Analysis Report
Overview
General Information |
---|
Joe Sandbox Version: | 21.0.0 |
Analysis ID: | 44833 |
Start time: | 15:07:04 |
Joe Sandbox Product: | Cloud |
Start date: | 23.10.2017 |
Overall analysis duration: | 0h 14m 55s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | eY60uYkZgM (renamed file extension from none to dmg) |
Cookbook file name: | defaultmacfilecookbook.jbs |
Analysis system description: | Mac Mini, El Capitan 10.11.6 (MS Office 15.25, Java 1.8.0_131) |
Detection: | MAL |
Classification: | mal72.troj.spyw.evad.macDMG@0/37@23/0 |
Detection |
---|
Strategy | Score | Range | Reporting | Detection | |
---|---|---|---|---|---|
Threshold | 72 | 0 - 100 | Report FP / FN |
Classification |
---|
Signature Overview |
---|
Click to jump to signature section
Cryptography: |
---|
Creates files with functionality related to DES encryption and/or decryption | Show sources |
Source: /private/tmp/Updater.app/Contents/Resources/pyDes.py | Found S1 S-Box: |
Executes the "openssl" command used for crypographic operations | Show sources |
Source: /bin/sh (PID: 528) | Openssl executable: |
Writes files containing public keys to disk | Show sources |
Source: /usr/bin/unzip (PID: 524) | File created 'PUBLIC KEY' pattern: | ||
Source: /bin/sh (PID: 527) | File created 'PUBLIC KEY' pattern: |
Networking: |
---|
Performs DNS lookups | Show sources |
Source: unknown | DNS traffic detected: |
Reads from file descriptors related to (network) sockets | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Reads from socket in process: | ||
Source: /usr/bin/curl (PID: 533) | Reads from socket in process: |
Uses HTTPS | Show sources |
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: |
Writes from file descriptors related to (network) sockets | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Writes from socket in process: | ||
Source: /usr/bin/curl (PID: 533) | Writes from socket in process: | ||
Source: /usr/bin/curl (PID: 539) | Writes from socket in process: |
Detected non-DNS traffic on DNS port | Show sources |
Source: global traffic | TCP traffic: |
Executes the "nc" (netcat) command used to establish arbitrary TCP or UDP connections and listens | Show sources |
Source: /bin/sh (PID: 530) | Netcat executable: |
Pings several hosts (probably to check C&C connectivity) | Show sources |
Source: Ping host arguments | More than 5 different servers pinged: |
System Summary: |
---|
Classification label | Show sources |
Source: classification engine | Classification label: |
Data Obfuscation: |
---|
Imports the IOKit library (often used to register services) | Show sources |
Source: initial sample | Static MACH information: |
Imports the Security library (often used for certificate, key, keychain, or secure transport handling) | Show sources |
Source: initial sample | Static MACH information: |
Persistence and Installation Behavior: |
---|
Creates application bundles containing icon files | Show sources |
Source: /usr/bin/unzip (PID: 524) | Icon file created: | ||
Source: /usr/bin/unzip (PID: 524) | Icon file created: |
Reads data from the local random generator | Show sources |
Source: /usr/bin/open (PID: 521) | Random device file read: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Random device file read: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Random device file read: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Random device file read: | ||
Source: /usr/bin/openssl (PID: 528) | Random device file read: | ||
Source: /usr/bin/curl (PID: 533) | Random device file read: | ||
Source: /usr/bin/curl (PID: 533) | Random device file read: | ||
Source: /usr/bin/curl (PID: 539) | Random device file read: | ||
Source: /usr/bin/curl (PID: 539) | Random device file read: |
Uses AppleKeyboardLayouts bundle containing keyboard layouts | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 519) | AppleKeyboardLayouts info plist opened: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | AppleKeyboardLayouts info plist opened: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | AppleKeyboardLayouts info plist opened: |
Writes property list (.plist) files to disk | Show sources |
Source: /usr/bin/unzip (PID: 524) | XML plist file created: | ||
Source: /usr/bin/unzip (PID: 524) | Binary plist file created: |
Changes permissions of written Mach-O files | Show sources |
Source: /usr/bin/unzip (PID: 524) | Permissions modifiied for written 64-bit Mach-O /private/tmp/Updater.app/Contents/MacOS/Updater: |
Checks the current date and time via Internet using a shell command | Show sources |
Source: /bin/sh (PID: 533) | HTTP request via command: |
Creates Python files with suspicious function names | Show sources |
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/ch.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/pbkdf2.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/pyDes.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/pyDes.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/pyDes.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/pyDes.py | Suspicious function name: | ||
Source: /private/tmp/Updater.app/Contents/Resources/pyDes.py | Suspicious function name: |
Creates application bundles | Show sources |
Source: /usr/bin/unzip (PID: 524) | Bundle Info.plist file created: |
Creates hidden files, links and/or directories | Show sources |
Source: /usr/bin/unzip (PID: 524) | Hidden file created: | ||
Source: /usr/bin/unzip (PID: 524) | Hidden file created: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Hidden file created: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Hidden file created: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Hidden file created: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Hidden file created: |
Executes commands using a shell command-line interpreter | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 519) | Shell command executed: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 519) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Shell command executed: |
Executes the "curl" command used to transfer data via the network (usually using HTTP/S) | Show sources |
Source: /bin/sh (PID: 533) | Curl executable: | ||
Source: /bin/sh (PID: 539) | Curl executable: |
Executes the "ping" command used for connectivity testing via ICMP | Show sources |
Source: /bin/sh (PID: 541) | Ping executable: | ||
Source: /bin/sh (PID: 543) | Ping executable: | ||
Source: /bin/sh (PID: 545) | Ping executable: | ||
Source: /bin/sh (PID: 547) | Ping executable: | ||
Source: /bin/sh (PID: 549) | Ping executable: | ||
Source: /bin/sh (PID: 551) | Ping executable: | ||
Source: /bin/sh (PID: 553) | Ping executable: | ||
Source: /bin/sh (PID: 555) | Ping executable: | ||
Source: /bin/sh (PID: 557) | Ping executable: | ||
Source: /bin/sh (PID: 559) | Ping executable: | ||
Source: /bin/sh (PID: 562) | Ping executable: |
Opens applications that may be created ones | Show sources |
Source: /bin/sh (PID: 521) | Application opened: | ||
Source: /bin/sh (PID: 525) | Application opened: |
Reads launchservices plist files | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 519) | Launchservices plist file read: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 519) | Launchservices plist file read: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Launchservices plist file read: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Launchservices plist file read: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Launchservices plist file read: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Launchservices plist file read: |
Reads user launchservices plist file containing default apps for corresponding filetypes | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 519) | Preferences launchservices plist file read: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Preferences launchservices plist file read: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Preferences launchservices plist file read: |
Uses CFNetwork bundle containing interfaces for network communication (HTTP, sockets, and Bonjour) | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | CFNetwork info plist opened: |
Writes 64-bit Mach-O files to disk | Show sources |
Source: /usr/bin/unzip (PID: 524) | File written: |
Writes Mach-O files to the tmp directory | Show sources |
Source: /usr/bin/unzip (PID: 524) | 64-bit Mach-O written to tmp path: |
Writes Python files to disk | Show sources |
Source: /usr/bin/unzip (PID: 524) | Python file created: | ||
Source: /usr/bin/unzip (PID: 524) | Python file created: | ||
Source: /usr/bin/unzip (PID: 524) | Python file created: | ||
Source: /usr/bin/unzip (PID: 524) | Python file created: | ||
Source: /usr/bin/unzip (PID: 524) | Python file created: |
Writes icon files to disk | Show sources |
Source: /usr/bin/unzip (PID: 524) | File written: | ||
Source: /usr/bin/unzip (PID: 524) | File written: |
Many shell processes execute programs via execve syscall (may be indicative for malicious behaviour) | Show sources |
Source: /bin/sh (PID: 521) | Shell process: | ||
Source: /bin/sh (PID: 524) | Shell process: | ||
Source: /bin/sh (PID: 525) | Shell process: | ||
Source: /bin/sh (PID: 528) | Shell process: | ||
Source: /bin/sh (PID: 530) | Shell process: | ||
Source: /bin/sh (PID: 533) | Shell process: | ||
Source: /bin/sh (PID: 539) | Shell process: | ||
Source: /bin/sh (PID: 541) | Shell process: | ||
Source: /bin/sh (PID: 543) | Shell process: | ||
Source: /bin/sh (PID: 545) | Shell process: | ||
Source: /bin/sh (PID: 547) | Shell process: | ||
Source: /bin/sh (PID: 549) | Shell process: | ||
Source: /bin/sh (PID: 551) | Shell process: | ||
Source: /bin/sh (PID: 553) | Shell process: | ||
Source: /bin/sh (PID: 555) | Shell process: | ||
Source: /bin/sh (PID: 557) | Shell process: | ||
Source: /bin/sh (PID: 559) | Shell process: | ||
Source: /bin/sh (PID: 562) | Shell process: |
Hooking and other Techniques for Hiding and Protection: |
---|
Denies being traced/debugged (via ptrace PT_DENY_ATTACH) | Show sources |
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | PTRACE system call (PT_DENY_ATTACH): |
HIPS / PFW / Operating System Protection Evasion: |
---|
Reads the sysctl safe boot value (probably to check if the system is in safe boot mode) | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl read request: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Sysctl read request: |
Language, Device and Operating System Detection: |
---|
Reads the system or server version plist file | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 519) | System or server version plist file read: | ||
Source: /usr/bin/open (PID: 521) | System or server version plist file read: | ||
Source: /usr/bin/open (PID: 525) | System or server version plist file read: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | System or server version plist file read: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | System or server version plist file read: |
Reads hardware related sysctl values | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl read request: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl read request: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl read request: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Sysctl read request: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Sysctl read request: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Sysctl read request: |
Reads the kernel OS version value | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl read request: | ||
Source: /tmp/Updater.app/Contents/MacOS/Updater (PID: 526) | Sysctl read request: |
Reads the systems OS release and/or type | Show sources |
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl requested: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl requested: | ||
Source: /usr/bin/curl (PID: 533) | Sysctl requested: | ||
Source: /usr/bin/curl (PID: 539) | Sysctl requested: |
Reads the systems hostname | Show sources |
Source: /bin/sh (PID: 521) | Sysctl requested: | ||
Source: /bin/sh (PID: 523) | Sysctl requested: | ||
Source: /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player (PID: 522) | Sysctl requested: | ||
Source: /bin/sh (PID: 527) | Sysctl requested: | ||
Source: /bin/sh (PID: 529) | Sysctl requested: | ||
Source: /bin/sh (PID: 531) | Sysctl requested: | ||
Source: /bin/sh (PID: 537) | Sysctl requested: | ||
Source: /bin/sh (PID: 540) | Sysctl requested: | ||
Source: /bin/sh (PID: 542) | Sysctl requested: | ||
Source: /bin/sh (PID: 544) | Sysctl requested: | ||
Source: /bin/sh (PID: 546) | Sysctl requested: | ||
Source: /bin/sh (PID: 548) | Sysctl requested: | ||
Source: /bin/sh (PID: 550) | Sysctl requested: | ||
Source: /bin/sh (PID: 552) | Sysctl requested: | ||
Source: /bin/sh (PID: 554) | Sysctl requested: | ||
Source: /bin/sh (PID: 556) | Sysctl requested: | ||
Source: /bin/sh (PID: 558) | Sysctl requested: | ||
Source: /bin/sh (PID: 561) | Sysctl requested: | ||
Source: /bin/sh (PID: 563) | Sysctl requested: |
Stealing of Sensitive Information: |
---|
Creates files with functionality probably related to stealing credentials in Chrome | Show sources |
Source: /private/tmp/Updater.app/Contents/Resources/ch.py | Found specific keywords: |
Creates files with functionality probably related to stealing credit card information | Show sources |
Source: /private/tmp/Updater.app/Contents/Resources/ch.py | Found specific keywords: |
Uses Python chainbreaker to extract user credentials from keychain files | Show sources |
Source: /private/tmp/Updater.app/Contents/Resources/cb.py | String pattern found: |
Runtime Messages |
---|
Command: | open |
Exitcode: | 0 |
Killed: | False |
Standard Output: | |
Standard Error: |
Yara Overview |
---|
Initial Sample |
---|
No yara matches |
---|
PCAP (Network Traffic) |
---|
No yara matches |
---|
Dropped Files |
---|
No yara matches |
---|
Memory Dumps |
---|
No yara matches |
---|
Antivirus Detection |
---|
Screenshot |
---|
Startup |
---|
|
Created / dropped Files |
---|
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 380F2FB9AA592A3E535997EC9214A1B1BBED0D07 |
SHA-256: | D29B774EC8E7C2896EB2C4A4598D0EFB228370E14B16D95B8362ACA2D2590ABC |
SHA-512: | 801D5B491DEDA81EC5AB8FB2D420499F3D99538F28CA01DC76679AAE4D27B801853022836BA2CA86275FDEB8240EC9B72419E64F2B108E23D7233C5EED97F8D1 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 307D81501E07CE4944E4FE5722DFF927FB65CF60 |
SHA-256: | F6C1AB7FAEF2B687C60C4EB8536C7F39B8A8A26228151A01314B89D0A3EAAFE0 |
SHA-512: | 3F7AFB86E32B7263F2A6503BB093CD7D60470A8A351DEFB7AC53379D694BFAF164E0D211ABB424F14691A6209D0DB20CB9439B183194BA61158C5F210747A68D |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 380F2FB9AA592A3E535997EC9214A1B1BBED0D07 |
SHA-256: | D29B774EC8E7C2896EB2C4A4598D0EFB228370E14B16D95B8362ACA2D2590ABC |
SHA-512: | 801D5B491DEDA81EC5AB8FB2D420499F3D99538F28CA01DC76679AAE4D27B801853022836BA2CA86275FDEB8240EC9B72419E64F2B108E23D7233C5EED97F8D1 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 307D81501E07CE4944E4FE5722DFF927FB65CF60 |
SHA-256: | F6C1AB7FAEF2B687C60C4EB8536C7F39B8A8A26228151A01314B89D0A3EAAFE0 |
SHA-512: | 3F7AFB86E32B7263F2A6503BB093CD7D60470A8A351DEFB7AC53379D694BFAF164E0D211ABB424F14691A6209D0DB20CB9439B183194BA61158C5F210747A68D |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | BF76A6556305C951ACEFFC6D088FA890C5182E93 |
SHA-256: | 68222B4B927EF6DF6928FE746F15C5C6D4C45788507F1E5336E6D3FAE529BDFD |
SHA-512: | 1627B7FF36248245C6CF4BA3CBCB5F3FAFFBFC77C6CE6A842E677B8CD485F473D0DC66D32A52B09774D7FB15070C4418F471A322B8935CB7AB98264D74C6234F |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | C8F8B18F1F4EFF2F85E025C67C68DF75CEADA7E9 |
SHA-256: | 2AFCC65A07A49C3FA5E5AB9E849C85F85E65E81778E94E4DE8EA664C6A93487B |
SHA-512: | 1D8ECD30DE541E42CE0355626DDAC6AD3BEB0130A5339DD95034288EEEC1F2372240DA96DD367EA1F474A5ABF433EAF033F74283E1863B3118945D4832996FCF |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | EF5A11A1BB5B2423554309688AA7947F4AFA5388 |
SHA-256: | 061F056338E00D38CDFB6B1F40D8E4F8D3F1D7214F6D9A48D0D91D766B7574B7 |
SHA-512: | 59E28A57D05D9FCA4DB6F78EEC103E7A8CC9C8A9A517098D501ECAC06062D811110F362ADD00846259537FAA6FAFB377293BF52E0FBBF96E73A7D5F14B3F4E9F |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 9F9EEA0CFE2D65F2C3D6B092E375B40782D08F31 |
SHA-256: | 82502191C9484B04D685374F9879A0066069C49B8ACAE7A04B01D38D07E8ECA0 |
SHA-512: | F77D501528DD0CED155C80406CFBEE38D5D3649B64D2A9324F3D6CEE39491EB8F54CDEBAE49C6E21A20D2309D8FAE1B01C41631224811E73483DB25A2695738C |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 57647C8223D9B46BFA530EEB34DF2156BC9AADA5 |
SHA-256: | DA909FDD81FAAF94B5FFF72957A889C8320529B5C7767F8B39E9CDAD5854F832 |
SHA-512: | B294D63084194BBB9C6BE12DA78A6804CCA3AFD5428B496FE786632380DB9A5DCF89BFA5F224EEB3A26D6F4725BEA54A272E6DF8B14BC7B52554C4C2100017FD |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 1E45035964E0B5327F1F0363E37E6EA647594C46 |
SHA-256: | B3D99532A462EC7011DBD5F9BE659C57C0FDAA618C52E137F8EBAD6230201F83 |
SHA-512: | D70F24F70DF29203DC2AA9FE664B094DECBC9665A62EEF7B2F9E41E956BF851651A73328724F5C6F3A17421E9B9E231CBBA98F4825F8EDDF7816E294DF843CC7 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | EEB05B62D7CF08F4AA5516E3FC5D670C3408B10F |
SHA-256: | B601E973F471BFC86DE134B33FBEEA04E410952CF494B8952EDC8EA85DA3A542 |
SHA-512: | DC314D036769BA66251D1A94A1248BC27F335F021D713186058C42D6D939762E9BA8D8E189FFEF2AD8EE9148C793F158AE021B245159DE9DDB6573A49105565B |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 59DE10ABB0AA1D32BC34C3683105A06ADEEA33A7 |
SHA-256: | E144427D382CA4D8F4D13CCBE04FBD790EDAD5FF6288F2BEEFFAECF229981F00 |
SHA-512: | FA746B280EABFBA12506C84B27ADCB285BC80BBE643C872CC043A1750EE4938DFD9CFF517B5F69FD51C5C3CCBCEB3BE744D578C100A856A28EC0CB02A1CEBEA6 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 2A72C835D5267EB962A81E6A007A28EB7C7B7C01 |
SHA-256: | C6866C022C2BCF2BCA8A62650D7F864AC5911319B15B1529A1BBF6272676833F |
SHA-512: | DBE8CBCF52BE1D90F903030F765A05E4CFE7B914E9A0B5A1E751D4CF4DA813DAB50C76F2B07ED3F65BEFD8CBE7C5A3D3B956CD4B2CCE13248FA5FF353842FB65 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | A74AF9951F000570950B8C99CDC76359AEDF33B8 |
SHA-256: | 27D83C4824B9C74B3DCC47BEE170C9772EFBEC697823EFB6C08CE79B47DA866E |
SHA-512: | 53E9E16C5737CEEB8B20BD59371484043DE0F15BD3799A996E5D848D20BBE929F4E9534CA2E5BC49CD60EFF62D5E9B6857C40B29E5CEE1240066E1C2B7FBE80C |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 2154A5C596EAF9495EA58AEAF56EC3CB98D43DE1 |
SHA-256: | F7733DC2EA2A2B1EA6FBAD97DC86BA3456EFB50F2DF8DDDD9D67095CAD4EBE88 |
SHA-512: | BD076876AD51752DE1A0782C0846CB4D73AF0F0A1E9B3AA1D4B7843136C80D72D0E10B2389E91496C1289BAE9E14696B6CC7F04C1EF811906685A4C3B62AE2F2 |
Malicious: | true |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 4D346238EBA9E7282B329AB55C7B19D1391C7983 |
SHA-256: | F7B70C0EB15F3EB3D42ABFE66EE52D858D2AD68DD2BD5AA53135AA4AB4851601 |
SHA-512: | DA6E1E61FC6CC945417BD4820E3844BCD340831085F86F982708588DD49EBDF3780CBA8FF24D089AF7ACCB2931CDDCAB8FF0FD7D2568A8E314156BD9EAD16914 |
Malicious: | true |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 7767A4F4FEDA7A8C6C400740F4354A3BD2EAF25A |
SHA-256: | E043C005382FBC35BFA8E198D769C4117AF47500C994744B9D61F3F49DC1FC27 |
SHA-512: | EFB0D43705D910D35E245BE24C8DB261AF755344AF110B5DFE5713EDAEE3FFF8EA36BFEBF310E6B2C0720BCABDB733A0C22669FF8D42F85530717BD1A2FF002B |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 741D741BE0CE3B078DB8D2BD7DE18E8E7FBCEA64 |
SHA-256: | 23B01427953F63F3DF64E633DB863EB3FB18BCCCA8CA75D7B412A2B9A0EADC11 |
SHA-512: | CB94C336E71B35F14BD4F387B2EB00B2343C54A1222DF6070D373DA754566552508BDE638C95E84E510F00FF011CC8C3367DEE2E9D4B40696C80BF575BB385C2 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 2164DDB7D2E36310DC6A9CED121CA4E5F17798FB |
SHA-256: | 3B34DAB817B8F9EFCC7D89C57449CA9F12FD65803E2428AF9EF1892393316040 |
SHA-512: | 044F18F5DC1264DBDDD3D3D3069E71101C6EA86E36079B8499C8B51F93DFB1DB82613673281CEAAD619A716E2D2CBAD70DF63C0B9031BE2DB90D54115E5A29B6 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 150C37A9EC2114D1750E51D203AAFCC256C38E18 |
SHA-256: | 4C67239F41544D461C36768DDF88E73508646F44EB041ED20E931F5B477F6BBD |
SHA-512: | 2E3E468A39DE9B40CC38B4D7B193D641156A71C0ED18C68E2ED1B19002A563EB22AEABB8D14EE8D1CA0A072613C7B97D9719462D0B1576AB404C0B65602C5E33 |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | E2F77F2095D6C14AB31B96BBE7635537724675B7 |
SHA-256: | F2B224F39B2A80213901D13EBAB7AE953B6C79ACB082B8D8089334D429FF7A81 |
SHA-512: | 9F6521FBB23ABCCCD23DD09BE5471277121C8CCE5792ECFA72E2E0470E0C702EE742877DF06DE216BE4B848608AD41ED4B10971D79A7F3E2E39454BDD7FAB96A |
Malicious: | false |
File Type: | |
MD5: | D41D8CD98F00B204E9800998ECF8427E |
SHA1: | 5BBB82B300AF1A2C8525DF843FA155D993A5E3CA |
SHA-256: | A8C0A18F1682BBA51781BB8C157A23A5D648D1C85BB137B2A0F485114380E397 |
SHA-512: | 0D29EBD48AD6B0EF62CF2400CB5C8338D2F400FACA95A453691AD9114E20AEAAF1ED163BE12306CC4221BEA074BFE134597563A689028CF13A612C11EF7062CB |
Malicious: | false |
Contacted Domains/Contacted IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection |
---|---|---|---|---|
ypu4vwlenakpt29f95etrqllq.com | 52.204.43.33 | true | true | |
activate.eltima.com | 188.40.191.126 | true | false | |
eltimastore.cc | 52.204.43.33 | true | true | |
aslkdwilkaleopaela.com | 52.204.43.33 | true | true | |
fyamakgtaajt9vrwhmc76v38.com | 52.204.43.33 | true | true | |
eltima.in | 5.196.42.123 | true | true | |
ksldewioweiqiedklsakdnkld.com | 52.204.43.33 | true | true | |
dakadaoqoqimmsdssksjdsk.com | 52.204.43.33 | true | true | |
appstatico.eltima.com | 78.46.96.38 | true | false | |
qweiqqwkwqehiqejkehiohqehqewq.com | 52.204.43.33 | true | true | |
qrbdcwwwe9pxmqsadjaksioie9.com | 52.204.43.33 | true | true | |
script.google.com | 216.58.209.206 | true | false | |
kcdjzquvhsuka6hlfbmjzkzsb.com | 52.204.43.33 | true | true | |
script.googleusercontent.com | 216.58.209.193 | true | false | |
eltimastore.in | 52.204.43.33 | true | true |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|
8.8.8.8 | United States | 15169 | GOOGLE-GoogleIncUS | false | |
5.196.42.123 | France | 16276 | OVHFR | false | |
17.188.163.150 | United States | 714 | APPLE-ENGINEERING-AppleIncUS | false | |
216.58.209.206 | United States | 15169 | GOOGLE-GoogleIncUS | false | |
52.204.43.33 | United States | 14618 | AMAZON-AES-AmazoncomIncUS | false | |
216.58.209.193 | United States | 15169 | GOOGLE-GoogleIncUS | false | |
8.8.4.4 | United States | 15169 | GOOGLE-GoogleIncUS | false | |
224.0.0.251 | Reserved | unknown | unknown | false | |
188.40.191.126 | Germany | 24940 | HETZNER-ASDE | false | |
78.46.96.38 | Germany | 24940 | HETZNER-ASDE | false | |
17.188.132.72 | United States | 714 | APPLE-ENGINEERING-AppleIncUS | false |
Static File Info |
---|
General | |
---|---|
File type: | |
TrID: |
|
File name: | eY60uYkZgM.dmg |
File size: | 40571874 |
MD5: | 29fb77664fc4f13ea5f65cfe01b292af |
SHA1: | 8cfa551d15320f0157ece3bdf30b1c62765a93a5 |
SHA256: | c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b |
SHA512: | 4e08551e2a909403850aa2a39ce04a11a077658231676b16600ac63138930f23f62cedc39861886fd2d72f09f6e3e72fd40ce95c534b08aa6493abe6e69ba1dc |
File Content Preview: | x.c`..C.......3.....I........@x.su.T.p..a``d.a``x..&.H.y..?..L+A......s.$7...{&z..U.g&.|....:..0..=..D...x...1.A......-..2.]AJ.Jf.%az.cX.h2.l....%..+...}...t.4ESdTN....R].....wO.Co....._..Re.~.1.lS....................Y..x.......}..\v.3...................h |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Okt 23, 2017 15:07:54.920192957 MESZ | 65124 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:55.349216938 MESZ | 53 | 65124 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:07:59.987323999 MESZ | 55570 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:59.987441063 MESZ | 52198 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:59.995134115 MESZ | 62821 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:59.995196104 MESZ | 59303 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:08:00.049665928 MESZ | 53 | 55570 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.049707890 MESZ | 53 | 52198 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.049741983 MESZ | 53 | 62821 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.049772024 MESZ | 53 | 59303 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.050162077 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:00.050249100 MESZ | 62821 | 53 | 192.168.0.50 | 8.8.4.4 |
Okt 23, 2017 15:08:00.050277948 MESZ | 59303 | 53 | 192.168.0.50 | 8.8.4.4 |
Okt 23, 2017 15:08:00.265865088 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:01.049451113 MESZ | 53 | 62821 | 8.8.4.4 | 192.168.0.50 |
Okt 23, 2017 15:08:01.049487114 MESZ | 53 | 59303 | 8.8.4.4 | 192.168.0.50 |
Okt 23, 2017 15:08:01.075660944 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:04.213433981 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:13.379049063 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:15.660754919 MESZ | 55466 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.132780075 MESZ | 49216 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.132832050 MESZ | 53 | 49216 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:16.132986069 MESZ | 49216 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.188232899 MESZ | 49216 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.188313007 MESZ | 53 | 49216 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:16.188500881 MESZ | 49216 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.336548090 MESZ | 60384 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.336589098 MESZ | 62912 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.374058962 MESZ | 53 | 55466 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:16.840717077 MESZ | 58850 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:17.431683064 MESZ | 53 | 62912 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:17.431706905 MESZ | 53 | 60384 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:17.533761024 MESZ | 53 | 58850 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:17.535115004 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:17.535160065 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:17.535387039 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:17.537940025 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:17.537959099 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:17.878124952 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:17.878154993 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:17.878329992 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:17.885358095 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:17.885376930 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:18.720642090 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:18.720653057 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:18.721215963 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:18.721234083 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:18.750345945 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:18.750363111 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:18.750377893 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:18.750741005 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:18.750755072 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:18.770829916 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:18.771054029 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:18.803561926 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:18.803585052 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:18.803587914 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:18.803595066 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:18.803597927 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:18.803605080 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:18.807331085 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:18.807346106 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:18.807790041 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:18.844831944 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:18.844851971 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:18.845092058 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:18.845101118 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:19.087775946 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:19.088174105 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:19.118443966 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:19.118463039 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:19.118716955 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:19.118726969 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:19.156686068 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:19.157126904 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:19.158595085 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:19.158612967 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:19.688126087 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:19.688136101 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:19.688637018 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:19.690056086 MESZ | 53370 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:19.690100908 MESZ | 58498 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:19.888086081 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:19.888096094 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:19.888664007 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:19.888678074 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:19.888947010 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:19.904159069 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:19.904169083 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:19.904684067 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:20.326581001 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:20.330583096 MESZ | 53 | 58498 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:20.330602884 MESZ | 53 | 53370 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:20.562690973 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:20.777456045 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.162089109 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.233051062 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:21.233110905 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:21.233222961 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:21.233478069 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:21.233490944 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:21.409879923 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.644058943 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.644184113 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:22.290198088 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:22.290215015 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:22.290783882 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:22.290824890 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:22.295268059 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:22.295747995 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:22.304406881 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:22.304430962 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:22.304649115 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:22.304658890 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:22.544981956 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:22.682562113 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:22.682957888 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:22.683808088 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:22.683830023 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:23.130856037 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:23.131365061 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:23.132091045 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:23.132111073 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:23.132205009 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:23.132256031 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:23.132291079 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:23.132304907 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:23.132307053 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:23.132317066 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 |
Okt 23, 2017 15:10:23.132494926 MESZ | 49219 | 443 | 192.168.0.50 | 216.58.209.193 |
Okt 23, 2017 15:10:23.133037090 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:23.133085012 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 |
Okt 23, 2017 15:10:23.133316994 MESZ | 49218 | 443 | 192.168.0.50 | 216.58.209.206 |
Okt 23, 2017 15:10:23.171444893 MESZ | 53053 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:23.171487093 MESZ | 59095 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:24.297900915 MESZ | 53 | 59095 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:24.297935963 MESZ | 53 | 53053 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:24.639900923 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:24.726748943 MESZ | 49220 | 443 | 192.168.0.50 | 5.196.42.123 |
Okt 23, 2017 15:10:24.726788998 MESZ | 443 | 49220 | 5.196.42.123 | 192.168.0.50 |
Okt 23, 2017 15:10:24.727034092 MESZ | 49220 | 443 | 192.168.0.50 | 5.196.42.123 |
Okt 23, 2017 15:10:24.734858036 MESZ | 49220 | 443 | 192.168.0.50 | 5.196.42.123 |
Okt 23, 2017 15:10:24.734880924 MESZ | 443 | 49220 | 5.196.42.123 | 192.168.0.50 |
Okt 23, 2017 15:10:24.849150896 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:28.727269888 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:33.171365023 MESZ | 49220 | 443 | 192.168.0.50 | 5.196.42.123 |
Okt 23, 2017 15:10:33.171447992 MESZ | 443 | 49220 | 5.196.42.123 | 192.168.0.50 |
Okt 23, 2017 15:10:33.171747923 MESZ | 49220 | 443 | 192.168.0.50 | 5.196.42.123 |
Okt 23, 2017 15:10:33.994745970 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:44.379190922 MESZ | 65064 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:45.520179987 MESZ | 65064 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:45.652296066 MESZ | 53 | 65064 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:46.342262983 MESZ | 53 | 65064 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:49.689974070 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:49.690015078 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:49.690433979 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:49.690460920 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:50.084642887 MESZ | 49217 | 443 | 192.168.0.50 | 188.40.191.126 |
Okt 23, 2017 15:10:50.084673882 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 |
Okt 23, 2017 15:10:56.732036114 MESZ | 49387 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:57.456728935 MESZ | 53 | 49387 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:08.501610994 MESZ | 65365 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:09.637891054 MESZ | 65365 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:09.742126942 MESZ | 53 | 65365 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:10.671792984 MESZ | 53 | 65365 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:20.805475950 MESZ | 55375 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:21.685493946 MESZ | 53 | 55375 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:32.751833916 MESZ | 51443 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:33.884701967 MESZ | 53 | 51443 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:44.917886019 MESZ | 63126 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:45.584718943 MESZ | 53 | 63126 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:56.637933969 MESZ | 49921 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:57.605211973 MESZ | 53 | 49921 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:08.636167049 MESZ | 57807 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:09.745372057 MESZ | 57807 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:09.893666983 MESZ | 53 | 57807 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:10.581141949 MESZ | 53 | 57807 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:20.463501930 MESZ | 59554 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:20.938636065 MESZ | 52979 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:21.460274935 MESZ | 53 | 52979 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:21.460304022 MESZ | 53 | 59554 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:21.461637020 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:21.461685896 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:21.461849928 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:21.463169098 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:21.463191986 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.306787014 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.306803942 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.307391882 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.307410955 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.319761038 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.320235968 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.340428114 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.340462923 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.340466022 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.340472937 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.340476036 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.340481997 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.486073971 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.486289024 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.487174034 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.487202883 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.487394094 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:22.487404108 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.787239075 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:22.787676096 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:27.808521032 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:12:27.808986902 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:31.141966105 MESZ | 49157 | 5223 | 192.168.0.50 | 17.188.132.72 |
Okt 23, 2017 15:12:31.141988039 MESZ | 5223 | 49157 | 17.188.132.72 | 192.168.0.50 |
Okt 23, 2017 15:12:31.142965078 MESZ | 49178 | 5223 | 192.168.0.50 | 17.188.163.150 |
Okt 23, 2017 15:12:31.143006086 MESZ | 5223 | 49178 | 17.188.163.150 | 192.168.0.50 |
Okt 23, 2017 15:12:31.694485903 MESZ | 5223 | 49178 | 17.188.163.150 | 192.168.0.50 |
Okt 23, 2017 15:12:31.694505930 MESZ | 5223 | 49157 | 17.188.132.72 | 192.168.0.50 |
Okt 23, 2017 15:12:31.694947958 MESZ | 49178 | 5223 | 192.168.0.50 | 17.188.163.150 |
Okt 23, 2017 15:12:31.694963932 MESZ | 49157 | 5223 | 192.168.0.50 | 17.188.132.72 |
Okt 23, 2017 15:12:32.526173115 MESZ | 62359 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:33.549252987 MESZ | 62359 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:33.812311888 MESZ | 53 | 62359 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:34.428257942 MESZ | 53 | 62359 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:53.473270893 MESZ | 49221 | 443 | 192.168.0.50 | 78.46.96.38 |
Okt 23, 2017 15:12:53.473313093 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 |
Okt 23, 2017 15:13:08.164854050 MESZ | 63989 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:13:09.049566984 MESZ | 53 | 63989 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:13:09.049871922 MESZ | 63989 | 53 | 192.168.0.50 | 8.8.4.4 |
Okt 23, 2017 15:13:10.049464941 MESZ | 53 | 63989 | 8.8.4.4 | 192.168.0.50 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Okt 23, 2017 15:07:54.920192957 MESZ | 65124 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:55.349216938 MESZ | 53 | 65124 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:07:59.987323999 MESZ | 55570 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:59.987441063 MESZ | 52198 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:59.995134115 MESZ | 62821 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:07:59.995196104 MESZ | 59303 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:08:00.049665928 MESZ | 53 | 55570 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.049707890 MESZ | 53 | 52198 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.049741983 MESZ | 53 | 62821 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.049772024 MESZ | 53 | 59303 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:08:00.050162077 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:00.050249100 MESZ | 62821 | 53 | 192.168.0.50 | 8.8.4.4 |
Okt 23, 2017 15:08:00.050277948 MESZ | 59303 | 53 | 192.168.0.50 | 8.8.4.4 |
Okt 23, 2017 15:08:00.265865088 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:01.049451113 MESZ | 53 | 62821 | 8.8.4.4 | 192.168.0.50 |
Okt 23, 2017 15:08:01.049487114 MESZ | 53 | 59303 | 8.8.4.4 | 192.168.0.50 |
Okt 23, 2017 15:08:01.075660944 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:04.213433981 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:08:13.379049063 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:15.660754919 MESZ | 55466 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.336548090 MESZ | 60384 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.336589098 MESZ | 62912 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:16.374058962 MESZ | 53 | 55466 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:16.840717077 MESZ | 58850 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:17.431683064 MESZ | 53 | 62912 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:17.431706905 MESZ | 53 | 60384 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:17.533761024 MESZ | 53 | 58850 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:19.690056086 MESZ | 53370 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:19.690100908 MESZ | 58498 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:20.326581001 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:20.330583096 MESZ | 53 | 58498 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:20.330602884 MESZ | 53 | 53370 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:20.562690973 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:20.777456045 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.162089109 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.409879923 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.644058943 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:21.644184113 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:22.544981956 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:23.171444893 MESZ | 53053 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:23.171487093 MESZ | 59095 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:24.297900915 MESZ | 53 | 59095 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:24.297935963 MESZ | 53 | 53053 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:24.639900923 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:24.849150896 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:28.727269888 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:33.994745970 MESZ | 5353 | 5353 | 192.168.0.50 | 224.0.0.251 |
Okt 23, 2017 15:10:44.379190922 MESZ | 65064 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:45.520179987 MESZ | 65064 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:45.652296066 MESZ | 53 | 65064 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:46.342262983 MESZ | 53 | 65064 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:10:56.732036114 MESZ | 49387 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:10:57.456728935 MESZ | 53 | 49387 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:08.501610994 MESZ | 65365 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:09.637891054 MESZ | 65365 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:09.742126942 MESZ | 53 | 65365 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:10.671792984 MESZ | 53 | 65365 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:20.805475950 MESZ | 55375 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:21.685493946 MESZ | 53 | 55375 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:32.751833916 MESZ | 51443 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:33.884701967 MESZ | 53 | 51443 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:44.917886019 MESZ | 63126 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:45.584718943 MESZ | 53 | 63126 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:11:56.637933969 MESZ | 49921 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:11:57.605211973 MESZ | 53 | 49921 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:08.636167049 MESZ | 57807 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:09.745372057 MESZ | 57807 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:09.893666983 MESZ | 53 | 57807 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:10.581141949 MESZ | 53 | 57807 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:20.463501930 MESZ | 59554 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:20.938636065 MESZ | 52979 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:21.460274935 MESZ | 53 | 52979 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:21.460304022 MESZ | 53 | 59554 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:32.526173115 MESZ | 62359 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:33.549252987 MESZ | 62359 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:12:33.812311888 MESZ | 53 | 62359 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:12:34.428257942 MESZ | 53 | 62359 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:13:08.164854050 MESZ | 63989 | 53 | 192.168.0.50 | 8.8.8.8 |
Okt 23, 2017 15:13:09.049566984 MESZ | 53 | 63989 | 8.8.8.8 | 192.168.0.50 |
Okt 23, 2017 15:13:09.049871922 MESZ | 63989 | 53 | 192.168.0.50 | 8.8.4.4 |
Okt 23, 2017 15:13:10.049464941 MESZ | 53 | 63989 | 8.8.4.4 | 192.168.0.50 |
ICMP Packets |
---|
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Okt 23, 2017 15:08:00.049940109 MESZ | 192.168.0.50 | 8.8.8.8 | 2374 | (Port unreachable) | Destination Unreachable |
Okt 23, 2017 15:08:00.049956083 MESZ | 192.168.0.50 | 8.8.8.8 | 309f | (Port unreachable) | Destination Unreachable |
Okt 23, 2017 15:10:33.293836117 MESZ | 192.168.0.50 | 5.196.42.123 | c645 | Echo | |
Okt 23, 2017 15:10:45.653361082 MESZ | 192.168.0.50 | 52.204.43.33 | 89fd | Echo | |
Okt 23, 2017 15:10:46.342639923 MESZ | 192.168.0.50 | 8.8.8.8 | fe66 | (Port unreachable) | Destination Unreachable |
Okt 23, 2017 15:10:57.457781076 MESZ | 192.168.0.50 | 52.204.43.33 | 414d | Echo | |
Okt 23, 2017 15:11:09.743206024 MESZ | 192.168.0.50 | 52.204.43.33 | 2679 | Echo | |
Okt 23, 2017 15:11:10.672157049 MESZ | 192.168.0.50 | 8.8.8.8 | fd31 | (Port unreachable) | Destination Unreachable |
Okt 23, 2017 15:11:21.686626911 MESZ | 192.168.0.50 | 52.204.43.33 | 155 | Echo | |
Okt 23, 2017 15:11:33.885855913 MESZ | 192.168.0.50 | 52.204.43.33 | f4f0 | Echo | |
Okt 23, 2017 15:11:45.585788965 MESZ | 192.168.0.50 | 52.204.43.33 | 443b | Echo | |
Okt 23, 2017 15:11:57.606278896 MESZ | 192.168.0.50 | 52.204.43.33 | f1c2 | Echo | |
Okt 23, 2017 15:12:09.894723892 MESZ | 192.168.0.50 | 52.204.43.33 | cafa | Echo | |
Okt 23, 2017 15:12:10.581506014 MESZ | 192.168.0.50 | 8.8.8.8 | 1ab2 | (Port unreachable) | Destination Unreachable |
Okt 23, 2017 15:12:21.461689949 MESZ | 192.168.0.50 | 52.204.43.33 | 21d9 | Echo | |
Okt 23, 2017 15:12:33.813395023 MESZ | 192.168.0.50 | 52.204.43.33 | 327 | Echo | |
Okt 23, 2017 15:12:34.428832054 MESZ | 192.168.0.50 | 8.8.8.8 | 8e9 | (Port unreachable) | Destination Unreachable |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Okt 23, 2017 15:10:15.660754919 MESZ | 192.168.0.50 | 8.8.8.8 | 0x52f1 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:10:16.336548090 MESZ | 192.168.0.50 | 8.8.8.8 | 0x72ea | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:10:16.336589098 MESZ | 192.168.0.50 | 8.8.8.8 | 0xc188 | Standard query (0) | 28 | IN (0x0001) | |
Okt 23, 2017 15:10:16.840717077 MESZ | 192.168.0.50 | 8.8.8.8 | 0xb4d2 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:10:19.690056086 MESZ | 192.168.0.50 | 8.8.8.8 | 0x8998 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:10:19.690100908 MESZ | 192.168.0.50 | 8.8.8.8 | 0xfda8 | Standard query (0) | 28 | IN (0x0001) | |
Okt 23, 2017 15:10:23.171444893 MESZ | 192.168.0.50 | 8.8.8.8 | 0xdd72 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:10:23.171487093 MESZ | 192.168.0.50 | 8.8.8.8 | 0x7e23 | Standard query (0) | 28 | IN (0x0001) | |
Okt 23, 2017 15:10:44.379190922 MESZ | 192.168.0.50 | 8.8.8.8 | 0x1bfb | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:10:45.520179987 MESZ | 192.168.0.50 | 8.8.8.8 | 0x1bfb | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:10:56.732036114 MESZ | 192.168.0.50 | 8.8.8.8 | 0xde5f | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:11:08.501610994 MESZ | 192.168.0.50 | 8.8.8.8 | 0x18cb | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:11:09.637891054 MESZ | 192.168.0.50 | 8.8.8.8 | 0x18cb | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:11:20.805475950 MESZ | 192.168.0.50 | 8.8.8.8 | 0x4367 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:11:32.751833916 MESZ | 192.168.0.50 | 8.8.8.8 | 0xdd51 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:11:44.917886019 MESZ | 192.168.0.50 | 8.8.8.8 | 0x129 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:11:56.637933969 MESZ | 192.168.0.50 | 8.8.8.8 | 0x8437 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:12:08.636167049 MESZ | 192.168.0.50 | 8.8.8.8 | 0x4adc | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:12:09.745372057 MESZ | 192.168.0.50 | 8.8.8.8 | 0x4adc | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:12:20.463501930 MESZ | 192.168.0.50 | 8.8.8.8 | 0x9ad5 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:12:20.938636065 MESZ | 192.168.0.50 | 8.8.8.8 | 0x50fb | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:12:32.526173115 MESZ | 192.168.0.50 | 8.8.8.8 | 0x9032 | Standard query (0) | A (IP address) | IN (0x0001) | |
Okt 23, 2017 15:12:33.549252987 MESZ | 192.168.0.50 | 8.8.8.8 | 0x9032 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Replay Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Okt 23, 2017 15:10:16.374058962 MESZ | 8.8.8.8 | 192.168.0.50 | 0x52f1 | No error (0) | 78.46.96.38 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:10:17.431683064 MESZ | 8.8.8.8 | 192.168.0.50 | 0xc188 | Name error (3) | none | none | 28 | IN (0x0001) | |
Okt 23, 2017 15:10:17.431706905 MESZ | 8.8.8.8 | 192.168.0.50 | 0x72ea | No error (0) | 216.58.209.206 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:10:17.533761024 MESZ | 8.8.8.8 | 192.168.0.50 | 0xb4d2 | No error (0) | 188.40.191.126 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:10:20.330583096 MESZ | 8.8.8.8 | 192.168.0.50 | 0xfda8 | Name error (3) | none | none | 28 | IN (0x0001) | |
Okt 23, 2017 15:10:20.330602884 MESZ | 8.8.8.8 | 192.168.0.50 | 0x8998 | No error (0) | 216.58.209.193 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:10:24.297900915 MESZ | 8.8.8.8 | 192.168.0.50 | 0x7e23 | Name error (3) | none | none | 28 | IN (0x0001) | |
Okt 23, 2017 15:10:24.297935963 MESZ | 8.8.8.8 | 192.168.0.50 | 0xdd72 | No error (0) | 5.196.42.123 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:10:45.652296066 MESZ | 8.8.8.8 | 192.168.0.50 | 0x1bfb | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:10:46.342262983 MESZ | 8.8.8.8 | 192.168.0.50 | 0x1bfb | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:10:57.456728935 MESZ | 8.8.8.8 | 192.168.0.50 | 0xde5f | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:11:09.742126942 MESZ | 8.8.8.8 | 192.168.0.50 | 0x18cb | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:11:10.671792984 MESZ | 8.8.8.8 | 192.168.0.50 | 0x18cb | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:11:21.685493946 MESZ | 8.8.8.8 | 192.168.0.50 | 0x4367 | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:11:33.884701967 MESZ | 8.8.8.8 | 192.168.0.50 | 0xdd51 | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:11:45.584718943 MESZ | 8.8.8.8 | 192.168.0.50 | 0x129 | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:11:57.605211973 MESZ | 8.8.8.8 | 192.168.0.50 | 0x8437 | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:12:09.893666983 MESZ | 8.8.8.8 | 192.168.0.50 | 0x4adc | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:12:10.581141949 MESZ | 8.8.8.8 | 192.168.0.50 | 0x4adc | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:12:21.460274935 MESZ | 8.8.8.8 | 192.168.0.50 | 0x50fb | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:12:21.460304022 MESZ | 8.8.8.8 | 192.168.0.50 | 0x9ad5 | No error (0) | 78.46.96.38 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:12:33.812311888 MESZ | 8.8.8.8 | 192.168.0.50 | 0x9032 | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) | ||
Okt 23, 2017 15:12:34.428257942 MESZ | 8.8.8.8 | 192.168.0.50 | 0x9032 | No error (0) | 52.204.43.33 | A (IP address) | IN (0x0001) |
HTTPS Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP | Subject | Issuer | Not Before | Not After | Raw |
---|---|---|---|---|---|---|---|---|---|
Okt 23, 2017 15:10:18.750345945 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 | CN=*.eltima.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated | CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | Tue May 30 02:00:00 CEST 2017 | Sun Aug 30 01:59:59 CEST 2020 | [[ Version: V3 Subject: CN=*.eltima.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24889325892277091522405691880919970955562269226689565795281952746129879749480562366988120845720834354672388847971047354836092137257717298315613128677727793908438274752080329047099458450194829807105952095834091127626804114474014982436342199829116245787218265215862689635507934818498317531487803522731104880174538841312258566115173093880349268352945637583659099205031240370344177035692485390448867606288453302849256258221306559393617160755340683884543688061971601098010878338414561223138613857594628368927744589543069885214945586742747959533509409916799711824084696793213582284069484619975791467937463804247577510157691 public exponent: 65537 Validity: [From: Tue May 30 02:00:00 CEST 2017, To: Sun Aug 30 01:59:59 CEST 2020] Issuer: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB SerialNumber: [ a92d3c0a 2d688c88 0e5195b0 1c3ac8cc]Certificate Extensions: 9[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt, accessMethod: ocsp accessLocation: URIName: http://ocsp.comodoca.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 90 AF 6A 3A 94 5A 0B D8 90 EA 12 56 73 DF 43 B4 ..j:.Z.....Vs.C.0010: 3A 28 DA E7 :(..]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:false PathLen: undefined][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.6449.1.2.2.7][PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 1D 68 74 74 70 73 3A 2F 2F 73 65 63 75 72 65 ..https://secure0010: 2E 63 6F 6D 6F 64 6F 2E 63 6F 6D 2F 43 50 53 .comodo.com/CPS]] ] [CertificatePolicyId: [2.23.140.1.2.1][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_Encipherment][8]: ObjectId: 2.5.29.17 Criticality=falseSubjectAlternativeName [ DNSName: *.eltima.com DNSName: eltima.com][9]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 17 8B 75 7C 13 B0 AF 7F 2D 68 06 37 42 1A 0A 93 ..u.....-h.7B...0010: 0A 68 5E C9 .h^.]]] Algorithm: [SHA256withRSA] Signature:0000: 6B 67 D8 72 F8 A6 9E 2C D2 2E 2C AA 49 18 88 68 kg.r...,..,.I..h0010: 3D AA FD 67 97 0D 11 98 3E 4B DF 5B 76 6D 7E 4E =..g....>K.[vm.N0020: 8C 96 2B 7A 7A 0D C3 59 CD 2B B2 B4 F8 ED 89 42 ..+zz..Y.+.....B0030: 80 7F 84 75 94 12 AD AC A4 C6 83 17 B9 A0 41 63 ...u..........Ac0040: 72 F4 13 A4 BF DE 45 40 C9 60 5C C3 D9 9E 99 D1 r.....E@.`\.....0050: CC CF 83 76 68 E9 B3 F7 36 69 15 D8 AA D2 F4 6F ...vh...6i.....o0060: 0A 6B 28 AB 2F 73 48 E6 69 85 DB 7D 26 9A 2F B6 .k(./sH.i...&./.0070: 48 1D C9 2E 50 A0 00 C4 9D 81 43 33 6A CF BB 33 H...P.....C3j..30080: 7B BD CF 1B 80 53 16 16 78 75 87 77 CD 6A 17 A4 .....S..xu.w.j..0090: 11 32 B7 F6 4D 74 71 AB F5 95 0F 20 DA 13 2E 31 .2..Mtq.... ...100A0: 7C 4D 56 23 E8 74 BF D6 EC 34 DC AA 3D BA 7E 9A .MV#.t...4..=...00B0: 66 C1 0A AF B2 54 54 F1 A6 26 90 D1 51 56 90 73 f....TT..&..QV.s00C0: 8D 62 63 11 60 03 29 F0 CC A4 B2 F8 C5 5D FA 94 .bc.`.)......]..00D0: 2A 61 55 D0 4D 97 95 A1 32 D3 17 D3 9A CF 66 2E *aU.M...2.....f.00E0: 5E C6 54 66 D0 10 77 33 E0 6A 18 10 CB 9F D2 58 ^.Tf..w3.j.....X00F0: BC 96 B7 76 0B 5F 60 9A 15 F7 C2 6B 41 C2 FC 37 ...v._`....kA..7] |
Okt 23, 2017 15:10:18.750345945 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 | CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | Wed Feb 12 01:00:00 CET 2014 | Mon Feb 12 00:59:59 CET 2029 | [[ Version: V3 Subject: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Signature Algorithm: SHA384withRSA, OID = 1.2.840.113549.1.1.12 Key: Sun RSA public key, 2048 bits modulus: 18021508317891126045114383893640587389787314988023771299021472384098480478916503597778296613150634219765052113517870635171403307225477983047468706279013651027886500159485348697094115927961850381525182009137128777951162358715158533528593200093291791323275973789174789209802980910482500744419318360338528025872227868058578212418244189425301367382232973595110901594292490129763308095314503250053957090379265992785603931784956681691284995547158646635183735467516188519673313343149548166538558424521681954529559978463371620234598058977077392872218941503229331579208118464720991080636709101634982701306129953489796945248933 public exponent: 65537 Validity: [From: Wed Feb 12 01:00:00 CET 2014, To: Mon Feb 12 00:59:59 CET 2029] Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB SerialNumber: [ 2b2e6eea d975366c 148a6edb a37c8c07]Certificate Extensions: 8[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://crt.comodoca.com/COMODORSAAddTrustCA.crt, accessMethod: ocsp accessLocation: URIName: http://ocsp.comodoca.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..0010: D9 32 32 D4 .22.]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:0][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.comodoca.com/COMODORSACertificationAuthority.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][] ] [CertificatePolicyId: [2.23.140.1.2.1][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_CertSign Crl_Sign][8]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 90 AF 6A 3A 94 5A 0B D8 90 EA 12 56 73 DF 43 B4 ..j:.Z.....Vs.C.0010: 3A 28 DA E7 :(..]]] Algorithm: [SHA384withRSA] Signature:0000: 4E 2B 76 4F 92 1C 62 36 89 BA 77 C1 27 05 F4 1C N+vO..b6..w.'...0010: D6 44 9D A9 9A 3E AA D5 66 66 01 3E EA 49 E6 A2 .D...>..ff.>.I..0020: 35 BC FA F6 DD 95 8E 99 35 98 0E 36 18 75 B1 DD 5.......5..6.u..0030: DD 50 72 7C AE DC 77 88 CE 0F F7 90 20 CA A3 67 .Pr...w..... ..g0040: 2E 1F 56 7F 7B E1 44 EA 42 95 C4 5D 0D 01 50 46 ..V...D.B..]..PF0050: 15 F2 81 89 59 6C 8A DD 8C F1 12 A1 8D 3A 42 8A ....Yl.......:B.0060: 98 F8 4B 34 7B 27 3B 08 B4 6F 24 3B 72 9D 63 74 ..K4.';..o$;r.ct0070: 58 3C 1A 6C 3F 4F C7 11 9A C8 A8 F5 B5 37 EF 10 X<.l?O.......7..0080: 45 C6 6C D9 E0 5E 95 26 B3 EB AD A3 B9 EE 7F 0C E.l..^.&........0090: 9A 66 35 73 32 60 4E E5 DD 8A 61 2C 6E 52 11 77 .f5s2`N...a,nR.w00A0: 68 96 D3 18 75 51 15 00 1B 74 88 DD E1 C7 38 04 h...uQ...t....8.00B0: 43 28 E9 16 FD D9 05 D4 5D 47 27 60 D6 FB 38 3B C(......]G'`..8;00C0: 6C 72 A2 94 F8 42 1A DF ED 6F 06 8C 45 C2 06 00 lr...B...o..E...00D0: AA E4 E8 DC D9 B5 E1 73 78 EC F6 23 DC D1 DD 6C .......sx..#...l00E0: 8E 1A 8F A5 EA 54 7C 96 B7 C3 FE 55 8E 8D 49 5E .....T.....U..I^00F0: FC 64 BB CF 3E BD 96 EB 69 CD BF E0 48 F1 62 82 .d..>...i...H.b.0100: 10 E5 0C 46 57 F2 33 DA D0 C8 63 ED C6 1F 94 05 ...FW.3...c.....0110: 96 4A 1A 91 D1 F7 EB CF 8F 52 AE 0D 08 D9 3E A8 .J.......R....>.0120: A0 51 E9 C1 87 74 D5 C9 F7 74 AB 2E 53 FB BB 7A .Q...t...t..S..z0130: FB 97 E2 F8 1F 26 8F B3 D2 A0 E0 37 5B 28 3B 31 .....&.....7[(;10140: E5 0E 57 2D 5A B8 AD 79 AC 5E 20 66 1A A5 B9 A6 ..W-Z..y.^ f....0150: B5 39 C1 F5 98 43 FF EE F9 A7 A7 FD EE CA 24 3D .9...C........$=0160: 80 16 C4 17 8F 8A C1 60 A1 0C AE 5B 43 47 91 4B .......`...[CG.K0170: D5 9A 17 5F F9 D4 87 C1 C2 8C B7 E7 E2 0F 30 19 ..._..........0.0180: 37 86 AC E0 DC 42 03 E6 94 A8 9D AE FD 0F 24 51 7....B........$Q0190: 94 CE 92 08 D1 FC 50 F0 03 40 7B 88 59 ED 0E DD ......P..@..Y...01A0: AC D2 77 82 34 DC 06 95 02 D8 90 F9 2D EA 37 D5 ..w.4.......-.7.01B0: 1A 60 D0 67 20 D7 D8 42 0B 45 AF 82 68 DE DD 66 .`.g ..B.E..h..f01C0: 24 37 90 29 94 19 46 19 25 B8 80 D7 CB D4 86 28 $7.)..F.%......(01D0: 6A 44 70 26 23 62 A9 9F 86 6F BF BA 90 70 D2 56 jDp&#b...o...p.V01E0: 77 85 78 EF EA 25 A9 17 CE 50 72 8C 00 3A AA E3 w.x..%...Pr..:..01F0: DB 63 34 9F F8 06 71 01 E2 82 20 D4 FE 6F BD B1 .c4...q... ..o..] |
Okt 23, 2017 15:10:18.750345945 MESZ | 443 | 49217 | 188.40.191.126 | 192.168.0.50 | CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE | Tue May 30 12:48:38 CEST 2000 | Sat May 30 12:48:38 CEST 2020 | [[ Version: V3 Subject: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Signature Algorithm: SHA384withRSA, OID = 1.2.840.113549.1.1.12 Key: Sun RSA public key, 4096 bits modulus: 595250832037245141724642107398533641144111340640849154810839512193646804439589382557795096048235159392412856809181253983148280442751106836828767077478502910675291715965426418324395462826337195608826159904332409833532414343087397304684051488024083060971973988667565926401713702437407307790551210783180012029671811979458976709742365579736599681150756374332129237698142054260771585540729412505699671993111094681722253786369180597052805125225748672266569013967025850135765598233721214965171040686884703517711864518647963618102322884373894861238464186441528415873877499307554355231373646804211013770034465627350166153734933786011622475019872581027516832913754790596939102532587063612068091625752995700206528059096165261547017202283116886060219954285939324476288744352486373249118864714420341870384243932900936553074796547571643358129426474424573956572670213304441994994142333208766235762328926816055054634905252931414737971249889745696283503174642385591131856834241724878687870772321902051261453524679758731747154638983677185705464969589189761598154153383380395065347776922242683529305823609958629983678843126221186204478003285765580771286537570893899006127941280337699169761047271395591258462580922460487748761665926731923248227868312659 public exponent: 65537 Validity: [From: Tue May 30 12:48:38 CEST 2000, To: Sat May 30 12:48:38 CEST 2020] Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE SerialNumber: [ 2766ee56 eb49f38e abd770a2 fc84de22]Certificate Extensions: 7[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.usertrust.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....0010: 24 CB 54 1A $.T.]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:2147483647][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.usertrust.com/AddTrustExternalCARoot.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][] ]][6]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_CertSign Crl_Sign][7]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..0010: D9 32 32 D4 .22.]]] Algorithm: [SHA384withRSA] Signature:0000: 64 BF 83 F1 5F 9A 85 D0 CD B8 A1 29 57 0D E8 5A d..._......)W..Z0010: F7 D1 E9 3E F2 76 04 6E F1 52 70 BB 1E 3C FF 4D ...>.v.n.Rp..<.M0020: 0D 74 6A CC 81 82 25 D3 C3 A0 2A 5D 4C F5 BA 8B .tj...%...*]L...0030: A1 6D C4 54 09 75 C7 E3 27 0E 5D 84 79 37 40 13 .m.T.u..'.].y7@.0040: 77 F5 B4 AC 1C D0 3B AB 17 12 D6 EF 34 18 7E 2B w.....;.....4..+0050: E9 79 D3 AB 57 45 0C AF 28 FA D0 DB E5 50 95 88 .y..WE..(....P..0060: BB DF 85 57 69 7D 92 D8 52 CA 73 81 BF 1C F3 E6 ...Wi...R.s.....0070: B8 6E 66 11 05 B3 1E 94 2D 7F 91 95 92 59 F1 4C .nf.....-....Y.L0080: CE A3 91 71 4C 7C 47 0C 3B 0B 19 F6 A1 B1 6C 86 ...qL.G.;.....l.0090: 3E 5C AA C4 2E 82 CB F9 07 96 BA 48 4D 90 F2 94 >\.........HM...00A0: C8 A9 73 A2 EB 06 7B 23 9D DE A2 F3 4D 55 9F 7A ..s....#....MU.z00B0: 61 45 98 18 68 C7 5E 40 6B 23 F5 79 7A EF 8C B5 aE..h.^@k#.yz...00C0: 6B 8B B7 6F 46 F4 7B F1 3D 4B 04 D8 93 80 59 5A k..oF...=K....YZ00D0: E0 41 24 1D B2 8F 15 60 58 47 DB EF 6E 46 FD 15 .A$....`XG..nF..00E0: F5 D9 5F 9A B3 DB D8 B8 E4 40 B3 CD 97 39 AE 85 .._......@...9..00F0: BB 1D 8E BC DC 87 9B D1 A6 EF F1 3B 6F 10 38 6F ...........;o.8o] |
Okt 23, 2017 15:10:18.807346106 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 | CN=*.google.com, O=Google Inc, L=Mountain View, ST=California, C=US | CN=Google Internet Authority G2, O=Google Inc, C=US | Tue Oct 10 16:06:00 CEST 2017 | Fri Dec 29 01:00:00 CET 2017 | [[ Version: V3 Subject: CN=*.google.com, O=Google Inc, L=Mountain View, ST=California, C=US Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun EC public key, 256 bits public x coord: 72151116216301506645637077404822385765658956043777882683218811523065855659293 public y coord: 110121344618447523416258552324529203032293793928944233161371877289305363490470 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) Validity: [From: Tue Oct 10 16:06:00 CEST 2017, To: Fri Dec 29 01:00:00 CET 2017] Issuer: CN=Google Internet Authority G2, O=Google Inc, C=US SerialNumber: [ 2bf05203 132fb5b2]Certificate Extensions: 9[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://pki.google.com/GIAG2.crt, accessMethod: ocsp accessLocation: URIName: http://clients1.google.com/ocsp]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 4A DD 06 16 1B BC F6 68 B5 76 F5 81 B6 BB 62 1A J......h.v....b.0010: BA 5A 81 2F .Z./]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:false PathLen: undefined][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://pki.google.com/GIAG2.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.11129.2.5.1][] ] [CertificatePolicyId: [2.23.140.1.2.2][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=falseKeyUsage [ DigitalSignature][8]: ObjectId: 2.5.29.17 Criticality=falseSubjectAlternativeName [ DNSName: *.google.com DNSName: *.android.com DNSName: *.appengine.google.com DNSName: *.cloud.google.com DNSName: *.db833953.google.cn DNSName: *.g.co DNSName: *.gcp.gvt2.com DNSName: *.google-analytics.com DNSName: *.google.ca DNSName: *.google.cl DNSName: *.google.co.in DNSName: *.google.co.jp DNSName: *.google.co.uk DNSName: *.google.com.ar DNSName: *.google.com.au DNSName: *.google.com.br DNSName: *.google.com.co DNSName: *.google.com.mx DNSName: *.google.com.tr DNSName: *.google.com.vn DNSName: *.google.de DNSName: *.google.es DNSName: *.google.fr DNSName: *.google.hu DNSName: *.google.it DNSName: *.google.nl DNSName: *.google.pl DNSName: *.google.pt DNSName: *.googleadapis.com DNSName: *.googleapis.cn DNSName: *.googlecommerce.com DNSName: *.googlevideo.com DNSName: *.gstatic.cn DNSName: *.gstatic.com DNSName: *.gvt1.com DNSName: *.gvt2.com DNSName: *.metric.gstatic.com DNSName: *.urchin.com DNSName: *.url.google.com DNSName: *.youtube-nocookie.com DNSName: *.youtube.com DNSName: *.youtubeeducation.com DNSName: *.yt.be DNSName: *.ytimg.com DNSName: android.clients.google.com DNSName: android.com DNSName: developer.android.google.cn DNSName: developers.android.google.cn DNSName: g.co DNSName: goo.gl DNSName: google-analytics.com DNSName: google.com DNSName: googlecommerce.com DNSName: source.android.google.cn DNSName: urchin.com DNSName: www.goo.gl DNSName: youtu.be DNSName: youtube.com DNSName: youtubeeducation.com DNSName: yt.be][9]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: E8 EA EF C7 97 DB CB C3 72 28 77 89 88 75 4C 24 ........r(w..uL$0010: 3A 91 0B 59 :..Y]]] Algorithm: [SHA256withRSA] Signature:0000: 94 B7 CF C4 34 6F 8E BA E5 2B 11 09 A9 BE 1C 23 ....4o...+.....#0010: 26 45 BB 66 2F BE 9B 22 E6 0A 05 B7 62 AB 44 59 &E.f/.."....b.DY0020: 6A B2 91 8B F4 27 AF 72 2E 20 E6 59 3E A0 C0 B2 j....'.r. .Y>...0030: AA 88 D8 4E 7C 53 07 F8 02 3B 54 E0 75 E3 81 9A ...N.S...;T.u...0040: FB E9 AD 06 11 AF 1E 4E 21 EF 63 7E 94 EE A2 7F .......N!.c.....0050: A8 3F 76 B4 12 25 46 86 10 5F C5 8A 89 CA E9 94 .?v..%F.._......0060: BA E8 F3 0F 78 EA 4E 0C 72 F3 23 3B DE 7A 07 E9 ....x.N.r.#;.z..0070: A8 23 B3 BB B7 88 84 52 4B 3C 09 DF F4 83 23 BC .#.....RK<....#.0080: 1B 9F 97 04 0D 76 ED 3F E8 D3 0D E9 5D 92 A6 45 .....v.?....]..E0090: EA A7 6B 4D 23 EF 2A AD 12 31 DE 60 17 CC C1 7B ..kM#.*..1.`....00A0: 69 15 1E C8 51 0F 6F 36 43 6A 0D 99 85 72 6F 7A i...Q.o6Cj...roz00B0: FC EB 05 9F DC 73 69 6C 2A 92 6E E4 09 84 52 53 .....sil*.n...RS00C0: B4 C6 29 34 9D C7 ED 6C C5 0D 7B 1B 65 53 CF 62 ..)4...l....eS.b00D0: 2A 4B 89 85 7E 68 67 78 05 E0 7E B3 22 BE C4 5F *K...hgx....".._00E0: 50 8C EF 78 78 03 63 1C 1C 3C 74 34 63 7C 11 A0 P..xx.c..<t4c...00F0: A7 C1 6E CC A5 AB FC A0 57 0E FC 99 CB 0F 8A FA ..n.....W.......] |
Okt 23, 2017 15:10:18.807346106 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 | CN=Google Internet Authority G2, O=Google Inc, C=US | CN=GeoTrust Global CA, O=GeoTrust Inc., C=US | Mon May 22 13:32:37 CEST 2017 | Tue Jan 01 00:59:59 CET 2019 | [[ Version: V3 Subject: CN=Google Internet Authority G2, O=Google Inc, C=US Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 19713895149719550196537065661910573762693934593220985668782860735427060889140793885919063737778303548724916253252606564904177491762533295616984617709378739783748100146882543612565825906799282133510087546060971220666055151463898734279731009956582933624646298029265838127046200538496591314458940937082185029845612274584845875286257057247598474925565775989866310636633768255501748172403430876460228793912189332026189491067186811703150477068536877439284697584041860237489395099402658887745588613142391209024263265842301844868193180477031165936332420984796347731387363914950895491332976177715889375379088870580457661428329 public exponent: 65537 Validity: [From: Mon May 22 13:32:37 CEST 2017, To: Tue Jan 01 00:59:59 CET 2019] Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US SerialNumber: [ 01002125 88b0fa59 a777ef05 7b6627df]Certificate Extensions: 8[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://g.symcd.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e0010: B8 CA CC 4E ...N]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:0][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://g.symcb.com/crls/gtglobal.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.11129.2.5.1][] ] [CertificatePolicyId: [2.23.140.1.2.2][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ Key_CertSign Crl_Sign][8]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 4A DD 06 16 1B BC F6 68 B5 76 F5 81 B6 BB 62 1A J......h.v....b.0010: BA 5A 81 2F .Z./]]] Algorithm: [SHA256withRSA] Signature:0000: CA 49 E5 AC D7 64 64 77 5B BE 71 FA CF F4 1E 23 .I...ddw[.q....#0010: C7 9A 69 63 54 5F EB 4C D6 19 28 23 64 66 8E 1C ..icT_.L..(#df..0020: C7 87 80 64 5F 04 8B 26 AF 98 DF 0A 70 BC BC 19 ...d_..&....p...0030: 3D EE 7B 33 A9 7F BD F4 05 D4 70 BB 05 26 79 EA =..3......p..&y.0040: 9A C7 98 B9 07 19 65 34 CC 3C E9 3F C5 01 FA 6F ......e4.<.?...o0050: 0C 7E DB 7A 70 5C 4C FE 2D 00 F0 CA BE 2D 8E B4 ...zp\L.-....-..0060: A8 80 FB 01 13 88 CB 9C 3F E5 BB 77 CA 3A 67 36 ........?..w.:g60070: F3 CE D5 27 02 72 43 A0 BD 6E 02 F1 47 05 71 3E ...'.rC..n..G.q>0080: 01 59 E9 11 9E 1A F3 84 0F 80 A6 A2 78 35 2F B6 .Y..........x5/.0090: C7 A2 7F 17 7C E1 8B 56 AE EE 67 88 51 27 30 60 .......V..g.Q'0`00A0: A5 62 52 C3 37 D5 3B EA 85 2A 01 38 87 A2 CF 70 .bR.7.;..*.8...p00B0: AD A4 7A C9 C4 E7 CA C5 DA BC 23 32 F2 FE 18 C2 ..z.......#2....00C0: 7B E0 DF 3B 2F D4 D0 10 E6 96 4C FB 44 B7 21 64 ...;/.....L.D.!d00D0: 0D B9 00 94 30 12 26 87 58 98 39 05 38 0F CC 82 ....0.&.X.9.8...00E0: 48 0C 0A 47 66 EE BF B4 5F C4 FF 70 A8 E1 7F 8B H..Gf..._..p....00F0: 79 2B B8 65 32 A3 B9 B7 31 E9 0A F5 F6 1F 32 DC y+.e2...1.....2.] |
Okt 23, 2017 15:10:18.807346106 MESZ | 443 | 49218 | 216.58.209.206 | 192.168.0.50 | CN=GeoTrust Global CA, O=GeoTrust Inc., C=US | OU=Equifax Secure Certificate Authority, O=Equifax, C=US | Tue May 21 06:00:00 CEST 2002 | Tue Aug 21 06:00:00 CEST 2018 | [[ Version: V3 Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 27620593608073140957439440929253438012688864718977347268272053725994928948867769687165112265058896553974818505070806430256424431940072485024407486246475597522063246121214348496326377341879755851197260401080498544606788760407243324127929930612201002157618691487713632251700065187865963692723720912135393438861302779432180613616167225206519123176430362410262429702404863434904116727055203524505580952824336979641923534005571504410997292144760317953739063178352809680844232935574095508445145910310675421726257114605895831426222686272114090063230017292595425393719031924942422176213538487957041730136782988405751614792953 public exponent: 65537 Validity: [From: Tue May 21 06:00:00 CEST 2002, To: Tue Aug 21 06:00:00 CEST 2018] Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US SerialNumber: [ 12bbe6]Certificate Extensions: 6[1]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O30010: 98 90 9F D4 ....]][2]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:2147483647][3]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.geotrust.com/crls/secureca.crl]]][4]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 2D 68 74 74 70 73 3A 2F 2F 77 77 77 2E 67 65 .-https://www.ge0010: 6F 74 72 75 73 74 2E 63 6F 6D 2F 72 65 73 6F 75 otrust.com/resou0020: 72 63 65 73 2F 72 65 70 6F 73 69 74 6F 72 79 rces/repository]] ]][5]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ Key_CertSign Crl_Sign][6]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e0010: B8 CA CC 4E ...N]]] Algorithm: [SHA1withRSA] Signature:0000: 76 E1 12 6E 4E 4B 16 12 86 30 06 B2 81 08 CF F0 v..nNK...0......0010: 08 C7 C7 71 7E 66 EE C2 ED D4 3B 1F FF F0 F0 C8 ...q.f....;.....0020: 4E D6 43 38 B0 B9 30 7D 18 D0 55 83 A2 6A CB 36 N.C8..0...U..j.60030: 11 9C E8 48 66 A3 6D 7F B8 13 D4 47 FE 8B 5A 5C ...Hf.m....G..Z\0040: 73 FC AE D9 1B 32 19 38 AB 97 34 14 AA 96 D2 EB s....2.8..4.....0050: A3 1C 14 08 49 B6 BB E5 91 EF 83 36 EB 1D 56 6F ....I......6..Vo0060: CA DA BC 73 63 90 E4 7F 7B 3E 22 CB 3D 07 ED 5F ...sc....>".=.._0070: 38 74 9C E3 03 50 4E A1 AF 98 EE 61 F2 84 3F 12 8t...PN....a..?.] |
Okt 23, 2017 15:10:22.295268059 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 | CN=*.googleusercontent.com, O=Google Inc, L=Mountain View, ST=California, C=US | CN=Google Internet Authority G2, O=Google Inc, C=US | Tue Oct 10 16:32:53 CEST 2017 | Fri Dec 29 01:00:00 CET 2017 | [[ Version: V3 Subject: CN=*.googleusercontent.com, O=Google Inc, L=Mountain View, ST=California, C=US Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun EC public key, 256 bits public x coord: 15271535749596578218457132003338733801458881203746924888444372992746526558782 public y coord: 47598144771108100888357895985217297976065183198641687424198380272524200690695 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) Validity: [From: Tue Oct 10 16:32:53 CEST 2017, To: Fri Dec 29 01:00:00 CET 2017] Issuer: CN=Google Internet Authority G2, O=Google Inc, C=US SerialNumber: [ 4ca3c94d d1f8e43d]Certificate Extensions: 9[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://pki.google.com/GIAG2.crt, accessMethod: ocsp accessLocation: URIName: http://clients1.google.com/ocsp]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 4A DD 06 16 1B BC F6 68 B5 76 F5 81 B6 BB 62 1A J......h.v....b.0010: BA 5A 81 2F .Z./]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:false PathLen: undefined][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://pki.google.com/GIAG2.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.11129.2.5.1][] ] [CertificatePolicyId: [2.23.140.1.2.2][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=falseKeyUsage [ DigitalSignature][8]: ObjectId: 2.5.29.17 Criticality=falseSubjectAlternativeName [ DNSName: *.googleusercontent.com DNSName: *.apps.googleusercontent.com DNSName: *.appspot.com.storage.googleapis.com DNSName: *.blogspot.com DNSName: *.bp.blogspot.com DNSName: *.commondatastorage.googleapis.com DNSName: *.content-storage-download.googleapis.com DNSName: *.content-storage-upload.googleapis.com DNSName: *.content-storage.googleapis.com DNSName: *.doubleclickusercontent.com DNSName: *.ggpht.com DNSName: *.googledrive.com DNSName: *.googlesyndication.com DNSName: *.googleweblight.com DNSName: *.safenup.googleusercontent.com DNSName: *.sandbox.googleusercontent.com DNSName: *.storage-download.googleapis.com DNSName: *.storage-upload.googleapis.com DNSName: *.storage.googleapis.com DNSName: *.storage.select.googleapis.com DNSName: blogspot.com DNSName: bp.blogspot.com DNSName: commondatastorage.googleapis.com DNSName: doubleclickusercontent.com DNSName: ggpht.com DNSName: googledrive.com DNSName: googleusercontent.com DNSName: googleweblight.com DNSName: static.panoramio.com.storage.googleapis.com DNSName: storage.googleapis.com DNSName: storage.select.googleapis.com DNSName: unfiltered.news][9]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 4A 0C 66 FC 77 96 88 36 E4 12 44 98 EF BA 19 10 J.f.w..6..D.....0010: 14 63 56 70 .cVp]]] Algorithm: [SHA256withRSA] Signature:0000: 42 4F D1 6E A4 BD E7 21 21 CD 50 26 63 3D 6C DA BO.n...!!.P&c=l.0010: 10 FC F2 80 60 38 98 34 FE 8C CF 5A 38 D8 42 29 ....`8.4...Z8.B)0020: 3B 31 52 4B EE A6 BC 45 E5 5A 19 F2 CB 3D 4F E5 ;1RK...E.Z...=O.0030: D3 5A FF CB 13 BA 61 89 37 E9 E2 FD EC 3F F4 F7 .Z....a.7....?..0040: 77 40 53 EA A7 6A 7B 14 8F 36 B8 17 70 B2 CE E5 w@S..j...6..p...0050: D5 19 2F BA FD A5 B5 95 1A F9 A9 1A E8 0C EC B2 ../.............0060: 7A 94 37 43 54 92 EC 60 AD 4B BA A5 5D B2 6C B6 z.7CT..`.K..].l.0070: 0A 89 25 9B 42 01 1E 67 A8 C4 6D 12 3E 3E 28 E5 ..%.B..g..m.>>(.0080: DE 27 70 92 1A 85 DB A5 7A 51 1B E6 6D 63 E0 6E .'p.....zQ..mc.n0090: 33 38 DC DF 05 0A FE 90 15 46 94 D8 6C 18 A1 27 38.......F..l..'00A0: 54 A1 4A 3C 15 1D AB 50 D5 22 E5 B2 4E A8 DC BF T.J<...P."..N...00B0: 6C 74 62 DF 7E F7 22 E6 D9 A4 C9 CF 61 8A E7 E6 ltb...".....a...00C0: EB 17 66 D9 C2 67 0B 55 F9 FA B2 F7 5E 16 20 C6 ..f..g.U....^. .00D0: ED E6 61 2A BE 71 A3 4C 71 E3 BC C3 99 B1 90 29 ..a*.q.Lq......)00E0: 9D AA 85 F0 77 73 87 4D BE D4 E7 7E 86 9A 76 B4 ....ws.M......v.00F0: 3A 39 B2 53 F8 A9 61 1A A4 BE AA 31 FC F1 DA 0B :9.S..a....1....] |
Okt 23, 2017 15:10:22.295268059 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 | CN=Google Internet Authority G2, O=Google Inc, C=US | CN=GeoTrust Global CA, O=GeoTrust Inc., C=US | Mon May 22 13:32:37 CEST 2017 | Tue Jan 01 00:59:59 CET 2019 | [[ Version: V3 Subject: CN=Google Internet Authority G2, O=Google Inc, C=US Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 19713895149719550196537065661910573762693934593220985668782860735427060889140793885919063737778303548724916253252606564904177491762533295616984617709378739783748100146882543612565825906799282133510087546060971220666055151463898734279731009956582933624646298029265838127046200538496591314458940937082185029845612274584845875286257057247598474925565775989866310636633768255501748172403430876460228793912189332026189491067186811703150477068536877439284697584041860237489395099402658887745588613142391209024263265842301844868193180477031165936332420984796347731387363914950895491332976177715889375379088870580457661428329 public exponent: 65537 Validity: [From: Mon May 22 13:32:37 CEST 2017, To: Tue Jan 01 00:59:59 CET 2019] Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US SerialNumber: [ 01002125 88b0fa59 a777ef05 7b6627df]Certificate Extensions: 8[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://g.symcd.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e0010: B8 CA CC 4E ...N]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:0][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://g.symcb.com/crls/gtglobal.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.11129.2.5.1][] ] [CertificatePolicyId: [2.23.140.1.2.2][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ Key_CertSign Crl_Sign][8]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 4A DD 06 16 1B BC F6 68 B5 76 F5 81 B6 BB 62 1A J......h.v....b.0010: BA 5A 81 2F .Z./]]] Algorithm: [SHA256withRSA] Signature:0000: CA 49 E5 AC D7 64 64 77 5B BE 71 FA CF F4 1E 23 .I...ddw[.q....#0010: C7 9A 69 63 54 5F EB 4C D6 19 28 23 64 66 8E 1C ..icT_.L..(#df..0020: C7 87 80 64 5F 04 8B 26 AF 98 DF 0A 70 BC BC 19 ...d_..&....p...0030: 3D EE 7B 33 A9 7F BD F4 05 D4 70 BB 05 26 79 EA =..3......p..&y.0040: 9A C7 98 B9 07 19 65 34 CC 3C E9 3F C5 01 FA 6F ......e4.<.?...o0050: 0C 7E DB 7A 70 5C 4C FE 2D 00 F0 CA BE 2D 8E B4 ...zp\L.-....-..0060: A8 80 FB 01 13 88 CB 9C 3F E5 BB 77 CA 3A 67 36 ........?..w.:g60070: F3 CE D5 27 02 72 43 A0 BD 6E 02 F1 47 05 71 3E ...'.rC..n..G.q>0080: 01 59 E9 11 9E 1A F3 84 0F 80 A6 A2 78 35 2F B6 .Y..........x5/.0090: C7 A2 7F 17 7C E1 8B 56 AE EE 67 88 51 27 30 60 .......V..g.Q'0`00A0: A5 62 52 C3 37 D5 3B EA 85 2A 01 38 87 A2 CF 70 .bR.7.;..*.8...p00B0: AD A4 7A C9 C4 E7 CA C5 DA BC 23 32 F2 FE 18 C2 ..z.......#2....00C0: 7B E0 DF 3B 2F D4 D0 10 E6 96 4C FB 44 B7 21 64 ...;/.....L.D.!d00D0: 0D B9 00 94 30 12 26 87 58 98 39 05 38 0F CC 82 ....0.&.X.9.8...00E0: 48 0C 0A 47 66 EE BF B4 5F C4 FF 70 A8 E1 7F 8B H..Gf..._..p....00F0: 79 2B B8 65 32 A3 B9 B7 31 E9 0A F5 F6 1F 32 DC y+.e2...1.....2.] |
Okt 23, 2017 15:10:22.295268059 MESZ | 443 | 49219 | 216.58.209.193 | 192.168.0.50 | CN=GeoTrust Global CA, O=GeoTrust Inc., C=US | OU=Equifax Secure Certificate Authority, O=Equifax, C=US | Tue May 21 06:00:00 CEST 2002 | Tue Aug 21 06:00:00 CEST 2018 | [[ Version: V3 Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 27620593608073140957439440929253438012688864718977347268272053725994928948867769687165112265058896553974818505070806430256424431940072485024407486246475597522063246121214348496326377341879755851197260401080498544606788760407243324127929930612201002157618691487713632251700065187865963692723720912135393438861302779432180613616167225206519123176430362410262429702404863434904116727055203524505580952824336979641923534005571504410997292144760317953739063178352809680844232935574095508445145910310675421726257114605895831426222686272114090063230017292595425393719031924942422176213538487957041730136782988405751614792953 public exponent: 65537 Validity: [From: Tue May 21 06:00:00 CEST 2002, To: Tue Aug 21 06:00:00 CEST 2018] Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US SerialNumber: [ 12bbe6]Certificate Extensions: 6[1]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O30010: 98 90 9F D4 ....]][2]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:2147483647][3]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.geotrust.com/crls/secureca.crl]]][4]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 2D 68 74 74 70 73 3A 2F 2F 77 77 77 2E 67 65 .-https://www.ge0010: 6F 74 72 75 73 74 2E 63 6F 6D 2F 72 65 73 6F 75 otrust.com/resou0020: 72 63 65 73 2F 72 65 70 6F 73 69 74 6F 72 79 rces/repository]] ]][5]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ Key_CertSign Crl_Sign][6]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e0010: B8 CA CC 4E ...N]]] Algorithm: [SHA1withRSA] Signature:0000: 76 E1 12 6E 4E 4B 16 12 86 30 06 B2 81 08 CF F0 v..nNK...0......0010: 08 C7 C7 71 7E 66 EE C2 ED D4 3B 1F FF F0 F0 C8 ...q.f....;.....0020: 4E D6 43 38 B0 B9 30 7D 18 D0 55 83 A2 6A CB 36 N.C8..0...U..j.60030: 11 9C E8 48 66 A3 6D 7F B8 13 D4 47 FE 8B 5A 5C ...Hf.m....G..Z\0040: 73 FC AE D9 1B 32 19 38 AB 97 34 14 AA 96 D2 EB s....2.8..4.....0050: A3 1C 14 08 49 B6 BB E5 91 EF 83 36 EB 1D 56 6F ....I......6..Vo0060: CA DA BC 73 63 90 E4 7F 7B 3E 22 CB 3D 07 ED 5F ...sc....>".=.._0070: 38 74 9C E3 03 50 4E A1 AF 98 EE 61 F2 84 3F 12 8t...PN....a..?.] |
Okt 23, 2017 15:12:22.319761038 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 | CN=*.eltima.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated | CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | Tue May 30 02:00:00 CEST 2017 | Sun Aug 30 01:59:59 CEST 2020 | [[ Version: V3 Subject: CN=*.eltima.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24889325892277091522405691880919970955562269226689565795281952746129879749480562366988120845720834354672388847971047354836092137257717298315613128677727793908438274752080329047099458450194829807105952095834091127626804114474014982436342199829116245787218265215862689635507934818498317531487803522731104880174538841312258566115173093880349268352945637583659099205031240370344177035692485390448867606288453302849256258221306559393617160755340683884543688061971601098010878338414561223138613857594628368927744589543069885214945586742747959533509409916799711824084696793213582284069484619975791467937463804247577510157691 public exponent: 65537 Validity: [From: Tue May 30 02:00:00 CEST 2017, To: Sun Aug 30 01:59:59 CEST 2020] Issuer: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB SerialNumber: [ a92d3c0a 2d688c88 0e5195b0 1c3ac8cc]Certificate Extensions: 9[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt, accessMethod: ocsp accessLocation: URIName: http://ocsp.comodoca.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 90 AF 6A 3A 94 5A 0B D8 90 EA 12 56 73 DF 43 B4 ..j:.Z.....Vs.C.0010: 3A 28 DA E7 :(..]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:false PathLen: undefined][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.6449.1.2.2.7][PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 1D 68 74 74 70 73 3A 2F 2F 73 65 63 75 72 65 ..https://secure0010: 2E 63 6F 6D 6F 64 6F 2E 63 6F 6D 2F 43 50 53 .comodo.com/CPS]] ] [CertificatePolicyId: [2.23.140.1.2.1][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_Encipherment][8]: ObjectId: 2.5.29.17 Criticality=falseSubjectAlternativeName [ DNSName: *.eltima.com DNSName: eltima.com][9]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 17 8B 75 7C 13 B0 AF 7F 2D 68 06 37 42 1A 0A 93 ..u.....-h.7B...0010: 0A 68 5E C9 .h^.]]] Algorithm: [SHA256withRSA] Signature:0000: 6B 67 D8 72 F8 A6 9E 2C D2 2E 2C AA 49 18 88 68 kg.r...,..,.I..h0010: 3D AA FD 67 97 0D 11 98 3E 4B DF 5B 76 6D 7E 4E =..g....>K.[vm.N0020: 8C 96 2B 7A 7A 0D C3 59 CD 2B B2 B4 F8 ED 89 42 ..+zz..Y.+.....B0030: 80 7F 84 75 94 12 AD AC A4 C6 83 17 B9 A0 41 63 ...u..........Ac0040: 72 F4 13 A4 BF DE 45 40 C9 60 5C C3 D9 9E 99 D1 r.....E@.`\.....0050: CC CF 83 76 68 E9 B3 F7 36 69 15 D8 AA D2 F4 6F ...vh...6i.....o0060: 0A 6B 28 AB 2F 73 48 E6 69 85 DB 7D 26 9A 2F B6 .k(./sH.i...&./.0070: 48 1D C9 2E 50 A0 00 C4 9D 81 43 33 6A CF BB 33 H...P.....C3j..30080: 7B BD CF 1B 80 53 16 16 78 75 87 77 CD 6A 17 A4 .....S..xu.w.j..0090: 11 32 B7 F6 4D 74 71 AB F5 95 0F 20 DA 13 2E 31 .2..Mtq.... ...100A0: 7C 4D 56 23 E8 74 BF D6 EC 34 DC AA 3D BA 7E 9A .MV#.t...4..=...00B0: 66 C1 0A AF B2 54 54 F1 A6 26 90 D1 51 56 90 73 f....TT..&..QV.s00C0: 8D 62 63 11 60 03 29 F0 CC A4 B2 F8 C5 5D FA 94 .bc.`.)......]..00D0: 2A 61 55 D0 4D 97 95 A1 32 D3 17 D3 9A CF 66 2E *aU.M...2.....f.00E0: 5E C6 54 66 D0 10 77 33 E0 6A 18 10 CB 9F D2 58 ^.Tf..w3.j.....X00F0: BC 96 B7 76 0B 5F 60 9A 15 F7 C2 6B 41 C2 FC 37 ...v._`....kA..7] |
Okt 23, 2017 15:12:22.319761038 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 | CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | Wed Feb 12 01:00:00 CET 2014 | Mon Feb 12 00:59:59 CET 2029 | [[ Version: V3 Subject: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Signature Algorithm: SHA384withRSA, OID = 1.2.840.113549.1.1.12 Key: Sun RSA public key, 2048 bits modulus: 18021508317891126045114383893640587389787314988023771299021472384098480478916503597778296613150634219765052113517870635171403307225477983047468706279013651027886500159485348697094115927961850381525182009137128777951162358715158533528593200093291791323275973789174789209802980910482500744419318360338528025872227868058578212418244189425301367382232973595110901594292490129763308095314503250053957090379265992785603931784956681691284995547158646635183735467516188519673313343149548166538558424521681954529559978463371620234598058977077392872218941503229331579208118464720991080636709101634982701306129953489796945248933 public exponent: 65537 Validity: [From: Wed Feb 12 01:00:00 CET 2014, To: Mon Feb 12 00:59:59 CET 2029] Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB SerialNumber: [ 2b2e6eea d975366c 148a6edb a37c8c07]Certificate Extensions: 8[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://crt.comodoca.com/COMODORSAAddTrustCA.crt, accessMethod: ocsp accessLocation: URIName: http://ocsp.comodoca.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..0010: D9 32 32 D4 .22.]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:0][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.comodoca.com/COMODORSACertificationAuthority.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][] ] [CertificatePolicyId: [2.23.140.1.2.1][] ]][6]: ObjectId: 2.5.29.37 Criticality=falseExtendedKeyUsages [ serverAuth clientAuth][7]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_CertSign Crl_Sign][8]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 90 AF 6A 3A 94 5A 0B D8 90 EA 12 56 73 DF 43 B4 ..j:.Z.....Vs.C.0010: 3A 28 DA E7 :(..]]] Algorithm: [SHA384withRSA] Signature:0000: 4E 2B 76 4F 92 1C 62 36 89 BA 77 C1 27 05 F4 1C N+vO..b6..w.'...0010: D6 44 9D A9 9A 3E AA D5 66 66 01 3E EA 49 E6 A2 .D...>..ff.>.I..0020: 35 BC FA F6 DD 95 8E 99 35 98 0E 36 18 75 B1 DD 5.......5..6.u..0030: DD 50 72 7C AE DC 77 88 CE 0F F7 90 20 CA A3 67 .Pr...w..... ..g0040: 2E 1F 56 7F 7B E1 44 EA 42 95 C4 5D 0D 01 50 46 ..V...D.B..]..PF0050: 15 F2 81 89 59 6C 8A DD 8C F1 12 A1 8D 3A 42 8A ....Yl.......:B.0060: 98 F8 4B 34 7B 27 3B 08 B4 6F 24 3B 72 9D 63 74 ..K4.';..o$;r.ct0070: 58 3C 1A 6C 3F 4F C7 11 9A C8 A8 F5 B5 37 EF 10 X<.l?O.......7..0080: 45 C6 6C D9 E0 5E 95 26 B3 EB AD A3 B9 EE 7F 0C E.l..^.&........0090: 9A 66 35 73 32 60 4E E5 DD 8A 61 2C 6E 52 11 77 .f5s2`N...a,nR.w00A0: 68 96 D3 18 75 51 15 00 1B 74 88 DD E1 C7 38 04 h...uQ...t....8.00B0: 43 28 E9 16 FD D9 05 D4 5D 47 27 60 D6 FB 38 3B C(......]G'`..8;00C0: 6C 72 A2 94 F8 42 1A DF ED 6F 06 8C 45 C2 06 00 lr...B...o..E...00D0: AA E4 E8 DC D9 B5 E1 73 78 EC F6 23 DC D1 DD 6C .......sx..#...l00E0: 8E 1A 8F A5 EA 54 7C 96 B7 C3 FE 55 8E 8D 49 5E .....T.....U..I^00F0: FC 64 BB CF 3E BD 96 EB 69 CD BF E0 48 F1 62 82 .d..>...i...H.b.0100: 10 E5 0C 46 57 F2 33 DA D0 C8 63 ED C6 1F 94 05 ...FW.3...c.....0110: 96 4A 1A 91 D1 F7 EB CF 8F 52 AE 0D 08 D9 3E A8 .J.......R....>.0120: A0 51 E9 C1 87 74 D5 C9 F7 74 AB 2E 53 FB BB 7A .Q...t...t..S..z0130: FB 97 E2 F8 1F 26 8F B3 D2 A0 E0 37 5B 28 3B 31 .....&.....7[(;10140: E5 0E 57 2D 5A B8 AD 79 AC 5E 20 66 1A A5 B9 A6 ..W-Z..y.^ f....0150: B5 39 C1 F5 98 43 FF EE F9 A7 A7 FD EE CA 24 3D .9...C........$=0160: 80 16 C4 17 8F 8A C1 60 A1 0C AE 5B 43 47 91 4B .......`...[CG.K0170: D5 9A 17 5F F9 D4 87 C1 C2 8C B7 E7 E2 0F 30 19 ..._..........0.0180: 37 86 AC E0 DC 42 03 E6 94 A8 9D AE FD 0F 24 51 7....B........$Q0190: 94 CE 92 08 D1 FC 50 F0 03 40 7B 88 59 ED 0E DD ......P..@..Y...01A0: AC D2 77 82 34 DC 06 95 02 D8 90 F9 2D EA 37 D5 ..w.4.......-.7.01B0: 1A 60 D0 67 20 D7 D8 42 0B 45 AF 82 68 DE DD 66 .`.g ..B.E..h..f01C0: 24 37 90 29 94 19 46 19 25 B8 80 D7 CB D4 86 28 $7.)..F.%......(01D0: 6A 44 70 26 23 62 A9 9F 86 6F BF BA 90 70 D2 56 jDp&#b...o...p.V01E0: 77 85 78 EF EA 25 A9 17 CE 50 72 8C 00 3A AA E3 w.x..%...Pr..:..01F0: DB 63 34 9F F8 06 71 01 E2 82 20 D4 FE 6F BD B1 .c4...q... ..o..] |
Okt 23, 2017 15:12:22.319761038 MESZ | 443 | 49221 | 78.46.96.38 | 192.168.0.50 | CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB | CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE | Tue May 30 12:48:38 CEST 2000 | Sat May 30 12:48:38 CEST 2020 | [[ Version: V3 Subject: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Signature Algorithm: SHA384withRSA, OID = 1.2.840.113549.1.1.12 Key: Sun RSA public key, 4096 bits modulus: 595250832037245141724642107398533641144111340640849154810839512193646804439589382557795096048235159392412856809181253983148280442751106836828767077478502910675291715965426418324395462826337195608826159904332409833532414343087397304684051488024083060971973988667565926401713702437407307790551210783180012029671811979458976709742365579736599681150756374332129237698142054260771585540729412505699671993111094681722253786369180597052805125225748672266569013967025850135765598233721214965171040686884703517711864518647963618102322884373894861238464186441528415873877499307554355231373646804211013770034465627350166153734933786011622475019872581027516832913754790596939102532587063612068091625752995700206528059096165261547017202283116886060219954285939324476288744352486373249118864714420341870384243932900936553074796547571643358129426474424573956572670213304441994994142333208766235762328926816055054634905252931414737971249889745696283503174642385591131856834241724878687870772321902051261453524679758731747154638983677185705464969589189761598154153383380395065347776922242683529305823609958629983678843126221186204478003285765580771286537570893899006127941280337699169761047271395591258462580922460487748761665926731923248227868312659 public exponent: 65537 Validity: [From: Tue May 30 12:48:38 CEST 2000, To: Sat May 30 12:48:38 CEST 2020] Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE SerialNumber: [ 2766ee56 eb49f38e abd770a2 fc84de22]Certificate Extensions: 7[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=falseAuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.usertrust.com]][2]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....0010: 24 CB 54 1A $.T.]][3]: ObjectId: 2.5.29.19 Criticality=trueBasicConstraints:[ CA:true PathLen:2147483647][4]: ObjectId: 2.5.29.31 Criticality=falseCRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.usertrust.com/AddTrustExternalCARoot.crl]]][5]: ObjectId: 2.5.29.32 Criticality=falseCertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0][] ]][6]: ObjectId: 2.5.29.15 Criticality=trueKeyUsage [ DigitalSignature Key_CertSign Crl_Sign][7]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: BB AF 7E 02 3D FA A6 F1 3C 84 8E AD EE 38 98 EC ....=...<....8..0010: D9 32 32 D4 .22.]]] Algorithm: [SHA384withRSA] Signature:0000: 64 BF 83 F1 5F 9A 85 D0 CD B8 A1 29 57 0D E8 5A d..._......)W..Z0010: F7 D1 E9 3E F2 76 04 6E F1 52 70 BB 1E 3C FF 4D ...>.v.n.Rp..<.M0020: 0D 74 6A CC 81 82 25 D3 C3 A0 2A 5D 4C F5 BA 8B .tj...%...*]L...0030: A1 6D C4 54 09 75 C7 E3 27 0E 5D 84 79 37 40 13 .m.T.u..'.].y7@.0040: 77 F5 B4 AC 1C D0 3B AB 17 12 D6 EF 34 18 7E 2B w.....;.....4..+0050: E9 79 D3 AB 57 45 0C AF 28 FA D0 DB E5 50 95 88 .y..WE..(....P..0060: BB DF 85 57 69 7D 92 D8 52 CA 73 81 BF 1C F3 E6 ...Wi...R.s.....0070: B8 6E 66 11 05 B3 1E 94 2D 7F 91 95 92 59 F1 4C .nf.....-....Y.L0080: CE A3 91 71 4C 7C 47 0C 3B 0B 19 F6 A1 B1 6C 86 ...qL.G.;.....l.0090: 3E 5C AA C4 2E 82 CB F9 07 96 BA 48 4D 90 F2 94 >\.........HM...00A0: C8 A9 73 A2 EB 06 7B 23 9D DE A2 F3 4D 55 9F 7A ..s....#....MU.z00B0: 61 45 98 18 68 C7 5E 40 6B 23 F5 79 7A EF 8C B5 aE..h.^@k#.yz...00C0: 6B 8B B7 6F 46 F4 7B F1 3D 4B 04 D8 93 80 59 5A k..oF...=K....YZ00D0: E0 41 24 1D B2 8F 15 60 58 47 DB EF 6E 46 FD 15 .A$....`XG..nF..00E0: F5 D9 5F 9A B3 DB D8 B8 E4 40 B3 CD 97 39 AE 85 .._......@...9..00F0: BB 1D 8E BC DC 87 9B D1 A6 EF F1 3B 6F 10 38 6F ...........;o.8o] |
System Behavior |
---|
General |
---|
Start time: | 15:10:11 |
Start date: | 23/10/2017 |
Path: | /usr/libexec/xpcproxy |
File size: | 42656 bytes |
MD5 hash: | b2faf9621ba8f5b2bcea6ee7d572a8b7 |
General |
---|
Start time: | 15:10:11 |
Start date: | 23/10/2017 |
Path: | /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player |
File size: | 44592 bytes |
MD5 hash: | ff80d97674e148687affd6a4e3ccf00a |
General |
---|
Start time: | 15:10:12 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:12 |
Start date: | 23/10/2017 |
Path: | /usr/bin/open |
File size: | 96816 bytes |
MD5 hash: | 6056e93dd048a99ee5566de0f1527271 |
General |
---|
Start time: | 15:10:14 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:14 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:14 |
Start date: | 23/10/2017 |
Path: | /usr/bin/unzip |
File size: | 166320 bytes |
MD5 hash: | e781ae6c3e793781508fc3531b386246 |
General |
---|
Start time: | 15:10:14 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:14 |
Start date: | 23/10/2017 |
Path: | /usr/bin/open |
File size: | 96816 bytes |
MD5 hash: | 6056e93dd048a99ee5566de0f1527271 |
General |
---|
Start time: | 15:10:12 |
Start date: | 23/10/2017 |
Path: | /usr/libexec/xpcproxy |
File size: | 42656 bytes |
MD5 hash: | b2faf9621ba8f5b2bcea6ee7d572a8b7 |
General |
---|
Start time: | 15:10:12 |
Start date: | 23/10/2017 |
Path: | /Users/vreni/Desktop/unpack/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player |
File size: | 2484384 bytes |
MD5 hash: | 17fe5ebacff74bfb6028eb371ceeaf2b |
General |
---|
Start time: | 15:10:14 |
Start date: | 23/10/2017 |
Path: | /usr/libexec/xpcproxy |
File size: | 42656 bytes |
MD5 hash: | b2faf9621ba8f5b2bcea6ee7d572a8b7 |
General |
---|
Start time: | 15:10:14 |
Start date: | 23/10/2017 |
Path: | /tmp/Updater.app/Contents/MacOS/Updater |
File size: | 724696 bytes |
MD5 hash: | ff44372fce42ffe13222e7237d4cdef1 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /usr/bin/openssl |
File size: | 922496 bytes |
MD5 hash: | 1689d18d1f1b7b07480d337cc7fc9f43 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /usr/bin/nc |
File size: | 42400 bytes |
MD5 hash: | 2cbc307230ad7cd8050109ea4f2bd078 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:15 |
Start date: | 23/10/2017 |
Path: | /usr/bin/curl |
File size: | 172016 bytes |
MD5 hash: | 313ae871e04221163541c8af134351dc |
General |
---|
Start time: | 15:10:22 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:22 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:22 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:22 |
Start date: | 23/10/2017 |
Path: | /usr/bin/curl |
File size: | 172016 bytes |
MD5 hash: | 313ae871e04221163541c8af134351dc |
General |
---|
Start time: | 15:10:32 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:32 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:32 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:10:43 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:43 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:43 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:10:56 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:56 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:10:56 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:11:07 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:07 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:07 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:11:20 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:20 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:20 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:11:32 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:32 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:32 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:11:44 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:44 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:44 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:11:55 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:55 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:11:55 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:12:07 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:12:07 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:12:07 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:12:20 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:12:20 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:12:20 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:12:31 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:12:31 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |
General |
---|
Start time: | 15:12:31 |
Start date: | 23/10/2017 |
Path: | /sbin/ping |
File size: | 37232 bytes |
MD5 hash: | 339ef1af4113dd065d43d939a1536151 |
General |
---|
Start time: | 15:12:44 |
Start date: | 23/10/2017 |
Path: | /bin/sh |
File size: | 632672 bytes |
MD5 hash: | 2cc3c26641112c1bd0173f396b7d7662 |