Analysis Report
Overview
General Information |
---|
Joe Sandbox Version: | 17.0.0 |
Analysis ID: | 190848 |
Start time: | 14:54:02 |
Joe Sandbox Product: | Cloud |
Start date: | 08.12.2016 |
Overall analysis duration: | 0h 12m 47s |
Report type: | full |
Sample file name: | 201612080549502460_0025.docm |
Cookbook file name: | defaultwindowsofficecookbook.jbs |
Analysis system description: | Windows 7 (Office 2010 v15, Java 1.8.0_40, Flash 16.0.0.305, Acrobat Reader 11.0.08, Internet Explorer 11, Chrome 41, Firefox 36) |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies |
|
Detection: | MAL |
Classification: | mal100.evad.expl.rans.winDOCM@7/270@19/10 |
HCA Information: |
|
EGA Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Detection |
---|
Strategy | Score | Range | Reporting | Detection | |
---|---|---|---|---|---|
Threshold | 100 | 0 - 100 | Report FP / FN |
Classification |
---|
Analysis Advice |
---|
Sample monitors Window changes (e.g. starting applications), analyze the sample with the 'Simulates keyboard and window changes' cookbook |
Sample sleeps for a long time, analyze it with the 'Bypass long sleeps' cookbook |
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis |
Signature Overview |
---|
Click to jump to signature section
Change of System Appearance: |
---|
Contains functionalty to change the wallpaper | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10004A52 |
Cryptography: |
---|
Uses Microsoft's Enhanced Cryptographic Provider | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100036EE | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000701A | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000226C | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100037FA | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10007F02 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10008BF5 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10008969 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10001980 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10008BA9 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100084E0 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100084C0 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10008C3C | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10008C81 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10016993 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10002E20 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10003DA2 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100036C1 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100017ED | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100026EF | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100169A6 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100036DE | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100030A7 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100016BA | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000747F | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100016F5 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000748D | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10001A70 |
Spam, unwanted Advertisements and Ransom Demands: |
---|
Contains functionality to import cryptographic keys (often used in ransomware) | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10001980 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100084E0 |
Contains functionalty to encrypt and move a file in one function | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000226C |
Deletes shadow drive data (may be related to ransomware) | Show sources |
Source: rundll32.exe | Binary or memory string: |
Found string related to ransomware | Show sources |
Source: rundll32.exe | Binary or memory string: | ||
Source: rundll32.exe | Binary or memory string: | ||
Source: rundll32.exe | Binary or memory string: | ||
Source: rundll32.exe | Binary or memory string: |
May drop file containing decryption instructions (likely related to ransomware) | Show sources |
Source: rundll32.exe | Binary or memory string: | ||
Source: rundll32.exe | Binary or memory string: | ||
Source: rundll32.exe | Binary or memory string: |
Detected Locky Ransomware | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000226C |
E-Banking Fraud: |
---|
Drops certificate files (DER) | Show sources |
Source: C:\Program Files\Internet Explorer\iexplore.exe | File created: | ||
Source: C:\Program Files\Internet Explorer\iexplore.exe | File created: | ||
Source: C:\Program Files\Internet Explorer\iexplore.exe | File created: |
Software Vulnerabilities: |
---|
Potential document exploit detected (performs DNS queries) | Show sources |
Source: global traffic | DNS query: |
Potential document exploit detected (performs HTTP gets) | Show sources |
Source: global traffic | TCP traffic: |
Potential document exploit detected (unknown TCP traffic) | Show sources |
Source: global traffic | TCP traffic: |
Document exploit detected (process start blacklist hit) | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process created: |
Document exploit detected (drops PE files) | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File created: |
Networking: |
---|
Urls found in memory or binary data | Show sources |
Source: WINWORD.EXE | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: {251F8905-BD4E-11E6-9CAC-B808CF8DE4D6}.dat.1604.dr | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe, vbaProject.bin | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: rundll32.exe | String found in binary or memory: | ||
Source: rundll32.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: WINWORD.EXE | String found in binary or memory: | ||
Source: WINWORD.EXE | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: rundll32.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: |
Contains functionality to download additional files from the internet | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100076D3 |
Downloads files | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File created: |
Downloads files from webservers via HTTP | Show sources |
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: |
Found strings which match to known social media urls | Show sources |
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: |
Performs DNS lookups | Show sources |
Source: unknown | DNS traffic detected: |
Posts data to webserver | Show sources |
Source: unknown | HTTP traffic detected: |
Uses HTTPS | Show sources |
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: |
Social media urls found in memory data | Show sources |
Source: iexplore.exe | String found in binary or memory: | ||
Source: iexplore.exe | String found in binary or memory: |
Stealing of Sensitive Information: |
---|
Searches for user specific document files | Show sources |
Source: C:\Windows\System32\rundll32.exe | Key value created or modified: | ||
Source: C:\Windows\System32\rundll32.exe | Key value created or modified: | ||
Source: C:\Windows\System32\rundll32.exe | Key value created or modified: | ||
Source: C:\Windows\System32\rundll32.exe | Key value created or modified: | ||
Source: C:\Windows\System32\rundll32.exe | Key value created or modified: | ||
Source: C:\Windows\System32\rundll32.exe | Key value created or modified: |
Persistence and Installation Behavior: |
---|
Drops PE files | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File created: |
Drops files with a non-matching file extension (content does not match file extension) | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File created: |
Data Obfuscation: |
---|
Contains functionality to dynamically determine API calls | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_2_0014019D |
Spreading: |
---|
Contains functionality to enumerate / list files inside a directory | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100090C5 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10006DD2 |
System Summary: |
---|
Checks whether correct version of .NET is installed | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Key opened: |
Reads internet explorer settings | Show sources |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Key opened: |
Executable creates window controls seldom found in malware | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Window found: |
Found graphical window changes (likely an installer) | Show sources |
Source: Window Recorder | Window detected: |
Checks if Microsoft Office is installed | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Key opened: |
Uses new MSVCR Dlls | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File opened: |
Binary contains paths to debug symbols | Show sources |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Document has a 'vbamacros' value indicative for goodware | Show sources |
Source: Suggested Sites~.feed-ms.1604.dr | Initial sample: |
Binary contains paths to development resources | Show sources |
Source: WINWORD.EXE | Binary or memory string: |
Classification label | Show sources |
Source: classification engine | Classification label: |
Contains functionality to check free disk space | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100095EF |
Contains functionality to instantiate COM classes | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000AFEA |
Creates files inside the program directory | Show sources |
Source: C:\Windows\System32\rundll32.exe | File created: |
Creates files inside the user directory | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File created: |
Creates temporary files | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File created: |
Reads ini files | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File read: |
Reads software policies | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Key opened: |
Runs a DLL by calling functions | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process created: |
Spawns processes | Show sources |
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process created: | ||
Source: C:\Windows\System32\rundll32.exe | Process created: | ||
Source: C:\Program Files\Internet Explorer\iexplore.exe | Process created: |
Uses an in-process (OLE) Automation server | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Key value queried: |
Document contains embedded VBA macros | Show sources |
Source: 201612080549502460_0025.docm | OLE indicator, VBA macros: |
Document contains no OLE stream with summary information | Show sources |
Source: 201612080549502460_0025.docm | OLE indicator has summary info: | ||
Source: Suggested Sites~.feed-ms.1604.dr | OLE indicator has summary info: |
Document contains summary information with irregular field values | Show sources |
Source: 201612080549502460_0025.docm | OLE document summary: | ||
Source: 201612080549502460_0025.docm | OLE document summary: | ||
Source: 201612080549502460_0025.docm | OLE document summary: | ||
Source: Suggested Sites~.feed-ms.1604.dr | OLE document summary: | ||
Source: Suggested Sites~.feed-ms.1604.dr | OLE document summary: | ||
Source: Suggested Sites~.feed-ms.1604.dr | OLE document summary: |
Document has an unknown application name | Show sources |
Source: 201612080549502460_0025.docm | OLE indicator application name: | ||
Source: Suggested Sites~.feed-ms.1604.dr | OLE indicator application name: |
Document misses a certain OLE stream usually present in this Microsoft Office document type | Show sources |
Source: 201612080549502460_0025.docm | OLE stream indicators for Word, Excel, PowerPoint, and Visio: | ||
Source: Suggested Sites~.feed-ms.1604.dr | OLE stream indicators for Word, Excel, PowerPoint, and Visio: |
Found potential string decryption / allocating functions | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: |
Office document includes a Visual Basic Macro | Show sources |
Source: initial sample | Static PE information: |
Reads the hosts file | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File read: | ||
Source: C:\Windows\System32\rundll32.exe | File read: |
Document contains an embedded VBA macro which executes code when the document is opened / closed | Show sources |
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: VBA code instrumentation | OLE, VBA macro: | Name: autoopen |
Document contains an embedded VBA macro which may execute processes | Show sources |
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: VBA code instrumentation | OLE, VBA macro: | Name: before |
Document contains an embedded VBA macro with suspicious strings | Show sources |
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: 201612080549502460_0025.docm | OLE, VBA macro line: | |||
Source: VBA code instrumentation | OLE, VBA macro: | Name: Fisher | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: Fisher | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: Fisher | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: Fisher | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: Fisher | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: before | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: ColNumToLet |
Document contains an embedded VBA with base64 encoded strings | Show sources |
Source: VBA code instrumentation | OLE, VBA macro: |
Document contains an embedded VBA with functions possibly related to ADO stream file operations | Show sources |
Source: VBA code instrumentation | OLE, VBA macro: | Name: before | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: before | ||
Source: VBA code instrumentation | OLE, VBA macro: | Name: ColNumToLet |
Document contains an embedded VBA with functions possibly related to HTTP operations | Show sources |
Source: 201612080549502460_0025.docm | Stream path 'VBA/Module1' : |
Document contains an embedded macro with GUI obfuscation | Show sources |
Source: 201612080549502460_0025.docm | Stream path 'FU5/f' : | ||
Source: 201612080549502460_0025.docm | Stream path 'FU5/f' : |
HIPS / PFW / Operating System Protection Evasion: |
---|
Contains functionality to add an ACL to a security descriptor | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10004C58 |
Contains functionality to create a new security descriptor | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10004C58 |
May try to detect the Windows Explorer process (often used for injection) | Show sources |
Source: iexplore.exe | Binary or memory string: | ||
Source: iexplore.exe | Binary or memory string: | ||
Source: iexplore.exe | Binary or memory string: |
System process connects to network (likely due to code injection or exploit) | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Network Connect: |
Anti Debugging: |
---|
Contains functionality to register its own exception handler | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10004F74 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000CE18 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000FA82 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10004F74 |
Checks for kernel debuggers (NtQuerySystemInformation(SystemKernelDebuggerInformation)) | Show sources |
Source: C:\Windows\System32\rundll32.exe | System information queried: |
Checks if the current process is being debugged | Show sources |
Source: C:\Windows\System32\rundll32.exe | Process queried: |
Contains functionality for execution timing, often used to detect debuggers | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000AFEA |
Contains functionality to check if a debugger is running (IsDebuggerPresent) | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000CE18 |
Contains functionality to dynamically determine API calls | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_2_0014019D |
Malware Analysis System Evasion: |
---|
Contains functionality to enumerate / list files inside a directory | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_100090C5 | |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10006DD2 |
Checks the free space of harddrives | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | File Volume queried: |
Contains functionality for execution timing, often used to detect debuggers | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000AFEA |
Found a high number of Window / User specific system calls (may be a loop to detect user behavior) | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Window / User API: | ||
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Window / User API: |
Is looking for software installed on the system | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Registry key enumerated: |
May sleep (evasive loops) to hinder dynamic analysis | Show sources |
Source: C:\Windows\System32\rundll32.exe TID: 256 | Thread sleep time: |
Hooking and other Techniques for Hiding and Protection: |
---|
Disables application error messsages (SetErrorMode) | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Process information set: | ||
Source: C:\Windows\System32\rundll32.exe | Process information set: | ||
Source: C:\Windows\System32\rundll32.exe | Process information set: |
Extensive use of GetProcAddress (often used to hide API calls) | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_2_00140215 |
Language, Device and Operating System Detection: |
---|
Contains functionality to query local / system time | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_1000226C |
Contains functionality to query windows version | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10003E32 |
Queries the cryptographic machine GUID | Show sources |
Source: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE | Key value queried: |
Contains functionality locales information (e.g. system language) | Show sources |
Source: C:\Windows\System32\rundll32.exe | Code function: | 1_1_10006FC3 |
Queries the installation date of Windows | Show sources |
Source: C:\Program Files\Internet Explorer\iexplore.exe | Registry key value queried: |
Behavior Graph |
---|
Yara Overview |
---|
No Yara matches |
---|
Screenshot |
---|
Startup |
---|
|
Created / dropped Files |
---|
File Path | Type and Hashes |
---|---|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
|
Contacted Domains/Contacted IPs |
---|
Contacted Domains |
---|
Name | IP | Active |
---|---|---|
www.microsoft.com | 23.201.182.227 | true |
iecvlist.microsoft.com | 93.184.221.200 | true |
netfun.be | 81.4.68.175 | true |
crl.microsoft.com | 83.151.132.104 | true |
sqm.telemetry.microsoft.com | 65.55.252.93 | true |
ocsp.msocsp.com | 198.41.215.183 | true |
www.bing.com | 204.79.197.200 | true |
r20swj13mr.microsoft.com | 93.184.221.200 | true |
api.bing.com | 13.107.5.80 | true |
ieonline.microsoft.com | 204.79.197.200 | true |
go.microsoft.com | 104.69.255.233 | true |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Country | Flag | ASN | ASN Name |
---|---|---|---|---|
104.69.255.233 | United States | 20940 | AkamaiInternationalBV | |
93.184.221.200 | European Union | 15133 | EdgeCastNetworksInc | |
81.4.68.175 | Netherlands | 21155 | ProServeBV | |
65.55.252.93 | United States | 3598 | MicrosoftCorporation | |
185.127.24.247 | unknown | 23456 | 32bitTransitionAS | |
8.8.8.8 | United States | 15169 | GoogleInc | |
198.41.215.183 | United States | 13335 | CloudFlareInc | |
23.201.182.227 | United States | 16625 | AkamaiTechnologiesInc | |
204.79.197.200 | United States | 8075 | MicrosoftCorporation | |
176.121.14.95 | Czech Republic | 39084 | SBADubrovskiy |
Static File Info |
---|
General | |
---|---|
File type: | Microsoft Word 2007+ |
TrID: |
|
File name: | 201612080549502460_0025.docm |
File size: | 24416 |
MD5: | 2790910b716c116879386d7d3784a8a5 |
SHA1: | b70f9e00fd952e10aab939ce6f036eb70393c89f |
SHA256: | 536b29869803f7b8a70287e072b93fa23eb2c1792d9724c9668d27f73bb38890 |
SHA512: | 802cbfd16ee78be8fb0848198faf2a4b7c87a610df5664053297e5e65be23acc557ef0535f97d5d57415317275fe17e4860aa80d80dbc0bb6644207c391e1f4f |
File Icon |
---|
Static OLE Info |
---|
General | ||
---|---|---|
Document Type: | OpenXML | |
Number of OLE Files: | 1 |
OLE File |
---|
Indicators | |
---|---|
Has Summary Info: | False |
Application Name: | unknown |
Encrypted Document: | False |
Contains Word Document Stream: | False |
Contains Workbook/Book Stream: | False |
Contains PowerPoint Document Stream: | False |
Contains Visio Document Stream: | False |
Contains ObjectPool Stream: | False |
Flash Objects Count: | 0 |
Contains VBA Macros: | True |
Streams with VBA |
---|
VBA File Name: FU5.frm, Stream Size: 1154 |
---|
General | |
---|---|
Stream Path: | VBA/FU5 |
VBA File Name: | FU5.frm |
Stream Size: | 1154 |
Data ASCII: | . . . . . . . . . @ . . . . . . . L . . . . . . . G . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 01 16 01 00 00 f0 00 00 00 40 03 00 00 d4 00 00 00 4c 02 00 00 ff ff ff ff 47 03 00 00 9b 03 00 00 00 00 00 00 01 00 00 00 e8 f8 93 fe 00 00 ff ff 01 00 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
VBA Code with Deobfuscations |
---|
|
VBA Code |
---|
|
VBA File Name: Module1.bas, Stream Size: 11052 |
---|
General | |
---|---|
Stream Path: | VBA/Module1 |
VBA File Name: | Module1.bas |
Stream Size: | 11052 |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C . . . . . . . . . . . . - % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 01 16 01 00 00 f0 00 00 00 e4 09 00 00 d4 00 00 00 88 01 00 00 ff ff ff ff eb 09 00 00 43 20 00 00 00 00 00 00 01 00 00 00 e8 f8 2d 25 00 00 ff ff 03 00 00 00 00 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
VBA Code with Deobfuscations |
---|
|
VBA Code |
---|
|
VBA File Name: ThisDocument.cls, Stream Size: 2928 |
---|
General | |
---|---|
Stream Path: | VBA/ThisDocument |
VBA File Name: | ThisDocument.cls |
Stream Size: | 2928 |
Data ASCII: | . . . . . . . . . v . . . . . . . . . . . . . . . } . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \\ . . . . . . N . T . c ^ . # . . . . . * . , F . 0 / . [ i . . . . . . . . . . . . . . . . . . . . . . K . . { . . ] I . f . C . j 5 & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 01 16 01 00 00 00 01 00 00 76 04 00 00 e4 00 00 00 ea 01 00 00 a4 04 00 00 7d 04 00 00 c5 08 00 00 02 00 00 00 01 00 00 00 e8 f8 8e ce 00 00 ff ff a3 00 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 5c 83 89 b8 9e b8 b6 4e 8d 54 df 63 5e db 23 c5 9c be c7 14 2a 87 2c 46 bd 30 2f e1 5b 69 04 c2 00 00 00 00 00 00 00 00 00 00 00 00 00 |
VBA Code with Deobfuscations |
---|
|
VBA Code |
---|
|
Streams |
---|
Stream Path: FU5/\x1CompObj, File Type: data, Stream Size: 97 |
---|
General | |
---|---|
Stream Path: | FU5/\x1CompObj |
File Type: | data |
Stream Size: | 97 |
Entropy: | 3.61064918306 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M i c r o s o f t F o r m s 2 . 0 F o r m . . . . . E m b e d d e d O b j e c t . . . . . . 9 . q . . . . . . . . . . . . |
Data Raw: | 01 00 fe ff 03 0a 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 46 6f 72 6d 73 20 32 2e 30 20 46 6f 72 6d 00 10 00 00 00 45 6d 62 65 64 64 65 64 20 4f 62 6a 65 63 74 00 00 00 00 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00 |
Stream Path: FU5/\x3VBFrame, File Type: ASCII text, with CRLF line terminators, Stream Size: 287 |
---|
General | |
---|---|
Stream Path: | FU5/\x3VBFrame |
File Type: | ASCII text, with CRLF line terminators |
Stream Size: | 287 |
Entropy: | 4.57124566017 |
Base64 Encoded: | True |
Data ASCII: | V E R S I O N 5 . 0 0 . . B e g i n { C 6 2 A 6 9 F 0 - 1 6 D C - 1 1 C E - 9 E 9 8 - 0 0 A A 0 0 5 7 4 A 4 F } F U 5 . . C a p t i o n = " U s e r F o r m 1 " . . C l i e n t H e i g h t = 3 0 3 0 . . C l i e n t L e f t = 1 2 0 . . C l i e n t T o p = 4 5 0 . . C l i e n t W i d t h = 4 5 6 0 . . S t a r t U p P o s i t i o n = 1 ' C e n t e r O w n e r . . |
Data Raw: | 56 45 52 53 49 4f 4e 20 35 2e 30 30 0d 0a 42 65 67 69 6e 20 7b 43 36 32 41 36 39 46 30 2d 31 36 44 43 2d 31 31 43 45 2d 39 45 39 38 2d 30 30 41 41 30 30 35 37 34 41 34 46 7d 20 46 55 35 20 0d 0a 20 20 20 43 61 70 74 69 6f 6e 20 20 20 20 20 20 20 20 20 3d 20 20 20 22 55 73 65 72 46 6f 72 6d 31 22 0d 0a 20 20 20 43 6c 69 65 6e 74 48 65 69 67 68 74 20 20 20 20 3d 20 20 20 33 30 33 30 |
Stream Path: FU5/f, File Type: data, Stream Size: 499 |
---|
General | |
---|---|
Stream Path: | FU5/f |
File Type: | data |
Stream Size: | 499 |
Entropy: | 4.82617588114 |
Base64 Encoded: | False |
Data ASCII: | . . $ . . . . . . . . . . . . . . . . . . } . . k . . . . . . . . . . . . . . . . R . . . . . . . . . . . K . Q . . . . . . D B . . . T a h o m a . . . . . . . . . . . . . R . . ( . . . . . . . . . . . . . 2 . . . @ . . . . . . . L a b e l 1 . . . . . . P . . . . . ( . . . . . . . . . . . . . 2 . . . 8 . . . . . . . L a b e l 2 . . . . . . . . . . . . $ . . . . . . . . . . . . . 2 . . . 4 . . . . . . . z L B L . . . . . . . . . . $ . . . . . . . . . . . . . H . . . . . . . T e x t B o x 1 ] . . . O . . . . |
Data Raw: | 00 04 24 00 08 0c 10 0c 08 00 00 00 ff ff 00 00 0c 00 00 00 00 7d 00 00 6b 1f 00 00 e1 14 00 00 00 00 00 00 00 00 00 00 03 52 e3 0b 91 8f ce 11 9d e3 00 aa 00 4b b8 51 01 cc 00 00 90 01 44 42 01 00 06 54 61 68 6f 6d 61 00 00 05 00 00 00 a0 01 00 00 00 85 01 52 00 00 28 00 f5 01 00 00 06 00 00 80 03 00 00 00 32 00 00 00 40 00 00 00 00 00 15 00 4c 61 62 65 6c 31 00 00 a8 01 00 00 50 |
Stream Path: FU5/o, File Type: data, Stream Size: 300 |
---|
General | |
---|---|
Stream Path: | FU5/o |
File Type: | data |
Stream Size: | 300 |
Entropy: | 3.88739637664 |
Base64 Encoded: | False |
Data ASCII: | . . . ( . . . . . . . r u n d l l 3 2 . e x e . . . . . . . { . . . . . . . 5 . . . . . . . . . . . . . . . T a h o m a . . . . . . ( . . . . . . . h t t p : / / . . . . . { . . . . . . . 5 . . . . . . . . . . . . . . . T a h o m a / . . . . . ( . . . . . . . + . . . . . . . { . . . . . . . 5 . . . . . . . . . . . . . . . T a h o m a . . . . ( . . . @ . . . . . . H . , . . . . . . . . { . . . s e t R e q u e s t H e a d e r . . . . 5 . . . . . . . . . . . . . . . T a h o m a . . . . . . A . . . . . . . |
Data Raw: | 00 02 20 00 28 00 00 00 0d 00 00 80 72 75 6e 64 6c 6c 33 32 2e 65 78 65 20 00 00 00 ec 09 00 00 7b 02 00 00 00 02 18 00 35 00 00 00 06 00 00 80 a5 00 00 00 cc 02 00 00 54 61 68 6f 6d 61 00 00 00 02 18 00 28 00 00 00 07 00 00 80 68 74 74 70 3a 2f 2f 00 ec 09 00 00 7b 02 00 00 00 02 18 00 35 00 00 00 06 00 00 80 a5 00 00 00 cc 02 00 00 54 61 68 6f 6d 61 2f 00 00 02 14 00 28 00 00 00 |
Stream Path: PROJECT, File Type: ASCII text, with CRLF line terminators, Stream Size: 523 |
---|
General | |
---|---|
Stream Path: | PROJECT |
File Type: | ASCII text, with CRLF line terminators |
Stream Size: | 523 |
Entropy: | 5.37177585729 |
Base64 Encoded: | True |
Data ASCII: | I D = " { F 2 1 9 6 1 5 E - 1 9 B F - 4 D 8 A - B F 6 2 - 3 B 8 0 3 A 7 A E D 8 2 } " . . D o c u m e n t = T h i s D o c u m e n t / & H 0 0 0 0 0 0 0 0 . . P a c k a g e = { A C 9 F 2 F 9 0 - E 8 7 7 - 1 1 C E - 9 F 6 8 - 0 0 A A 0 0 5 7 4 A 4 F } . . B a s e C l a s s = F U 5 . . M o d u l e = M o d u l e 1 . . N a m e = " P r o j e c t " . . H e l p C o n t e x t I D = " 0 " . . V e r s i o n C o m p a t i b l e 3 2 = " 3 9 3 2 2 2 0 0 0 " . . C M G = " 8 1 8 3 7 F 8 5 8 3 8 5 8 3 8 5 8 3 8 5 8 3 " . . |
Data Raw: | 49 44 3d 22 7b 46 32 31 39 36 31 35 45 2d 31 39 42 46 2d 34 44 38 41 2d 42 46 36 32 2d 33 42 38 30 33 41 37 41 45 44 38 32 7d 22 0d 0a 44 6f 63 75 6d 65 6e 74 3d 54 68 69 73 44 6f 63 75 6d 65 6e 74 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 50 61 63 6b 61 67 65 3d 7b 41 43 39 46 32 46 39 30 2d 45 38 37 37 2d 31 31 43 45 2d 39 46 36 38 2d 30 30 41 41 30 30 35 37 34 41 34 46 7d 0d 0a 42 |
Stream Path: PROJECTwm, File Type: data, Stream Size: 77 |
---|
General | |
---|---|
Stream Path: | PROJECTwm |
File Type: | data |
Stream Size: | 77 |
Entropy: | 3.37763061941 |
Base64 Encoded: | False |
Data ASCII: | T h i s D o c u m e n t . T . h . i . s . D . o . c . u . m . e . n . t . . . F U 5 . F . U . 5 . . . M o d u l e 1 . M . o . d . u . l . e . 1 . . . . . |
Data Raw: | 54 68 69 73 44 6f 63 75 6d 65 6e 74 00 54 00 68 00 69 00 73 00 44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 00 00 46 55 35 00 46 00 55 00 35 00 00 00 4d 6f 64 75 6c 65 31 00 4d 00 6f 00 64 00 75 00 6c 00 65 00 31 00 00 00 00 00 |
Stream Path: VBA/_VBA_PROJECT, File Type: data, Stream Size: 4784 |
---|
General | |
---|---|
Stream Path: | VBA/_VBA_PROJECT |
File Type: | data |
Stream Size: | 4784 |
Entropy: | 4.99039523113 |
Base64 Encoded: | False |
Data ASCII: | . a . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . , . * . \\ . G . { . 0 . 0 . 0 . 2 . 0 . 4 . E . F . - . 0 . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . - . C . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 4 . 6 . } . # . 4 . . . 2 . # . 9 . # . C . : . \\ . P . r . o . g . r . a . m . . F . i . l . e . s . . ( . x . 8 . 6 . ) . \\ . C . o . m . m . o . n . . F . i . l . e . s . \\ . M . i . c . r . o . s . o . f . t . . S . h . a . r . e . d . \\ . V . B . A . \\ . V . B . A . 7 . . . |
Data Raw: | cc 61 af 00 00 01 00 ff 19 04 00 00 09 04 00 00 e3 04 01 00 00 00 00 00 00 00 00 00 01 00 06 00 02 00 2c 01 2a 00 5c 00 47 00 7b 00 30 00 30 00 30 00 32 00 30 00 34 00 45 00 46 00 2d 00 30 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 2d 00 43 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 34 00 36 00 7d 00 23 00 34 00 2e 00 32 00 23 00 |
Stream Path: VBA/dir, File Type: data, Stream Size: 851 |
---|
General | |
---|---|
Stream Path: | VBA/dir |
File Type: | data |
Stream Size: | 851 |
Entropy: | 6.56203025224 |
Base64 Encoded: | True |
Data ASCII: | . O . . . . . . . . . . 0 * . . . . . p . . H . . . . . d . . . . . . . . P r o j e c t . Q . ( . . @ . . . . . = . . . . . l . . . . . . . . . X p . Z . . . . J . < . . . . . r s t d . o l e > . . s . t . . d . o . l . e P . . . h . % ^ . . * . \\ G { 0 0 0 2 0 . 4 3 0 - . . . . C . . . . . . . 0 0 4 6 } # . 2 . 0 # 0 # C : . \\ W i n d o w s . \\ S y s W O W 6 . 4 \\ . e 2 . t l b . # O L E A u t . o m a t i o n . ` . . . . E N o r m a l . . E N . C r . m . a Q . F . . . . . . . * . \\ C . . . . . ] . Z . |
Data Raw: | 01 4f b3 80 01 00 04 00 00 00 01 00 30 2a 02 02 90 09 00 70 14 06 48 03 00 82 02 00 64 e3 04 04 00 07 00 1c 00 50 72 6f 6a 65 63 74 05 51 00 28 00 00 40 02 14 06 02 14 3d ad 02 0a 07 02 6c 01 14 08 06 12 09 02 12 80 58 70 15 5a 06 00 0c 02 4a 12 3c 02 0a 16 00 01 72 73 74 64 10 6f 6c 65 3e 02 19 73 00 74 00 00 64 00 6f 00 6c 00 65 50 00 0d 00 68 00 25 5e 00 03 2a 00 5c 47 7b 30 30 |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 8, 2016 14:56:13.466023922 CET | 54973 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:56:13.541414022 CET | 53 | 54973 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:56:13.569166899 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.569199085 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.569295883 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.569917917 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.569936991 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.826044083 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.826070070 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.826078892 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.826297998 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.830493927 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.830517054 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.830526114 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.830593109 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.840291977 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.840316057 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.840325117 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.840537071 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.847080946 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.847104073 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.847111940 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.847328901 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.850182056 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.850353956 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.871344090 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.871366978 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.871376038 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.871578932 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.881210089 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.881231070 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.881238937 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.881457090 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.891011953 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.891032934 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.891041040 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.891254902 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.901081085 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.901101112 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.901108980 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.901324034 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.911088943 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.911303043 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.926867008 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.926887989 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.926897049 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.927177906 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.936475992 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.936500072 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.936508894 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.936636925 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.947041988 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.947066069 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.947073936 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.947288036 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.957118988 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.957139015 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.957148075 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.957350016 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.987731934 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.987934113 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.994375944 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.994395971 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.994404078 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.994587898 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:13.997663975 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.997684956 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.997693062 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:13.997829914 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.021781921 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.021967888 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.031744003 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.031764030 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.031771898 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.031878948 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.041644096 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.041793108 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.064073086 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.064093113 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.064101934 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.064210892 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.074024916 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.074147940 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.079813957 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.079835892 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.079844952 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.079946041 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.086137056 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.086158037 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.086165905 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.086277962 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.095541954 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.095563889 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.095571995 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.095679045 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.097049952 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.097069025 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.097078085 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.097151995 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.097296953 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.108015060 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.108134031 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.110928059 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.110949039 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.110958099 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.111057997 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.114207983 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.114229918 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.114238977 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.114341974 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.117945910 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.118071079 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.125066042 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.125088930 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.125106096 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.125293970 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.127590895 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.127614975 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.127624035 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.127696037 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.137223959 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.137420893 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.175466061 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.175487995 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.175496101 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.175702095 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.183202028 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.183224916 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.183233976 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.183374882 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.193105936 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.193128109 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.193135977 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.193264961 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.197354078 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.197377920 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.197386026 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.197469950 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.203841925 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.203958988 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.215964079 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.233416080 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.233438015 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.233445883 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.233542919 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.243170023 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.243192911 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.243201017 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.243284941 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.249902964 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.249926090 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.249933958 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.250061989 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.253580093 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.253602028 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.253609896 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.253735065 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.254995108 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.255124092 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.263781071 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.280879974 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.280905008 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.280914068 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.281220913 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.283714056 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.283732891 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.283741951 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.283849955 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.284837961 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.284858942 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.284868002 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.284956932 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.285134077 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.289144993 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.289331913 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.298937082 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.298959017 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.298990011 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.299004078 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.299235106 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.368256092 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368278027 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368289948 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368352890 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.368460894 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368484020 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368494034 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368552923 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.368582964 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368597031 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368606091 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.368653059 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.467869043 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.467891932 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.467905045 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.468023062 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.468041897 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.468044996 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.468051910 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.468069077 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.468127012 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.568361998 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568422079 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568434954 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568541050 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568557978 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568583012 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.568619013 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568672895 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568690062 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.568778992 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.568804026 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.569200993 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.667927027 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.668032885 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:14.668195963 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.671540022 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 |
Dec 8, 2016 14:56:14.671583891 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |
Dec 8, 2016 14:56:50.344419956 CET | 49363 | 80 | 192.168.1.16 | 185.127.24.247 |
Dec 8, 2016 14:56:50.344454050 CET | 80 | 49363 | 185.127.24.247 | 192.168.1.16 |
Dec 8, 2016 14:56:50.344538927 CET | 49363 | 80 | 192.168.1.16 | 185.127.24.247 |
Dec 8, 2016 14:56:50.345005035 CET | 49363 | 80 | 192.168.1.16 | 185.127.24.247 |
Dec 8, 2016 14:56:50.345020056 CET | 80 | 49363 | 185.127.24.247 | 192.168.1.16 |
Dec 8, 2016 14:56:50.345146894 CET | 49363 | 80 | 192.168.1.16 | 185.127.24.247 |
Dec 8, 2016 14:56:50.345160007 CET | 80 | 49363 | 185.127.24.247 | 192.168.1.16 |
Dec 8, 2016 14:57:20.091764927 CET | 49363 | 80 | 192.168.1.16 | 185.127.24.247 |
Dec 8, 2016 14:57:20.139497042 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.139535904 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:20.139616013 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.139970064 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.139992952 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:20.140088081 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.140100002 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:20.698019981 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:20.698283911 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.712656021 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:20.712868929 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.715008974 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.715039968 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:20.715277910 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:20.715303898 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.159456015 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.159706116 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.214720011 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.214869022 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.227931023 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.227951050 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.228101015 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.228116989 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.593259096 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.593542099 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.619366884 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.619386911 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.619393110 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.619632006 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.629209042 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.629455090 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.642270088 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.642499924 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.652179956 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.652400017 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:21.665142059 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.665168047 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.665177107 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:21.665440083 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:26.968878984 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:26.968908072 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:26.969063044 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:26.969079018 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:27.420475960 CET | 80 | 49364 | 176.121.14.95 | 192.168.1.16 |
Dec 8, 2016 14:57:27.420555115 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:29.793288946 CET | 49364 | 80 | 192.168.1.16 | 176.121.14.95 |
Dec 8, 2016 14:57:31.868024111 CET | 56989 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:31.928766966 CET | 53 | 56989 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:31.943028927 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:31.943057060 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:31.943114042 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:31.943708897 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:31.943737984 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:31.943813086 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:31.963545084 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:31.963567972 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:31.964235067 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:31.964255095 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.059854031 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.060005903 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.060017109 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.060060024 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.060455084 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.071392059 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.071650028 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.081091881 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.081109047 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.081120014 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.081329107 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.090751886 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.090907097 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.100506067 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.100522995 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.100532055 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.100642920 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.119807005 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.119822025 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.126394987 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.126419067 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.126559973 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.170190096 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.170213938 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.205960035 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.206154108 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.247729063 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:32.247829914 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:32.704051971 CET | 54988 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.706759930 CET | 52691 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.890921116 CET | 53 | 54988 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:32.896264076 CET | 54623 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.903294086 CET | 53 | 52691 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:32.907754898 CET | 65140 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.983536959 CET | 53 | 54623 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:33.012455940 CET | 53 | 65140 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:33.188498020 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:33.188523054 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:33.240263939 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:33.240288019 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:33.299179077 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:33.299278021 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:33.320116997 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:33.320143938 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:33.320353985 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:33.320441008 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:33.329834938 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:33.329962015 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:34.457703114 CET | 59142 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:34.469546080 CET | 65245 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:34.473032951 CET | 63082 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:34.537338018 CET | 53 | 59142 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:34.563277006 CET | 53 | 65245 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:34.591717958 CET | 53 | 63082 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:35.906824112 CET | 63776 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.020824909 CET | 53 | 63776 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.022865057 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.022917986 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.023030043 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.024600983 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.024651051 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.024753094 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.026457071 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.026495934 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.027761936 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.027800083 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.088594913 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.088664055 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.097702026 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.097723961 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.097733974 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.097810984 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.098319054 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.098372936 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.098442078 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.098468065 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.117249966 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.117360115 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.118110895 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.118128061 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.126915932 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.126929998 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.127022028 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.174217939 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.174245119 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.174417973 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.174467087 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.176309109 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.176462889 CET | 443 | 49369 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.176611900 CET | 49369 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.177681923 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.177730083 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.177871943 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.186698914 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.186719894 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.292923927 CET | 60340 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.334620953 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.334856987 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.338099957 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.338124037 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.338135958 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.338376045 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.342344046 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.342573881 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.363003969 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.363020897 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.382316113 CET | 53 | 60340 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.390093088 CET | 54889 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.420705080 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.420923948 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.470144033 CET | 53 | 54889 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.470935106 CET | 49372 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.470964909 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.471187115 CET | 49372 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.472146034 CET | 49372 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.472172022 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.535301924 CET | 56926 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.575304031 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.602180004 CET | 53 | 56926 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.611732006 CET | 54496 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.611983061 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.612237930 CET | 49372 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.612272978 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.631063938 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.631088018 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.656836987 CET | 53 | 54496 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.657618046 CET | 49373 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.657644987 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.657738924 CET | 49373 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.658004045 CET | 49373 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.658020020 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.794239044 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.804060936 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.804199934 CET | 49373 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.804224014 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.816431046 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:36.816510916 CET | 49372 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:36.847546101 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:36.847626925 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:36.850908041 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.850936890 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.922624111 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.922802925 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.932718992 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.932758093 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.932766914 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.932893991 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.936960936 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.936986923 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.936995983 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.937115908 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.942719936 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.942747116 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.942755938 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.942884922 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.949820042 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.949845076 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.949853897 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.949970961 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.950196028 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.950216055 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.950227022 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.950329065 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.956079960 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.956232071 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.959518909 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.959534883 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.959541082 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.959649086 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.960130930 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.960283995 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.966734886 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.966818094 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.969940901 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.969968081 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.969995975 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.970021009 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.970141888 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.976124048 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.976151943 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.976161003 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.976269007 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.980001926 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.980029106 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.980037928 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.980110884 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.985637903 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.985662937 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.985671997 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.985793114 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.989851952 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.989876986 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.989885092 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.990020990 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.994323015 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.994348049 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.994357109 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.994472027 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.996117115 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.996273041 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:36.998095036 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.998117924 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.998126030 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:36.998219967 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.000088930 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.000114918 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.000123978 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.000247002 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.004395962 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:57:37.004494905 CET | 49373 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:57:37.006911039 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.006944895 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.006953955 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.007051945 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.008660078 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.009958982 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.009985924 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.009994030 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.010116100 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.010909081 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.014821053 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.014938116 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.016974926 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.016999960 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.017008066 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.017069101 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.021297932 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.021322012 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.021330118 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.021485090 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.021697998 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.021717072 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.021723986 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.021828890 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.024096966 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.024223089 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.025301933 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.025325060 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.025332928 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.025449038 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.027020931 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.027045965 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.027172089 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.028717995 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.031081915 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.031114101 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.031126976 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.031234980 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.031353951 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.031373978 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.031387091 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.031444073 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.035165071 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.035191059 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.035208941 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.035320997 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.035342932 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.036911964 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.037043095 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.037065029 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:57:37.039062023 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:37.048470974 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:57:56.310293913 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:56.310480118 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:56.363749981 CET | 443 | 49371 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:57:56.363991022 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:57:59.625871897 CET | 51339 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:59.629785061 CET | 59461 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:59.723969936 CET | 53 | 51339 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:59.764961958 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.765000105 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.772284985 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.772998095 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.773016930 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.805846930 CET | 53 | 59461 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:59.806808949 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.806838036 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.806956053 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.809736013 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.809761047 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.809859991 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.810528994 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.810550928 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.811140060 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.811161041 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.853404045 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.853486061 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.858952045 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.858984947 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.859008074 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.859083891 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.859385967 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.859415054 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.859431982 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.859512091 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.863061905 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.863163948 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.881906033 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.881923914 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.903675079 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.903762102 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.903898954 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.903919935 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.903932095 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.903991938 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.904891968 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.904917955 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.904930115 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.905050993 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.905078888 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.905826092 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.907016993 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.907169104 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.909039021 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.909061909 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.909075022 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.909177065 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.913495064 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.913518906 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.913531065 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.913619995 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.914678097 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.914797068 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.926347971 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.926366091 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.945132017 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.945149899 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.949033022 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.949148893 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.958252907 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.958271980 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.989331007 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:57:59.989459991 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.996515989 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:57:59.996537924 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.031373024 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.031500101 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.086007118 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.086209059 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.109520912 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.109539986 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.109553099 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.109756947 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.119229078 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.119252920 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.119261980 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.119504929 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.141400099 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.141628027 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.147515059 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.147533894 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.147542000 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.147778034 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.150985956 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.151225090 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.159132957 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.159151077 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.159158945 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.159373045 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.160733938 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.160988092 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.210424900 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.210619926 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.226439953 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:00.226461887 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.281853914 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:00.282066107 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:03.410986900 CET | 50208 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:03.561029911 CET | 53 | 50208 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:03.570451021 CET | 55058 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:03.651968002 CET | 53 | 55058 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:03.652805090 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:03.652843952 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:03.653012037 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:03.665657997 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:03.665682077 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.035579920 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.072989941 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.073012114 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.073219061 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:04.073260069 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.094099998 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:04.094125032 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.317878008 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.415407896 CET | 64414 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:04.499509096 CET | 53 | 64414 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:04.512301922 CET | 57017 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:04.524422884 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:04.524534941 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:04.595016956 CET | 53 | 57017 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:05.026664972 CET | 56260 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:05.129473925 CET | 53 | 56260 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:05.140326977 CET | 53442 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:05.223885059 CET | 53 | 53442 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:05.224700928 CET | 49381 | 80 | 192.168.1.16 | 23.201.182.227 |
Dec 8, 2016 14:58:05.224730968 CET | 80 | 49381 | 23.201.182.227 | 192.168.1.16 |
Dec 8, 2016 14:58:05.231673956 CET | 49381 | 80 | 192.168.1.16 | 23.201.182.227 |
Dec 8, 2016 14:58:05.231976032 CET | 49381 | 80 | 192.168.1.16 | 23.201.182.227 |
Dec 8, 2016 14:58:05.231992960 CET | 80 | 49381 | 23.201.182.227 | 192.168.1.16 |
Dec 8, 2016 14:58:05.374526978 CET | 80 | 49381 | 23.201.182.227 | 192.168.1.16 |
Dec 8, 2016 14:58:05.576430082 CET | 80 | 49381 | 23.201.182.227 | 192.168.1.16 |
Dec 8, 2016 14:58:05.576514006 CET | 49381 | 80 | 192.168.1.16 | 23.201.182.227 |
Dec 8, 2016 14:58:05.598804951 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:05.598830938 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:05.599107981 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:05.599126101 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:05.955533981 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:06.153876066 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:08.578418016 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:08.578460932 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:08.578937054 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:08.578963995 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:08.942007065 CET | 443 | 49378 | 65.55.252.93 | 192.168.1.16 |
Dec 8, 2016 14:58:09.138413906 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:58:22.585202932 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:58:22.585515022 CET | 49372 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:58:22.585822105 CET | 49372 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:58:22.585858107 CET | 80 | 49372 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:58:22.806211948 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:58:22.806370020 CET | 49373 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:58:22.806498051 CET | 49373 | 80 | 192.168.1.16 | 198.41.215.183 |
Dec 8, 2016 14:58:22.806521893 CET | 80 | 49373 | 198.41.215.183 | 192.168.1.16 |
Dec 8, 2016 14:58:30.105422974 CET | 62903 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:30.149600029 CET | 53 | 62903 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:30.165179014 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.165215015 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.165299892 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.175250053 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.175273895 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.281199932 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.281474113 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.283571959 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.283596039 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.283606052 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.283818960 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.289136887 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.289160967 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.289375067 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.290987015 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.291174889 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.300992012 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.301016092 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.301246881 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.326051950 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.326071978 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.380923033 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.381098986 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.759002924 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:30.759026051 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.833287954 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:58:30.833512068 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:58:34.579621077 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:34.579875946 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.629208088 CET | 49365 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.629236937 CET | 443 | 49365 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.629688978 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.629712105 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.737374067 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.737582922 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.747090101 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.747112989 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.747122049 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.747308016 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.760216951 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.760243893 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.760406971 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.771152973 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.771265984 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.780903101 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.780930996 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.780939102 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.781042099 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.791488886 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.791516066 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.791524887 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.791624069 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.801162004 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.801265001 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.810985088 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.811011076 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.811019897 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.811100960 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:58:35.821158886 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:58:35.821326971 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 14:59:00.055015087 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:59:00.055351019 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:59:08.938410044 CET | 49378 | 443 | 192.168.1.16 | 65.55.252.93 |
Dec 8, 2016 14:59:08.938775063 CET | 49381 | 80 | 192.168.1.16 | 23.201.182.227 |
Dec 8, 2016 14:59:28.467015028 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:59:28.467175961 CET | 443 | 49376 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:59:28.467266083 CET | 49376 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:59:28.467562914 CET | 49375 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:59:28.467592955 CET | 443 | 49375 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:59:28.467917919 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:59:28.468038082 CET | 443 | 49374 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 14:59:28.468174934 CET | 49374 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 14:59:28.468446970 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:59:28.468560934 CET | 443 | 49370 | 104.69.255.233 | 192.168.1.16 |
Dec 8, 2016 14:59:28.468678951 CET | 49370 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:59:28.468861103 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:59:28.468944073 CET | 49371 | 443 | 192.168.1.16 | 104.69.255.233 |
Dec 8, 2016 14:59:38.966247082 CET | 443 | 49366 | 204.79.197.200 | 192.168.1.16 |
Dec 8, 2016 14:59:38.966360092 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 15:00:30.059546947 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 15:00:30.059719086 CET | 443 | 49382 | 93.184.221.200 | 192.168.1.16 |
Dec 8, 2016 15:00:30.059837103 CET | 49382 | 443 | 192.168.1.16 | 93.184.221.200 |
Dec 8, 2016 15:01:21.638561010 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 15:01:21.935153008 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 15:01:22.544672966 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 15:01:23.747797966 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 15:01:26.153573990 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 15:01:30.966315031 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
Dec 8, 2016 15:01:40.575994968 CET | 49366 | 443 | 192.168.1.16 | 204.79.197.200 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 8, 2016 14:56:13.466023922 CET | 54973 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:56:13.541414022 CET | 53 | 54973 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:31.868024111 CET | 56989 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:31.928766966 CET | 53 | 56989 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:32.704051971 CET | 54988 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.706759930 CET | 52691 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.890921116 CET | 53 | 54988 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:32.896264076 CET | 54623 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.903294086 CET | 53 | 52691 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:32.907754898 CET | 65140 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:32.983536959 CET | 53 | 54623 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:33.012455940 CET | 53 | 65140 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:34.457703114 CET | 59142 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:34.469546080 CET | 65245 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:34.473032951 CET | 63082 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:34.537338018 CET | 53 | 59142 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:34.563277006 CET | 53 | 65245 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:34.591717958 CET | 53 | 63082 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:35.906824112 CET | 63776 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.020824909 CET | 53 | 63776 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.292923927 CET | 60340 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.382316113 CET | 53 | 60340 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.390093088 CET | 54889 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.470144033 CET | 53 | 54889 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.535301924 CET | 56926 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.602180004 CET | 53 | 56926 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:36.611732006 CET | 54496 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:36.656836987 CET | 53 | 54496 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:59.625871897 CET | 51339 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:59.629785061 CET | 59461 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:57:59.723969936 CET | 53 | 51339 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:57:59.805846930 CET | 53 | 59461 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:03.410986900 CET | 50208 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:03.561029911 CET | 53 | 50208 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:03.570451021 CET | 55058 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:03.651968002 CET | 53 | 55058 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:04.415407896 CET | 64414 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:04.499509096 CET | 53 | 64414 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:04.512301922 CET | 57017 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:04.595016956 CET | 53 | 57017 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:05.026664972 CET | 56260 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:05.129473925 CET | 53 | 56260 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:05.140326977 CET | 53442 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:05.223885059 CET | 53 | 53442 | 8.8.8.8 | 192.168.1.16 |
Dec 8, 2016 14:58:30.105422974 CET | 62903 | 53 | 192.168.1.16 | 8.8.8.8 |
Dec 8, 2016 14:58:30.149600029 CET | 53 | 62903 | 8.8.8.8 | 192.168.1.16 |
ICMP Packets |
---|
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Dec 8, 2016 15:00:13.732656956 CET | 192.168.1.16 | 8.8.8.8 | cf09 | (Port unreachable) | Destination Unreachable |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Dec 8, 2016 14:56:13.466023922 CET | 192.168.1.16 | 8.8.8.8 | 0x473d | Standard query (0) | netfun.be | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:31.868024111 CET | 192.168.1.16 | 8.8.8.8 | 0xf6c2 | Standard query (0) | ieonline.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:34.457703114 CET | 192.168.1.16 | 8.8.8.8 | 0xd8f8 | Standard query (0) | api.bing.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:34.469546080 CET | 192.168.1.16 | 8.8.8.8 | 0x78a8 | Standard query (0) | www.bing.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:34.473032951 CET | 192.168.1.16 | 8.8.8.8 | 0x1202 | Standard query (0) | www.bing.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:35.906824112 CET | 192.168.1.16 | 8.8.8.8 | 0x98af | Standard query (0) | go.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:36.292923927 CET | 192.168.1.16 | 8.8.8.8 | 0x4846 | Standard query (0) | ocsp.msocsp.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:36.390093088 CET | 192.168.1.16 | 8.8.8.8 | 0x4ad4 | Standard query (0) | ocsp.msocsp.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:36.535301924 CET | 192.168.1.16 | 8.8.8.8 | 0x379e | Standard query (0) | ocsp.msocsp.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:36.611732006 CET | 192.168.1.16 | 8.8.8.8 | 0x8988 | Standard query (0) | ocsp.msocsp.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:59.625871897 CET | 192.168.1.16 | 8.8.8.8 | 0x899d | Standard query (0) | iecvlist.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:57:59.629785061 CET | 192.168.1.16 | 8.8.8.8 | 0x36c5 | Standard query (0) | r20swj13mr.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:58:03.410986900 CET | 192.168.1.16 | 8.8.8.8 | 0x8a75 | Standard query (0) | sqm.telemetry.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:58:03.570451021 CET | 192.168.1.16 | 8.8.8.8 | 0xff19 | Standard query (0) | sqm.telemetry.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:58:04.415407896 CET | 192.168.1.16 | 8.8.8.8 | 0x7d32 | Standard query (0) | crl.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:58:04.512301922 CET | 192.168.1.16 | 8.8.8.8 | 0xbb3b | Standard query (0) | crl.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:58:05.026664972 CET | 192.168.1.16 | 8.8.8.8 | 0xb45a | Standard query (0) | www.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:58:05.140326977 CET | 192.168.1.16 | 8.8.8.8 | 0x2f75 | Standard query (0) | www.microsoft.com | A (IP address) | IN (0x0001) |
Dec 8, 2016 14:58:30.105422974 CET | 192.168.1.16 | 8.8.8.8 | 0x9b2b | Standard query (0) | iecvlist.microsoft.com | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Replay Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Dec 8, 2016 14:56:13.541414022 CET | 8.8.8.8 | 192.168.1.16 | 0x473d | No error (0) | netfun.be | 81.4.68.175 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:31.928766966 CET | 8.8.8.8 | 192.168.1.16 | 0xf6c2 | No error (0) | ieonline.microsoft.com | 204.79.197.200 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:34.537338018 CET | 8.8.8.8 | 192.168.1.16 | 0xd8f8 | No error (0) | api.bing.com | 13.107.5.80 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:34.563277006 CET | 8.8.8.8 | 192.168.1.16 | 0x78a8 | No error (0) | www.bing.com | 204.79.197.200 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:34.591717958 CET | 8.8.8.8 | 192.168.1.16 | 0x1202 | No error (0) | www.bing.com | 204.79.197.200 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:36.020824909 CET | 8.8.8.8 | 192.168.1.16 | 0x98af | No error (0) | go.microsoft.com | 104.69.255.233 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:36.382316113 CET | 8.8.8.8 | 192.168.1.16 | 0x4846 | No error (0) | ocsp.msocsp.com | 198.41.215.183 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:36.470144033 CET | 8.8.8.8 | 192.168.1.16 | 0x4ad4 | No error (0) | ocsp.msocsp.com | 198.41.215.183 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:36.602180004 CET | 8.8.8.8 | 192.168.1.16 | 0x379e | No error (0) | ocsp.msocsp.com | 198.41.215.183 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:36.656836987 CET | 8.8.8.8 | 192.168.1.16 | 0x8988 | No error (0) | ocsp.msocsp.com | 198.41.215.183 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:59.723969936 CET | 8.8.8.8 | 192.168.1.16 | 0x899d | No error (0) | iecvlist.microsoft.com | 93.184.221.200 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:57:59.805846930 CET | 8.8.8.8 | 192.168.1.16 | 0x36c5 | No error (0) | r20swj13mr.microsoft.com | 93.184.221.200 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:58:03.561029911 CET | 8.8.8.8 | 192.168.1.16 | 0x8a75 | No error (0) | sqm.telemetry.microsoft.com | 65.55.252.93 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:58:03.651968002 CET | 8.8.8.8 | 192.168.1.16 | 0xff19 | No error (0) | sqm.telemetry.microsoft.com | 65.55.252.93 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:58:04.499509096 CET | 8.8.8.8 | 192.168.1.16 | 0x7d32 | No error (0) | crl.microsoft.com | 83.151.132.104 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:58:04.595016956 CET | 8.8.8.8 | 192.168.1.16 | 0xbb3b | No error (0) | crl.microsoft.com | 83.151.132.104 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:58:05.129473925 CET | 8.8.8.8 | 192.168.1.16 | 0xb45a | No error (0) | www.microsoft.com | 23.201.182.227 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:58:05.223885059 CET | 8.8.8.8 | 192.168.1.16 | 0x2f75 | No error (0) | www.microsoft.com | 23.201.182.227 | A (IP address) | IN (0x0001) | |
Dec 8, 2016 14:58:30.149600029 CET | 8.8.8.8 | 192.168.1.16 | 0x9b2b | No error (0) | iecvlist.microsoft.com | 93.184.221.200 | A (IP address) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP | Header | Total Bytes Transfered (KB) |
---|---|---|---|---|---|---|
Dec 8, 2016 14:56:13.569917917 CET | 49362 | 80 | 192.168.1.16 | 81.4.68.175 | 0 | |
Dec 8, 2016 14:56:13.826044083 CET | 80 | 49362 | 81.4.68.175 | 192.168.1.16 |