Play interactive tour

Edit tour

Analysis Report https://gabriellarodriguezart.com/Dr

Overview

General Information

Sample URL:	https://gabriellarodriguezart.com/Dr
Analysis ID:	432837
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	84
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Phishing site detected (based on shot template match)

Yara detected HtmlPhish10

Yara detected HtmlPhish7

Phishing site detected (based on various OCR indicators)

HTML body contains low number of good links

HTML title does not match URL

Classification

Process Tree

System is w10x64

iexplore.exe (PID: 6828 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 6908 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6828 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

Dropped Files

Source	Rule	Description	Author	Strings
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Dr[1].htm	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Dr[1].htm	JoeSecurity_HtmlPhish_7	Yara detected HtmlPhish_7	Joe Security

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus / Scanner detection for submitted sample

Show sources

Source: https://gabriellarodriguezart.com/Dr

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Antivirus detection for URL or domain

Show sources

Source: https://gabriellarodriguezart.com/Dr/

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Phishing site detected (based on shot template match)

Show sources

Source: https://gabriellarodriguezart.com/Dr/

Matcher: Template: outlook matched

Yara detected HtmlPhish10

Show sources

Source: Yara match	File source: 642294.pages.csv, type: HTML
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Dr[1].htm, type: DROPPED

Yara detected HtmlPhish7

Show sources

Source: Yara match	File source: 642294.pages.csv, type: HTML
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Dr[1].htm, type: DROPPED

Phishing site detected (based on various OCR indicators)

Show sources

Source: Screenshots	OCR Text: (@)@e O gabrie\|\|arodrigu=rt.com x [I - [I X - X\|'earh...JO-Grtk@ <9 =>e httpsWgabriellarodrigu=rt.com/Dr/ e Share Point Onlinex [I' C Search... d'- Adobe Document Cloud To read the document, please enter with the valid email credentials that this file was sent to. Sign in with Outlook Sign in with Office365 OO Sign in with Other Mail Select your email provider to view Document CopyRight 2020 Adobe. X JO-GjCUC1
Source: Screenshots	OCR Text: d'- Adobe Document Cloud To read the document, please enter with the valid email credentials that this file was sent to. Sign in with Outlook Sign in with Office365 OO Sign in with Other Mail Select your email provider to view Document CopyRight 2020 Adobe.

Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: Number of links: 0
Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: Number of links: 0

Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: Title: Share Point Online does not match URL
Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: Title: Share Point Online does not match URL

Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: No <meta name="author".. found
Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: No <meta name="author".. found

Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: No <meta name="copyright".. found
Source: https://gabriellarodriguezart.com/Dr/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 162.241.114.112:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.114.112:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.114.112:443 -> 192.168.2.4:49770 version: TLS 1.2

Source: unknown

DNS traffic detected: queries for: gabriellarodriguezart.com

Source: hover[1].css.3.dr	String found in binary or memory: http://ianlunn.co.uk/
Source: hover[1].css.3.dr	String found in binary or memory: http://ianlunn.github.io/Hover/)
Source: popper.min[1].js.3.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.3.1.js
Source: free.min[1].css.3.dr	String found in binary or memory: https://fontawesome.com
Source: free.min[1].css.3.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Yellowtail&display=swap
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/yellowtail/v11/OZpGg_pnoDtINPfRIlLohlvHxw.woff)
Source: ~DF5FAEF6CCA28DFD69.TMP.1.dr	String found in binary or memory: https://gabriellarodriguezart.com/Dr/
Source: ~DF5FAEF6CCA28DFD69.TMP.1.dr	String found in binary or memory: https://gabriellarodriguezart.com/Dr/$Share
Source: {5E5D766A-CA19-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://gabriellarodriguezart.com/Dr/Root
Source: ~DF5FAEF6CCA28DFD69.TMP.1.dr	String found in binary or memory: https://gabriellarodriguezart.com/Dr/l
Source: bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	String found in binary or memory: https://getbootstrap.com)
Source: hover[1].css.3.dr	String found in binary or memory: https://github.com/IanLunn/Hover
Source: bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: bootstrap.min[1].js.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: 585b051251[1].js.3.dr	String found in binary or memory: https://ka-f.fontawesome.com
Source: 585b051251[1].js.3.dr	String found in binary or memory: https://kit.fontawesome.com
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://kit.fontawesome.com/585b051251.js
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://login.microsoftonline.com/common/login
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Source: Dr[1].htm0.3.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756

Source: unknown	HTTPS traffic detected: 162.241.114.112:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.114.112:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.11.207:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.18.94:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.114.112:443 -> 192.168.2.4:49770 version: TLS 1.2

Source: classification engine

Classification label: mal84.phis.win@3/25@7/3

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5E5D7668-CA19-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF4C0C6A7F8B5D7714.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6828 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6828 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://gabriellarodriguezart.com/Dr	0%	Avira URL Cloud	safe
https://gabriellarodriguezart.com/Dr	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://gabriellarodriguezart.com/Dr/	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
http://ianlunn.github.io/Hover/)	0%	Virustotal		Browse
http://ianlunn.github.io/Hover/)	0%	Avira URL Cloud	safe
https://gabriellarodriguezart.com/Dr/$Share	0%	Avira URL Cloud	safe
https://gabriellarodriguezart.com/Dr/l	0%	Avira URL Cloud	safe
https://getbootstrap.com)	0%	Avira URL Cloud	safe
http://ianlunn.co.uk/	0%	URL Reputation	safe
http://ianlunn.co.uk/	0%	URL Reputation	safe
http://ianlunn.co.uk/	0%	URL Reputation	safe
https://gabriellarodriguezart.com/Dr/Root	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
gabriellarodriguezart.com	162.241.114.112	true	false	unknown
cdnjs.cloudflare.com	104.16.18.94	true	false	high
maxcdn.bootstrapcdn.com	104.18.11.207	true	false	high
ka-f.fontawesome.com	unknown	unknown	false	high
code.jquery.com	unknown	unknown	false	high
kit.fontawesome.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://gabriellarodriguezart.com/Dr/	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://fontawesome.com	free.min[1].css.3.dr	false		high
https://kit.fontawesome.com	585b051251[1].js.3.dr	false		high
http://ianlunn.github.io/Hover/)	hover[1].css.3.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/graphs/contributors)	bootstrap.min[1].js.3.dr	false		high
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	Dr[1].htm0.3.dr	false		high
https://gabriellarodriguezart.com/Dr/$Share	~DF5FAEF6CCA28DFD69.TMP.1.dr	true	Avira URL Cloud: safe	unknown
https://gabriellarodriguezart.com/Dr/l	~DF5FAEF6CCA28DFD69.TMP.1.dr	true	Avira URL Cloud: safe	unknown
https://login.microsoftonline.com/common/login	Dr[1].htm0.3.dr	false		high
https://getbootstrap.com)	bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	false	Avira URL Cloud: safe	low
https://ka-f.fontawesome.com	585b051251[1].js.3.dr	false		high
https://code.jquery.com/jquery-3.2.1.slim.min.js	Dr[1].htm0.3.dr	false		high
https://code.jquery.com/jquery-3.1.1.min.js	Dr[1].htm0.3.dr	false		high
http://ianlunn.co.uk/	hover[1].css.3.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://gabriellarodriguezart.com/Dr/	~DF5FAEF6CCA28DFD69.TMP.1.dr	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)	bootstrap.min[1].css.3.dr, bootstrap.min[1].js.3.dr	false		high
https://github.com/IanLunn/Hover	hover[1].css.3.dr	false		high
http://opensource.org/licenses/MIT).	popper.min[1].js.3.dr	false		high
https://gabriellarodriguezart.com/Dr/Root	{5E5D766A-CA19-11EB-90EB-ECF4BBEA1588}.dat.1.dr	true	Avira URL Cloud: safe	unknown
https://kit.fontawesome.com/585b051251.js	Dr[1].htm0.3.dr	false		high
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	Dr[1].htm0.3.dr	false		high
https://code.jquery.com/jquery-3.3.1.js	Dr[1].htm0.3.dr	false		high
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css	Dr[1].htm0.3.dr	false		high
https://fontawesome.com/license/free	free.min[1].css.3.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
104.18.11.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
162.241.114.112	gabriellarodriguezart.com	United States	46606	UNIFIEDLAYER-AS-1US	false
104.16.18.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	432837
Start date:	10.06.2021
Start time:	20:25:42
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 2m 39s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://gabriellarodriguezart.com/Dr
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	6
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal84.phis.win@3/25@7/3
Cookbook Comments:	Adjust boot time Enable AMSI
Warnings:	Show All Exclude process from analysis (whitelisted): ielowutil.exe, backgroundTaskHost.exe, svchost.exe Excluded IPs from analysis (whitelisted): 52.147.198.201, 104.42.151.234, 88.221.62.148, 69.16.175.42, 69.16.175.10, 142.250.180.202, 104.18.22.52, 104.18.23.52, 172.64.203.28, 172.64.202.28, 20.82.210.154, 20.72.88.19, 152.199.19.161 Excluded domains from analysis (whitelisted): kit.fontawesome.com.cdn.cloudflare.net, cds.s5x3j6q5.hwcdn.net, fonts.googleapis.com, ka-f.fontawesome.com.cdn.cloudflare.net, ajax.googleapis.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, ie9comview.vo.msecnd.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, consumerrp-displaycatalog-aks2aks-europe.md.mp.microsoft.com.akadns.net, arc.msn.com, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, skypedataprdcoleus16.cloudapp.net, e11290.dspg.akamaiedge.net, eus2-consumerrp-displaycatalog-aks2aks-useast.md.mp.microsoft.com.akadns.net, iecvlist.microsoft.com, go.microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, skypedataprdcolwus16.cloudapp.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net, cs9.wpc.v0cdn.net Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5E5D7668-CA19-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8519445073708543
Encrypted:	false
SSDEEP:	192:riZ5Zx2GHWGKtGiifGWwazMGjCBGG8DGnsfGrwTjX:revAG2GCGLG3G+GBGSGk
MD5:	8CFD78B987F70DE24279106ECC30FD5D
SHA1:	18711387EA29E74B7BA4104B5FAB15B428061546
SHA-256:	8A717F81B44DDAA879161DB55D43868F6517AD7DA0AA5A00872B28F4E8B97021
SHA-512:	B7F8837BDB459145A80C1FDEE06081161EA78E436B977F0C6B258243EA07C0D0EE85957F8645E65020053951818D578D3C031CF1A67A137D567DDE4BE98E3D18
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E5D766A-CA19-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	27410
Entropy (8bit):	1.770997795015822
Encrypted:	false
SSDEEP:	96:rnZEQ46uBS1jFX2FfWFGMFC03ZH3HSgbwr:rnZEQ46uk1jFX2FfWFGMFC03ZH3HSHr
MD5:	A58DBDF3DCB9A1A5EF15B00ED7E2874B
SHA1:	A75B95498B2C93AF256C542A5F602DC0A456D079
SHA-256:	7EA6C945CCE12A229C10F5004324AE9D20B696E0766F07FADE75796D712D7A94
SHA-512:	24FFB606EBCC8722979B2594C644A5968E330891CEA265F2903F55571D91D8386E0A44676EBA42039DF2307C6E5174241647A564F5814C475556F6B5BA3C055B
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E5D766B-CA19-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.563917014555442
Encrypted:	false
SSDEEP:	48:Iw6GcprDGwpaiG4pQWGrapbS3tGQpKlxG7HpRFTGIpG:r+ZdQS6YBS3XAlgTTA
MD5:	ABB8B868425AEC49D0438DA00D36498E
SHA1:	B64E3294D060FC48D5BD6199A4F2F47D901571CE
SHA-256:	CB3A7CA250F88A2A9F907BBDFA8EA4DB5F535B2667C9F64EEEC5A0AC1004D9FC
SHA-512:	3A0A134E32D9191C38C46AF38010238B7F850F58AAA382A1FB0463D336BE508F04F586702DAB28EA8F8EE489873F64D6A55CCAC9A6C52D457BB3969CC3A4FE61
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\585b051251[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	10866
Entropy (8bit):	5.182623714755422
Encrypted:	false
SSDEEP:	192:BgHN42S+9SZRvACpiIthFzoXnemF+shSGnZ+PPxQDqv7jh81Q5l8OcchIlzbCn:WRCfhFzevnEZ/h81Q5l8OsE
MD5:	D8CA71772D1E86D5FB9D5E2F6CC1AE70
SHA1:	9B043E60997FE552D652E4474E16AFF923D7AA76
SHA-256:	7D840153F02AD6D91D652354E35B590721916D16C33956631EEF0E7D3B5613EE
SHA-512:	8E9DA8E9AE10EC0EB854A6E488FB4568A960EE10AF46FE4AA49F22F227CB94997F40E49E10A81E341B99489256163A2C0E065730EEA642777061CDA61B4D56C1
Malicious:	false
Reputation:	low
IE Cache URL:	https://kit.fontawesome.com/585b051251.js
Preview:	window.FontAwesomeKitConfig = {"asyncLoading":{"enabled":true},"autoA11y":{"enabled":true},"baseUrl":"https://ka-f.fontawesome.com","baseUrlKit":"https://kit.fontawesome.com","detectConflictsUntil":null,"iconUploads":{},"id":132286382,"license":"free","method":"css","minify":{"enabled":true},"token":"585b051251","v4FontFaceShim":{"enabled":false},"v4shim":{"enabled":true},"version":"5.15.3"};.!function(t){"function"==typeof define&&define.amd?define("kit-loader",t):t()}((function(){"use strict";function t(e){return(t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(e)}function e(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function n(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.g

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Dr[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	245
Entropy (8bit):	5.108410272788199
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwol6hEr6VX16hu9nPbTvT8OR+KqD:J0+ox0RJWWPnL8zT
MD5:	8303D52E9315425F58AEE965D469C11D
SHA1:	5F1CA9BC12AA97C9D139AC4F16552819B96733F3
SHA-256:	6ED6D06A696254FAE109940AED4455A6497B264091AF58B6B368D6E0149CC531
SHA-512:	61EE88284C89F5541D50D5BA00A9A27A3A72BD5DE27045E4D6CCEE4709BA5794D2F46EEBCC70131FFB26E995E3FBD66670D423ACF4B8C2CC1EAC511F6DBADE42
Malicious:	true
Yara Hits:	Rule: JoeSecurity_HtmlPhish_10, Description: Yara detected HtmlPhish_10, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Dr[1].htm, Author: Joe Security Rule: JoeSecurity_HtmlPhish_7, Description: Yara detected HtmlPhish_7, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Dr[1].htm, Author: Joe Security
Reputation:	low
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://gabriellarodriguezart.com/Dr/">here</a>.</p>.</body></html>.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\free-v4-shims.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	26701
Entropy (8bit):	4.829823522211244
Encrypted:	false
SSDEEP:	192:dP6hT1bIl4w0QUmQ10PwKLaAu5CwWavpHo4O6wgLPbJVR8XD7mycP:0hal4w0QK+PwK05eavpmgPPeXD7mycP
MD5:	8A99CE81EC2F89FBCA03F2C8CF1A3679
SHA1:	58F9EF32D12A5DA52CBAB7BD518BCC998FC59EF9
SHA-256:	362DAEAF1F7E05FEE9A609E549F148AACBE518C166FBD96EAD69057E295742AF
SHA-512:	930F28449365FAED13718BB8F332625DB110ABB08C3778DC632FDF00A0187A61A086B5EB4765FFC1923B64E2584C02592A213914B024DE6890FF3DBFC3A12FE5
Malicious:	false
Reputation:	low
IE Cache URL:	https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=585b051251
Preview:	/!. Font Awesome Free 5.15.3 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa.fa-glass:before{content:"\f000"}.fa.fa-meetup{font-family:"Font Awesome 5 Brands";font-weight:400}.fa.fa-star-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-star-o:before{content:"\f005"}.fa.fa-close:before,.fa.fa-remove:before{content:"\f00d"}.fa.fa-gear:before{content:"\f013"}.fa.fa-trash-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-trash-o:before{content:"\f2ed"}.fa.fa-file-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-file-o:before{content:"\f15b"}.fa.fa-clock-o{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-clock-o:before{content:"\f017"}.fa.fa-arrow-circle-o-down{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-arrow-circle-o-down:before{content:"\f358"}.fa.fa-arrow-circle-o-up{font-family:"Font Awesome 5 Free";font-weight:400}.fa.fa-arro

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\free.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	60351
Entropy (8bit):	4.728641238865369
Encrypted:	false
SSDEEP:	768:0Uh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSz8:0U0PxXE4YXJgndFTfy9lt5Q
MD5:	390B4210E10C744C3C597500BCF0B31A
SHA1:	2600C7C2F25D7DBCBC668231601E426010DC6489
SHA-256:	C2819CA1F7AD1AF7BA53C4EDFDFD395C547BCB16D29892A234D7860C689ED929
SHA-512:	E8A7E466BE8CC092E12994B51A6A8A39E2FBB66DD48221BCF499BB89365B4004D73C1909F8FE0BBBBF13907D5901D76FFE127D92FDD7493853646F83F5985CBE
Malicious:	false
Reputation:	low
IE Cache URL:	https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=585b051251
Preview:	/!. Font Awesome Free 5.15.3 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pul

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\outlook1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	771
Entropy (8bit):	7.682244426935498
Encrypted:	false
SSDEEP:	24:74yiH9yQmOntihdLl00qDeu1BcaDa0oljZG0:omOntO7v/uJDYG0
MD5:	C3FC46C5799C76F9107504028F39190F
SHA1:	519096AD3F03410CF9CE3C9B9FCCA6B439D97B23
SHA-256:	57898461712A639D119BDF88B7145919DCC8956C7A271D2E4A1084B29EAE6785
SHA-512:	DF4A0A2F78B2013035FB738BF405119B275D4CFEC31A23071EB9AF499D5F31FDC4BE22754CE791C975D7D417E908B5CAD16F962B0ADD3DFDCDE19844D74F6678
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/images/outlook1.png
Preview:	.PNG........IHDR..............JL.....bKGD..............IDATH....k.A..k6.b.F1..H@...j@.aQ...(.. .. ........ .A..D...I......E......1...W...;;.Y.d.}].U5]..x"3?....!..A..y..+R2\...m.NX.=..p.0...d.^.3......J.Z.X.).....P\..x1.3.M.0....m.........F....?...n.......l.Fo)x._ R\|.s..a.T?...?.=.9.Y..u....z..\|.....Wz...h..<..P.. ...$.Y......k`/4.y/......L.C......."....U....7....G...'h.....1j1E..%t.....@..a.......b.ED-.Tn.<..o.D...o..(.{1l>........".4a.:k.I./.7t./.Q-'..>.. ......'3eb..d.@=4...C....A...;..N.X3.(.......,v...+...S...W..l...@,...j.).u<..@u..0...V&.b.yp.....0..o.?..V..B =.~&m"r(...6;EP.T.......h.m".[f.U)\|t..2.Q.....g.cP.W...D..[.O>..d;.yI.{/..#v.._..$.Q.......t\E..5i.q._.."/n...v.w..Uo ...#..S....^.....F..+._??.r.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\adobe[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, frames 3
Category:	downloaded
Size (bytes):	30925
Entropy (8bit):	7.75667128400845
Encrypted:	false
SSDEEP:	768:nuowBuvTpjgz+wqrPZ2qh8fmyjlX6RqnxgYqwNL:nuPOpjgzPqrPZRYZGnYqYL
MD5:	BE5274AF7D8BD25B8148A190FF515399
SHA1:	B8D0850FD92EE935287E17988B89E53607808C8C
SHA-256:	26C62DBDF527B8DCBF378EA62F129CBBBA3B244730687909BA21ECD729C9D2E6
SHA-512:	64893C625BE72783088575E36EF26FF4573243F32601BDA754EDA72B7515063B5E4E4831697D16AC663529C910AE12CCD145BEC530F2A9BAE4D9324301C65667
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/images/adobe.jpg
Preview:	......JFIF.............C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..g........\|?....".+......_.......4...R...'..q..~...n.7...........QXJ<...=...^.V'@U..E..5....Uz........IE.PTe.}/p.y.......T.<...-T..\|...b.=.#IU..~....{O/...b..E..............X...G...?........\|......._....M..g.................T~g.......<.....T~g......3$.=._..IU.K..^.E...=.#U.._[X.R..=W...1..........QTr.\....*.7..?..6.9K..^.E.Ps.\...........%W..y...g)s[KX)<......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\hover[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	114697
Entropy (8bit):	4.9296726009523
Encrypted:	false
SSDEEP:	1536:67O7EesvXIPRX4PT8aZv8qoXIoqbTFaFeTxvyAZ+D7M71D:qXIPRX4PT3
MD5:	FAC4178C15E5A86139C662DAFC809501
SHA1:	EF1481841399156A880EC31B07DDA9CFAA1ACE39
SHA-256:	BB88454962767EB6F2DDB1AABAAF844D8A57DE7E8F848D7F6928F81B54998452
SHA-512:	0902219B6E236FBF9D8173D1D452C8733C1BF67B0EB906CC9866EA0C27C2D08F6DA556D01475E9B54E2C6CE797B230BFBD5F39055CE0C71EA4D3E36872C378D9
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/css/hover.css
Preview:	/!. Hover.css (http://ianlunn.github.io/Hover/). * Version: 2.3.2. * Author: Ian Lunn @IanLunn. * Author URL: http://ianlunn.co.uk/. * Github: https://github.com/IanLunn/Hover.. * Hover.css Copyright Ian Lunn 2017. Generated with Sass.. /./ 2D TRANSITIONS /./ Grow /..hvr-grow {. display: inline-block;. vertical-align: middle;. -webkit-transform: perspective(1px) translateZ(0);. transform: perspective(1px) translateZ(0);. box-shadow: 0 0 1px rgba(0, 0, 0, 0);. -webkit-transition-duration: 0.3s;. transition-duration: 0.3s;. -webkit-transition-property: transform;. transition-property: transform;.}..hvr-grow:hover, .hvr-grow:focus, .hvr-grow:active {. -webkit-transform: scale(1.1);. transform: scale(1.1);.}../ Shrink */..hvr-shrink {. display: inline-block;. vertical-align: middle;. -webkit-transform: perspective(1px) translateZ(0);. transform: perspective(1px) translateZ(0);. box-shadow: 0 0 1px rgba(0, 0, 0, 0);. -webkit-transition-duration: 0.3s;. transition-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery-3.1.1.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	86709
Entropy (8bit):	5.367391365596119
Encrypted:	false
SSDEEP:	1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5
MD5:	E071ABDA8FE61194711CFC2AB99FE104
SHA1:	F647A6D37DC4CA055CED3CF64BBC1F490070ACBA
SHA-256:	85556761A8800D14CED8FCD41A6B8B26BF012D44A318866C0D81A62092EFD9BF
SHA-512:	53A2B560B20551672FBB0E6E72632D4FD1C7E2DD2ECF7337EBAAAB179CB8BE7C87E9D803CE7765706BC7FCBCF993C34587CD1237DE5A279AEA19911D69067B65
Malicious:	false
Reputation:	low
IE Cache URL:	https://code.jquery.com/jquery-3.1.1.min.js
Preview:	/! jQuery v3.1.1 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b\|\|d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.1.1",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.con

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery-3.2.1.slim.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	69597
Entropy (8bit):	5.369216080582935
Encrypted:	false
SSDEEP:	1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT
MD5:	5F48FC77CAC90C4778FA24EC9C57F37D
SHA1:	9E89D1515BC4C371B86F4CB1002FD8E377C1829F
SHA-256:	9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398
SHA-512:	CAB8C4AFA1D8E3A8B7856EE29AE92566D44CEEAD70C8D533F2C98A976D77D0E1D314719B5C6A473789D8C6B21EBB4B89A6B0EC2E1C9C618FB1437EBC77D3A269
Malicious:	false
Reputation:	low
IE Cache URL:	https://code.jquery.com/jquery-3.2.1.slim.min.js
Preview:	/! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b\|\|d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_e

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\8[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=12, height=709, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], baseline, precision 8, 1200x646, frames 3
Category:	downloaded
Size (bytes):	161118
Entropy (8bit):	7.5594351594508185
Encrypted:	false
SSDEEP:	3072:WucfAcwuKGuN2q/gSsqnk4br5XUGpppLqfmazv7l04J:OMuKbYOF355XEuAv7lnJ
MD5:	F17B5B1163EFB6D2D47DE6BAE6D3A9CD
SHA1:	6D6964B34BC44C6D2B106ADE1AE675985B96D012
SHA-256:	7829F065E0E10C8466F3D57766E0719421B7B652F6A1082F21B98702F1B28A30
SHA-512:	7C0CBEF1D3CAE66A18C74544E593803C2EEC56817E762A385D54437BC7D597B2598886B0C0EDF72C6E934E9F146CEFC89392A492DB5425A1071E61CA1F156855
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/images/8.jpg
Preview:	......Exif..MM.*.......................................................................................................(...........1.....".....2..........i.............$............'.......'.Adobe Photoshop CC 2015 (Windows).2020:01:21 13:41:42.............0221...................................................................r...........z.(.................................%.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................V...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?.......q..KJG..x.."....]..TX...[^.m...R.......X.5..j?p.A.RI%0...MN.$..@.4

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\bootstrap.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	144877
Entropy (8bit):	5.049937202697915
Encrypted:	false
SSDEEP:	1536:GcoqwrUPyDHU7c7TcDEBi82NcuSELL4d/+oENM6HN26Q:VoPgPard2oENM6HN26Q
MD5:	450FC463B8B1A349DF717056FBB3E078
SHA1:	895125A4522A3B10EE7ADA06EE6503587CBF95C5
SHA-256:	2C0F3DCFE93D7E380C290FE4AB838ED8CADFF1596D62697F5444BE460D1F876D
SHA-512:	93BF1ED5F6D8B34F53413A86EFD4A925D578C97ABC757EA871F3F46F340745E4126C48219D2E8040713605B64A9ECF7AD986AA8102F5EA5ECF9228801D962F5D
Malicious:	false
Reputation:	low
IE Cache URL:	https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors. * Copyright 2011-2018 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). /:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace},::after,::before{box-sizing:border-box}html{font-family:sans

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\bootstrap.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	48944
Entropy (8bit):	5.272507874206726
Encrypted:	false
SSDEEP:	768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B
MD5:	14D449EB8876FA55E1EF3C2CC52B0C17
SHA1:	A9545831803B1359CFEED47E3B4D6BAE68E40E99
SHA-256:	E7ED36CEEE5450B4243BBC35188AFABDFB4280C7C57597001DE0ED167299B01B
SHA-512:	00D9069B9BD29AD0DAA0503F341D67549CCE28E888E1AFFD1A2A45B64A4C1BC460D81CFC4751857F991F2F4FB3D2572FD97FCA651BA0C2B0255530209B182F22
Malicious:	false
Reputation:	low
IE Cache URL:	https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Preview:	/!. Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign\|\|function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProp

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jquery.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:	1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	low
IE Cache URL:	https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Dr[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	11777
Entropy (8bit):	4.8159515725639555
Encrypted:	false
SSDEEP:	192:K2FI5vEJKnYmrDfG4RywAOT+UY/t4IdtWPtY:1nmRnAKyt48tZ
MD5:	6D1D3C4FD92B63CC534BE0EDF3AF18DC
SHA1:	5F5442FEB5BE60239F185E969C45050A7DBADE2A
SHA-256:	65ADCB045AEFB4D0028A6AF36EC9D42BBD4DAE9AFF2CF85810BB4A6F44D4B25C
SHA-512:	2D42684CF0A44E262C958172C2446974A4AE9B8D17F7208A5FCB690964EE0D56FEB157B9AB6166B8F94FBDCBA027271C36B66784655E8FD96CE0B5522FE71AA2
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/
Preview:	...<!doctype html>..<html lang="en">..<head>.. <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>.. <script src="https://code.jquery.com/jquery-3.1.1.min.js">.. <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha256-2Kok7MbOyxpgUVvAk/HJ2jigOSYS2auK4Pfzbm7uH60=" crossorigin="anonymous"></script>.. Required meta tags -->.. <meta charset="utf-8">.. <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">.... Bootstrap CSS -->.. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">.. <link href="https://fonts.googleapis.com/css?family=Yellowtail&display=swap" rel="stylesheet">.. <script src="https://kit.fontawesome.com/585b051251.js" crossorigin="anonymous"></script>.. <title>Share Point Online</title>.. <link

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	211
Entropy (8bit):	5.026484232218891
Encrypted:	false
SSDEEP:	6:0IFFwKh+56ZRWHMqh7izlpdBEoKOEEJTONin:jFWmO6ZRoMqt6p3EondOY
MD5:	04F7435B2672FBE66984EA436E7087C6
SHA1:	44896875E69B297EB979CC0D3E8522D872656BA8
SHA-256:	F9088C15A062F0C7708C3864C5E261A2E4961DFEB0F150DF744FAEC2E3B74AD6
SHA-512:	9A1D01A7FAC3D6B205CFA37C05A93AFA9D903D4D35DCB16E31D3A31D19CD65B8DE5D66E626BC7F70D07841C779E20CD2C2DD6254824F96DE0E8E576E156F1C7D
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.googleapis.com/css?family=Yellowtail&display=swap
Preview:	@font-face {. font-family: 'Yellowtail';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/yellowtail/v11/OZpGg_pnoDtINPfRIlLohlvHxw.woff) format('woff');.}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\gmail[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	66743
Entropy (8bit):	7.712342056984168
Encrypted:	false
SSDEEP:	1536:FxqKcVqezl0vLoYxEuKoYk5LHjGkT3b1mQOEj0+R+EH:FsK2qezl0zoYxEuKo7CYrOb+Rb
MD5:	DCE2F2B0E50CB1DBB0246D152791CB46
SHA1:	D0A69C159304EDC08DB005163E7A0DAF5A1E98A6
SHA-256:	ACF087C1757F08B0CFD53D59066544D7EF0BFCC50999E77C5813739CD9DC1479
SHA-512:	91054B36EF1673B24E4FE3DC324CBE339F4E9EB72785A6A4C355C7B2A11A9A7C6E188FF9BF5B34FFDD2805D4BBED71EF6CA4975EE3E330FD8D8E383ED64B28EE
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/images/gmail.png
Preview:	.PNG........IHDR.....................sBIT....\|.d.....pHYs............/....tEXtSoftware.www.inkscape.org..<... .IDATx...{x.u.....I.sS..9Q(..J.L&.$..V\|........#.."...Zw.eEQv.Q..U.A]9Vh..I8...H2)`....i.....).....f.y....L.pu...{n..........................................................................................................................................................................................................................................................................................................................................................................................................@Is..... mj=...X<65....U.l.b.t.U...mR...e..P.i.$.i2U..@N1.f...i.s...cf.../....2ev.`..%.\|.o...s..j..l.B....V&..s;b..Pfg......!...:..5....$.@...I0.=.lY.......a...B.4g... T.9Wif..R..o.R.t'.0...?G.9i...L...*..&..s.Vgnkhn...;p[.0.5.........$......P......^".HL.M...@.p..;04....9.&.(i....9.sK..=&.'$m........f..1..'...f2.Uww......PH....@..xq....k.2..l.Luf..s5..`.\|

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\office3651[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	18025
Entropy (8bit):	3.011161251318808
Encrypted:	false
SSDEEP:	96:2S+WvkiqJq6Uq7NXrNG+GHhsc5yeFZV9D2Ydcx/NTV0K0VFDsCmm:2SJkiOq6Uq75shDs1kFP
MD5:	FE22440D79FFA34950F512EF4A718B2A
SHA1:	0E147E59544EE6580D3095353D4420849FA5EB8A
SHA-256:	A2F26B68A6C8810C1AEB4048C938F835A86BA83756A7A440F989B967E78F3BA8
SHA-512:	64218ECD4140DC05E50EB7BA4C9813794B8B5A4310C8308244205BA6ADA8EE7C2D1840121730A00800E41775241D8AFA02125A966064CD0EB2CC7D3E4605B81C
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/images/office3651.png
Preview:	.PNG........IHDR............. .......pHYs...............<eiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c067 79.157747, 2015/03/30-23:40:42 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/". xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:exif="http://ns.adobe.com/exif/1.0/">. <xmp:CreatorTool>Adobe Photoshop CC 2015 (Windows)</xmp:CreatorTool>. <xmp:CreateDate>2020-01-18T21:49:38+05:00</xmp:CreateDate>. <xmp:MetadataDate>2020-01-21T14:30:14+05:00</xmp:MetadataDate>. <x

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\other1[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	21882
Entropy (8bit):	4.268463452779894
Encrypted:	false
SSDEEP:	192:ESCkiDw7e9Mg/wio0EYm9FWyo2XdJfXoOZdEDfmiIJQdiRVi/WTanY:DBiDw7eAdq+FWyo2/fXoZbDIJ0ci/BnY
MD5:	6843A244E12FAB158AA189680B5E7049
SHA1:	0E1C691F87CC4FA35C88344974F2829C40176B70
SHA-256:	3A9B144D6482B78AFC4E0A940A1D3C22240F14FA535B808CF4DAB9635339569F
SHA-512:	145010C45B6B83EA4005EB367C0507959FF0817E482F19E9973504081ACAE1B7827CBD1172CEC7732B13F4E0CEC058271BD6700444FBCF61FB6A3C068A3744C4
Malicious:	false
Reputation:	low
IE Cache URL:	https://gabriellarodriguezart.com/Dr/images/other1.png
Preview:	.PNG........IHDR..............$.... cHRM..z&..............u0...`..:....p..Q<....sRGB.........gAMA......a.....pHYs...............:.iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c067 79.157747, 2015/03/30-23:40:42 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/". xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:exif="http://ns.adobe.com/exif/1.0/">. <xmp:CreatorTool>Adobe Photoshop CC 2015 (Windows)</xmp:CreatorTool>. <xmp:CreateDate>2020-01-18T21:59:57+05:00</xmp:CreateDate>. <

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\popper.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	19188
Entropy (8bit):	5.212814407014048
Encrypted:	false
SSDEEP:	384:+CbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb964:zb4xGmiJfaf7gxQvVU7eziv+cSjknZ3f
MD5:	70D3FDA195602FE8B75E0097EED74DDE
SHA1:	C3B977AA4B8DFB69D651E07015031D385DED964B
SHA-256:	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
SHA-512:	51AFFB5A8CFD2F93B473007F6987B19A0A1A0FB970DDD59EF45BD77A355D82ABBBD60468837A09823496411E797F05B1F962AE93C725ED4C00D514BA40269D14
Malicious:	false
Reputation:	low
IE Cache URL:	https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Preview:	/. Copyright (C) Federico Zivolo 2017. Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT).. /(function(e,t){'object'==typeof exports&&'undefined'!=typeof module?module.exports=t():'function'==typeof define&&define.amd?define(t):e.Popper=t()})(this,function(){'use strict';function e(e){return e&&'[object Function]'==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var o=getComputedStyle(e,null);return t?o[t]:o}function o(e){return'HTML'===e.nodeName?e:e.parentNode\|\|e.host}function n(e){if(!e)return document.body;switch(e.nodeName){case'HTML':case'BODY':return e.ownerDocument.body;case'#document':return e.body;}var i=t(e),r=i.overflow,p=i.overflowX,s=i.overflowY;return /(auto\|scroll)/.test(r+s+p)?e:n(o(e))}function r(e){var o=e&&e.offsetParent,i=o&&o.nodeName;return i&&'BODY'!==i&&'HTML'!==i?-1!==['TD','TABLE'].indexOf(o.nodeName)&&'static'===t(o,'position')?r(o):o:e?e.ownerDocument.documentElement:document.documentElement}functio

C:\Users\user\AppData\Local\Temp\~DF4C0C6A7F8B5D7714.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	13029
Entropy (8bit):	0.4772217492480291
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9los9lo89lWGl/uCVp+Z+c:kBqoIXxGl/J6
MD5:	3AC22A525313CA286F313EC79B8D5FE3
SHA1:	1B7879E92E96D04B5DC4652E8BEBECFDBE32DFEC
SHA-256:	034603AF3236B995E46AEA11D49D7679BBE2A5BC47979E4ADA9926A44CFB0ADE
SHA-512:	62274C5EFFEAEB9B9C4FC7F461570807C5A68184D5744BF31B0A5B9D17A996E774D27E159A1CC27F0549FEDE3CAA749E4910BB943FE0503277C6FC57AA09CC49
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF5FAEF6CCA28DFD69.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	35171
Entropy (8bit):	0.46624779608721245
Encrypted:	false
SSDEEP:	48:kBqoxKAuvScS+FLFFFXF+FKIFKxm3KQmMW8mGWw8m4m+mFmr0b:kBqoxKAuvScS+FLFFFXF+FFFN3HSgb
MD5:	D288185627461842036D36F8BE0318CA
SHA1:	B4407DD8846884C6F3E3E424AA37BE945F43F595
SHA-256:	EF12273B41FD81C623267A58FA22E3E0650132CF37AEF6CD74A04A79B6723FC9
SHA-512:	1AD8A878B079D0FED73CC0335C8819BCD2C6D59A088AC44A007E0E3D4A8CACE3A03A936CEBFD234ED816137FFADD2525C341D5DA69C1EE2ECA80A3F2CD4D655A
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF726652DFE275AF17.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	25441
Entropy (8bit):	0.6455439471718731
Encrypted:	false
SSDEEP:	48:kBqoxxJhHWSVSEabzMLAovx/5LglYIgpZnZ3jGft2UBup:kBqoxDhHWSVSE+Bvgfg
MD5:	2D3D4A8E41C033E42BB0E8647D626C80
SHA1:	97C10178F581A5561DF93DD57214DA4DDB34B281
SHA-256:	CD8F5BC72E12416D1371B7BF91436B63769EC0C99CB8C01A4505D91A8DDA0411
SHA-512:	DCE4E3ECE67B39401CB2F8D6479ED8373EE9F85350F46C26D928165D257B742C06B94F5AD597EEA7D10CCAA85B85576D3FFFB08D78B5163B7FBEA462E15245AF
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 10, 2021 20:26:29.542740107 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.542952061 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.702141047 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.702362061 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.706263065 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.706530094 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.714993954 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.715179920 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.874356031 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.878515959 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.881892920 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.881939888 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.881978035 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.882030010 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.882108927 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.882188082 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.883374929 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.883512974 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.888727903 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.888772011 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.888808966 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.888839006 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.888839960 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.888885975 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.888984919 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.890131950 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:29.890239954 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.922739029 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.922779083 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:29.928152084 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.085990906 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.086105108 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.089946985 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.090040922 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.092348099 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.092437983 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.097620964 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.296725035 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428174019 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428245068 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428287029 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428325891 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428339958 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428364038 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428376913 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428384066 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428388119 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428410053 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428411961 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428446054 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428469896 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428487062 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428510904 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428527117 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428535938 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428566933 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.428606987 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.428620100 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.633641958 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.634651899 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.645338058 CEST	49745	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.646145105 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.646953106 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.647757053 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.649947882 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.651329994 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.692197084 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.692297935 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.693624973 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.693743944 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.793143034 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.806859970 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.806906939 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.806936979 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.806968927 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.806998968 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807035923 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807075024 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807158947 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807159901 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807204008 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807209969 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807212114 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807219028 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807256937 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807266951 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807296038 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807301998 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807334900 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807339907 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807373047 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807384014 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807401896 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807425976 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807439089 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807455063 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807486057 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807487965 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807531118 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807533026 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807570934 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807576895 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807610989 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807621956 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807651043 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807655096 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807697058 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.807917118 CEST	443	49745	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.807945013 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.808006048 CEST	49745	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.808034897 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.808363914 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.808437109 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.811615944 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.811728001 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817390919 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817433119 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817471027 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817502975 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817509890 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817521095 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817527056 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817548990 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817584038 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817589998 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817622900 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817636967 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817668915 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817696095 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817698002 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.817717075 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.817770004 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.841135979 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.841739893 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.842427969 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.842945099 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.865118980 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.881695986 CEST	49745	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.883599043 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.884143114 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.885870934 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.885916948 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.885999918 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.886068106 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.895869970 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.895909071 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.896008968 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.896068096 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.927082062 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.929814100 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.930052042 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.930188894 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.938082933 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.938374996 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.945493937 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:30.946547985 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:30.968303919 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968368053 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968406916 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968455076 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968508959 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968511105 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968516111 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968554974 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968573093 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968595982 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968637943 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968677998 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968683958 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968693018 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968717098 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968733072 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968739033 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968775988 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968786955 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968828917 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968852043 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968868017 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968885899 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968933105 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968936920 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.968975067 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.968993902 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969012976 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969037056 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969050884 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969080925 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969093084 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969113111 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969141006 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969168901 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969182968 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969222069 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969248056 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969261885 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969271898 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969276905 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969302893 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969340086 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969346046 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969378948 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969384909 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969415903 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969418049 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969449043 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969470024 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969487906 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969512939 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969530106 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969552040 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969573975 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969592094 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969630957 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969630957 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969669104 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969683886 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969692945 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969708920 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969732046 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969747066 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969769955 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969794989 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969837904 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969875097 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969876051 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969902039 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969907045 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969914913 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969954014 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969954967 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.969970942 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.969994068 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.970012903 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.970033884 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.970056057 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.970065117 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.970092058 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.970105886 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.970138073 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.970304966 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.970351934 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.972026110 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.972064018 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.972135067 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.973025084 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.974899054 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.980400085 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.980571032 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.981002092 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981045008 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981077909 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981086016 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981125116 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981142998 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981148958 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981163025 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981187105 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981210947 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981224060 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981257915 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981256962 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981296062 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981300116 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981333971 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981340885 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981373072 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981375933 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981410980 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981421947 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981450081 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981455088 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981496096 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981527090 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981570005 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981573105 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981607914 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981615067 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981637955 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:30.981652021 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981683969 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.981729984 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.981770039 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.981913090 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.981945992 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.982892036 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.982923031 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.982959986 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.982975960 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.982986927 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.982997894 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.983004093 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.983025074 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.983036995 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.983073950 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.983084917 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.983136892 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.983889103 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.983932018 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.983961105 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.983983040 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.984875917 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.984925032 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.984935045 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.984986067 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.985923052 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.986002922 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.986011982 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.986071110 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.986881971 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.986932993 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.986962080 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.986999035 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.987618923 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:30.987694979 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:30.987823009 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.987863064 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.987884045 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.987910986 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.988831997 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.988878012 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.988904953 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:30.988939047 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.988967896 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.988977909 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:30.989515066 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:30.989833117 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.989876032 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.989901066 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.989928961 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.990803003 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.990843058 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.990868092 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.990897894 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.991789103 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.991831064 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.991858959 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.991888046 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.992222071 CEST	49750	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.992760897 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.992803097 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.992830038 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.992856979 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.993810892 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.993859053 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:30.993875980 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:30.993917942 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:31.002356052 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.005274057 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.005315065 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.005388021 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.005619049 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.006907940 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.007369995 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.008457899 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.008527994 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.013309956 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.013360023 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.013443947 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:31.013503075 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:31.013760090 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.013819933 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.013834953 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.013854027 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:31.013921022 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:31.014767885 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.014805079 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.014862061 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:31.014889002 CEST	49751	443	192.168.2.4	104.18.11.207
Jun 10, 2021 20:26:31.018229961 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.019784927 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.024722099 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.032478094 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.032563925 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.033046961 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.034365892 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.034410954 CEST	443	49750	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.046361923 CEST	443	49745	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.046963930 CEST	443	49745	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.047038078 CEST	49745	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.047523022 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.049082041 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.049413919 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.049489021 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.049500942 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.049555063 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.051280022 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.051317930 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.051347971 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.051362038 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.053113937 CEST	49745	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.057157040 CEST	443	49751	104.18.11.207	192.168.2.4
Jun 10, 2021 20:26:31.090816021 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.091159105 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.091430902 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.092411041 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.109884024 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.129622936 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.129662037 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.129699945 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.129722118 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.129738092 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.129785061 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.129812956 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.129861116 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.129880905 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.129930019 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.129949093 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.129993916 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130018950 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130084038 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130098104 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130132914 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130167007 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130207062 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130218029 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130254030 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130285025 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130340099 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130353928 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130392075 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130424023 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130479097 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130491972 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130530119 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130561113 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130615950 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130629063 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130669117 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130701065 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130758047 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130770922 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130808115 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130839109 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130893946 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.130906105 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130944014 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.130975008 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131030083 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131042004 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131079912 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131110907 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131180048 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131217003 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131256104 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131272078 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131306887 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131334066 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131383896 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131397963 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131437063 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131465912 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131498098 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.131516933 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.131548882 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.133040905 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.133236885 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.133270025 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.133295059 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.133336067 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.133352041 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.133505106 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.134632111 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.137393951 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.137427092 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.137479067 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.137516975 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.151988983 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152033091 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152070999 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152108908 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152129889 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152149916 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152198076 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152209044 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152247906 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152267933 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152312040 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152323961 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152362108 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152401924 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152420044 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152427912 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152453899 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152478933 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152853012 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152890921 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.152909994 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.152940035 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.153682947 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.153760910 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.157228947 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.157335997 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.175266981 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181312084 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181354046 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181395054 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181418896 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181430101 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181464911 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181484938 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181520939 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181536913 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181571007 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181592941 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181619883 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181641102 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181667089 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181689978 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181727886 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.181742907 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.181775093 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.191873074 CEST	49757	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.192719936 CEST	49756	443	192.168.2.4	104.16.18.94
Jun 10, 2021 20:26:31.192869902 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.194896936 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.194921970 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.194938898 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.194955111 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.194969893 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.194978952 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.194988966 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.195003033 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.195019007 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.195034027 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.195034981 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.195082903 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.195102930 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.204466105 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207505941 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207528114 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207540035 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207551003 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207567930 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207582951 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207595110 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.207612038 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207632065 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207648993 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.207657099 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.207683086 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.207715988 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.252135038 CEST	443	49745	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.274837017 CEST	443	49757	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.275336027 CEST	443	49756	104.16.18.94	192.168.2.4
Jun 10, 2021 20:26:31.342685938 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.342742920 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.342776060 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.342792034 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.342829943 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.342875957 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.342886925 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.342921019 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.342942953 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.342988014 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.342998028 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343034029 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343054056 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343096972 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343110085 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343142986 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343210936 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343250990 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343270063 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343305111 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343334913 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343385935 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343396902 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343434095 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343462944 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343513012 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343523026 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343558073 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343588114 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343636990 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343647003 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343682051 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343713999 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343763113 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.343774080 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.343807936 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.360752106 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.360805988 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.360843897 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.360860109 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.360882044 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.360896111 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.360920906 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.360946894 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.360968113 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.360968113 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.361011028 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.361020088 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.361048937 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.361063004 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.361082077 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.361099005 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.361128092 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.367243052 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.367297888 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.367335081 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.367372990 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.367388964 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.367422104 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.367460012 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.367475986 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.367506981 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.367541075 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.367619038 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.503530979 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503585100 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503633022 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.503663063 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503675938 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.503715038 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503731966 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.503771067 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503786087 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.503829956 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503843069 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.503887892 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.503910065 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503951073 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.503969908 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504003048 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504021883 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504059076 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504076958 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504112005 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504128933 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504168034 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504184008 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504228115 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504240036 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504287004 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504307985 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504347086 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504370928 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504399061 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504419088 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504457951 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504472017 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504525900 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504539013 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504581928 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504607916 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504662037 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504676104 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504715919 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504745007 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504808903 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504822969 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504878044 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504890919 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504934072 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.504959106 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.504997969 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:31.505021095 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.505057096 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.835947037 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:31.854377031 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.003691912 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.003906965 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015353918 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015404940 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015448093 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015469074 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015500069 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015517950 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015542984 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015580893 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015599012 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015630007 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015654087 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015681982 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015707016 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015727043 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015748978 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015786886 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015803099 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015839100 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015857935 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015897036 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.015912056 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.015958071 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.175956964 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.175992966 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176014900 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176038027 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176052094 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176079988 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176101923 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176105976 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176120996 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176131964 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176162958 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176186085 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176213026 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176224947 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176230907 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176242113 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176266909 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176289082 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176306009 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176317930 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176346064 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176356077 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176387072 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176394939 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176417112 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176428080 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176456928 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176887035 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176913023 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176934958 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176948071 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176956892 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.176979065 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.176987886 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.177010059 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.177018881 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.177042007 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.177052021 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.177074909 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.177084923 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.177105904 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.177115917 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.177146912 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337369919 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337397099 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337414026 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337430954 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337447882 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337467909 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337486029 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337502956 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337519884 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337537050 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337552071 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337569952 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337588072 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337610006 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337619066 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337621927 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337624073 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337625980 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337626934 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337629080 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337630033 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337631941 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337634087 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337635994 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337650061 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337668896 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337688923 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337698936 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337717056 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337723970 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337743044 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337749958 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337765932 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337774992 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337793112 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337809086 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337831974 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337837934 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337841034 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337857962 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337862968 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337869883 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337882042 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337898970 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337912083 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337928057 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337945938 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337959051 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.337970972 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.337989092 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338010073 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338027000 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338033915 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338044882 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338063002 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338071108 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338085890 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338097095 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338104010 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338119984 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338133097 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338145018 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338151932 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338167906 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338197947 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338205099 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338223934 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338228941 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338246107 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338253021 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338264942 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338277102 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338293076 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338300943 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338314056 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338324070 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338335991 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338349104 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338360071 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338371992 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338392019 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338397026 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338409901 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338421106 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.338428020 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.338463068 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498090029 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498145103 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498182058 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498205900 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498256922 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498282909 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498332024 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498351097 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498393059 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498421907 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498450994 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498466969 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498502970 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498522043 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498573065 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498586893 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498629093 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498673916 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498687029 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498730898 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498749018 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498796940 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498812914 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498852968 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498887062 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498908997 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498934984 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.498965025 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.498995066 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499020100 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499053001 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499073982 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499139071 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499152899 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499180079 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499207020 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499242067 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499285936 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499315977 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499352932 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499392986 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499422073 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499439001 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499488115 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499505997 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499546051 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499564886 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499609947 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499628067 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499666929 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499705076 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499721050 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499758959 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499794006 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499818087 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499861002 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499878883 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499917984 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.499943972 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.499975920 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500013113 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500027895 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500065088 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500111103 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500123024 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500166893 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500184059 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500240088 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500252962 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500292063 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500313997 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500356913 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500368118 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500405073 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500439882 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500458956 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500495911 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500516891 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500550985 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500587940 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:32.500603914 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:32.500669956 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:36.140218973 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:36.140228987 CEST	443	49740	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:36.140325069 CEST	49740	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:36.162244081 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:36.162276030 CEST	443	49739	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:36.162316084 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:36.162355900 CEST	49739	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:36.200978994 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:36.201024055 CEST	443	49747	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:36.201101065 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:36.204334974 CEST	49747	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:37.008961916 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:37.009013891 CEST	443	49748	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:37.009072065 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:37.009111881 CEST	49748	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:37.350431919 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:37.350478888 CEST	443	49746	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:37.350646973 CEST	49746	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.287504911 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.446907043 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.447045088 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.468961000 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.628323078 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.639612913 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.639689922 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.639748096 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.639777899 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.639827013 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.639882088 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.639895916 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.640929937 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.641038895 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.647075891 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.814495087 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.814666986 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.820111036 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:46.992396116 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:46.992597103 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:52.023534060 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:52.023556948 CEST	443	49770	162.241.114.112	192.168.2.4
Jun 10, 2021 20:26:52.023613930 CEST	49770	443	192.168.2.4	162.241.114.112
Jun 10, 2021 20:26:52.023638010 CEST	49770	443	192.168.2.4	162.241.114.112

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 10, 2021 20:26:21.355566978 CEST	49910	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:21.408986092 CEST	53	49910	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:22.184962988 CEST	55854	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:22.239917994 CEST	53	55854	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:23.065854073 CEST	64549	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:23.117048979 CEST	53	64549	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:23.862617970 CEST	63153	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:23.913207054 CEST	53	63153	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:24.986857891 CEST	52991	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:25.045701981 CEST	53	52991	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:26.440207958 CEST	53700	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:26.490453005 CEST	53	53700	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:27.551318884 CEST	51726	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:27.601592064 CEST	53	51726	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:28.425981998 CEST	56794	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:28.492743969 CEST	53	56794	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:28.716897964 CEST	56534	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:28.768173933 CEST	53	56534	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:29.460459948 CEST	56627	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:29.527601004 CEST	53	56627	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:29.581221104 CEST	56621	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:29.640022039 CEST	53	56621	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:30.560543060 CEST	63116	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:30.567945004 CEST	64078	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:30.583039045 CEST	64801	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:30.604825974 CEST	61721	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:30.617988110 CEST	53	64078	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:30.619196892 CEST	53	63116	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:30.641345978 CEST	53	64801	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:30.654016018 CEST	51255	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:30.666220903 CEST	53	61721	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:30.716372967 CEST	53	51255	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:30.860577106 CEST	61522	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:30.876419067 CEST	52337	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:30.913644075 CEST	53	61522	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:30.943485022 CEST	53	52337	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:31.386157990 CEST	55046	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:31.452528954 CEST	53	55046	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:32.905577898 CEST	49612	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:32.958571911 CEST	53	49612	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:33.766278982 CEST	49285	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:33.819644928 CEST	53	49285	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:34.829535961 CEST	50601	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:34.882571936 CEST	53	50601	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:35.656213999 CEST	60875	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:35.717899084 CEST	53	60875	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:36.660959005 CEST	56448	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:36.714251995 CEST	53	56448	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:37.763448954 CEST	59172	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:37.816840887 CEST	53	59172	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:38.553575993 CEST	62420	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:38.615458012 CEST	53	62420	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:39.679464102 CEST	60579	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:39.730909109 CEST	53	60579	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:40.532309055 CEST	50183	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:40.582474947 CEST	53	50183	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:46.217636108 CEST	61531	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:46.285185099 CEST	53	61531	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:50.632215977 CEST	49228	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:50.707304001 CEST	53	49228	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:57.056006908 CEST	59794	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:57.114852905 CEST	53	59794	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:58.014432907 CEST	55916	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:58.076520920 CEST	53	55916	8.8.8.8	192.168.2.4
Jun 10, 2021 20:26:58.434434891 CEST	52752	53	192.168.2.4	8.8.8.8
Jun 10, 2021 20:26:58.493432045 CEST	53	52752	8.8.8.8	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jun 10, 2021 20:26:29.460459948 CEST	192.168.2.4	8.8.8.8	0x96d7	Standard query (0)	gabriellarodriguezart.com	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.567945004 CEST	192.168.2.4	8.8.8.8	0x6553	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.583039045 CEST	192.168.2.4	8.8.8.8	0x6905	Standard query (0)	maxcdn.bootstrapcdn.com	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.654016018 CEST	192.168.2.4	8.8.8.8	0xb704	Standard query (0)	kit.fontawesome.com	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.876419067 CEST	192.168.2.4	8.8.8.8	0xfc68	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:31.386157990 CEST	192.168.2.4	8.8.8.8	0xbfe5	Standard query (0)	ka-f.fontawesome.com	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:46.217636108 CEST	192.168.2.4	8.8.8.8	0xfe4c	Standard query (0)	gabriellarodriguezart.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jun 10, 2021 20:26:29.527601004 CEST	8.8.8.8	192.168.2.4	0x96d7	No error (0)	gabriellarodriguezart.com		162.241.114.112	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.617988110 CEST	8.8.8.8	192.168.2.4	0x6553	No error (0)	code.jquery.com	cds.s5x3j6q5.hwcdn.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 20:26:30.641345978 CEST	8.8.8.8	192.168.2.4	0x6905	No error (0)	maxcdn.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.641345978 CEST	8.8.8.8	192.168.2.4	0x6905	No error (0)	maxcdn.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.716372967 CEST	8.8.8.8	192.168.2.4	0xb704	No error (0)	kit.fontawesome.com	kit.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 20:26:30.943485022 CEST	8.8.8.8	192.168.2.4	0xfc68	No error (0)	cdnjs.cloudflare.com		104.16.18.94	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:30.943485022 CEST	8.8.8.8	192.168.2.4	0xfc68	No error (0)	cdnjs.cloudflare.com		104.16.19.94	A (IP address)	IN (0x0001)
Jun 10, 2021 20:26:31.452528954 CEST	8.8.8.8	192.168.2.4	0xbfe5	No error (0)	ka-f.fontawesome.com	ka-f.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Jun 10, 2021 20:26:46.285185099 CEST	8.8.8.8	192.168.2.4	0xfe4c	No error (0)	gabriellarodriguezart.com		162.241.114.112	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jun 10, 2021 20:26:29.883374929 CEST	162.241.114.112	443	192.168.2.4	49740	CN=gabriellarodriguezart.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Sat Jun 05 23:13:12 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021	Fri Sep 03 23:13:12 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=R3, O=Let's Encrypt, C=US	CN=ISRG Root X1, O=Internet Security Research Group, C=US	Fri Sep 04 02:00:00 CEST 2020	Mon Sep 15 18:00:00 CEST 2025
					CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Jan 20 20:14:03 CET 2021	Mon Sep 30 20:14:03 CEST 2024
Jun 10, 2021 20:26:29.890131950 CEST	162.241.114.112	443	192.168.2.4	49739	CN=gabriellarodriguezart.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Sat Jun 05 23:13:12 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021	Fri Sep 03 23:13:12 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=R3, O=Let's Encrypt, C=US	CN=ISRG Root X1, O=Internet Security Research Group, C=US	Fri Sep 04 02:00:00 CEST 2020	Mon Sep 15 18:00:00 CEST 2025
					CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Jan 20 20:14:03 CET 2021	Mon Sep 30 20:14:03 CEST 2024
Jun 10, 2021 20:26:30.885916948 CEST	104.18.11.207	443	192.168.2.4	49751	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:30.885916948 CEST	104.18.11.207	443	192.168.2.4	49751	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:30.895909071 CEST	104.18.11.207	443	192.168.2.4	49750	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=California, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Mar 01 01:00:00 CET 2021 Mon Jan 27 13:48:08 CET 2020	Tue Mar 01 00:59:59 CET 2022 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:30.895909071 CEST	104.18.11.207	443	192.168.2.4	49750	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:31.049500942 CEST	104.16.18.94	443	192.168.2.4	49757	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:31.049500942 CEST	104.16.18.94	443	192.168.2.4	49757	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:31.051317930 CEST	104.16.18.94	443	192.168.2.4	49756	CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Wed Oct 21 02:00:00 CEST 2020 Mon Jan 27 13:48:08 CET 2020	Thu Oct 21 01:59:59 CEST 2021 Wed Jan 01 00:59:59 CET 2025	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:31.051317930 CEST	104.16.18.94	443	192.168.2.4	49756	CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US	CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE	Mon Jan 27 13:48:08 CET 2020	Wed Jan 01 00:59:59 CET 2025		9e10692f1b7f78228b2d4e424db3a98c
Jun 10, 2021 20:26:46.640929937 CEST	162.241.114.112	443	192.168.2.4	49770	CN=gabriellarodriguezart.com CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Sat Jun 05 23:13:12 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021	Fri Sep 03 23:13:12 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=R3, O=Let's Encrypt, C=US	CN=ISRG Root X1, O=Internet Security Research Group, C=US	Fri Sep 04 02:00:00 CEST 2020	Mon Sep 15 18:00:00 CEST 2025
					CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Jan 20 20:14:03 CET 2021	Mon Sep 30 20:14:03 CEST 2024

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 6828 Parent PID: 800

General

Start time:	20:26:27
Start date:	10/06/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff648790000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Analysis Process: iexplore.exe PID: 6908 Parent PID: 6828

General

Start time:	20:26:28
Start date:	10/06/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6828 CREDAT:17410 /prefetch:2
Imagebase:	0x180000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://gabriellarodriguezart.com/Dr

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Dropped Files

Sigma Overview

Signature Overview

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 6828 Parent PID: 800

General

Chronological Activities

Analysis Process: iexplore.exe PID: 6908 Parent PID: 6828

General

Chronological Activities

Disassembly