Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report http://encrypt.techomind.com

Overview

General Information

Sample URL:http://encrypt.techomind.com
Analysis ID:412661
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:80
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Phishing site detected (based on shot template match)
Yara detected HtmlPhish10
Phishing site detected (based on image similarity)
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL

Classification

Startup

  • System is w10x64
  • iexplore.exe (PID: 3236 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)
    • iexplore.exe (PID: 5364 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3236 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\main[1].htmJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    Sigma Overview

    No Sigma rule has matched

    Signature Overview

    Click to jump to signature section

    Show All Signature Results

    AV Detection:

    barindex
    Antivirus / Scanner detection for submitted sampleShow sources
    Source: http://encrypt.techomind.comSlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
    Antivirus detection for URL or domainShow sources
    Source: http://encrypt.techomind.com/SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

    Phishing:

    barindex
    Phishing site detected (based on shot template match)Show sources
    Source: http://encrypt.techomind.com/Matcher: Template: pdf matched
    Source: http://encrypt.techomind.com/Matcher: Template: pdf matched
    Yara detected HtmlPhish10Show sources
    Source: Yara matchFile source: 767668.0.links.csv, type: HTML
    Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\main[1].htm, type: DROPPED
    Phishing site detected (based on image similarity)Show sources
    Source: https://hebronbilingualsda.org/content/main_files/microsoft_logo.svgMatcher: Found strong image similarity, brand: MicrosoftJump to dropped file
    Phishing site detected (based on logo template match)Show sources
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37Matcher: Template: microsoft matched
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: Number of links: 0
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: Number of links: 0
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: Title: Office 365 for Business does not match URL
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: Title: Office 365 for Business does not match URL
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: No <meta name="author".. found
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: No <meta name="author".. found
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: No <meta name="copyright".. found
    Source: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37HTTP Parser: No <meta name="copyright".. found
    Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dllJump to behavior
    Source: unknownHTTPS traffic detected: 198.12.154.178:443 -> 192.168.2.3:49722 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 198.12.154.178:443 -> 192.168.2.3:49721 version: TLS 1.2
    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: encrypt.techomind.comConnection: Keep-Alive
    Source: global trafficHTTP traffic detected: GET /wild.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://encrypt.techomind.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: encrypt.techomind.comConnection: Keep-Alive
    Source: global trafficHTTP traffic detected: GET /way.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://encrypt.techomind.com/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: encrypt.techomind.comConnection: Keep-Alive
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: encrypt.techomind.comConnection: Keep-Alive
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1User-Agent: AutoItHost: encrypt.techomind.com
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: encrypt.techomind.comConnection: Keep-Alive
    Source: unknownDNS traffic detected: queries for: encrypt.techomind.com
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 12 May 2021 18:55:19 GMTServer: ApacheAccept-Ranges: bytesKeep-Alive: timeout=5, max=98Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/htmlData Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34 Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>3404
    Source: {06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drString found in binary or memory: http://encrypt.techomi
    Source: ~DFCDF5FB740613BB71.TMP.2.drString found in binary or memory: http://encrypt.techomind.com/
    Source: ~DFCDF5FB740613BB71.TMP.2.dr, {06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drString found in binary or memory: http://encrypt.techomind.com/&TechnoMind
    Source: ~DFCDF5FB740613BB71.TMP.2.drString found in binary or memory: http://encrypt.techomind.com//content/main.html?accessToFile=validating&fileAccess=56662&encryptedCo
    Source: {06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drString found in binary or memory: http://encrypt.techomind.com/Root
    Source: main[1].htm.3.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
    Source: 3MODYROK.htm.3.drString found in binary or memory: https://hebronbilingualsda.org/content/
    Source: imagestore.dat.3.drString found in binary or memory: https://hebronbilingualsda.org/content/cut.ico
    Source: imagestore.dat.3.drString found in binary or memory: https://hebronbilingualsda.org/content/cut.ico~
    Source: ~DFCDF5FB740613BB71.TMP.2.drString found in binary or memory: https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedC
    Source: {06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drString found in binary or memory: https://hebronbilinguand.com/lsda.org/content/main.html?accessToFile=validating&fileAccess=56662&enc
    Source: main[1].htm.3.drString found in binary or memory: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_grey.png?x=5bc25
    Source: main[1].htm.3.drString found in binary or memory: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_grey.svg?x=2b5d3
    Source: main[1].htm.3.drString found in binary or memory: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_white.png?x=0ad4
    Source: main[1].htm.3.drString found in binary or memory: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_white.svg?x=5ac5
    Source: main[1].htm.3.drString found in binary or memory: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/microsoft_logo.png?x=ed9c
    Source: main[1].htm.3.drString found in binary or memory: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/microsoft_logo.svg?x=ee5c
    Source: main[1].htm.3.drString found in binary or memory: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/picker_account_aad.svg?x=
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownHTTPS traffic detected: 198.12.154.178:443 -> 192.168.2.3:49722 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 198.12.154.178:443 -> 192.168.2.3:49721 version: TLS 1.2
    Source: classification engineClassification label: mal80.phis.win@3/19@4/2
    Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\HighJump to behavior
    Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Temp\~DF08B42D9D3081252A.TMPJump to behavior
    Source: C:\Program Files\internet explorer\iexplore.exeFile read: C:\Users\desktop.iniJump to behavior
    Source: unknownProcess created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
    Source: C:\Program Files\internet explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3236 CREDAT:17410 /prefetch:2
    Source: C:\Program Files\internet explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3236 CREDAT:17410 /prefetch:2Jump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dllJump to behavior

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading1OS Credential DumpingFile and Directory Discovery1Remote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol3Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol4Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
    Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferIngress Tool Transfer3SIM Card SwapCarrier Billing Fraud

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.

    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    http://encrypt.techomind.com0%Avira URL Cloudsafe
    http://encrypt.techomind.com100%SlashNextFake Login Page type: Phishing & Social Engineering

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    http://encrypt.techomind.com/100%SlashNextFake Login Page type: Phishing & Social Engineering
    http://encrypt.techomind.com/wild.png0%Avira URL Cloudsafe
    https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedC0%Avira URL Cloudsafe
    http://encrypt.techomind.com/Root0%Avira URL Cloudsafe
    https://hebronbilingualsda.org/content/cut.ico~0%Avira URL Cloudsafe
    http://encrypt.techomind.com/favicon.ico0%Avira URL Cloudsafe
    https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/picker_account_aad.svg?x=0%Avira URL Cloudsafe
    https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_grey.png?x=5bc250%Avira URL Cloudsafe
    https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_white.png?x=0ad40%Avira URL Cloudsafe
    https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_grey.svg?x=2b5d30%Avira URL Cloudsafe
    https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/microsoft_logo.svg?x=ee5c0%Avira URL Cloudsafe
    https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_white.svg?x=5ac50%Avira URL Cloudsafe
    http://encrypt.techomind.com/way.png0%Avira URL Cloudsafe
    http://encrypt.techomind.com/&TechnoMind0%Avira URL Cloudsafe
    https://hebronbilinguand.com/lsda.org/content/main.html?accessToFile=validating&fileAccess=56662&enc0%Avira URL Cloudsafe
    https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/microsoft_logo.png?x=ed9c0%Avira URL Cloudsafe
    http://encrypt.techomi0%Avira URL Cloudsafe
    https://hebronbilingualsda.org/content/cut.ico0%Avira URL Cloudsafe
    https://hebronbilingualsda.org/content/0%Avira URL Cloudsafe
    http://encrypt.techomind.com//content/main.html?accessToFile=validating&fileAccess=56662&encryptedCo0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    encrypt.techomind.com
    		162.241.115.110
    		truefalse
      		unknown
      hebronbilingualsda.org
      		198.12.154.178
      		truefalse
        		unknown
        secure.aadcdn.microsoftonline-p.com
        		unknown
        		unknownfalse
          		unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          http://encrypt.techomind.com/wild.pngtrue
          • Avira URL Cloud: safe
          		unknown
          http://encrypt.techomind.com/favicon.icotrue
          • Avira URL Cloud: safe
          		unknown
          http://encrypt.techomind.com/true
          • SlashNext: Fake Login Page type: Phishing & Social Engineering
          		unknown
          http://encrypt.techomind.com/way.pngtrue
          • Avira URL Cloud: safe
          		unknown
          https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedCookie=5080b7079e42e7f7f42339337d7fbaa9&u=000142e8f0f0d64fe362ba89009a9da7&connecting=8ea008c13c68eba7937193ba001c13b4&phaseAccess=0eb7b8b7921971db486379d636704280&p=fb527d3e6d419408d9d7f0fb6644eb37true
            		unknown
            http://encrypt.techomind.com/true
            • SlashNext: Fake Login Page type: Phishing & Social Engineering
            		unknown

            URLs from Memory and Binaries

            NameSourceMaliciousAntivirus DetectionReputation
            https://hebronbilingualsda.org/content/main.html?accessToFile=validating&fileAccess=56662&encryptedC~DFCDF5FB740613BB71.TMP.2.drfalse
            • Avira URL Cloud: safe
            		unknown
            http://encrypt.techomind.com/Root{06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drtrue
            • Avira URL Cloud: safe
            		unknown
            https://hebronbilingualsda.org/content/cut.ico~imagestore.dat.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/picker_account_aad.svg?x=main[1].htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_grey.png?x=5bc25main[1].htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_white.png?x=0ad4main[1].htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_grey.svg?x=2b5d3main[1].htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/microsoft_logo.svg?x=ee5cmain[1].htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/ellipsis_white.svg?x=5ac5main[1].htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            http://encrypt.techomind.com/&TechnoMind~DFCDF5FB740613BB71.TMP.2.dr, {06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drtrue
            • Avira URL Cloud: safe
            		unknown
            https://hebronbilinguand.com/lsda.org/content/main.html?accessToFile=validating&fileAccess=56662&enc{06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/microsoft_logo.png?x=ed9cmain[1].htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            http://encrypt.techomi{06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat.2.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://hebronbilingualsda.org/content/cut.icoimagestore.dat.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://hebronbilingualsda.org/content/3MODYROK.htm.3.drfalse
            • Avira URL Cloud: safe
            		unknown
            http://encrypt.techomind.com//content/main.html?accessToFile=validating&fileAccess=56662&encryptedCo~DFCDF5FB740613BB71.TMP.2.drtrue
            • Avira URL Cloud: safe
            		unknown

            Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public

            IPDomainCountryFlagASNASN NameMalicious
            162.241.115.110
            		encrypt.techomind.comUnited States
            		46606UNIFIEDLAYER-AS-1USfalse
            198.12.154.178
            		hebronbilingualsda.orgUnited States
            		26496AS-26496-GO-DADDY-COM-LLCUSfalse

            General Information

            Joe Sandbox Version:32.0.0 Black Diamond
            Analysis ID:412661
            Start date:12.05.2021
            Start time:20:54:27
            Joe Sandbox Product:CloudBasic
            Overall analysis duration:0h 3m 14s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:http://encrypt.techomind.com
            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
            Number of analysed new started processes analysed:9
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal80.phis.win@3/19@4/2
            Cookbook Comments:
            • Adjust boot time
            • Enable AMSI
            • Browsing link: https://hebronbilingualsda.org/content/
            • Browsing link: http://encrypt.techomind.com/
            Warnings:
            Show All
            • Exclude process from analysis (whitelisted): taskhostw.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 92.122.145.220, 52.255.188.83, 104.42.151.234, 88.221.62.148, 52.147.198.201, 172.217.23.106, 92.123.151.195, 23.57.80.111, 152.199.19.161, 20.82.210.154
            • Excluded domains from analysis (whitelisted): store-images.s-microsoft.com-c.edgekey.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, e12564.dspb.akamaiedge.net, go.microsoft.com, e13761.dscg.akamaiedge.net, arc.trafficmanager.net, watson.telemetry.microsoft.com, prod.fs.microsoft.com.akadns.net, fs.microsoft.com, ajax.googleapis.com, ie9comview.vo.msecnd.net, secure.aadcdn.microsoftonline-p.com.edgekey.net, e1723.g.akamaiedge.net, skypedataprdcoleus16.cloudapp.net, skypedataprdcoleus17.cloudapp.net, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, skypedataprdcolwus16.cloudapp.net, cs9.wpc.v0cdn.net
            • Report size getting too big, too many NtDeviceIoControlFile calls found.
            • VT rate limit hit for: http://encrypt.techomind.com

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASN

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{06CF1657-B39F-11EB-90E4-ECF4BB862DED}.dat
            Process:C:\Program Files\internet explorer\iexplore.exe
            File Type:Microsoft Word Document
            Category:dropped
            Size (bytes):30296
            Entropy (8bit):1.8531325930054259
            Encrypted:false
            SSDEEP:96:rLZ0ZG29WjIrtjIafjIDxMjvzojKjqfjRsX:rLZ0ZG29Wmtrf8xM4+GflsX
            MD5:AA4923F8AD51B4C877DD83098AD3502E
            SHA1:F2C96167CC87EAF3D59A429A8C144A118628B34A
            SHA-256:95BA0215ED1DF1A38E7EB36D7159AA6AC3AEBC21EC744D4658E22E6350318728
            SHA-512:ECA8F40D65536302D7ACEDA4481109997674603A2288B35CD32F6CBFA5DADA564DABBB98B0C7827EAF4EB8B395C2C6FBFCD65D8732A20D36A607597D9B6004FE
            Malicious:false
            Reputation:low
            Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{06CF1659-B39F-11EB-90E4-ECF4BB862DED}.dat
            Process:C:\Program Files\internet explorer\iexplore.exe
            File Type:Microsoft Word Document
            Category:dropped
            Size (bytes):54248
            Entropy (8bit):2.3869550237863826
            Encrypted:false
            SSDEEP:384:rcM2+tgQSLZbT25tODt690TDd3TtTjT+ToVi4+9MTqosf+9bpTs0:U2dyZpnqoQsTL
            MD5:0FA80CF8279F9BDA3FA153A2D737D7DD
            SHA1:892C2BFDCCB21ABA964F595A48117188CF754358
            SHA-256:04FB442754B832AA31EE31C9368D95CFF6A406961C4D107EC7C6FA6BBB1681CE
            SHA-512:CC7C8A5162398339D7F8920BFCE4C5197FC91971926728BE1CDD0549446D774B3B6997DE7F849043BA034DE20062D52C9DF7FAC34C35B041DE8082010D5834B4
            Malicious:false
            Reputation:low
            Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{06CF165A-B39F-11EB-90E4-ECF4BB862DED}.dat
            Process:C:\Program Files\internet explorer\iexplore.exe
            File Type:Microsoft Word Document
            Category:dropped
            Size (bytes):16984
            Entropy (8bit):1.5657852880496765
            Encrypted:false
            SSDEEP:48:IwpGcprYGwpahG4pQFGrapbSgHGQpK+PG7HpRiTGIpG:rvZAQz61BSIANT2A
            MD5:8756ACDE44534C698B73893813E894B9
            SHA1:978F83017F7AF73E2B27EFF9D82F76336BB19311
            SHA-256:CBF69A6F57DB5BD56D7872072C126CCA0DDDF61BB1DB0494F761149DF3CB70A2
            SHA-512:5DD52F895023C8E695EB47CE47117C56F0F27D864E6617D91CA344E3AD875C27DB73E68BA013103742111CB7AD97F5CE61ECF2576A8E5C76390D172395C39C19
            Malicious:false
            Reputation:low
            Preview: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:data
            Category:modified
            Size (bytes):8288
            Entropy (8bit):3.235816854929296
            Encrypted:false
            SSDEEP:48:Nj7w/6sOwH7nVj7wz/lO9dL/FknVj7wttRBwwkKK1mn/:1w/6s/wz/lC9SwTRyKK1C
            MD5:9877F0518F04C438910174E5117E097B
            SHA1:5BF923249DDACCD8703F36101CA9C3463D4027C0
            SHA-256:DBDD816B810E992A271048B980DB05425F5E7F34107CF77E32BD4BA5735BBC73
            SHA-512:A26794B7CF6A42E7A2FAAA9512330783656A228075730D4C1990BA33624B8C90D864E11DA79C6C21BB0528F27FB49376B688D68D4F46CD2CF7A321F6979787D8
            Malicious:false
            Reputation:low
            Preview: ..h.t.t.p.s.:././.h.e.b.r.o.n.b.i.l.i.n.g.u.a.l.s.d.a...o.r.g./.c.o.n.t.e.n.t./.c.u.t...i.c.o........... .... .........(... ...@..... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................(`.(..(..(..(..(..(..(..(..(..(..(..(..(.
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\ellipsis_grey[1].svg
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:SVG Scalable Vector Graphics image
            Category:downloaded
            Size (bytes):915
            Entropy (8bit):3.8525277758130154
            Encrypted:false
            SSDEEP:24:t4CvnAVRfFArf1QqCSzGUdiHTVtpRduf1QqCWbVHTVeUV0Uv6f1QqCWbVHTVeUVx:fn1r1QqC4GuiHFXS1QqCWRHQ3V1QqCWz
            MD5:2B5D393DB04A5E6E1F739CB266E65B4C
            SHA1:6A435DF5CAC3D58CCAD655FE022CCF3DD4B9B721
            SHA-256:16C3F6531D0FA5B4D16E82ABF066233B2A9F284C068C663699313C09F5E8D6E6
            SHA-512:3A692635EE8EBD7B15930E78D9E7E808E48C7ED3ED79003B8CA6F9290FA0E2B0FA3573409001489C00FB41D5710E75D17C3C4D65D26F9665849FB7406562A406
            Malicious:false
            Reputation:low
            IE Cache URL:https://hebronbilingualsda.org/content/main_files/ellipsis_grey.svg
            Preview: <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"><title>assets</title><path fill="#777777" d="M1.143,6.857a1.107,1.107,0,0,1,.446.089,1.164,1.164,0,0,1,.607.607,1.161,1.161,0,0,1,0,.893,1.164,1.164,0,0,1-.607.607,1.107,1.107,0,0,1-.446.089A1.107,1.107,0,0,1,.7,9.054a1.164,1.164,0,0,1-.607-.607,1.161,1.161,0,0,1,0-.893A1.164,1.164,0,0,1,.7,6.946a1.107,1.107,0,0,1,.446-.089M8,6.857a1.107,1.107,0,0,1,.446.089,1.164,1.164,0,0,1,.607.607,1.161,1.161,0,0,1,0,.893,1.164,1.164,0,0,1-.607.607,1.161,1.161,0,0,1-.893,0,1.164,1.164,0,0,1-.607-.607,1.161,1.161,0,0,1,0-.893,1.164,1.164,0,0,1,.607-.607A1.107,1.107,0,0,1,8,6.857m6.857,0a1.107,1.107,0,0,1,.446.089,1.164,1.164,0,0,1,.607.607,1.161,1.161,0,0,1,0,.893,1.164,1.164,0,0,1-.607.607,1.161,1.161,0,0,1-.893,0,1.164,1.164,0,0,1-.607-.607,1.161,1.161,0,0,1,0-.893,1.164,1.164,0,0,1,.607-.607A1.107,1.107,0,0,1,14.857,6.857Z"/></svg>
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery.min[1].js
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:ASCII text, with very long lines
            Category:downloaded
            Size (bytes):86659
            Entropy (8bit):5.36781915816204
            Encrypted:false
            SSDEEP:1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9
            MD5:C9F5AEECA3AD37BF2AA006139B935F0A
            SHA1:1055018C28AB41087EF9CCEFE411606893DABEA2
            SHA-256:87083882CC6015984EB0411A99D3981817F5DC5C90BA24F0940420C5548D82DE
            SHA-512:DCFF2B5C2B8625D3593A7531FF4DDCD633939CC9F7ACFEB79C18A9E6038FDAA99487960075502F159D44F902D965B0B5AED32B41BFA66A1DC07D85B5D5152B58
            Malicious:false
            Reputation:low
            IE Cache URL:https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
            Preview: /*! jQuery v3.2.1 | (c) JS Foundation and other contributors | jquery.org/license */.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b||d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\main[1].htm
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:HTML document, UTF-8 Unicode text, with very long lines
            Category:dropped
            Size (bytes):12673
            Entropy (8bit):5.286805301183663
            Encrypted:false
            SSDEEP:384:MMy10FdZKsmlKvtyDJy9/QKcWHMxKp4xKrLtOOYwgfVEjgxMw4M:9ey0ywTL
            MD5:4E854F15167062E24CEC09BA4AB67830
            SHA1:3773C2228152E539BB0F4FE9DAEB5D4895CC244B
            SHA-256:D659FD9ACC9C14613363F06433707EAAD9BBD6276D29CB342C788C62BEA40D3C
            SHA-512:9D2EDDCADB706D7B3652C924AB2AA12972F43321FD3F4ACFEAFE8E706E12F45CE74CB4EAADBDCF3B1EFEBFBF18600C62BFF300D5F72685CAD7729047BA5CE9CA
            Malicious:true
            Yara Hits:
            • Rule: JoeSecurity_HtmlPhish_10, Description: Yara detected HtmlPhish_10, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\main[1].htm, Author: Joe Security
            Reputation:low
            Preview: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">.<HTML>.<head>.<TITLE>Office 365 for Business</TITLE>.<META HTTP-EQUIV="content-type" content="text/html; charset=UTF-8">.</head>....<meta http-equiv="X-UA-Compatible" content="IE=edge">......<meta http-equiv="Pragma" content="no-cache">...<meta http-equiv="Expires" content="-1">...<meta name="PageID" content="documentId">...<meta name="SiteID" content="./,inv,.luesaghunbmjgfjk">...<meta name="ReqLC" content="1033">...<meta name="LocLC" content="en-US">...<link rel="shortcut icon" href='cut.ico'>...<link href="./main_files/converged.login.min.css" rel="stylesheet">...<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>..</head>...<body data-bind="defineGlobals: ServerData, bodyCssClass" class="cb" style="display: block;">...<div>....</head><body style="visibility: visible;" onload="unhideBody()" bgproperties="fixed" background="Sign in_files/oval.png"
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\way[1].png
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:PNG image data, 90 x 68, 8-bit/color RGBA, non-interlaced
            Category:downloaded
            Size (bytes):3775
            Entropy (8bit):7.882480508533676
            Encrypted:false
            SSDEEP:96:Gfb888888Saq9YGlXFr4Eg44lFr3+yIvSdo3E3EbI:GD888888SLGGltg44/+yqE0M
            MD5:CCC837EE4BE44D6FC11F13282710CE27
            SHA1:AED8345218C15FDA81959CCF00E8A004A0C6CAB1
            SHA-256:DC085EA274CCEA414B19BA730080659BACA694F0982F69FEB85BF55AA87E3129
            SHA-512:EA48CC84F3A5FCEA83652222BA8853B53818E9141A90D1EA0029785E11F38737B383FF1733669E86B3CAE88D4ACA3EC40B22AAE63F2F3D6D2E8D0E1B20EEE9EB
            Malicious:false
            Reputation:low
            IE Cache URL:http://encrypt.techomind.com/way.png
            Preview: .PNG........IHDR...Z...D......t".....sRGB........YiTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/">. <tiff:Orientation>1</tiff:Orientation>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>.L.'Y....IDATx...xS....m.&..PZ...."`.....&Z.W."."....d.....=@...@....OEY....b.R.R@hYl..M.ys.vno.6)M...|..sg.g.{.3g..;.......................P....z..._..V...B.a]6. .(,.......Uvs.{.9.Y.7.-;.....o....#..e.a.A,IF.y....[..R..&.._..0>......O.j..w..b;E.;.K.{z*a..:...L1....g7h.Z..fdA.s..I..ua............6.K../i..K.%....^sh7hN.BN..'>e.{.g.._..^ZO..^....g.\).FA.%/!..........))..|....5....Q...t............. ...E.e^r.....K.-%..'/6....-aH.n.I....i.....L. ...#f*.K.*.S@..G3/...riw.](..... .K^.yt.~..L.1..A..m.S.p.h..j....<......../N...~_...:eB....iK..../.}..hL.&.q*h...h.u.R..E..+\@t.^
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\wild[1].png
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:PNG image data, 61 x 63, 8-bit/color RGB, non-interlaced
            Category:downloaded
            Size (bytes):3808
            Entropy (8bit):7.865556791496107
            Encrypted:false
            SSDEEP:96:1eq29skAdr/SViDXEKYI39zc/AE5N2J3+:WoucDXlXzcp5Ny3+
            MD5:CFE8396A4F2E8D1202F317E4FE76CAC3
            SHA1:9C55C8EB46D68C37FF216B9F53F9A5F3A257FF3F
            SHA-256:5E2EA92B0B528068DA05C981358318141B5F4CF8AF66F0E63EB0AB59E8F1C6F7
            SHA-512:1640B3B38961A3F75232C9674B8ADCF179C69D50EBD14F47774EE216D7F45ADCD109488483EC66A1B8C8504730378E10D71A5086FD74D33AA99AF93E3CBDCDF1
            Malicious:false
            Reputation:low
            IE Cache URL:http://encrypt.techomind.com/wild.png
            Preview: .PNG........IHDR...=...?.......W.....sRGB.........iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/">. <tiff:Compression>5</tiff:Compression>. <tiff:PhotometricInterpretation>2</tiff:PhotometricInterpretation>. <tiff:Orientation>1</tiff:Orientation>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>...2.....IDATh..Z{l....}..w.._u..;.....4P ...H.....G....?Ji*UmA}..J@......DK.....R.@.$!..I .... ..yw........x...-..#{..o..o..fvv.$....._@...:K.e..iI....".4...(_..f........P($..g.;.D"a.&.....El2....7.).u,....'kjj".H9.....u.r GG....3.|^.h!lb8q.9.@T...2..VUbY.=11.#....J.j..N.].?x_..=.=g...@3....,...QV5>t.....Tb....;...in.,....:.....64......V...FOU..O.&...`.j...A ()M.l.D..4.$........CCsjjb.X9..-...d+ ..qR......!...1>e"...u.8.R..0....m............t.&6...I....
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\converged.login.min[1].css
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:ASCII text, with very long lines
            Category:downloaded
            Size (bytes):87707
            Entropy (8bit):5.312405825151679
            Encrypted:false
            SSDEEP:1536:QpHDglHuhw+E3vUB+2PWrA2XU6BMxoAFi262:lB6
            MD5:CADB60F6A832628A4048ED795CE60E42
            SHA1:0BBE73405D5CA9608788BF4A7C03BE7B4932FE68
            SHA-256:A8E954FC9668172A94B5E7D74EFCA982D6ABD6891D0457E3D859C99018087FFF
            SHA-512:729F068E4C9D146A957F6129FC4C407BF887C07C1D76EE4441EC0DA749B794B1D3CCA82766E4B7E4634DA937DCB071F43427616A3D953A39B6131166E9422226
            Malicious:false
            Reputation:low
            IE Cache URL:https://hebronbilingualsda.org/content/main_files/converged.login.min.css
            Preview: /*! Copyright (C) Microsoft Corporation. All rights reserved. *//*!.------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise...//-----------------------------------------------------------------------------.twbs-bootstrap-sass (3.3.0).//-----------------------------------------------------------------------------..The MIT License (MIT)..Copyright (c) 2013 Twitter, Inc..Permission is hereby granted, free of charge, to any person
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\ellipsis_white[1].svg
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:SVG Scalable Vector Graphics image
            Category:downloaded
            Size (bytes):915
            Entropy (8bit):3.877322891561989
            Encrypted:false
            SSDEEP:24:t4CvnAVRf83f1QqCSzGUdiHTVtpRduf1QqCWbVHTVeUV0Uv6f1QqCWbVHTVeUV0W:fnL1QqC4GuiHFXS1QqCWRHQ3V1QqCWRV
            MD5:5AC590EE72BFE06A7CECFD75B588AD73
            SHA1:DDA2CB89A241BC424746D8CF2A22A35535094611
            SHA-256:6075736EA9C281D69C4A3D78FF97BB61B9416A5809919BABE5A0C5596F99AAEA
            SHA-512:B9135D934B9EA50B51BB0316E383B114C8F24DFE75FEF11DCBD1C96170EA59202F6BAFE11AAF534CC2F4ED334A8EA4DBE96AF2504130896D6203BFD2DA69138F
            Malicious:false
            Reputation:low
            IE Cache URL:https://hebronbilingualsda.org/content/main_files/ellipsis_white.svg
            Preview: <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"><title>assets</title><path fill="#ffffff" d="M1.143,6.857a1.107,1.107,0,0,1,.446.089,1.164,1.164,0,0,1,.607.607,1.161,1.161,0,0,1,0,.893,1.164,1.164,0,0,1-.607.607,1.107,1.107,0,0,1-.446.089A1.107,1.107,0,0,1,.7,9.054a1.164,1.164,0,0,1-.607-.607,1.161,1.161,0,0,1,0-.893A1.164,1.164,0,0,1,.7,6.946a1.107,1.107,0,0,1,.446-.089M8,6.857a1.107,1.107,0,0,1,.446.089,1.164,1.164,0,0,1,.607.607,1.161,1.161,0,0,1,0,.893,1.164,1.164,0,0,1-.607.607,1.161,1.161,0,0,1-.893,0,1.164,1.164,0,0,1-.607-.607,1.161,1.161,0,0,1,0-.893,1.164,1.164,0,0,1,.607-.607A1.107,1.107,0,0,1,8,6.857m6.857,0a1.107,1.107,0,0,1,.446.089,1.164,1.164,0,0,1,.607.607,1.161,1.161,0,0,1,0,.893,1.164,1.164,0,0,1-.607.607,1.161,1.161,0,0,1-.893,0,1.164,1.164,0,0,1-.607-.607,1.161,1.161,0,0,1,0-.893,1.164,1.164,0,0,1,.607-.607A1.107,1.107,0,0,1,14.857,6.857Z"/></svg>
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\oval[1].png
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:PNG image data, 1582 x 1055, 8-bit/color RGBA, non-interlaced
            Category:downloaded
            Size (bytes):271219
            Entropy (8bit):7.91482289641543
            Encrypted:false
            SSDEEP:6144:ZM17xgwBmZA+5QgRULy4jmsC/RnLrCVSvMhfFAsLz/o:Zm7xgimZp1RV9xeVcefFlnA
            MD5:FD7EE42C722A392D8149A11BAF66495C
            SHA1:3482B8B987851BD70761A3AE51FC1FDB4009FA36
            SHA-256:DDB6B5706F83F5A11D4DE018B5B1D40164EE2703F95E4ED6BA93A656F6B17EDD
            SHA-512:82508D2C0FCF0BBB52CBB0053C59926ABACF78ACD0361C45C3C88219A7C5B6F1760016B55B582DC5A9BAC65002D060FCBD4C560DB914EAB9FC0B04840E4E5DD3
            Malicious:false
            Reputation:low
            IE Cache URL:https://hebronbilingualsda.org/content/Sign%20in_files/oval.png
            Preview: .PNG........IHDR..............e.o....iCCPICC Profile..8..U]h.U.>.sg#$.Sl4.t.?.%..V4......6n.I6.".d.....83...OEP|1..... (...>./..%.. (>...P..;3.i...e.|..{.g...X.......-.2.s...=+.......WQ.+].L.6O.w.[.C.{_.......F.. q.b.......U.v.z...?.Z..b.1@./z..c..s>~.if.,...USj.......F..1.._.Mj...b.u..p.a..m.h..m...>..a\.+5%..Q.K...F...km}.......?........D\..........!~.6.,.-..7..S......v.5Z..;....[...r.mS.....5..{yD...yH.}r.9..|..-...........FA......J...j..I.....[/.]m...K..7..K....R..D..r..Y..Q..O.-....Q...|.|.6........(.0...MX..d(@....h....2....._.f....<.:........._....*d.>.........e.\c.?~,7.?&. ...^2I..q2."y.<M.....d...JlE^<7....3R..E.9...`.3*L\S.,...#.)..]..._.\.,7Q.....W.._...2.+.j....W.r.Z..L..lXswU.m.........q..W.F~....]<Yo..F....j.V.N.D...,.'}(...}.}.}.}.]..;....p.s_..j..Z.{.y..g.k.J!#l...r.6.Qa2.'..cBQ......./.=..c...\..V......M.UUT.p.).VoM8.A..$Cd..6T..W.".O.Ri.S;S....A....v.m.....n.R..c.}.Y.:n....wK.b..6*.......L.hS..mZ.......2...[.G...
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\picker_account_aad[1].svg
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:SVG Scalable Vector Graphics image
            Category:downloaded
            Size (bytes):756
            Entropy (8bit):4.879179443781471
            Encrypted:false
            SSDEEP:12:t4pb8WsQKvkBWSfYcW3ffBfYfomQO1a7aajR2F1hgWSnuCNSganii7v/NPujARqj:t4pb8WvKMTfY3ffBfYfomQO1eXjR2oug
            MD5:9DE70D1C5191D1852A0D5AAC28B44A6C
            SHA1:F4F64F5CBDBE6D1115C10A7F9CCB8828E6B67CAE
            SHA-256:5D3357BD875B7335ACE42E8EE3A64578E4253BED1A4E279109DE403EEDAE3A69
            SHA-512:CAC13FC2FE30E10772008F2AFF70FCA031EA9918E1F8C5C8B91CB9E79463383183406EFAADF89360DE3A08573FCDF2716C14DA6411E24B7E260B96AF84F00762
            Malicious:false
            Reputation:low
            IE Cache URL:https://secure.aadcdn.microsoftonline-p.com/ests/2.1.7135.7/content/images/picker_account_aad.svg?x=9de70d1c5191d1852a0d5aac28b44a6c
            Preview: <svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><circle cx="24" cy="24" r="24" fill="#e6e6e6"/><path d="M34,35V14a2.938,2.938,0,0,0-3-3H27V8l2-1L27.948,5.638,24,8,20.07,5.648,19,7l2,1v3H17a2.938,2.938,0,0,0-3,3V35a2.938,2.938,0,0,0,3,3H31A2.938,2.938,0,0,0,34,35Zm-3,1H17a.979.979,0,0,1-1-1V14a.979.979,0,0,1,1-1h6V10h2v3h6a.979.979,0,0,1,1,1V35A.979.979,0,0,1,31,36Z" fill="#404040"/><path d="M26.766,25.42a4.432,4.432,0,1,0-5.533,0A6.237,6.237,0,0,0,17.765,31h1.653a4.582,4.582,0,1,1,9.165,0h1.653A6.237,6.237,0,0,0,26.766,25.42Zm-5.546-3.435A2.779,2.779,0,1,1,24,24.765,2.783,2.783,0,0,1,21.221,21.985Z" fill="#404040"/><rect x="21" y="14" width="6" height="2" rx="1" ry="1" fill="#404040"/></svg>
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\3MODYROK.htm
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:HTML document, UTF-8 Unicode text, with CRLF line terminators
            Category:downloaded
            Size (bytes):1547
            Entropy (8bit):5.0599895867122555
            Encrypted:false
            SSDEEP:48:0WWSoX8CMtatnHiBu5C62KLs5C2lfMsMG9M7:6SYMtatnCsrTW96bZ7
            MD5:C502CAB1FA3973A749F60608C2FC3605
            SHA1:B66C3960943C14C955A79683E148380632EE708A
            SHA-256:933A8AE0F27D4B101EB250D98DE39962CFE574DDDED155B47A0CE3F3B6586B22
            SHA-512:F53EC6E2D443504A8768787C65CB0251050DA2A057F9399E51DB77E0308D97B7352C5CC93417F859E1DBE01741A7BB9FEA7853FAB44825391E017D150590BDB5
            Malicious:false
            Reputation:low
            IE Cache URL:http://encrypt.techomind.com/
            Preview: <!doctype public "-//wapforum//dtd wml 1.2//en">..<html>..<head>..<TITLE>TechnoMind Security</TITLE>..<META HTTP-EQUIV="content-type" content="text/html; charset=UTF-8">..</head>....<body style="font-size: 5px; font-family: arial; ">..<table style="width:50px; border-collapse: collapse; margin-left: auto; margin-right: auto;"> .. <tbody><tr><td style="padding-top: 20px;">.. <table style="padding-top: 10px; padding-left: 10px; padding-right: 10px; padding-bottom: 20px; background-color:#FFFFFF; border:1px solid #CCCCCC; color:#000000; width: 450px;">.. <tbody><tr><td><img src='wild.png' border="0"> </td>.. <td align="right"><img src='way.png'></td>.. </tr>.. <tr><td colspan="2" style="font-size: 12px; padding-top: 30px; text-align: center;"> <a href="https://hebronbilingualsda.org/content/" target=._blank.><button>Click Here to Read Message</button></a>.. .. .. .. <tr><td colspan="2" styl
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\cut[1].ico
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
            Category:downloaded
            Size (bytes):7886
            Entropy (8bit):3.1280056112498884
            Encrypted:false
            SSDEEP:24:i7xEfZFssEcdSsssss9udddSsssssss8VpddddSssssssssss4cddddddysssssF:gu6sOwH0/lO9dL/FLRBwwkKK1V
            MD5:604ADFB53677B5CA4F910FFB131B3E7C
            SHA1:5F1A0FB4E4AD3707E591CE16352158263488ED70
            SHA-256:24638331466A52BB66F912090E7A9CC9E3DF2236E39C187C9409104526B472B0
            SHA-512:35F618F42ADFEE6D1335C67F729C298789419FE2930371A91683F60481794488DFAF15B572E6FC1BE70833EF12DFE57432725F6336B6B73DCFB52596F57F30A5
            Malicious:false
            Reputation:low
            IE Cache URL:https://hebronbilingualsda.org/content/cut.ico
            Preview: ...... .... .....6......... ............... .h...f...(... ...@..... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................(`.(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(..(p.....................
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\microsoft_logo[1].svg
            Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            File Type:SVG Scalable Vector Graphics image
            Category:downloaded
            Size (bytes):3651
            Entropy (8bit):4.094801914706141
            Encrypted:false
            SSDEEP:96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
            MD5:EE5C8D9FB6248C938FD0DC19370E90BD
            SHA1:D01A22720918B781338B5BBF9202B241A5F99EE4
            SHA-256:04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
            SHA-512:C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
            Malicious:false
            Reputation:low
            IE Cache URL:https://hebronbilingualsda.org/content/main_files/microsoft_logo.svg
            Preview: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.
            C:\Users\user\AppData\Local\Temp\~DF08B42D9D3081252A.TMP
            Process:C:\Program Files\internet explorer\iexplore.exe
            File Type:data
            Category:dropped
            Size (bytes):13029
            Entropy (8bit):0.4795904381147373
            Encrypted:false
            SSDEEP:24:c9lLh9lLh9lIn9lIn9loGF9loq9lWDGjaB7jqEN:kBqoIlTDIyvqK
            MD5:EC3578716C165A1C494325D9F411F0DF
            SHA1:B4F8E0D5E567F9F07FE7834A4380321959B7B092
            SHA-256:A1CF640CDF26B2BDD3BC73877B8ED4B979B0756F2F948EEC62AF25E24740BFD6
            SHA-512:33C2A8FCD9F6671B91EF303796AE9B27FDF51AE39D42BC820A8EEB95D7BA500C90947CD763CB5AFC402DBF492DE5527945B532A29EC35FD02C2E74AAED88E785
            Malicious:false
            Reputation:low
            Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Temp\~DFCDF5FB740613BB71.TMP
            Process:C:\Program Files\internet explorer\iexplore.exe
            File Type:data
            Category:dropped
            Size (bytes):57037
            Entropy (8bit):1.3249041476253953
            Encrypted:false
            SSDEEP:384:kBqoxKAuqR+mg6TgYj55ThpiTxTDd3TtTjT+TvfTKhZaT+TqqTjpT:SKFZpnqTQUqdZ
            MD5:D62216803A165165F63E14C26D9B1CB8
            SHA1:8072822CD03CAC75F12D93B3AA4179100CDAB212
            SHA-256:8049CE31801D93574B639C3382DA3B20E6FCD6C1FDA752A1FA0694728BD2287F
            SHA-512:87B19AA0AB8CF68B65B025696DD07B0EC8D6E27EB6112072E8629B1DEEBFC35A2940229CBD29E6FBBC60A0D886863AAE93108F640ED6C0C8CBF4D204353433A9
            Malicious:false
            Reputation:low
            Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Temp\~DFF7CEDCC2DA9C786D.TMP
            Process:C:\Program Files\internet explorer\iexplore.exe
            File Type:data
            Category:dropped
            Size (bytes):25441
            Entropy (8bit):0.30164564897849105
            Encrypted:false
            SSDEEP:24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laAR:kBqoxxJhHWSVSEab
            MD5:23BF0C805BF41A7E5906C218903EFE84
            SHA1:AAC4FD7376E82BC093119C349680332E8F578C47
            SHA-256:8D25516FEAC0F5D5BC965D588E963DF252A79E88659F755373E56C528568EA30
            SHA-512:56BCE027F9AD53D7D7F69C3C965CE2F39422C9F4FF31E9652DA95277DDB28EEF018E81C69E8319A06E5EF41B33F7A4049C152940B1A8E1BA7E5980FBF3BED71D
            Malicious:false
            Reputation:low
            Preview: .............................*%..H..M..{y..+.0...(................... ...............................................*%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

            Static File Info

            No static file info

            Network Behavior

            Network Port Distribution

            TCP Packets

            TimestampSource PortDest PortSource IPDest IP
            May 12, 2021 20:55:19.169681072 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.169711113 CEST4971180192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.332251072 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.332993984 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.333013058 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.333017111 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.333105087 CEST4971180192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.496316910 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.497272968 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.497304916 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.497373104 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.497406006 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.583978891 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.585012913 CEST4971180192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.748285055 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.748313904 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.748326063 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.748334885 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.748413086 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.748446941 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.749356031 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.749896049 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.749918938 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.749931097 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.749946117 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:19.749991894 CEST4971180192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.752753973 CEST4971180192.168.2.3162.241.115.110
            May 12, 2021 20:55:19.938215017 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:20.101005077 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101037025 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101049900 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101062059 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101078033 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101094007 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101109028 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101120949 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101133108 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101147890 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.101185083 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:20.101253033 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:20.121684074 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:20.121753931 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:20.263264894 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.263287067 CEST8049712162.241.115.110192.168.2.3
            May 12, 2021 20:55:20.263377905 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:20.264995098 CEST4971280192.168.2.3162.241.115.110
            May 12, 2021 20:55:24.755240917 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:24.755393028 CEST4971180192.168.2.3162.241.115.110
            May 12, 2021 20:55:36.895139933 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.053952932 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.054163933 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.073615074 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.232345104 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233072042 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233189106 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233205080 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.233212948 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233244896 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233273983 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.233290911 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233309031 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233314991 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.233326912 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233339071 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233346939 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233351946 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.233360052 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.233417034 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.233426094 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.233762980 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.233794928 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.392118931 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.392146111 CEST8049719162.241.115.110192.168.2.3
            May 12, 2021 20:55:37.392287970 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:37.392332077 CEST4971980192.168.2.3162.241.115.110
            May 12, 2021 20:55:38.670916080 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:38.671294928 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:38.855416059 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:38.855504036 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:38.859340906 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:38.859483957 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:38.859858036 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:38.860090017 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.043761969 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.044406891 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.044425964 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.044455051 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.044471025 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.044487953 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.044511080 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.044552088 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.046000004 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.046076059 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.048530102 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.049149990 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.049168110 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.049201012 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.049215078 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.049225092 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.049237013 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.049263000 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.049283981 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.050723076 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.050807953 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.112179995 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.112256050 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.118349075 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.296742916 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.296914101 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.301177979 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.301404953 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.343293905 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.375266075 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.375375986 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.375406981 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.375406981 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.375437021 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.375458002 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.376004934 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.376046896 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.377393961 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.560523987 CEST44349722198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.560697079 CEST49722443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.570111990 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.570139885 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.570152998 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.570164919 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.570190907 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.570226908 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.570323944 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.570383072 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.580916882 CEST49721443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.584491968 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.585012913 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.591981888 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.595838070 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.597191095 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.769222975 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.769293070 CEST44349721198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.769334078 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.769982100 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.774580956 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.774703979 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.775259018 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.781059980 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.781075001 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.781155109 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.781219959 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.782113075 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.782326937 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.786298037 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.786489010 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.787313938 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.954250097 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.954926014 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.955018997 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.955586910 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.957197905 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.965342999 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.965862989 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.965982914 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.966248989 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.966752052 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.967056990 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.967130899 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.967488050 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.969151020 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.969295979 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.971564054 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.972174883 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.972245932 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.972723007 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.974198103 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.977700949 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.978387117 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:39.978451967 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.978902102 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:39.980454922 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.141381025 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.143611908 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.143629074 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.143655062 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.143688917 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.143693924 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.143724918 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.143740892 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.145186901 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.145227909 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.153175116 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.155457020 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.155503035 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.155522108 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.155543089 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.155587912 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.155630112 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.155709028 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.155735016 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.159254074 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163680077 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163701057 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163741112 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163742065 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163758039 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163774967 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163777113 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163781881 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163795948 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163805008 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163821936 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163830042 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163846016 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163851976 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163862944 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163873911 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163878918 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.163904905 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.163938999 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.164140940 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167203903 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167236090 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167258024 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167258978 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.167279959 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167289019 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.167298079 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167310953 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.167320013 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167335033 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167346001 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.167350054 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167368889 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167386055 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.167387962 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.167409897 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.167458057 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.170788050 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.172681093 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.172754049 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.172786951 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.172799110 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.172831059 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.172882080 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.172914982 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.329627037 CEST44349725198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.329706907 CEST49725443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.341285944 CEST44349728198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.341352940 CEST49728443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.354120016 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.354146957 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.354166031 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.354199886 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.354222059 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.354264021 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.354271889 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.354288101 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.354336023 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.354341984 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.354343891 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.354406118 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.356471062 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.356496096 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.356534004 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.356549978 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.356564999 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.356580019 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.356585979 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.356596947 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.356609106 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.356621027 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.356712103 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.356718063 CEST49724443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.364489079 CEST44349727198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.364568949 CEST49727443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.545861006 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545885086 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545897007 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545917034 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545933962 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545948982 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545965910 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545965910 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.545981884 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.545996904 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.546014071 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.546020031 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.546037912 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.546062946 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.546753883 CEST44349724198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735348940 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735380888 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735402107 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735421896 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735438108 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735440969 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735466003 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735476017 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735488892 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735519886 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735548973 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735603094 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735630035 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735651970 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735654116 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735671043 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735671043 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735692024 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735694885 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735713005 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735719919 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735733032 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735739946 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735757113 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.735758066 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735780954 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.735800982 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.924701929 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.924741030 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.924783945 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.924792051 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.924817085 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.924840927 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.924854040 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.924896002 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.924896955 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.924921989 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.924942017 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.924968958 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.924983025 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925030947 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925040007 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925077915 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925086021 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925107956 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925133944 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925164938 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925185919 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925214052 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925235987 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925240993 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925259113 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925266981 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925283909 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925292015 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925312996 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925318003 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925333977 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925343990 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925364017 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925376892 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925403118 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925425053 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925427914 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925455093 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925473928 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925474882 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925498962 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925501108 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925519943 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925529957 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925545931 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925563097 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925574064 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925595045 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925605059 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925632000 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925645113 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925648928 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:40.925679922 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:40.925698996 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.114903927 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.114937067 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.114985943 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115001917 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115016937 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115040064 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115063906 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115080118 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115082026 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115108013 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115143061 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115145922 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115160942 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115180016 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115186930 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115200043 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115232944 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115236998 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115267992 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115269899 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115298033 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115299940 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115324020 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115324020 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115349054 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115355015 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115372896 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115382910 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115408897 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115416050 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115436077 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115441084 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115464926 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115467072 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115494967 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115498066 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115520954 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115525961 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115545034 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115550995 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115571022 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115583897 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115601063 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115607977 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115627050 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115643024 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115652084 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115658045 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115674973 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115681887 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115689993 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115705967 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115711927 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115722895 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115735054 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115751028 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115767002 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115780115 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115782976 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115798950 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115813971 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115822077 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115833044 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115850925 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115858078 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115868092 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115885019 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115892887 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115900040 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115916014 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115931034 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115937948 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115947008 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115966082 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115974903 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.115983009 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.115994930 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.116007090 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.116010904 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.116025925 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.116055012 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.116091967 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305437088 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305464983 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305480957 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305499077 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305516005 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305533886 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305555105 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305630922 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305634975 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305684090 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305722952 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305737972 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305758953 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305773020 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305795908 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305819035 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305821896 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305854082 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305864096 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305881977 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305888891 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305917025 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305922031 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305953979 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305957079 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.305980921 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.305993080 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306020021 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306020975 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306058884 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306094885 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306104898 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306132078 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306173086 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306180954 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306214094 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306224108 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306232929 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306255102 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306273937 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306276083 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306291103 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306308031 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306325912 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306339025 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306350946 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306356907 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306370020 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306387901 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306390047 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306404114 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306425095 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306432962 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306443930 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306461096 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306468010 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306478024 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306494951 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306502104 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306512117 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306529045 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306545973 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306549072 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306567907 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306586981 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306605101 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306610107 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306632042 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306641102 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306652069 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306668043 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306678057 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306684971 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306701899 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306718111 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306719065 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306736946 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306754112 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306757927 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306773901 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306790113 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306793928 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306811094 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306828022 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306829929 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306844950 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306863070 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306864977 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306879997 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306896925 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306907892 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306917906 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306937933 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306938887 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306955099 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306972027 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.306977987 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.306989908 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307005882 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307024002 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307034969 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.307040930 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307061911 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307082891 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307099104 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307104111 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.307116985 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307132006 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307141066 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.307145119 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307152987 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307161093 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.307183027 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.307234049 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.316498041 CEST49726443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.468441010 CEST49735443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.468662977 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.505812883 CEST44349726198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.657968998 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.659904003 CEST44349735198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.660033941 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.660665989 CEST49735443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.660923004 CEST49735443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.661843061 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.850069046 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.850389004 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.850528955 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.850665092 CEST44349735198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.851042032 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.851429939 CEST44349735198.12.154.178192.168.2.3
            May 12, 2021 20:55:41.851506948 CEST49735443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.851924896 CEST49735443192.168.2.3198.12.154.178
            May 12, 2021 20:55:41.852905989 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:42.041079998 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:42.043625116 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:42.043658972 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:42.043669939 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:42.043682098 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:42.043730021 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:42.043761015 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:42.082190990 CEST44349735198.12.154.178192.168.2.3
            May 12, 2021 20:55:42.103108883 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:42.103142977 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:42.290451050 CEST44349736198.12.154.178192.168.2.3
            May 12, 2021 20:55:42.290601969 CEST49736443192.168.2.3198.12.154.178
            May 12, 2021 20:55:42.318250895 CEST4971180192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.319142103 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.319952965 CEST4973880192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.481359959 CEST8049738162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.481401920 CEST8049711162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.481564999 CEST4973880192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.482542992 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.482703924 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.496195078 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659138918 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659604073 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659634113 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659662008 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659677982 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659688950 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659714937 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659727097 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659734011 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659737110 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659734964 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659764051 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659771919 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659786940 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659800053 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659801960 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659806967 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.659830093 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659843922 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.659873009 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.823223114 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.823255062 CEST8049737162.241.115.110192.168.2.3
            May 12, 2021 20:55:42.823390007 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.900491953 CEST4973780192.168.2.3162.241.115.110
            May 12, 2021 20:55:42.900541067 CEST4973780192.168.2.3162.241.115.110

            UDP Packets

            TimestampSource PortDest PortSource IPDest IP
            May 12, 2021 20:55:10.295912027 CEST6493853192.168.2.38.8.8.8
            May 12, 2021 20:55:10.354160070 CEST53649388.8.8.8192.168.2.3
            May 12, 2021 20:55:10.357953072 CEST6015253192.168.2.38.8.8.8
            May 12, 2021 20:55:10.408879995 CEST53601528.8.8.8192.168.2.3
            May 12, 2021 20:55:12.596694946 CEST5754453192.168.2.38.8.8.8
            May 12, 2021 20:55:12.648274899 CEST53575448.8.8.8192.168.2.3
            May 12, 2021 20:55:13.608371019 CEST5598453192.168.2.38.8.8.8
            May 12, 2021 20:55:13.663625956 CEST53559848.8.8.8192.168.2.3
            May 12, 2021 20:55:14.916565895 CEST6418553192.168.2.38.8.8.8
            May 12, 2021 20:55:14.965711117 CEST53641858.8.8.8192.168.2.3
            May 12, 2021 20:55:16.069217920 CEST6511053192.168.2.38.8.8.8
            May 12, 2021 20:55:16.118307114 CEST53651108.8.8.8192.168.2.3
            May 12, 2021 20:55:17.557293892 CEST5836153192.168.2.38.8.8.8
            May 12, 2021 20:55:17.622308969 CEST53583618.8.8.8192.168.2.3
            May 12, 2021 20:55:17.815946102 CEST6349253192.168.2.38.8.8.8
            May 12, 2021 20:55:17.866380930 CEST53634928.8.8.8192.168.2.3
            May 12, 2021 20:55:18.954871893 CEST6083153192.168.2.38.8.8.8
            May 12, 2021 20:55:18.970432997 CEST6010053192.168.2.38.8.8.8
            May 12, 2021 20:55:19.006604910 CEST53608318.8.8.8192.168.2.3
            May 12, 2021 20:55:19.157399893 CEST53601008.8.8.8192.168.2.3
            May 12, 2021 20:55:21.364834070 CEST5319553192.168.2.38.8.8.8
            May 12, 2021 20:55:21.416445971 CEST53531958.8.8.8192.168.2.3
            May 12, 2021 20:55:22.694133043 CEST5014153192.168.2.38.8.8.8
            May 12, 2021 20:55:22.744496107 CEST53501418.8.8.8192.168.2.3
            May 12, 2021 20:55:30.071532011 CEST5302353192.168.2.38.8.8.8
            May 12, 2021 20:55:30.120254993 CEST53530238.8.8.8192.168.2.3
            May 12, 2021 20:55:30.929574013 CEST4956353192.168.2.38.8.8.8
            May 12, 2021 20:55:30.979867935 CEST53495638.8.8.8192.168.2.3
            May 12, 2021 20:55:32.203494072 CEST5135253192.168.2.38.8.8.8
            May 12, 2021 20:55:32.252578974 CEST53513528.8.8.8192.168.2.3
            May 12, 2021 20:55:33.476962090 CEST5934953192.168.2.38.8.8.8
            May 12, 2021 20:55:33.527564049 CEST53593498.8.8.8192.168.2.3
            May 12, 2021 20:55:36.712088108 CEST5708453192.168.2.38.8.8.8
            May 12, 2021 20:55:36.891705036 CEST53570848.8.8.8192.168.2.3
            May 12, 2021 20:55:37.800879002 CEST5882353192.168.2.38.8.8.8
            May 12, 2021 20:55:37.852659941 CEST53588238.8.8.8192.168.2.3
            May 12, 2021 20:55:38.578542948 CEST5756853192.168.2.38.8.8.8
            May 12, 2021 20:55:38.668457031 CEST53575688.8.8.8192.168.2.3
            May 12, 2021 20:55:39.011651039 CEST5054053192.168.2.38.8.8.8
            May 12, 2021 20:55:39.060482025 CEST53505408.8.8.8192.168.2.3
            May 12, 2021 20:55:39.591609955 CEST5436653192.168.2.38.8.8.8
            May 12, 2021 20:55:39.601068020 CEST5303453192.168.2.38.8.8.8
            May 12, 2021 20:55:39.659210920 CEST53543668.8.8.8192.168.2.3
            May 12, 2021 20:55:39.659343958 CEST53530348.8.8.8192.168.2.3
            May 12, 2021 20:55:40.121537924 CEST5776253192.168.2.38.8.8.8
            May 12, 2021 20:55:40.171147108 CEST53577628.8.8.8192.168.2.3
            May 12, 2021 20:55:40.939543009 CEST5543553192.168.2.38.8.8.8
            May 12, 2021 20:55:40.988676071 CEST53554358.8.8.8192.168.2.3
            May 12, 2021 20:55:46.554241896 CEST5071353192.168.2.38.8.8.8
            May 12, 2021 20:55:46.613457918 CEST53507138.8.8.8192.168.2.3
            May 12, 2021 20:55:47.522217035 CEST5613253192.168.2.38.8.8.8
            May 12, 2021 20:55:47.572046995 CEST53561328.8.8.8192.168.2.3
            May 12, 2021 20:55:48.335844994 CEST5898753192.168.2.38.8.8.8
            May 12, 2021 20:55:48.393007994 CEST53589878.8.8.8192.168.2.3
            May 12, 2021 20:55:48.528588057 CEST5613253192.168.2.38.8.8.8
            May 12, 2021 20:55:48.577445984 CEST53561328.8.8.8192.168.2.3
            May 12, 2021 20:55:49.371742010 CEST5898753192.168.2.38.8.8.8
            May 12, 2021 20:55:49.436201096 CEST53589878.8.8.8192.168.2.3
            May 12, 2021 20:55:49.528723955 CEST5613253192.168.2.38.8.8.8
            May 12, 2021 20:55:49.577887058 CEST53561328.8.8.8192.168.2.3
            May 12, 2021 20:55:50.409593105 CEST5898753192.168.2.38.8.8.8
            May 12, 2021 20:55:50.471972942 CEST53589878.8.8.8192.168.2.3
            May 12, 2021 20:55:50.553781986 CEST5657953192.168.2.38.8.8.8
            May 12, 2021 20:55:50.619069099 CEST53565798.8.8.8192.168.2.3
            May 12, 2021 20:55:51.609132051 CEST5613253192.168.2.38.8.8.8
            May 12, 2021 20:55:51.658549070 CEST53561328.8.8.8192.168.2.3
            May 12, 2021 20:55:52.402791023 CEST5898753192.168.2.38.8.8.8
            May 12, 2021 20:55:52.460412025 CEST53589878.8.8.8192.168.2.3
            May 12, 2021 20:55:55.622617960 CEST5613253192.168.2.38.8.8.8
            May 12, 2021 20:55:55.671366930 CEST53561328.8.8.8192.168.2.3
            May 12, 2021 20:55:56.418653965 CEST5898753192.168.2.38.8.8.8
            May 12, 2021 20:55:56.476162910 CEST53589878.8.8.8192.168.2.3

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
            May 12, 2021 20:55:18.970432997 CEST192.168.2.38.8.8.80xc334Standard query (0)encrypt.techomind.comA (IP address)IN (0x0001)
            May 12, 2021 20:55:36.712088108 CEST192.168.2.38.8.8.80x978eStandard query (0)encrypt.techomind.comA (IP address)IN (0x0001)
            May 12, 2021 20:55:38.578542948 CEST192.168.2.38.8.8.80xad61Standard query (0)hebronbilingualsda.orgA (IP address)IN (0x0001)
            May 12, 2021 20:55:39.601068020 CEST192.168.2.38.8.8.80x6c41Standard query (0)secure.aadcdn.microsoftonline-p.comA (IP address)IN (0x0001)

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
            May 12, 2021 20:55:19.157399893 CEST8.8.8.8192.168.2.30xc334No error (0)encrypt.techomind.com162.241.115.110A (IP address)IN (0x0001)
            May 12, 2021 20:55:36.891705036 CEST8.8.8.8192.168.2.30x978eNo error (0)encrypt.techomind.com162.241.115.110A (IP address)IN (0x0001)
            May 12, 2021 20:55:38.668457031 CEST8.8.8.8192.168.2.30xad61No error (0)hebronbilingualsda.org198.12.154.178A (IP address)IN (0x0001)
            May 12, 2021 20:55:39.659343958 CEST8.8.8.8192.168.2.30x6c41No error (0)secure.aadcdn.microsoftonline-p.comsecure.aadcdn.microsoftonline-p.com.edgekey.netCNAME (Canonical name)IN (0x0001)

            HTTP Request Dependency Graph

            • encrypt.techomind.com

            HTTP Packets

            Session IDSource IPSource PortDestination IPDestination PortProcess
            0192.168.2.349712162.241.115.11080C:\Program Files (x86)\Internet Explorer\iexplore.exe
            TimestampkBytes transferredDirectionData
            May 12, 2021 20:55:19.333013058 CEST1079OUTGET / HTTP/1.1
            Accept: text/html, application/xhtml+xml, image/jxr, */*
            Accept-Language: en-US
            User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
            Accept-Encoding: gzip, deflate
            Host: encrypt.techomind.com
            Connection: Keep-Alive
            May 12, 2021 20:55:19.497272968 CEST1085INHTTP/1.1 200 OK
            Date: Wed, 12 May 2021 18:55:18 GMT
            Server: Apache
            Last-Modified: Wed, 12 May 2021 17:12:32 GMT
            Accept-Ranges: bytes
            Content-Length: 1547
            Keep-Alive: timeout=5, max=100
            Connection: Keep-Alive
            Content-Type: text/html
            Data Raw: 3c 21 64 6f 63 74 79 70 65 20 70 75 62 6c 69 63 20 22 2d 2f 2f 77 61 70 66 6f 72 75 6d 2f 2f 64 74 64 20 77 6d 6c 20 31 2e 32 2f 2f 65 6e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 54 49 54 4c 45 3e 54 65 63 68 6e 6f 4d 69 6e 64 20 53 65 63 75 72 69 74 79 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 70 78 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 61 72 69 61 6c 3b 20 22 3e 0d 0a 3c 74 61 62 6c 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 35 30 70 78 3b 20 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 20 63 6f 6c 6c 61 70 73 65 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 22 3e 20 0d 0a 20 20 20 20 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 32 30 70 78 3b 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 61 62 6c 65 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 31 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 31 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 3b 20 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 20 20 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 20 77 69 64 74 68 3a 20 34 35 30 70 78 3b 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 3e 3c 69 6d 67 20 73 72 63 3d 27 77 69 6c 64 2e 70 6e 67 27 20 62 6f 72 64 65 72 3d 22 30 22 3e 20 3c 2f 74 64 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 64 20 61 6c 69 67 6e 3d 22 72 69 67 68 74 22 3e 3c 69 6d 67 20 73 72 63 3d 27 77 61 79 2e 70 6e 67 27 3e 3c 2f 74 64 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 72 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 74 72 3e 3c 74 64 20 63 6f 6c 73 70 61 6e 3d 22 32 22 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 33 30 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 22 3e 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 68 65 62 72 6f 6e 62 69 6c 69 6e 67 75 61 6c 73 64 61 2e 6f 72 67 2f 63 6f 6e 74 65 6e 74 2f 22 20 74 61 72 67 65 74 3d e2 80 9c 5f 62 6c 61 6e 6b e2 80 9d 3e 3c 62 75 74 74 6f 6e 3e 43 6c 69 63 6b 20 48 65 72 65 20 74 6f 20 52 65 61 64 20 4d 65 73 73 61 67 65 3c 2f 62 75 74 74 6f 6e 3e 3c 2f 61 3e 0d 0a 20 20 20 20 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 72 3e 3c 74 64 20 63 6f 6c 73 70 61 6e 3d 22 32 22 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 33 30 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 22 3e 20 20 3c 61 20 68 72 65 66 3d 22 22 20 73 74 79 6c 65 3d 22 66 6f 6e 74 3a 20 31 32 70 78 20 41 72 69 61
            Data Ascii: <!doctype public "-//wapforum//dtd wml 1.2//en"><html><head><TITLE>TechnoMind Security</TITLE><META HTTP-EQUIV="content-type" content="text/html; charset=UTF-8"></head><body style="font-size: 5px; font-family: arial; "><table style="width:50px; border-collapse: collapse; margin-left: auto; margin-right: auto;"> <tbody><tr><td style="padding-top: 20px;"> <table style="padding-top: 10px; padding-left: 10px; padding-right: 10px; padding-bottom: 20px; background-color:#FFFFFF; border:1px solid #CCCCCC; color:#000000; width: 450px;"> <tbody><tr><td><img src='wild.png' border="0"> </td> <td align="right"><img src='way.png'></td> </tr> <tr><td colspan="2" style="font-size: 12px; padding-top: 30px; text-align: center;"> <a href="https://hebronbilingualsda.org/content/" target=_blank><button>Click Here to Read Message</button></a> <tr><td colspan="2" style="font-size: 12px; padding-top: 30px; text-align: center;"> <a href="" style="font: 12px Aria
            May 12, 2021 20:55:19.497304916 CEST1086INData Raw: 6c 3b 20 63 6f 6c 6f 72 3a 20 23 37 37 37 37 37 37 3b 22 20 3c 2f 61 3e 3c 2f 74 64 3e 3c 2f 74 72 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 74 62 6f 64 79 3e 0d 0a 20 20 20 20 3c 74 72 3e 3c 74 64 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65
            Data Ascii: l; color: #777777;" </a></td></tr> </tbody> <tr><td style="font-size: 12px; color: #AAAAAA; padding-top: 10px;"> </td></tr> </tbody></table> </td></tr><tr><td style="font-size: 12px; color: #AAAAAA;
            May 12, 2021 20:55:19.583978891 CEST1086OUTGET /wild.png HTTP/1.1
            Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
            Referer: http://encrypt.techomind.com/
            Accept-Language: en-US
            User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
            Accept-Encoding: gzip, deflate
            Host: encrypt.techomind.com
            Connection: Keep-Alive
            May 12, 2021 20:55:19.748285055 CEST1091INHTTP/1.1 200 OK
            Date: Wed, 12 May 2021 18:55:18 GMT
            Server: Apache
            Last-Modified: Wed, 12 May 2021 17:11:13 GMT
            Accept-Ranges: bytes
            Content-Length: 3808
            Keep-Alive: timeout=5, max=99
            Connection: Keep-Alive
            Content-Type: image/png
            Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 3d 00 00 00 3f 08 02 00 00 00 dc c8 57 b5 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 01 d5 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 58 4d 50 20 43 6f 72 65 20 35 2e 34 2e 30 22 3e 0a 20 20 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 0a 20 20 20 20 20 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 78 6d 6c 6e 73 3a 74 69 66 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 74 69 66 66 2f 31 2e 30 2f 22 3e 0a 20 20 20 20 20 20 20 20 20 3c 74 69 66 66 3a 43 6f 6d 70 72 65 73 73 69 6f 6e 3e 35 3c 2f 74 69 66 66 3a 43 6f 6d 70 72 65 73 73 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 3c 74 69 66 66 3a 50 68 6f 74 6f 6d 65 74 72 69 63 49 6e 74 65 72 70 72 65 74 61 74 69 6f 6e 3e 32 3c 2f 74 69 66 66 3a 50 68 6f 74 6f 6d 65 74 72 69 63 49 6e 74 65 72 70 72 65 74 61 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 3c 74 69 66 66 3a 4f 72 69 65 6e 74 61 74 69 6f 6e 3e 31 3c 2f 74 69 66 66 3a 4f 72 69 65 6e 74 61 74 69 6f 6e 3e 0a 20 20 20 20 20 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 0a 20 20 20 3c 2f 72 64 66 3a 52 44 46 3e 0a 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 0a b0 e3 32 dd 00 00 0c b9 49 44 41 54 68 05 d5 5a 7b 6c 1c c5 19 9f 7d dd cb 77 be d8 8e 5f 75 12 12 3b b4 84 90 84 90 34 50 20 81 0a 8a 48 ab f2 12 a0 f2 47 05 ad 94 84 3f 4a 69 2a 55 6d 41 7d d0 87 aa 4a 40 1f 10 a0 e5 99 14 14 44 4b 90 88 c1 0d a4 52 dc 40 04 24 21 02 f3 b0 49 20 89 1d fb fc 20 f1 f9 79 77 bb b7 bb fd cd ce de dc 78 f7 ee e2 2d 12 11 23 7b f6 9b 6f be c7 6f be fd 66 76 76 f6 24 db b6 c9 17 b0 c8 5f 40 cc 14 b2 3a 4b dc 96 65 a5 d3 69 49 92 0c c3 a8 ac 22 cb 34 16 90 e4 b5 28 5f 92 0f 66 2e 97 cb 1b c6 dc fa fa 50 28 24 ca 97 a3 67 8b 3b e3 94 44 22 61 9a 26 b3 c5 13 cc 03 45 6c 32 1a f2 1e 82 37 99 29 0c 75 2c 9d ce 9b e6 c9 93 27 6b 6a 6a 22 91 48 39 b8 9c ef e2 d6 75 bd 72 20 47 47 d3 c3 a3 a7 c6 a7 33 f9 7c 5e d5 68 21 6c 62 38 71 85 39 b9 40 54 c0 cd e1 ba 32 b2 14 56 55 62 59 c0 3d 31 31 01 23 0b 17 2e 1c 4a a5 6a ea ea 4e 0b 5d d5 3f 78 5f fe e3 3d 19 3d 67 98 95 12 40 33 8c a6 89 94 2c 11 cb b6 01 51 56 35 3e 74 91 a0 c9 c1 8a 54 62 ba bb bd 92 3b a9 a4 ac 69 6e da 2c af bf 91 18 3a f2 10 0a a8 e7 36 34 8c 8c 8c d4 d6 d6 56 86 ae e6 46 4f 55 bd f6 4f cd 26 a5 81 14 60 e0 6a e8 a4 04 16 41 20 28 29 4d 92 6c ea 44 d8 99 0f 34 fd 24 09 b9 07 e8 0d 0d 0d c3 43 43 73 6a 6a 62 b1 58 39 9b aa 2d c9 19 9b 64 2b 20 b2 08 71 52 9a 8a 80 96 89 84 21 16 98 e0 31 3e 65 22 8e 02 df 75 a9 38 fc 52 fe a5 30 b1 1d d0 d4 88 6d b3 bb 01 02 a9 d8 d0 d8 88 84 01 bf 1c 74 d5 26 36 ee 10 bd 49 a5 8a ad 93 d0 6d 9b e2 b7 6c 40 6a d8 99 a9 fc 87 ef 4e 6f fd 6b fe bd 1e 79 d5 8a ea df 6c 91 23 51 40 cd a7 fa 32 cf 3e a6 ef 6a 27 48 b4 af 7c 39 79 ef 93 72 38 42 33 58 92 cc 54 df d8 0f 6e 26 99 6c 29 db ce 20 09 d0 d2 30 63 76 d1 39 e3 4c 12 17 7a 53 d3 e0 e0 20 06 14 ab aa f2 ab d3 79 09 cc
            Data Ascii: PNGIHDR=?WsRGBiTXtXML:com.adobe.xmp<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0"> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:tiff="http://ns.adobe.com/tiff/1.0/"> <tiff:Compression>5</tiff:Compression> <tiff:PhotometricInterpretation>2</tiff:PhotometricInterpretation> <tiff:Orientation>1</tiff:Orientation> </rdf:Description> </rdf:RDF></x:xmpmeta>2IDAThZ{l}w_u;4P HG?Ji*UmA}J@DKR@$!I ywx-#{oofvv$_@:KeiI"4(_f.P($g;D"a&El27)u,'kjj"H9ur GG3|^h!lb8q9@T2VUbY=11#.JjN]?x_==g@3,QV5>tTb;in,:64VFOUO&`jA ()MlD4$CCsjjbX9-d+ qR!1>e"u8R0mt&6Iml@jNokyl#Q@2>j'H|9yr8B3XTn&l) 0cv9LzS y
            May 12, 2021 20:55:19.748313904 CEST1092INData Raw: 65 60 d3 f1 e4 e6 b7 cd 59 b6 6a 7a 6a 0a f3 bd fa ab 97 aa eb ae 4a df b4 2e 17 4b c8 ab 2f 01 e8 b1 91 91 e4 79 17 24 2f 5b 3f fe cb 3b b2 8f ff 5d 07 7f e5 45 8a 2c 4f 4d 4d c1 a6 95 a8 b5 c3 51 32 95 a5 b7 a2 54 e1 7e 91 27 aa a2 b2 90 63 cc
            Data Ascii: e`YjzjJ.K/y$/[?;]E,OMMQ2T~'cNSS0LWl3#/<]ot]Lj[PIs|H}a]n"m\Jyx F;zccg4n"%m@ufj]7k&,Mb[4{TmY`.[mt
            May 12, 2021 20:55:19.748326063 CEST1093INData Raw: 17 f1 f9 a6 3c 45 80 17 9a ba 7a 32 7a 12 0f 7d bb f7 28 66 93 5c 15 67 1b 00 d1 4e 49 ba 32 33 58 9e 88 28 29 ac 99 85 f7 72 36 b1 4d b2 a0 55 4a f5 49 d3 93 a4 fb 7d d2 34 8f c4 13 d8 74 71 4c 4c 92 29 7a 68 0f 93 ab 30 7e 00 dc cc ae 58 8b a6
            Data Ascii: <Ez2z}(f\gNI23X()r6MUJI}4tqLL)zh0~XKFNwwHKKazfOKsng0;$-i|50Q(Hh"/]=$>dX(E\]Qhl8#g<!U8.g7E$
            May 12, 2021 20:55:19.748334885 CEST1093INData Raw: be eb 3f 13 f0 31 c1 f0 eb 59 fa b3 37 42 fe 07 2e 7a db fa 3f 19 6e a9 00 00 00 00 49 45 4e 44 ae 42 60 82
            Data Ascii: ?1Y7B.z?nIENDB`
            May 12, 2021 20:55:19.938215017 CEST1102OUTGET /favicon.ico HTTP/1.1
            Accept: */*
            Accept-Encoding: gzip, deflate
            User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
            Host: encrypt.techomind.com
            Connection: Keep-Alive
            May 12, 2021 20:55:20.101005077 CEST1104INHTTP/1.1 404 Not Found
            Date: Wed, 12 May 2021 18:55:19 GMT
            Server: Apache
            Accept-Ranges: bytes
            Keep-Alive: timeout=5, max=98
            Connection: Keep-Alive
            Transfer-Encoding: chunked
            Content-Type: text/html
            Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34
            Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>3404
            May 12, 2021 20:55:20.101037025 CEST1105INData Raw: 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20
            Data Ascii: 1 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff;
            May 12, 2021 20:55:20.101049900 CEST1106INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 32 38 42 43 41 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 63 74 2d 69 6e 66 6f 20 61 3a 68 6f 76 65 72 2c 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e
            Data Ascii: color: #428BCA; } .contact-info a:hover, .contact-info a:focus, .contact-info a:active { color: #2A6496; } .reason-text { margin: 20px 0; font-siz
            May 12, 2021 20:55:20.101062059 CEST1108INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a
            Data Ascii: .additional-info-items { padding: 20px; } .container { width: 90%; } .additional-info-items ul li { width: 100%; text-a
            May 12, 2021 20:55:20.101078033 CEST1109INData Raw: 2f 2f 36 2b 76 72 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2b 69 35 65 64 54 41 41 41 41 50 58 52 53 54 6c 4d 41 41 51 45 43 41 77 51 46 42 67 63 49 43 51 6f 4c 44 41 30
            Data Ascii: //6+vr///////////////////////////////////////+i5edTAAAAPXRSTlMAAQECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygoKSorLC0uLzAwMTIzNDU2Nzg5H7x0XAAACndJREFUeAHtXXlzGs8R7TQ3CFkHxpKxhIwtIBwgIuYY4u//uVJ2qpLKD7Q8t2Z7xpD3n6ska9/2bM9Mvz6oGEyXFoKH
            May 12, 2021 20:55:20.101094007 CEST1111INData Raw: 62 55 37 74 45 78 6b 68 56 77 33 36 79 7a 33 48 43 6d 30 71 45 76 45 5a 39 43 37 76 44 59 5a 65 57 41 51 68 6e 4b 6b 51 55 47 2f 69 37 4e 44 6e 43 4c 2f 68 77 62 76 4a 72 36 6d 69 50 4b 48 54 61 4f 45 35 34 78 70 42 47 72 6c 38 52 49 58 4b 58 31
            Data Ascii: bU7tExkhVw36yz3HCm0qEvEZ9C7vDYZeWAQhnKkQUG/i7NDnCL/hwbvJr6miPKHTaOE54xpBGrl8RIXKX1bk3+A1aUhHxUte3sHEvNSIp4REdBNONA9NOWYEwuq54AhPex3NaIQLwHIIQlQkPbwsRFpdmdb/hD8TSDCwTBu8W30sSIiS7P9NwZ7CgAeDjlaM9ktAD0+Mxwrse8XsTaMoRIoCaZmg3BQgLqrHVCBu3qhW3+AAOhw
            May 12, 2021 20:55:20.101109028 CEST1112INData Raw: 57 7a 42 76 79 42 45 71 49 69 34 49 39 61 6b 79 2b 32 72 32 39 35 39 37 2f 5a 44 36 32 2b 78 4b 56 66 42 74 4e 4d 36 71 61 48 52 47 36 31 65 72 58 50 42 4f 66 4f 36 48 4e 37 55 59 6c 4a 6d 75 73 6c 70 57 44 55 54 64 59 61 62 34 4c 32 7a 31 76 34
            Data Ascii: WzBvyBEqIi4I9aky+2r29597/ZD62+xKVfBtNM6qaHRG61erXPBOfO6HN7UYlJmuslpWDUTdYab4L2z1v40hPPBvwzqOluTvhDBVB2a4Iyx/4UxLrx8goycW0UEgO4y2L3H+Ul5XI/4voc6rZkA3Bpv3njfS/nhR781E54N6t4OeWxQxuknguJ1S84ARR4RwAqtmaCFZnRiL2lbM+HaAC5npq+IwF+6hhfBWzNNlW6qCrGXRyza


            Session IDSource IPSource PortDestination IPDestination PortProcess
            1192.168.2.349711162.241.115.11080C:\Program Files (x86)\Internet Explorer\iexplore.exe
            TimestampkBytes transferredDirectionData
            May 12, 2021 20:55:19.585012913 CEST1087OUTGET /way.png HTTP/1.1
            Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
            Referer: http://encrypt.techomind.com/
            Accept-Language: en-US
            User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
            Accept-Encoding: gzip, deflate
            Host: encrypt.techomind.com
            Connection: Keep-Alive
            May 12, 2021 20:55:19.749896049 CEST1095INHTTP/1.1 200 OK
            Date: Wed, 12 May 2021 18:55:18 GMT
            Server: Apache
            Last-Modified: Wed, 12 May 2021 17:11:13 GMT
            Accept-Ranges: bytes
            Content-Length: 3775
            Keep-Alive: timeout=5, max=100
            Connection: Keep-Alive
            Content-Type: image/png
            Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 5a 00 00 00 44 08 06 00 00 00 01 74 22 e9 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 01 59 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 58 4d 50 20 43 6f 72 65 20 35 2e 34 2e 30 22 3e 0a 20 20 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79 6e 74 61 78 2d 6e 73 23 22 3e 0a 20 20 20 20 20 20 3c 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 20 72 64 66 3a 61 62 6f 75 74 3d 22 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 78 6d 6c 6e 73 3a 74 69 66 66 3d 22 68 74 74 70 3a 2f 2f 6e 73 2e 61 64 6f 62 65 2e 63 6f 6d 2f 74 69 66 66 2f 31 2e 30 2f 22 3e 0a 20 20 20 20 20 20 20 20 20 3c 74 69 66 66 3a 4f 72 69 65 6e 74 61 74 69 6f 6e 3e 31 3c 2f 74 69 66 66 3a 4f 72 69 65 6e 74 61 74 69 6f 6e 3e 0a 20 20 20 20 20 20 3c 2f 72 64 66 3a 44 65 73 63 72 69 70 74 69 6f 6e 3e 0a 20 20 20 3c 2f 72 64 66 3a 52 44 46 3e 0a 3c 2f 78 3a 78 6d 70 6d 65 74 61 3e 0a 4c c2 27 59 00 00 0d 14 49 44 41 54 78 01 ed 9b 09 78 53 c5 16 80 cf 6d 92 26 e9 9a ee 50 5a 96 b2 96 d2 22 60 d9 1e 9b b4 c8 26 5a 05 57 90 22 8b 22 2e 0f 11 10 64 f1 fb 14 95 ef 3d 40 11 9e f0 40 1e a2 e2 f2 89 82 4f 45 59 ca e2 f6 d0 62 81 52 d6 52 40 68 59 6c d3 85 ee 4d 93 79 73 e6 76 6e 6f d2 36 29 4d d2 14 cc 7c 1f bd 73 67 bb 67 fe 7b ee 99 33 67 02 80 3b b9 09 b8 09 b8 09 b8 09 b8 09 b8 09 b8 09 b8 09 b8 09 b8 09 b8 09 b4 50 02 82 a3 e4 7a e8 a5 d5 e4 9b 5f 8e 80 56 ad 02 95 42 e9 a8 61 5d 36 8e 20 10 28 2c ae 80 b6 ad 03 e1 cc b6 55 76 73 b2 7b 00 39 89 59 cb 37 93 2d 3b 0f 82 b1 9a c8 8b 6f d9 fc 1d 9d 23 e1 d0 96 65 0e 61 e4 90 41 2c 49 46 8e 79 96 e4 16 16 5b 16 df 52 f7 0f 26 f4 83 0f 5f 9b e5 30 3e 1e f6 ce be c3 bd cf 91 a1 4f be 6a a6 c2 97 77 ae 15 62 3b 45 d8 3b b4 4b fa 7b 7a 2a 61 d1 d4 a4 3a 90 bd 87 4c 31 9b e3 cd 0a 67 37 68 8d 5a 0d bf 66 64 41 f4 83 73 cd 04 49 fd e0 75 61 fc f0 f8 9b 95 c7 a5 ed db b6 0a 86 1b 07 36 09 4b a6 df 2f 69 f2 e3 4b de 25 9a 81 c9 c4 5e 73 68 37 68 4e e6 42 4e 2e 04 27 3e 65 06 7b eb b2 67 85 8a 5f b6 08 5e 5a 4f de ac c5 5e 87 f5 e9 0e 67 bf 5c 29 01 46 41 fb 25 2f 21 9f a7 fc ea 10 99 1d 06 1a a5 29 29 ab 00 7c fb 93 96 ac 35 03 9e 9f b2 51 88 0c 0b 74 88 c0 ce 18 e4 e9 09 09 f0 fd 9a 97 cc 20 87 8f 9c 45 8e 65 5e 72 d8 e3 1c 0a 9a 4b b5 2d 25 15 fa 27 2f 36 83 9d b9 fd 2d 61 48 ef 6e bc 49 8b b8 06 f8 69 01 bf b8 b7 e6 4c 96 20 bf b8 ea 23 66 2a f2 8b 4b 1d 2a a3 53 40 a3 84 47 33 2f 03 2e 94 72 69 77 af 5d 28 cc 1c 9f 00 82 20 cd 4b 5e dd ac 79 74 dd ae 7e bf de 4c 90 31 b3 ff 41 fe b5 6d 8f 53 e4 70 1a 68 94 f6 6a de 0d f0 19 3c 95 bc b0 ea 03 09 f8 db 2f 4e 16 ca 7f 7e 5f 08 d1 f9 3a 65 42 8d 19 14 17 69 4b ff b8 f3 fd 2f 90 7d bf 9d 68 4c f7 26 b5 71 2a 68 94 a8 da 68 84 75 db 52 00 b5 45 2e a1 2b 5c 40 74 dd 5e 7e e2 3e c0 45 5a 2e 8b 6e d8 34 72 f9 7a be bc c8 e1 79 a7 83 e6 12 a3 b6 c4 3c 34 df 0c 76 73 ba 80 ed c2 83 98 eb b6 74 c6 03 12 64 ee ba 55 54 55 73 31 9d 76 6d 36 d0 38 83 ac ec eb 10 94 38 c3 0c 36 77 01 b5 6a e7 b9 80 b8 08 5b c6 2b 06 4e 7d c5 61 ae 5b 63 de 4e b3 82 46 81 4a
            Data Ascii: PNGIHDRZDt"sRGBYiTXtXML:com.adobe.xmp<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.4.0"> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:tiff="http://ns.adobe.com/tiff/1.0/"> <tiff:Orientation>1</tiff:Orientation> </rdf:Description> </rdf:RDF></x:xmpmeta>L'YIDATxxSm&PZ"`&ZW"".d=@@OEYbRR@hYlMysvno6)M|sgg{3g;Pz_VBa]6 (,Uvs{9Y7-;o#eaA,IFy[R&_0>Ojwb;E;K{z*a:L1g7hZfdAsIua6K/iK%^sh7hNBN.'>e{g_^ZO^g\)FA%/!))|5Qt Ee^rK-%'/6-aHnIiL #f*K*S@G3/.riw]( K^yt~L1AmSphj</N~_:eBiK/}hL&q*hhuRE.+\@t^~>EZ.n4rzy<4vstdUTUs1vm6886wj[+N}a[cNFJ
            May 12, 2021 20:55:19.749918938 CEST1096INData Raw: cb aa 98 0b 88 da 24 17 b0 60 ff 46 01 37 0c 8e 4e d3 93 ee 02 5c 84 e5 e3 62 88 20 ed f4 45 79 91 d3 f3 cd 0e 9a cf 08 37 02 a8 55 fc 1e af b8 61 18 7c 47 17 79 51 93 f3 dc 75 5b 3b 7f 8a 04 79 fe 3b 5b 99 eb e6 8a 38 8c cb 40 23 41 d4 aa f6 e3
            Data Ascii: $`F7N\b Ey7Ua|GyQu[;y;[8@#A7En E!cu.|cQk:. n J~77"+uYjr&aiP.w"3'/"e]Wg>hn7R&-hB"AA1L&./K+)A?
            May 12, 2021 20:55:19.749931097 CEST1098INData Raw: 6c b7 87 5f a2 c5 ee cf 91 72 d9 05 3a 6e 55 1a a9 a2 be 2a a6 82 53 87 a0 e8 ec ef a0 09 6e 03 41 77 de 2d 41 2e fe e3 04 e4 1f 3d 00 79 35 e6 04 23 61 81 71 43 99 2d 0f 8c f9 1b 7d 41 46 28 ce 4a 6f 16 33 82 e6 0a cd 18 45 0a 0a ad 0f 00 dd d0
            Data Ascii: l_r:nU*SnAw-A.=y5#aqC-}AF(Jo3EHh= T`9dd%'YohY+&OzJS~jz"`g@};Qd&c5]|q-+x(^8iVGg}z2#}|1TOQk6?
            May 12, 2021 20:55:19.749946117 CEST1098INData Raw: ae 42 60 82
            Data Ascii: B`


            Session IDSource IPSource PortDestination IPDestination PortProcess
            2192.168.2.349719162.241.115.11080C:\Program Files (x86)\Internet Explorer\iexplore.exe
            TimestampkBytes transferredDirectionData
            May 12, 2021 20:55:37.073615074 CEST1185OUTGET /favicon.ico HTTP/1.1
            User-Agent: AutoIt
            Host: encrypt.techomind.com
            May 12, 2021 20:55:37.233072042 CEST1188INHTTP/1.1 404 Not Found
            Date: Wed, 12 May 2021 18:55:36 GMT
            Server: Apache
            Accept-Ranges: bytes
            Transfer-Encoding: chunked
            Content-Type: text/html
            Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34
            Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>3404
            May 12, 2021 20:55:37.233189106 CEST1189INData Raw: 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20
            Data Ascii: 1 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff;
            May 12, 2021 20:55:37.233212948 CEST1191INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 32 38 42 43 41 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 63 74 2d 69 6e 66 6f 20 61 3a 68 6f 76 65 72 2c 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e
            Data Ascii: color: #428BCA; } .contact-info a:hover, .contact-info a:focus, .contact-info a:active { color: #2A6496; } .reason-text { margin: 20px 0; font-siz
            May 12, 2021 20:55:37.233244896 CEST1192INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a
            Data Ascii: .additional-info-items { padding: 20px; } .container { width: 90%; } .additional-info-items ul li { width: 100%; text-a
            May 12, 2021 20:55:37.233290911 CEST1194INData Raw: 2f 2f 36 2b 76 72 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2b 69 35 65 64 54 41 41 41 41 50 58 52 53 54 6c 4d 41 41 51 45 43 41 77 51 46 42 67 63 49 43 51 6f 4c 44 41 30
            Data Ascii: //6+vr///////////////////////////////////////+i5edTAAAAPXRSTlMAAQECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygoKSorLC0uLzAwMTIzNDU2Nzg5H7x0XAAACndJREFUeAHtXXlzGs8R7TQ3CFkHxpKxhIwtIBwgIuYY4u//uVJ2qpLKD7Q8t2Z7xpD3n6ska9/2bM9Mvz6oGEyXFoKH
            May 12, 2021 20:55:37.233309031 CEST1195INData Raw: 62 55 37 74 45 78 6b 68 56 77 33 36 79 7a 33 48 43 6d 30 71 45 76 45 5a 39 43 37 76 44 59 5a 65 57 41 51 68 6e 4b 6b 51 55 47 2f 69 37 4e 44 6e 43 4c 2f 68 77 62 76 4a 72 36 6d 69 50 4b 48 54 61 4f 45 35 34 78 70 42 47 72 6c 38 52 49 58 4b 58 31
            Data Ascii: bU7tExkhVw36yz3HCm0qEvEZ9C7vDYZeWAQhnKkQUG/i7NDnCL/hwbvJr6miPKHTaOE54xpBGrl8RIXKX1bk3+A1aUhHxUte3sHEvNSIp4REdBNONA9NOWYEwuq54AhPex3NaIQLwHIIQlQkPbwsRFpdmdb/hD8TSDCwTBu8W30sSIiS7P9NwZ7CgAeDjlaM9ktAD0+Mxwrse8XsTaMoRIoCaZmg3BQgLqrHVCBu3qhW3+AAOhw
            May 12, 2021 20:55:37.233326912 CEST1196INData Raw: 57 7a 42 76 79 42 45 71 49 69 34 49 39 61 6b 79 2b 32 72 32 39 35 39 37 2f 5a 44 36 32 2b 78 4b 56 66 42 74 4e 4d 36 71 61 48 52 47 36 31 65 72 58 50 42 4f 66 4f 36 48 4e 37 55 59 6c 4a 6d 75 73 6c 70 57 44 55 54 64 59 61 62 34 4c 32 7a 31 76 34
            Data Ascii: WzBvyBEqIi4I9aky+2r29597/ZD62+xKVfBtNM6qaHRG61erXPBOfO6HN7UYlJmuslpWDUTdYab4L2z1v40hPPBvwzqOluTvhDBVB2a4Iyx/4UxLrx8goycW0UEgO4y2L3H+Ul5XI/4voc6rZkA3Bpv3njfS/nhR781E54N6t4OeWxQxuknguJ1S84ARR4RwAqtmaCFZnRiL2lbM+HaAC5npq+IwF+6hhfBWzNNlW6qCrGXRyza
            May 12, 2021 20:55:37.233339071 CEST1197INData Raw: 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 65 63 69 6f 6e 20 63 6c 61 73 73 3d 22 72 65
            Data Ascii: </head> <body> <div class="container"> <secion class="response-info"> <span class="status-code">37404</span> <span class="status-reason">
            May 12, 2021 20:55:37.233346939 CEST1197INData Raw: 38 38 0d 0a 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 63 74 2d 69
            Data Ascii: 88Not Found</span> </section> <section class="contact-info"> Please forward this error screen to 28encrypt.techomind.com's <a href="mailto:37webmaster@encrypt.techomind.com?subject=Error messa
            May 12, 2021 20:55:37.233360052 CEST1197INData Raw: 62 0d 0a 28 6e 6f 6e 65 29 20 66 6f 72 20 0d 0a 31 35 0d 0a 65 6e 63 72 79 70 74 2e 74 65 63 68 6f 6d 69 6e 64 2e 63 6f 6d 0d 0a 31 32 0d 0a 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 20 70 6f 72 74 20 0d 0a 36 0d 0a 38 30 20 6f 6e 20 0d 0a
            Data Ascii: b(none) for 15encrypt.techomind.com12/favicon.ico port 680 on
            May 12, 2021 20:55:37.392118931 CEST1202INData Raw: 36 66 0d 0a 54 68 75 72 73 64 61 79 2c 20 31 33 2d 4d 61 79 2d 32 30 32 31 20 30 30 3a 32 35 3a 33 36 20 49 53 54 22 3e 20 57 65 62 4d 61 73 74 65 72 3c 2f 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0a 0a 20 20
            Data Ascii: 6fThursday, 13-May-2021 00:25:36 IST"> WebMaster</a>. </section> <p class="reason-text">1adThe server can not find the requested page:</p> </div> <section class="additional-info"> <div


            Session IDSource IPSource PortDestination IPDestination PortProcess
            3192.168.2.349737162.241.115.11080C:\Program Files (x86)\Internet Explorer\iexplore.exe
            TimestampkBytes transferredDirectionData
            May 12, 2021 20:55:42.496195078 CEST1636OUTGET /favicon.ico HTTP/1.1
            Accept: */*
            Accept-Encoding: gzip, deflate
            User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
            Host: encrypt.techomind.com
            Connection: Keep-Alive
            May 12, 2021 20:55:42.659604073 CEST1637INHTTP/1.1 404 Not Found
            Date: Wed, 12 May 2021 18:55:41 GMT
            Server: Apache
            Accept-Ranges: bytes
            Keep-Alive: timeout=5, max=100
            Connection: Keep-Alive
            Transfer-Encoding: chunked
            Content-Type: text/html
            Data Raw: 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 0d 0a 0a 0d 0a 31 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 33 0d 0a 34 30 34
            Data Ascii: 111157<!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>3404
            May 12, 2021 20:55:42.659634113 CEST1638INData Raw: 0d 0a 31 0d 0a 20 0d 0a 39 0d 0a 4e 6f 74 20 46 6f 75 6e 64 0d 0a 31 66 63 61 0d 0a 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20
            Data Ascii: 1 9Not Found1fca</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff;
            May 12, 2021 20:55:42.659662008 CEST1639INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 32 38 42 43 41 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 63 74 2d 69 6e 66 6f 20 61 3a 68 6f 76 65 72 2c 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e
            Data Ascii: color: #428BCA; } .contact-info a:hover, .contact-info a:focus, .contact-info a:active { color: #2A6496; } .reason-text { margin: 20px 0; font-siz
            May 12, 2021 20:55:42.659688950 CEST1641INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a
            Data Ascii: .additional-info-items { padding: 20px; } .container { width: 90%; } .additional-info-items ul li { width: 100%; text-a
            May 12, 2021 20:55:42.659714937 CEST1642INData Raw: 2f 2f 36 2b 76 72 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2b 69 35 65 64 54 41 41 41 41 50 58 52 53 54 6c 4d 41 41 51 45 43 41 77 51 46 42 67 63 49 43 51 6f 4c 44 41 30
            Data Ascii: //6+vr///////////////////////////////////////+i5edTAAAAPXRSTlMAAQECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygoKSorLC0uLzAwMTIzNDU2Nzg5H7x0XAAACndJREFUeAHtXXlzGs8R7TQ3CFkHxpKxhIwtIBwgIuYY4u//uVJ2qpLKD7Q8t2Z7xpD3n6ska9/2bM9Mvz6oGEyXFoKH
            May 12, 2021 20:55:42.659734964 CEST1644INData Raw: 62 55 37 74 45 78 6b 68 56 77 33 36 79 7a 33 48 43 6d 30 71 45 76 45 5a 39 43 37 76 44 59 5a 65 57 41 51 68 6e 4b 6b 51 55 47 2f 69 37 4e 44 6e 43 4c 2f 68 77 62 76 4a 72 36 6d 69 50 4b 48 54 61 4f 45 35 34 78 70 42 47 72 6c 38 52 49 58 4b 58 31
            Data Ascii: bU7tExkhVw36yz3HCm0qEvEZ9C7vDYZeWAQhnKkQUG/i7NDnCL/hwbvJr6miPKHTaOE54xpBGrl8RIXKX1bk3+A1aUhHxUte3sHEvNSIp4REdBNONA9NOWYEwuq54AhPex3NaIQLwHIIQlQkPbwsRFpdmdb/hD8TSDCwTBu8W30sSIiS7P9NwZ7CgAeDjlaM9ktAD0+Mxwrse8XsTaMoRIoCaZmg3BQgLqrHVCBu3qhW3+AAOhw
            May 12, 2021 20:55:42.659771919 CEST1645INData Raw: 57 7a 42 76 79 42 45 71 49 69 34 49 39 61 6b 79 2b 32 72 32 39 35 39 37 2f 5a 44 36 32 2b 78 4b 56 66 42 74 4e 4d 36 71 61 48 52 47 36 31 65 72 58 50 42 4f 66 4f 36 48 4e 37 55 59 6c 4a 6d 75 73 6c 70 57 44 55 54 64 59 61 62 34 4c 32 7a 31 76 34
            Data Ascii: WzBvyBEqIi4I9aky+2r29597/ZD62+xKVfBtNM6qaHRG61erXPBOfO6HN7UYlJmuslpWDUTdYab4L2z1v40hPPBvwzqOluTvhDBVB2a4Iyx/4UxLrx8goycW0UEgO4y2L3H+Ul5XI/4voc6rZkA3Bpv3njfS/nhR781E54N6t4OeWxQxuknguJ1S84ARR4RwAqtmaCFZnRiL2lbM+HaAC5npq+IwF+6hhfBWzNNlW6qCrGXRyza
            May 12, 2021 20:55:42.659786940 CEST1645INData Raw: 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 65 63 69 6f 6e 20 63 6c 61 73 73 3d 22 72 65
            Data Ascii: </head> <body> <div class="container"> <secion class="response-info"> <span class="status-code">37404</span> <span class="status-reason">
            May 12, 2021 20:55:42.659800053 CEST1646INData Raw: 38 38 0d 0a 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 63 74 2d 69
            Data Ascii: 88Not Found</span> </section> <section class="contact-info"> Please forward this error screen to 28encrypt.techomind.com's <a href="mailto:37webmaster@encrypt.techomind.com?subject=Error messa
            May 12, 2021 20:55:42.659806967 CEST1646INData Raw: 62 0d 0a 28 6e 6f 6e 65 29 20 66 6f 72 20 0d 0a 31 35 0d 0a 65 6e 63 72 79 70 74 2e 74 65 63 68 6f 6d 69 6e 64 2e 63 6f 6d 0d 0a 31 32 0d 0a 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 20 70 6f 72 74 20 0d 0a 36 0d 0a 38 30 20 6f 6e 20 0d 0a
            Data Ascii: b(none) for 15encrypt.techomind.com12/favicon.ico port 680 on
            May 12, 2021 20:55:42.823223114 CEST1647INData Raw: 36 66 0d 0a 54 68 75 72 73 64 61 79 2c 20 31 33 2d 4d 61 79 2d 32 30 32 31 20 30 30 3a 32 35 3a 34 31 20 49 53 54 22 3e 20 57 65 62 4d 61 73 74 65 72 3c 2f 61 3e 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0a 0a 20 20
            Data Ascii: 6fThursday, 13-May-2021 00:25:41 IST"> WebMaster</a>. </section> <p class="reason-text">1adThe server can not find the requested page:</p> </div> <section class="additional-info"> <div


            HTTPS Packets

            TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
            May 12, 2021 20:55:39.046000004 CEST198.12.154.178443192.168.2.349722CN=hebronbilingualsda.org CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBSat Mar 13 01:00:00 CET 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004Sat Jun 12 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
            CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=USCN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBMon May 18 02:00:00 CEST 2015Sun May 18 01:59:59 CEST 2025
            CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Jan 01 01:00:00 CET 2004Mon Jan 01 00:59:59 CET 2029
            May 12, 2021 20:55:39.050723076 CEST198.12.154.178443192.168.2.349721CN=hebronbilingualsda.org CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=US CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBSat Mar 13 01:00:00 CET 2021 Mon May 18 02:00:00 CEST 2015 Thu Jan 01 01:00:00 CET 2004Sat Jun 12 01:59:59 CEST 2021 Sun May 18 01:59:59 CEST 2025 Mon Jan 01 00:59:59 CET 2029771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,09e10692f1b7f78228b2d4e424db3a98c
            CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, ST=TX, C=USCN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBMon May 18 02:00:00 CEST 2015Sun May 18 01:59:59 CEST 2025
            CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GBCN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GBThu Jan 01 01:00:00 CET 2004Mon Jan 01 00:59:59 CET 2029

            Code Manipulations

            Statistics

            CPU Usage

            Click to jump to process

            Memory Usage

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            Analysis Process: iexplore.exe PID: 3236 Parent PID: 792

            General

            Start time:20:55:16
            Start date:12/05/2021
            Path:C:\Program Files\internet explorer\iexplore.exe
            Wow64 process (32bit):false
            Commandline:'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
            Imagebase:0x7ff705ce0000
            File size:823560 bytes
            MD5 hash:6465CB92B25A7BC1DF8E01D8AC5E7596
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low

            Chronological Activities

            Analysis Process: iexplore.exe PID: 5364 Parent PID: 3236

            General

            Start time:20:55:17
            Start date:12/05/2021
            Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
            Wow64 process (32bit):true
            Commandline:'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3236 CREDAT:17410 /prefetch:2
            Imagebase:0x230000
            File size:822536 bytes
            MD5 hash:071277CC2E3DF41EEEA8013E2AB58D5A
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low

            Chronological Activities

            Disassembly

            Reset < >