E1D1733B33B65AB7A504AF0AC31DE2F1E69F6FF8CCD7A169CD4555539D34FFF8DE4CB8C98DB2DB2C863 |
| Malicious: | false |
| IE Cache URL: | https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.eot? |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 28315 |
| Entropy (8bit): | 7.9724193003797 |
| Encrypted: | false |
| SSDEEP: | 384:+R0Z7+bHAtrQ1yBFbgqLct7rJhhPLLkHsrvSzaJu4mI3n5o+MmKCxDg6iT7jdVye:+uNUAtE3phPLLFTiMu+pxCjHyGEQ9zL |
| MD5: | 17DFE73CB9C64527F7248B0A24DB317D |
| SHA1: | 345198B9239FCDAF038FB2D3A919E4724037DBAA |
| SHA-256: | AD75FB92B2EBCE6C37640F03E1AB96A752F388BCE60C877ADE4780B13839E8C4 |
| SHA-512: | 421B56D93E9BD5E4B4449DD0FCDEE8D531087FD484C91530AAF0A67EDEA33D5AC2F14A7F4966C528C0F130F17F26629FCAB9F8AB47E950CEB5B9F1A827EA0728 |
| Malicious: | false |
| IE Cache URL: | https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/light/latest.eot? |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 201859 |
| Entropy (8bit): | 5.151612322590051 |
| Encrypted: | false |
| SSDEEP: | 6144:LUpUqbKWk+8gSoH26vd+SiOfsyUCXFfgmCVWT2Ph9mUMbT+vZht5+VKsZf:LMUqbKQ8gSoH26vd+SiOfsyUCXFfgmCw |
| MD5: | 44A416A6D2C7B863B2B52AA92A0FBDDA |
| SHA1: | 228D7BA0AA5D72A114CA3896601E7C22463C121F |
| SHA-256: | 23B458A23ADA39A1B1FA71AA025DE4E321360F3C4AE6099BD8EB2640C161CAF5 |
| SHA-512: | 6ABCD4F7636DDF88EF87B950FFC87BBABC1CFE4396C515E81A63B438E1A4E250E36B2FB787C11052EAE0D17CC1451BE1F008DC42324F97F2594226761F6D4E58 |
| Malicious: | false |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 135290 |
| Entropy (8bit): | 5.2254562447372 |
| Encrypted: | false |
| SSDEEP: | 3072:1f/HuFzpxJIS20i9d1EwgXA95KSqDCE4t:1f/HuXIZRjt |
| MD5: | 07CB1B6723F61F949C862B399E06B3BF |
| SHA1: | 83ABC38AB7E787F719E859E3EA97D4A634FE61FC |
| SHA-256: | 82A7ACB7D942575069E4067375BEC0C33F1949EA2864BE8BD12E9D6DB74A345D |
| SHA-512: | D520D31E12A3D2D316347D96E4E3D20D7E5C988A4824228097D1DF0A5AB3F12334096C2ADD5D0A7345EF8A2E674712F84D9F8CFC2E973A2A4DEDA546337C94CD |
| Malicious: | false |
| IE Cache URL: | https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/bb-d7480b/db-bc0148/dc-7e9864/6d-c07ea1/9d-b58f60/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/69-13871c/b7-0ad59f/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/17-f90ef1?ver=2.0&iife=1 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1612 |
| Entropy (8bit): | 4.869554560514657 |
| Encrypted: | false |
| SSDEEP: | 24:5Y0bQ573pHpACtUZtJD0lFBopZleqw87xTe4D8FaFJ/Doz9AtjJgbCzg:5m73jcJqQep89TEw7Uxkk |
| MD5: | DFEABDE84792228093A5A270352395B6 |
| SHA1: | E41258C9576721025926326F76063C2305586F76 |
| SHA-256: | 77B138AB5D0A90FF04648C26ADDD5E414CC178165E3B54A4CB3739DA0F58E075 |
| SHA-512: | E256F603E67335151BB709294749794E2E3085F4063C623461A0B3DECBCCA8E620807B707EC9BCBE36DCD7D639C55753DA0495BE85B4AE5FB6BFC52AB4B284FD |
| Malicious: | false |
| IE Cache URL: | res://ieframe.dll/NewErrorPageTemplate.css |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 748 |
| Entropy (8bit): | 7.249606135668305 |
| Encrypted: | false |
| SSDEEP: | 12:6v/7/2QeZ7HVJ6o6yiq1p4tSQfAVFcm6R2HkZuU4fB4CsY4NJlrvMezoW2uONroc:GeZ6oLiqkbDuU4fqzTrvMeBBlE |
| MD5: | C4F558C4C8B56858F15C09037CD6625A |
| SHA1: | EE497CC061D6A7A59BB66DEFEA65F9A8145BA240 |
| SHA-256: | 39E7DE847C9F731EAA72338AD9053217B957859DE27B50B6474EC42971530781 |
| SHA-512: | D60353D3FBEA2992D96795BA30B20727B022B9164B2094B922921D33CA7CE1634713693AC191F8F5708954544F7648F4840BCD5B62CB6A032EF292A8B0E52A44 |
| Malicious: | false |
| IE Cache URL: | res://ieframe.dll/down.png |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1531 |
| Entropy (8bit): | 4.797455242405607 |
| Encrypted: | false |
| SSDEEP: | 24:Udf0F+MOu2UOqD3426TKgR2Yyk9696TkMYqdfskeEkeGk/ksuF9qaSm9qags:Ud8FYqTj36TKgR2Yyk9696TkMYO0keEW |
| MD5: | A570448F8E33150F5737B9A57B6D889A |
| SHA1: | 860949A95B7598B394AA255FE06F530C3DA24E4E |
| SHA-256: | 0BD288D5397A69EAD391875B422BF2CBDCC4F795D64AA2F780AFF45768D78248 |
| SHA-512: | 217F971A8012DE8FE170B4A20821A52FA198447FA582B82CF221F4D73E902C7E3AA1022CB0B209B6679C2EAE0F10469A149F510A6C2132C987F46214B1E2BBBC |
| Malicious: | false |
| IE Cache URL: | https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css?c=7 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 128026 |
| Entropy (8bit): | 5.263686738901574 |
| Encrypted: | false |
| SSDEEP: | 1536:+JXd+YOlaYOyguihQ3ZYrH6GdXJKjZtQ3EBJ0PYmwYmEZeQ8Wt2Db7ACu8J8IvCs:ed+YOlaYOyguihQ3ZOHbdX2nX5PaCfey |
| MD5: | 793D36029B8AD32CB261F226B7012686 |
| SHA1: | 168780848C49158030673BD4DBA93CD3071D1DC8 |
| SHA-256: | E3BEAC351290C97CEFAF06552F5BF1CB1EE48611C896D46E9B397291869DA137 |
| SHA-512: | CE1A120334350B2D40E8BC84502500A6C0BEE82FD1630481DE4EF54138A0458E99A0323785F8A7FF98F39FB54D64AD2F0F5F738F5225C6F9A168C932390187BC |
| Malicious: | false |
| IE Cache URL: | https://c.s-microsoft.com/en-gb/CMSScripts/script.jsx?k=0502864a-b6ef-2f14-9f8e-267004d3a4e0_c5ea3348-55af-729a-2641-14f0312bacf3_742bd11f-3d7c-9955-3df5-f02b66689699_cb9d43d2-fbae-5b5c-827f-72166d6b87fc_49488e0d-6ae2-5101-c995-f4d56443b1d8_7dea7b90-4334-c043-b252-9f132d19ee19_38aa9ffb-ddb5-75be-6536-a58628f435f5_e3e65a0a-c133-43e7-571d-2293e03f85e6_c7a4393f-7c9b-39d3-762d-af461a6d6564_4ca0e9dc-a4de-17ba-f0de-d1d346cb99e2_06310cd8-41c6-3b11-4645-b4884789ed70_5c27e8aa-9347-969e-39ac-37a4de428a8d_d6872b5a-5310-a73c-7cb3-227a3213a1c5_be92d794-4118-193f-9871-58b72092a5ac_64c742e2-b29c-b6c1-fdd9-accf33ec40bd_cf2ceca9-3467-a5b3-d095-68958eee6d4c_cec39dd8-f1d3-56f1-abfc-a7db34ff7b46_ec5fa2c9-3950-ff57-a5c3-1fa77e0db190_d19f9592-65df-bcc9-e30e-439b875c3381_76a3d06f-f11f-77ef-9bfd-6227ba750200_5e1caa45-461c-3b04-f88b-8cd50af16db5_c2dceda8-20b4-7d3f-13b6-9cac67d7df17_914fa41b-cc86-d3b0-4e15-2fdfa357bcc7_40c6c884-da6e-7c2c-081f-4a7dfe7c7245_ae79ba96-1a9d-debd-a5b1-f3067213b9b8 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 255440 |
| Entropy (8bit): | 6.051861579501256 |
| Encrypted: | false |
| SSDEEP: | 6144:PIgagvUI0iDsW9Whsredo7NjIZjIZP0aNWgF9Dyjzh:PIgaHI0iIUedo7NjIZjIZP0o74t |
| MD5: | 38B769522DD0E4C2998C9034A54E174E |
| SHA1: | D95EF070878D50342B045DCF9ABD3FF4CCA0AAF3 |
| SHA-256: | 208EDBED32B2ADAC9446DF83CAA4A093A261492BA6B8B3BCFE6A75EFB8B70294 |
| SHA-512: | F0A10A4C1CA4BAC8A2DBD41F80BBE1F83D767A4D289B149E1A7B6E7F4DBA41236C5FF244350B04E2EF485FDF6EB774B9565A858331389CA3CB474172465EB3EF |
| Malicious: | false |
| IE Cache URL: | https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 283351 |
| Entropy (8bit): | 7.975896455873056 |
| Encrypted: | false |
| SSDEEP: | 6144:hPgRhluS12CyK8XGsLzsr5XONnQ4/bEmhZSIj6xU2zyOX/:2vz1pyWsLoXqN/YWPUU2OOX/ |
| MD5: | A5DBD4393FF6A725C7E62B61DF7E72F0 |
| SHA1: | 55B292F885FFC92ABCE18750B07AA4ACFA4E903E |
| SHA-256: | 211A907DE2DA0FF4A0E90917AC8054E2F35C351180977550C26E51B4909F2BEB |
| SHA-512: | 850586A05B67EF25492BD50A090F1EC0A0CC21DC4E4EFEB35E19CDC78A98F9415A3807318FA02664EADE87F0E2D8FA2A2958CD0D712329800FC05689E01DC614 |
| Malicious: | false |
| IE Cache URL: | https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/0_pdvuot_2pyxh5ith335y8a2.jpg?x=12f4b8b543125cc986c79cd85320812f |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4054 |
| Entropy (8bit): | 7.797012573497454 |
| Encrypted: | false |
| SSDEEP: | 48:zICvnyRHJ3BRZPcSPQ72N2xoiR4fTJX/rj4sFNMkk5/p1k2lPUmbm39o4aL7V9XH:10nvE724xoiRQJPrjpLKSFl9oX31Z1d |
| MD5: | 9F14C20150A003D7CE4DE57C298F0FBA |
| SHA1: | DAA53CF17CC45878A1B153F3C3BF47DC9669D78F |
| SHA-256: | 112FEC798B78AA02E102A724B5CB1990C0F909BC1D8B7B1FA256EAB41BBC0960 |
| SHA-512: | D4F6E49C854E15FE48D6A1F1A03FDA93218AB8FCDB2C443668E7DF478830831ACC2B41DAEFC25ED38FCC8D96C4401377374FED35C36A5017A11E63C8DAE5C487 |
| Malicious: | false |
| IE Cache URL: | https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31 |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 4720 |
| Entropy (8bit): | 5.164796203267696 |
| Encrypted: | false |
| SSDEEP: | 96:z9UUiqRxqH211CUIRgRLnRynjZbRXkRPRk6C87Apsat/5/+mhPcF+5g+mOQb7A9o:JsUOG1yNlX6ZzWpHOWLia16Cb7bk |
| MD5: | D65EC06F21C379C87040B83CC1ABAC6B |
| SHA1: | 208D0A0BB775661758394BE7E4AFB18357E46C8B |
| SHA-256: | A1270E90CEA31B46432EC44731BF4400D22B38EB2855326BF934FE8F1B169A4F |
| SHA-512: | 8A166D26B49A5D95AEA49BC649E5EA58786A2191F4D2ADAC6F5FBB7523940CE4482D6A2502AA870A931224F215CB2010A8C9B99A2C1820150E4D365CAB28299E |
| Malicious: | false |
| IE Cache URL: | res://ieframe.dll/errorPageStrings.js |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 17174 |
| Entropy (8bit): | 2.9129715116732746 |
| Encrypted: | false |
| SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
| MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
| SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
| SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
| SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
| Malicious: | false |
| IE Cache URL: | https://www.microsoft.com/favicon.ico |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 94840 |
| Entropy (8bit): | 5.372946098601679 |
| Encrypted: | false |
| SSDEEP: | 1536:8YRKUfAjtledhTmtaFyQHGvCXsedOgRc9izzr4yff8teLvHHEjam7W5X3yzSiLnM:VUb6GvCu09s2o2skAieW |
| MD5: | B8D64D0BC142B3F670CC0611B0AEBCAE |
| SHA1: | ABCD2BA13348F178B17141B445BC99F1917D47AF |
| SHA-256: | 47B68DCE8CB6805AD5B3EA4D27AF92A241F4E29A5C12A274C852E4346A0500B4 |
| SHA-512: | A684ABBE37E8047C55C394366B012CC9AE5D682D29D340BC48A37BE1A549AECED72DE6408BEDFED776A14611E6F3374015B236FBF49422B2982EF18125FF47DC |
| Malicious: | false |
| IE Cache URL: | https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js |
| Preview: |
|
| Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 26288 |
| Entropy (8bit): | 7.984195877171481 |
| Encrypted: | false |
| SSDEEP: | 768:56JqQaQphRbTHiKNF5z/02h5KpJW3pPOA8Y9g/:gdTTH5XKpJWdH1W/ |
| MD5: | D0263DC03BE4C393A90BDA733C57D6DB |
| SHA1: | 8A032B6DEAB53A33234C735133B48518F8643B92 |
| SHA-256: | 22B4DF5C33045B645CAFA45B04685F4752E471A2E933BFF5BF14324D87DEEE12 |
| SHA-512: | 9511BEF269AE0797ADDF4CD6F2FEC4AD0C4A4E06B3E5BF6138C7678A203022AC4818C7D446D154594504C947DA3061030E82472D2708149C0709B1A070FDD0E3 |
| Malicious: | false |
| IE Cache URL: | https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff |
| Preview: |
|
| Process: | C:\Program Files\internet explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 85016 |
| Entropy (8bit): | 1.6634961474678256 |
| Encrypted: | false |
| SSDEEP: | 384:kBqoxKAuqR+0SYpyl3yYQY/eOhtVv4GtZb8: |
| MD5: | 8A4052E0D2490922EAF463EFA99889BC |
| SHA1: | 67CA1A8A69144530F422863709177C5C54824542 |
| SHA-256: | B4D9DCE43EAC21EAD0970247C56B57F2DF20EC6BF5B8EEE8CE8A1747F3ADBAA7 |
| SHA-512: | 5C6EE8E6CDA69A462920553A9994010DC4C9FE2D5AE20530768026C789F38BB702684224CD98F793210E7F4A11DB0F4B7013B12A978D59AD1AA3C47C9079E29D |
| Malicious: | false |
| Preview: |
|
| Process: | C:\Program Files\internet explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 25441 |
| Entropy (8bit): | 0.39663867163216643 |
| Encrypted: | false |
| SSDEEP: | 24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laAggplvuS7Sm:kBqoxxJhHWSVSEabTvklo |
| MD5: | BE76B75F3D6D4F247C5AD6D07DC61E3F |
| SHA1: | D8867E33EFDD9A19671365D3BFC1450AB48EDF7B |
| SHA-256: | A21C2755232544B08A58D4089C0993A4629124BD6C50D8743AB15313DA5DAB98 |
| SHA-512: | 30B76BF0E676704D2B9EBC127D985576AC065DD3900520FE08F9E1D81314F392A2412789920809E2B55305295AE9D20D3B63B66F36E44BEABE46420304A695DC |
| Malicious: | false |
| Preview: |
|
| Process: | C:\Program Files\internet explorer\iexplore.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 13077 |
| Entropy (8bit): | 0.5097110636418096 |
| Encrypted: | false |
| SSDEEP: | 24:c9lLh9lLh9lIn9lIn9loQ9log9lWrFan3HB:kBqoIrNE |
| MD5: | 54FB92858E99E8216154FAAB46BCFFDF |
| SHA1: | 14B8A59360ADF797D61F1802A9D2B3AE6B6A8851 |
| SHA-256: | 6E28D3030AD8C4CE7E3BB0573CB01AD608837A7B6118EBBC32B4D986175F7487 |
| SHA-512: | 3171A054D81055CFA739F60D5B2896F8B57C995AB9944B99719D3B1A20383AEBC00584EA1F21D32FBD6848A0228CC7B592DBC308FEA929055E01E81721CDA6E8 |
| Malicious: | false |
| Preview: |
|
Static File Info |
|---|
General | |
|---|---|
| File type: | |
| Entropy (8bit): | 3.29796850155148 |
| TrID: | |
| File name: | RemitSwift119353 xlsx.htm |
| File size: | 49724 |
| MD5: | ca3a56c1d6eebe70576bb7196f53b1d0 |
| SHA1: | 72d5d6ef29bd345f17dcff7c299f47558e745d3e |
| SHA256: | 3a6422545bcba48ce42dcbce1838b7042d8e5546f2ae527af18e7cd8b53ee879 |
| SHA512: | e819a98723dbd5310fd630029343008c639b921d46a0660bfd142847a27219330ff1a852bc9cc3ad6ce333651add92fbc02b99106e71e1046d125bdd5f4eefc5 |
| SSDEEP: | 384:ZaWyc2bPTBPBE92bWBNQN4SaQdaAwGKrzLLuY/d1c4+GvArbOUaG4Mtd9z4NiDu0:Zp2I+AA+b4MNS6juPP |
| File Content Preview: | <script language="javascript">document.write(unescape('%0A%0A%0A%3C%21%44%4F%43%54%59%50%45%20%68%74%6D%6C%3E%0A%0A%3C%68%74%6D%6C%20%6C%61%6E%67%3D%22%65%6E%22%3E%3C%68%65%61%64%3E%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%7 |
File Icon |
|---|
 | |
| Icon Hash: | f8c89c9a9a998cb8 |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library NodeNetwork Behavior |
|---|
Network Port Distribution |
|---|
TCP Packets |
|---|
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Apr 12, 2021 09:30:43.264152050 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.264826059 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.265036106 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.265223026 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.287009001 CEST | 49731 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.287126064 CEST | 49732 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.305028915 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.305192947 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.305484056 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.305546045 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.305583000 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.305630922 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.305771112 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.305883884 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.313823938 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.313968897 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.314121008 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.314198017 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.334233999 CEST | 443 | 49731 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.334295988 CEST | 443 | 49732 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.334386110 CEST | 49731 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.334465027 CEST | 49732 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.335398912 CEST | 49731 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.335699081 CEST | 49732 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.354566097 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.354623079 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.354661942 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.354700089 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355482101 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355542898 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355597973 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355643034 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355664015 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.355688095 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355705976 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.355711937 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.355715990 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.355742931 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355760098 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.355798960 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355819941 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.355854034 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355868101 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.355894089 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355918884 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.355947018 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.355953932 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.355999947 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356024027 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.356059074 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356060028 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.356098890 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356122017 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.356138945 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356154919 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.356192112 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.356192112 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356247902 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356264114 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.356302023 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356306076 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.356340885 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356355906 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.356378078 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.356398106 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.356451988 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.382467031 CEST | 443 | 49731 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.382654905 CEST | 443 | 49732 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.383692026 CEST | 443 | 49731 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.383833885 CEST | 49731 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.383841991 CEST | 443 | 49732 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.383932114 CEST | 49732 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.391112089 CEST | 49731 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.401228905 CEST | 49732 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.402962923 CEST | 49733 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.406573057 CEST | 49734 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.413547993 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.413830996 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.427077055 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.427125931 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.428458929 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.429126024 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.429395914 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.429461002 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.429738998 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.429833889 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.430102110 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.438375950 CEST | 443 | 49731 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.448530912 CEST | 443 | 49732 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.450067043 CEST | 443 | 49733 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.450212002 CEST | 49733 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.451065063 CEST | 49733 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.453685999 CEST | 443 | 49734 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.453780890 CEST | 49734 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.454421043 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.454440117 CEST | 49734 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.454468012 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.454505920 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.454516888 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.454540014 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.454575062 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.454593897 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.454626083 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.455364943 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.456202984 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.467981100 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.468034983 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.468070030 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.468090057 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.468096018 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.468128920 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.468152046 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.468179941 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.468959093 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.469002008 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.469077110 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.469273090 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.469949961 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.470026970 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.470244884 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.470287085 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.470329046 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.470330000 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.470392942 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.471328974 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.471369028 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.471410036 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.471436024 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.472259998 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472302914 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472337961 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472347975 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472371101 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472376108 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472395897 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472414017 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472431898 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472450972 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472470045 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472487926 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472501993 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472528934 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472537994 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472582102 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472589016 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472635984 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472644091 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472671986 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472691059 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472708941 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472723007 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472743988 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472757101 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472779989 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472795963 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472810030 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.472830057 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.472876072 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:43.473365068 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473438025 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473463058 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473516941 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473519087 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473572969 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473576069 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473624945 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473627090 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473663092 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473674059 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473707914 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473707914 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473748922 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473751068 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473784924 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473797083 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473823071 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473826885 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473860025 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473862886 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473896027 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473901987 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473932028 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473936081 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.473968983 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.473972082 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474009991 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474013090 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474060059 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474065065 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474108934 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474112034 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474147081 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474159956 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474184036 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474189043 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474221945 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474231958 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474260092 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474263906 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474296093 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474302053 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474340916 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474343061 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474390030 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474458933 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474507093 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.474509954 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.474550962 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.495299101 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.495364904 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.495408058 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.495446920 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.495457888 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.495490074 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.495511055 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.498101950 CEST | 443 | 49733 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.498141050 CEST | 443 | 49733 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.498168945 CEST | 443 | 49733 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.498220921 CEST | 49733 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.498271942 CEST | 49733 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.499284029 CEST | 49733 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.501362085 CEST | 443 | 49734 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.501439095 CEST | 443 | 49734 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.501471996 CEST | 443 | 49734 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.501517057 CEST | 49734 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.501540899 CEST | 49734 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.502388000 CEST | 49734 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.503439903 CEST | 49735 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.504215956 CEST | 49736 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.509727955 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.509773970 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.509843111 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.509912968 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.511933088 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.511991024 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.512043953 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.512046099 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.512068987 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.512093067 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.512100935 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.512150049 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515301943 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515341043 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515396118 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515417099 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515420914 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515444040 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515467882 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515472889 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515492916 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515495062 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515517950 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515522003 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515544891 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515548944 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515572071 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515573978 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515598059 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515599012 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515624046 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515629053 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515656948 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515657902 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515680075 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515682936 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515706062 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515706062 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515727997 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515732050 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515750885 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515755892 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515769958 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515782118 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515799999 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515806913 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515820980 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515835047 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515847921 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515861034 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515877962 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515885115 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515904903 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515909910 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515924931 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515933990 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515947104 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515959024 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515975952 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.515983105 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.515995979 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516009092 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516026974 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516036034 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516060114 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516061068 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516084909 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516086102 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516108990 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516113043 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516134024 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516139030 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516153097 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516163111 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516184092 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516189098 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516211033 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516216040 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516232014 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516244888 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516262054 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516271114 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516294003 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516294956 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516315937 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516320944 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516338110 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516346931 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516361952 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516371012 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516395092 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516396999 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516418934 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516422987 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516446114 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516448021 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516472101 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516474009 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516499043 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516500950 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516525030 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516525030 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516551018 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516558886 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516573906 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516576052 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516598940 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516603947 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516625881 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516629934 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.516652107 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.516675949 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536048889 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536087036 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536119938 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536134005 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536150932 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536155939 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536175966 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536179066 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536196947 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536207914 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536221981 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536236048 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536247969 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536262989 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.536279917 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.536304951 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.543787003 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.546291113 CEST | 443 | 49733 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.549333096 CEST | 443 | 49734 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.550374985 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.550405979 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.550432920 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.550453901 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.550462961 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.550472975 CEST | 443 | 49735 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.550489902 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.550527096 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.550570011 CEST | 49735 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.551233053 CEST | 443 | 49736 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.551354885 CEST | 49736 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.551649094 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552634001 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552666903 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552701950 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552714109 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.552726030 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552751064 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552752972 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.552776098 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552784920 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.552800894 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552828074 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.552830935 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.552856922 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.552890062 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.554614067 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557251930 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557317972 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557329893 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557377100 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557378054 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557482958 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557497978 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557543993 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557545900 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557596922 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557600975 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557651043 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557653904 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557708025 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557712078 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557761908 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557765007 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557815075 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557818890 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557869911 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557871103 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557925940 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.557929039 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557986021 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.557986975 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558041096 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558046103 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558095932 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558095932 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558151960 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558155060 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558217049 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558218956 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558274031 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558274984 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558329105 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558330059 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558382988 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558383942 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558438063 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558439970 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558494091 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558495045 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558547020 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558552980 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558608055 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558608055 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558660030 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558661938 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558716059 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558717012 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558769941 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558769941 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558824062 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558835030 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558876991 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.558878899 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.558933020 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559130907 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559195042 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559495926 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559561968 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559576035 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559611082 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559614897 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559668064 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559674025 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559729099 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559730053 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559781075 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559782982 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559834957 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559837103 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559889078 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559890985 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559942961 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.559948921 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559992075 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.559997082 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560050011 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560050011 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560103893 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560107946 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560158014 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560162067 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560211897 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560213089 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560269117 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560270071 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560323954 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560324907 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560374975 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560379982 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560424089 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560427904 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560480118 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560482025 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560532093 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560538054 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560586929 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560591936 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560642958 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560647011 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560695887 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560700893 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560749054 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560750008 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560800076 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560803890 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560858011 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560859919 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560914993 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.560915947 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560966015 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.560975075 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561028957 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561029911 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561078072 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561080933 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561134100 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561135054 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561184883 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561207056 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561260939 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561264038 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561356068 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561369896 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561403990 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561444998 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561496019 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561511040 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561553955 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561568022 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561614990 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561625004 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561669111 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561676025 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561721087 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561738968 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561790943 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561803102 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561846972 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561861992 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561908007 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561919928 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.561968088 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.561979055 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562026024 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562036991 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562083006 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562097073 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562143087 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562155008 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562201977 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562310934 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562366009 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562371016 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562423944 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562429905 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562467098 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562475920 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562521935 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562534094 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562583923 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562591076 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562633038 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562654972 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562709093 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562716007 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562762022 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562773943 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562820911 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562834978 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562880993 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562894106 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562939882 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.562948942 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.562993050 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563009024 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563056946 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563067913 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563122988 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563136101 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563184977 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563196898 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563251972 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563258886 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563308954 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563313007 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563365936 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563370943 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563422918 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563430071 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563477993 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563491106 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563541889 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563551903 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563601971 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.563620090 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.563673019 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.567744970 CEST | 49735 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.567800999 CEST | 49736 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.576845884 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.576904058 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.576932907 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.576941967 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.576971054 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.576987028 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.576987982 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.577023983 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.577025890 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.577060938 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.577064037 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.577097893 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.577119112 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.577142000 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.577152014 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.577191114 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.577219009 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.577235937 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:30:43.614989042 CEST | 443 | 49735 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.615024090 CEST | 443 | 49736 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.615094900 CEST | 49735 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:43.615133047 CEST | 49736 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:30:59.916759014 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:59.957470894 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:30:59.957607031 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:30:59.960303068 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.001040936 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.002015114 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.002052069 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.002074957 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.002089024 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.002100945 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.002130985 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.011524916 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.052772045 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.052856922 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.055493116 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101473093 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101511002 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101532936 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101557016 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101581097 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101600885 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101622105 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101643085 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101655006 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101677895 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101700068 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101702929 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101722002 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101733923 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101756096 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101766109 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101785898 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101800919 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101815939 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101833105 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:00.101845980 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:00.101871014 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:01.865258932 CEST | 49741 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.865500927 CEST | 49742 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.912323952 CEST | 443 | 49741 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:01.912354946 CEST | 443 | 49742 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:01.912517071 CEST | 49741 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.914953947 CEST | 49742 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.916480064 CEST | 49742 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.916867018 CEST | 49741 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.963577032 CEST | 443 | 49742 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:01.963692904 CEST | 443 | 49741 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:01.964365959 CEST | 443 | 49742 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:01.964494944 CEST | 49742 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.964616060 CEST | 443 | 49741 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:01.964728117 CEST | 49741 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.965451956 CEST | 49742 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.965775013 CEST | 49741 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.967395067 CEST | 49743 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:01.968307972 CEST | 49744 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.012527943 CEST | 443 | 49742 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.012581110 CEST | 443 | 49741 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.014389038 CEST | 443 | 49743 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.014564991 CEST | 49743 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.015221119 CEST | 443 | 49744 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.015355110 CEST | 49744 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.023387909 CEST | 49743 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.023617029 CEST | 49744 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.070394993 CEST | 443 | 49743 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.070492983 CEST | 443 | 49744 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.070564032 CEST | 443 | 49744 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.070605040 CEST | 443 | 49744 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.070688963 CEST | 49744 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.070715904 CEST | 49744 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.071017981 CEST | 49744 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.071260929 CEST | 443 | 49743 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.071279049 CEST | 443 | 49743 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.071338892 CEST | 49743 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.071618080 CEST | 49743 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.072396040 CEST | 49745 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.072861910 CEST | 49746 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.117942095 CEST | 443 | 49744 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.118448019 CEST | 443 | 49743 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.119374037 CEST | 443 | 49745 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.119515896 CEST | 49745 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.119664907 CEST | 443 | 49746 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.119755983 CEST | 49746 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.119981050 CEST | 49745 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.120234966 CEST | 49746 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.167537928 CEST | 443 | 49745 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.167562962 CEST | 443 | 49746 | 217.160.0.18 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.167663097 CEST | 49745 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:02.167676926 CEST | 49746 | 443 | 192.168.2.4 | 217.160.0.18 |
| Apr 12, 2021 09:31:43.129821062 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.129851103 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.129867077 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.129924059 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:43.129965067 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:43.132019043 CEST | 49729 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:43.172637939 CEST | 443 | 49729 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.417479992 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.417505026 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.417521954 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.417557955 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:43.417598963 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:43.418313026 CEST | 49730 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:43.458884001 CEST | 443 | 49730 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.694681883 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.694792032 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:31:45.236548901 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:45.236812115 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:45.277410030 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:47.252383947 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:47.252630949 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:49.272468090 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:49.272583961 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:51.284337044 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:51.284490108 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:53.300386906 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:31:53.300472021 CEST | 49728 | 443 | 192.168.2.4 | 152.199.23.37 |
| Apr 12, 2021 09:31:55.316450119 CEST | 443 | 49728 | 152.199.23.37 | 192.168.2.4 |
| Apr 12, 2021 09:32:00.396142006 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:32:00.396255016 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:32:32.435520887 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:32:32.476046085 CEST | 443 | 49727 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:32:32.478970051 CEST | 49727 | 443 | 192.168.2.4 | 192.229.221.185 |
| Apr 12, 2021 09:33:01.836179972 CEST | 443 | 49740 | 192.229.221.185 | 192.168.2.4 |
| Apr 12, 2021 09:33:01.836270094 CEST | 49740 | 443 | 192.168.2.4 | 192.229.221.185 |
UDP Packets |
|---|
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Apr 12, 2021 09:30:34.578136921 CEST | 54531 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:34.640104055 CEST | 53 | 54531 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:35.185735941 CEST | 49714 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:35.234519005 CEST | 53 | 49714 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:36.042802095 CEST | 58028 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:36.091407061 CEST | 53 | 58028 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:39.566015005 CEST | 53097 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:39.614768028 CEST | 53 | 53097 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:40.846093893 CEST | 49257 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:40.896308899 CEST | 53 | 49257 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:41.723522902 CEST | 62389 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:41.784208059 CEST | 53 | 62389 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.170629025 CEST | 49910 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:43.172379017 CEST | 55854 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:43.221049070 CEST | 64549 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:43.237215042 CEST | 53 | 55854 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.240854979 CEST | 53 | 49910 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:43.283854961 CEST | 53 | 64549 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:47.163029909 CEST | 63153 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:47.211579084 CEST | 53 | 63153 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:48.903703928 CEST | 52991 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:48.955811024 CEST | 53 | 52991 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:50.601283073 CEST | 53700 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:50.650140047 CEST | 53 | 53700 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:30:59.836519957 CEST | 51726 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:30:59.912904978 CEST | 53 | 51726 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:02.718218088 CEST | 56794 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:02.776968002 CEST | 53 | 56794 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:03.875019073 CEST | 56534 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:03.882917881 CEST | 56627 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:03.891386032 CEST | 56621 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:03.904808998 CEST | 63116 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:03.934113026 CEST | 53 | 56534 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:03.950686932 CEST | 53 | 56621 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:03.962254047 CEST | 53 | 63116 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:03.963937998 CEST | 53 | 56627 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:04.246608973 CEST | 64078 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:04.305052996 CEST | 53 | 64078 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:06.391772985 CEST | 64801 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:06.440553904 CEST | 53 | 64801 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:07.294369936 CEST | 61721 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:07.367722988 CEST | 53 | 61721 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:07.375009060 CEST | 51255 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:07.452588081 CEST | 53 | 51255 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:07.464745998 CEST | 61522 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:07.524912119 CEST | 53 | 61522 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:08.455502987 CEST | 52337 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:08.504163027 CEST | 53 | 52337 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:11.709834099 CEST | 55046 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:11.766972065 CEST | 53 | 55046 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:11.922339916 CEST | 49612 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:11.971256971 CEST | 53 | 49612 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:12.403685093 CEST | 49285 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:12.455398083 CEST | 53 | 49285 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:12.724056005 CEST | 55046 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:12.772881031 CEST | 53 | 55046 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:13.166614056 CEST | 50601 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:13.226478100 CEST | 53 | 50601 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:13.410136938 CEST | 49285 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:13.470027924 CEST | 53 | 49285 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:13.722676992 CEST | 55046 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:13.771724939 CEST | 53 | 55046 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:14.425597906 CEST | 49285 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:14.477128029 CEST | 53 | 49285 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:15.758095026 CEST | 55046 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:15.806595087 CEST | 53 | 55046 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:16.987096071 CEST | 49285 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:17.046869040 CEST | 53 | 49285 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:18.515506029 CEST | 60875 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:18.576658964 CEST | 53 | 60875 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:19.776366949 CEST | 55046 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:19.824953079 CEST | 53 | 55046 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:20.988698006 CEST | 49285 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:21.040359974 CEST | 53 | 49285 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:21.215708971 CEST | 56448 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:21.264410973 CEST | 53 | 56448 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:22.258886099 CEST | 59172 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:22.307576895 CEST | 53 | 59172 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:27.827488899 CEST | 62420 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:27.876153946 CEST | 53 | 62420 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:28.749253035 CEST | 60579 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:28.797941923 CEST | 53 | 60579 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:29.827549934 CEST | 50183 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:29.889019966 CEST | 53 | 50183 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:40.043010950 CEST | 61531 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:40.091716051 CEST | 53 | 61531 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:43.949306011 CEST | 49228 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:43.998027086 CEST | 53 | 49228 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:55.636276007 CEST | 59794 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:55.684946060 CEST | 53 | 59794 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:31:59.848927021 CEST | 55916 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:31:59.897872925 CEST | 53 | 55916 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:08.234915972 CEST | 52752 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:08.283832073 CEST | 53 | 52752 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:28.321472883 CEST | 60542 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:28.451842070 CEST | 53 | 60542 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:28.968429089 CEST | 60689 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:29.070774078 CEST | 53 | 60689 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:29.477828979 CEST | 64206 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:29.537633896 CEST | 53 | 64206 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:29.963913918 CEST | 50904 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:30.020930052 CEST | 53 | 50904 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:30.180957079 CEST | 57525 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:30.252482891 CEST | 53 | 57525 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:30.705209017 CEST | 53814 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:30.806536913 CEST | 53 | 53814 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:32:31.966768980 CEST | 53418 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:32:32.024225950 CEST | 53 | 53418 | 8.8.8.8 | 192.168.2.4 |
| Apr 12, 2021 09:33:08.363903046 CEST | 62833 | 53 | 192.168.2.4 | 8.8.8.8 |
| Apr 12, 2021 09:33:08.422676086 CEST | 53 | 62833 | 8.8.8.8 | 192.168.2.4 |
DNS Queries |
|---|
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
|---|---|---|---|---|---|---|---|
| Apr 12, 2021 09:30:34.578136921 CEST | 192.168.2.4 | 8.8.8.8 | 0x981b | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:30:43.170629025 CEST | 192.168.2.4 | 8.8.8.8 | 0x77ff | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:30:43.172379017 CEST | 192.168.2.4 | 8.8.8.8 | 0x6d2d | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:30:43.221049070 CEST | 192.168.2.4 | 8.8.8.8 | 0xac10 | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:30:59.836519957 CEST | 192.168.2.4 | 8.8.8.8 | 0xca7 | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:31:03.891386032 CEST | 192.168.2.4 | 8.8.8.8 | 0x77a7 | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:31:07.294369936 CEST | 192.168.2.4 | 8.8.8.8 | 0x419d | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:31:07.375009060 CEST | 192.168.2.4 | 8.8.8.8 | 0x5fec | Standard query (0) | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:31:07.464745998 CEST | 192.168.2.4 | 8.8.8.8 | 0x8cf5 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
|---|
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
|---|---|---|---|---|---|---|---|---|---|
| Apr 12, 2021 09:30:34.640104055 CEST | 8.8.8.8 | 192.168.2.4 | 0x981b | No error (0) | authgfx.msa.akadns6.net | CNAME (Canonical name) | IN (0x0001) | ||
| Apr 12, 2021 09:30:43.237215042 CEST | 8.8.8.8 | 192.168.2.4 | 0x6d2d | No error (0) | aadcdnoriginneu.azureedge.net | CNAME (Canonical name) | IN (0x0001) | ||
| Apr 12, 2021 09:30:43.237215042 CEST | 8.8.8.8 | 192.168.2.4 | 0x6d2d | No error (0) | 152.199.23.37 | A (IP address) | IN (0x0001) | ||
| Apr 12, 2021 09:30:43.240854979 CEST | 8.8.8.8 | 192.168.2.4 | 0x77ff | No error (0) | lgincdn.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | ||
| Apr 12, 2021 09:30:43.240854979 CEST | 8.8.8.8 | 192.168.2.4 | 0x77ff | No error (0) | 192.229.221.185 | A (IP address) | IN (0x0001) | ||
| Apr 12, 2021 09:30:43.283854961 CEST | 8.8.8.8 | 192.168.2.4 | 0xac10 | No error (0) | 217.160.0.18 | A (IP address) | IN (0x0001) | ||
| Apr 12, 2021 09:30:59.912904978 CEST | 8.8.8.8 | 192.168.2.4 | 0xca7 | No error (0) | lgincdn.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | ||
| Apr 12, 2021 09:30:59.912904978 CEST | 8.8.8.8 | 192.168.2.4 | 0xca7 | No error (0) | 192.229.221.185 | A (IP address) | IN (0x0001) | ||
| Apr 12, 2021 09:31:03.950686932 CEST | 8.8.8.8 | 192.168.2.4 | 0x77a7 | No error (0) | mscomajax.vo.msecnd.net | CNAME (Canonical name) | IN (0x0001) | ||
| Apr 12, 2021 09:31:03.962254047 CEST | 8.8.8.8 | 192.168.2.4 | 0xab2f | No error (0) | firstparty-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | ||
| Apr 12, 2021 09:31:07.367722988 CEST | 8.8.8.8 | 192.168.2.4 | 0x419d | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:31:07.452588081 CEST | 8.8.8.8 | 192.168.2.4 | 0x5fec | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
| Apr 12, 2021 09:31:07.524912119 CEST | 8.8.8.8 | 192.168.2.4 | 0x8cf5 | Name error (3) | none | none | A (IP address) | IN (0x0001) |
HTTPS Packets |
|---|
| Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
|---|---|---|---|---|---|---|---|---|---|---|
| Apr 12, 2021 09:30:43.355643034 CEST | 192.229.221.185 | 443 | 192.168.2.4 | 49727 | CN=identitycdn.msauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Jul 20 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006 | Tue Jul 20 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
| CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Mar 08 13:00:00 CET 2013 | Wed Mar 08 13:00:00 CET 2023 | |||||||
| CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Nov 10 01:00:00 CET 2006 | Mon Nov 10 01:00:00 CET 2031 | |||||||
| Apr 12, 2021 09:30:43.355854034 CEST | 152.199.23.37 | 443 | 192.168.2.4 | 49729 | CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006 | Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
| CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Mar 08 13:00:00 CET 2013 | Wed Mar 08 13:00:00 CET 2023 | |||||||
| CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Nov 10 01:00:00 CET 2006 | Mon Nov 10 01:00:00 CET 2031 | |||||||
| Apr 12, 2021 09:30:43.356098890 CEST | 192.229.221.185 | 443 | 192.168.2.4 | 49730 | CN=identitycdn.msauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Jul 20 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006 | Tue Jul 20 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
| CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Mar 08 13:00:00 CET 2013 | Wed Mar 08 13:00:00 CET 2023 | |||||||
| CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Nov 10 01:00:00 CET 2006 | Mon Nov 10 01:00:00 CET 2031 | |||||||
| Apr 12, 2021 09:30:43.356302023 CEST | 152.199.23.37 | 443 | 192.168.2.4 | 49728 | CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Thu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006 | Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0 | 9e10692f1b7f78228b2d4e424db3a98c |
| CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Mar 08 13:00:00 CET 2013 | Wed Mar 08 13:00:00 CET 2023 | |||||||
| CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Nov 10 01:00:00 CET 2006 | Mon Nov 10 01:00:00 CET 2031 | |||||||
| Apr 12, 2021 09:31:00.002074957 CEST | 192.229.221.185 | 443 | 192.168.2.4 | 49740 | CN=identitycdn.msauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Jul 20 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006 | Tue Jul 20 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0 | 37f463bf4616ecd445d4a1937da06e19 |
| CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Mar 08 13:00:00 CET 2013 | Wed Mar 08 13:00:00 CET 2023 | |||||||
| CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Fri Nov 10 01:00:00 CET 2006 | Mon Nov 10 01:00:00 CET 2031 |
Code Manipulations |
|---|
Statistics |
|---|
CPU Usage |
|---|
Click to jump to process
Memory Usage |
|---|
Click to jump to process
Behavior |
|---|
Click to jump to process
System Behavior |
|---|
General |
|---|
| Start time: | 09:30:40 |
| Start date: | 12/04/2021 |
| Path: | C:\Program Files\internet explorer\iexplore.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff721b10000 |
| File size: | 823560 bytes |
| MD5 hash: | 6465CB92B25A7BC1DF8E01D8AC5E7596 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
General |
|---|
| Start time: | 09:30:41 |
| Start date: | 12/04/2021 |
| Path: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x300000 |
| File size: | 822536 bytes |
| MD5 hash: | 071277CC2E3DF41EEEA8013E2AB58D5A |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
Disassembly |
|---|