Analysis Report http://leonfurniturestore.com/sec.myacc.resourses.biz/
Overview
General Information |
---|
Joe Sandbox Version: | 25.0.0 Tiger's Eye |
Analysis ID: | 785940 |
Start date: | 12.02.2019 |
Start time: | 20:11:38 |
Joe Sandbox Product: | Cloud |
Overall analysis duration: | 0h 8m 4s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | |
Analysis system description: | Windows 7 (Office 2010 SP2, Java 1.8.0_40 1.8.0_191, Flash 16.0.0.305, Acrobat Reader 11.0.08, Internet Explorer 11, Chrome 55, Firefox 43) |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies |
|
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal80.bank.expl.evad.win@14/23@3/4 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Detection |
---|
Strategy | Score | Range | Reporting | Whitelisted | Detection | |
---|---|---|---|---|---|---|
Threshold | 80 | 0 - 100 | Report FP / FN | false |
Confidence |
---|
Strategy | Score | Range | Further Analysis Required? | Confidence | |
---|---|---|---|---|---|
Threshold | 5 | 0 - 5 | false |
Classification |
---|
Analysis Advice |
---|
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control |
---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts1 | Command-Line Interface1 | Valid Accounts1 | Valid Accounts1 | Valid Accounts1 | Credential Dumping | Process Discovery2 | Application Deployment Software | Data from Local System | Data Encrypted2 | Standard Cryptographic Protocol2 |
Replication Through Removable Media | Service Execution1 | Modify Existing Service1 | Process Injection1 | Disabling Security Tools1 | Network Sniffing | Security Software Discovery2 | Remote Services | Data from Removable Media | Exfiltration Over Other Network Medium | Standard Non-Application Layer Protocol4 |
Drive-by Compromise | PowerShell4 | New Service2 | New Service2 | Process Injection1 | Input Capture | Remote System Discovery1 | Windows Remote Management | Data from Network Shared Drive | Automated Exfiltration | Standard Application Layer Protocol4 |
Exploit Public-Facing Application | Exploitation for Client Execution11 | System Firmware | DLL Search Order Hijacking | Deobfuscate/Decode Files or Information1 | Credentials in Files | System Service Discovery1 | Logon Scripts | Input Capture | Data Encrypted | Multiband Communication |
Spearphishing Link | Command-Line Interface | Shortcut Modification | File System Permissions Weakness | Obfuscated Files or Information1 | Account Manipulation | File and Directory Discovery1 | Shared Webroot | Data Staged | Scheduled Transfer | Standard Cryptographic Protocol |
Spearphishing Attachment | Graphical User Interface | Modify Existing Service | New Service | DLL Search Order Hijacking | Brute Force | System Information Discovery22 | Third-party Software | Screen Capture | Data Transfer Size Limits | Commonly Used Port |
Signature Overview |
---|
Click to jump to signature section
Cryptography: |
---|
Uses Microsoft's Enhanced Cryptographic Provider | Show sources |
Source: | Code function: | 7_2_00112089 | |
Source: | Code function: | 7_2_001120E5 | |
Source: | Code function: | 7_2_00112104 | |
Source: | Code function: | 7_2_00112125 | |
Source: | Code function: | 7_2_0011218B | |
Source: | Code function: | 7_2_001121A9 | |
Source: | Code function: | 7_2_00112217 | |
Source: | Code function: | 7_2_00112292 | |
Source: | Code function: | 7_2_0011233E | |
Source: | Code function: | 7_2_001123B0 | |
Source: | Code function: | 9_2_001120E5 | |
Source: | Code function: | 9_2_00112104 | |
Source: | Code function: | 9_2_00112089 | |
Source: | Code function: | 9_2_00112125 | |
Source: | Code function: | 9_2_0011218B | |
Source: | Code function: | 9_2_001121A9 | |
Source: | Code function: | 9_2_00112217 | |
Source: | Code function: | 9_2_00112292 | |
Source: | Code function: | 9_2_0011233E | |
Source: | Code function: | 9_2_001123B0 |
Spreading: |
---|
Enumerates the file system | Show sources |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Software Vulnerabilities: |
---|
Document exploit detected (process start blacklist hit) | Show sources |
Source: | Process created: | Jump to behavior |
Potential browser exploit detected (process start blacklist hit) | Show sources |
Source: | Process created: | Jump to behavior |
Networking: |
---|
Connects to IPs without corresponding DNS lookups | Show sources |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
HTTP GET or POST without a user agent | Show sources |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Contains functionality to download additional files from the internet | Show sources |
Source: | Code function: | 9_2_00111679 |
Downloads files | Show sources |
Source: | File created: | Jump to behavior |
Downloads files from webservers via HTTP | Show sources |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Performs DNS lookups | Show sources |
Source: | DNS traffic detected: |
Posts data to webserver | Show sources |
Source: | HTTP traffic detected: |
Urls found in memory or binary data | Show sources |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Uses HTTPS | Show sources |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
E-Banking Fraud: |
---|
Detected Emotet e-Banking trojan | Show sources |
Source: | Code function: | 7_2_0011CF86 | |
Source: | Code function: | 9_2_0011CF86 |
Spam, unwanted Advertisements and Ransom Demands: |
---|
Contains functionality to import cryptographic keys (often used in ransomware) | Show sources |
Source: | Code function: | 7_2_00112125 | |
Source: | Code function: | 9_2_00112125 |
System Summary: |
---|
Powershell connects to network | Show sources |
Source: | Network Connect: | Jump to behavior |
Powershell drops PE file | Show sources |
Source: | File created: | Jump to dropped file |
Contains functionality to call native functions | Show sources |
Source: | Code function: | 6_2_003E21B8 | |
Source: | Code function: | 6_2_003E20FD | |
Source: | Code function: | 7_2_000F21B8 | |
Source: | Code function: | 7_2_000F20FD | |
Source: | Code function: | 8_2_002821B8 | |
Source: | Code function: | 8_2_002820FD | |
Source: | Code function: | 9_2_000F21B8 | |
Source: | Code function: | 9_2_000F20FD |
Contains functionality to delete services | Show sources |
Source: | Code function: | 7_2_0011FD10 |
Contains functionality to launch a process as a different user | Show sources |
Source: | Code function: | 7_2_00111F72 |
Creates mutexes | Show sources |
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: |
Detected potential crypto function | Show sources |
Source: | Code function: | 6_2_00D03535 | |
Source: | Code function: | 6_2_004053DF | |
Source: | Code function: | 6_2_004053DF | |
Source: | Code function: | 6_1_00D03535 | |
Source: | Code function: | 7_2_001153DF | |
Source: | Code function: | 7_2_001153DF | |
Source: | Code function: | 8_2_002A53DF | |
Source: | Code function: | 8_2_002A53DF | |
Source: | Code function: | 9_2_001153DF | |
Source: | Code function: | 9_2_001153DF |
Reads the hosts file | Show sources |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Classification label | Show sources |
Source: | Classification label: |
Contains functionality to create services | Show sources |
Source: | Code function: | 7_2_0011FDC9 | |
Source: | Code function: | 9_2_0011FDC9 |
Contains functionality to enum processes or threads | Show sources |
Source: | Code function: | 6_2_00401BF0 |
Contains functionality to modify services (start/stop/modify) | Show sources |
Source: | Code function: | 7_2_0011FE54 |
Creates files inside the user directory | Show sources |
Source: | File created: | Jump to behavior |
Creates temporary files | Show sources |
Source: | File created: | Jump to behavior |
Parts of this applications are using the .NET runtime (Probably coded in C#) | Show sources |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Reads ini files | Show sources |
Source: | File read: | Jump to behavior |
Reads software policies | Show sources |
Source: | Key opened: | Jump to behavior |
Spawns processes | Show sources |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Uses an in-process (OLE) Automation server | Show sources |
Source: | Key value queried: | Jump to behavior |
Found graphical window changes (likely an installer) | Show sources |
Source: | Window detected: |
Uses Microsoft Silverlight | Show sources |
Source: | File opened: | Jump to behavior |
Checks if Microsoft Office is installed | Show sources |
Source: | Key opened: | Jump to behavior |
Uses new MSVCR Dlls | Show sources |
Source: | File opened: | Jump to behavior |
Binary contains paths to debug symbols | Show sources |
Source: | Binary string: | ||
Source: | Binary string: |
Data Obfuscation: |
---|
PowerShell case anomaly found | Show sources |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Contains functionality to dynamically determine API calls | Show sources |
Source: | Code function: | 6_2_00401A36 |
PE file contains sections with non-standard names | Show sources |
Source: | Static PE information: |
Uses code obfuscation techniques (call, push, ret) | Show sources |
Source: | Code function: | 6_2_003E5BC8 | |
Source: | Code function: | 6_2_003E5BC8 | |
Source: | Code function: | 6_2_0040BB05 | |
Source: | Code function: | 7_2_000F5BC8 | |
Source: | Code function: | 7_2_000F5BC8 | |
Source: | Code function: | 7_2_0011BB05 | |
Source: | Code function: | 8_2_00285BC8 | |
Source: | Code function: | 8_2_00285BC8 | |
Source: | Code function: | 8_2_002ABB05 | |
Source: | Code function: | 9_2_000F5BC8 | |
Source: | Code function: | 9_2_000F5BC8 | |
Source: | Code function: | 9_2_0011BB05 |
Persistence and Installation Behavior: |
---|
Drops executables to the windows directory (C:\Windows) and starts them | Show sources |
Source: | Executable created and started: | Jump to behavior |
Drops PE files | Show sources |
Source: | File created: | Jump to dropped file |
Drops PE files to the user directory | Show sources |
Source: | File created: | Jump to dropped file |
Drops PE files to the windows directory (C:\Windows) | Show sources |
Source: | PE file moved: | Jump to behavior |
Boot Survival: |
---|
Drops PE files to the user root directory | Show sources |
Source: | File created: | Jump to dropped file |
Contains functionality to start windows services | Show sources |
Source: | Code function: | 7_2_0011FE73 |
Hooking and other Techniques for Hiding and Protection: |
---|
Hides that the sample has been downloaded from the Internet (zone.identifier) | Show sources |
Source: | File opened: | Jump to behavior |
Starts Microsoft Word (often done to prevent that the user detects that something wrong) | Show sources |
Source: | Process created: | Jump to behavior |
Disables application error messsages (SetErrorMode) | Show sources |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion: |
---|
Checks the free space of harddrives | Show sources |
Source: | File Volume queried: | Jump to behavior |
Contains functionality to enumerate running services | Show sources |
Source: | Code function: | 7_2_0011FA77 | |
Source: | Code function: | 7_2_0011FA14 | |
Source: | Code function: | 9_2_0011FA14 | |
Source: | Code function: | 9_2_0011FA77 |
Contains long sleeps (>= 3 min) | Show sources |
Source: | Thread delayed: | Jump to behavior |
Enumerates the file system | Show sources |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Found large amount of non-executed APIs | Show sources |
Source: | API coverage: | ||
Source: | API coverage: |
May sleep (evasive loops) to hinder dynamic analysis | Show sources |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Queries a list of all running processes | Show sources |
Source: | Process information queried: | Jump to behavior |
Anti Debugging: |
---|
Checks for kernel debuggers (NtQuerySystemInformation(SystemKernelDebuggerInformation)) | Show sources |
Source: | System information queried: | Jump to behavior |
Contains functionality to dynamically determine API calls | Show sources |
Source: | Code function: | 6_2_00401A36 |
Contains functionality to read the PEB | Show sources |
Source: | Code function: | 6_2_00401550 | |
Source: | Code function: | 7_2_00111550 | |
Source: | Code function: | 8_2_002A1550 | |
Source: | Code function: | 9_2_00111550 |
Contains functionality which may be used to detect a debugger (GetProcessHeap) | Show sources |
Source: | Code function: | 6_2_003E2513 |
Enables debug privileges | Show sources |
Source: | Process token adjusted: | Jump to behavior |
Creates guard pages, often used to prevent reverse engineering and debugging | Show sources |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion: |
---|
Encrypted powershell cmdline option found | Show sources |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Creates a process in suspended mode (likely to inject code) | Show sources |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Very long cmdline option found, this is very uncommon (may be encrypted or packed) | Show sources |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Language, Device and Operating System Detection: |
---|
Queries the installation date of Windows | Show sources |
Source: | Key value queried: | Jump to behavior |
Queries the volume information (name, serial number etc) of a device | Show sources |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Contains functionality to query time zone information | Show sources |
Source: | Code function: | 6_2_00D0332D |
Contains functionality to query windows version | Show sources |
Source: | Code function: | 6_2_00D013D2 |
Queries the cryptographic machine GUID | Show sources |
Source: | Key value queried: | Jump to behavior |
Remote Access Functionality: |
---|
Contains functionality to open a port and listen for incoming connection (possibly a backdoor) | Show sources |
Source: | Code function: | 6_2_00D0257B | |
Source: | Code function: | 6_1_00D0257B |
Sample Distance (10 = nearest)
10
9
8
7
6
5
4
3
2
1
Samplename | Analysis ID | SHA256 | Similarity |
---|
Behavior Graph |
---|
Simulations |
---|
Behavior and APIs |
---|
Time | Type | Description |
---|---|---|
20:12:34 | API Interceptor | |
20:12:55 | API Interceptor | |
20:13:14 | API Interceptor | |
20:13:22 | API Interceptor |
Antivirus Detection |
---|
Initial Sample |
---|
No Antivirus matches |
---|
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File |
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File | ||
0% | Avira URL Cloud | safe | Download File |
Yara Overview |
---|
Initial Sample |
---|
No yara matches |
---|
PCAP (Network Traffic) |
---|
No yara matches |
---|
Dropped Files |
---|
No yara matches |
---|
Memory Dumps |
---|
No yara matches |
---|
Unpacked PEs |
---|
No yara matches |
---|
Joe Sandbox View / Context |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Startup |
---|
|
Created / dropped Files |
---|
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 56560 |
Entropy (8bit): | 7.995785157236685 |
Encrypted: | true |
MD5: | BB377DF27A55C05BB3793CD1E125C869 |
SHA1: | 295D5A7CB802A8058059F6C29DC2491A15A7D55C |
SHA-256: | 3C4EC495F17D21CC236BC7238BC02728BD945C07157FBF875CAC340269AFC207 |
SHA-512: | AA074C05ACDA3414436A3EE01890C08024D6AF96868D856DF0382C9BA531D6701A6EF45A6A0C80FF21670BCF94AE7F1ED5FDEB0E4FA7A5BABF6F8D9FB19F06DC |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 137298 |
Entropy (8bit): | 6.4071237290249625 |
Encrypted: | false |
MD5: | 5A090F2BC0B31AB45167C1C4A96758DD |
SHA1: | 358DC4AF3449FB377626B318A785EAFF1CEC6ACC |
SHA-256: | 636B968161E38DF912038EC7D968A728B67B868EE65F3494D6C047CEA109103B |
SHA-512: | 91AD9F545F557FD1B1F6C9794A15D457782BD9F9C53660879AF15709C60D3B2C93A11D098A99DDF993628B57AA65B562A6BBB5661C9FB3DA910CEB3A958CBC22 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 29989 |
Entropy (8bit): | 3.1363653218282357 |
Encrypted: | false |
MD5: | 061F441C790BF1C098F2B020718C4C8B |
SHA1: | 184BE0B9B7AD9CBF90BECD7BBAEF54C0BF7BD9DE |
SHA-256: | E88772322DFB64F62F602101A48B77B63270A5656CB84CAA27F4A2490B1E3A14 |
SHA-512: | 9F41FB94E7A473A198ACE2A9F656B32D1AFB3A600B8893833B15212FBC1F42008F7EFFE7C3270F81FEA03ABC94C07D8BF628CE0DDA4F7A8C43F2200A352ED3E3 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 12981 |
Entropy (8bit): | 0.44336075282893084 |
Encrypted: | false |
MD5: | 6146A95DA5105621C4C8EC41089B68C5 |
SHA1: | 5240D95A97F24E1FE8F52CE520C7C9EE43DF483F |
SHA-256: | BC6564B104C55EBA7EBD3F4346537630512338C6BF202AD14B94B8CB3C0C6132 |
SHA-512: | CBCEAEB537EC412C0CFF30CBB295729127C5DF861F55A795E32EDADFCD980FE3F624C039C3C3D76623A49D5B936904C9FE379B16A78B11136B4CA7BA75DE8143 |
Malicious: | false |
Reputation: | low |
Process: | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Size (bytes): | 212992 |
Entropy (8bit): | 6.683953478337834 |
Encrypted: | false |
MD5: | 62C4B4A53927329BBBD9B78DE6E2FC01 |
SHA1: | 27FFF99C85E416E27A0C68D942BE1D15182F5426 |
SHA-256: | 5BDBCE2E62D126AEC9B2C13E80140283AFB895DAB289B59B5D8807D068A5D792 |
SHA-512: | 2F52FE34E323D50A75EEE03EF8361484CA6FA112D11BE6121F1F77405E67340AF1FE9DF8C01EF3FA352647D710C843B2DA4686AF8EF368C3F1F30130673D4B75 |
Malicious: | true |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 56560 |
Entropy (8bit): | 7.995785157236685 |
Encrypted: | true |
MD5: | BB377DF27A55C05BB3793CD1E125C869 |
SHA1: | 295D5A7CB802A8058059F6C29DC2491A15A7D55C |
SHA-256: | 3C4EC495F17D21CC236BC7238BC02728BD945C07157FBF875CAC340269AFC207 |
SHA-512: | AA074C05ACDA3414436A3EE01890C08024D6AF96868D856DF0382C9BA531D6701A6EF45A6A0C80FF21670BCF94AE7F1ED5FDEB0E4FA7A5BABF6F8D9FB19F06DC |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 328 |
Entropy (8bit): | 3.1118296382936017 |
Encrypted: | false |
MD5: | 0BE3C3736CA98ADE02F79B30B445E89E |
SHA1: | 9AF89F7EFDE15CB75BC4E9C971C8DA0220656EBE |
SHA-256: | 9DCA8E95123111CAD2C7751B8C557B8738FFA53E13C503C7C89ABD84E96DD0CC |
SHA-512: | 5702E7E210115B40C25F3AE116A93D6610BC689E46703C5FF3FED2BA272049CAF4178A8AAEA8495C22936F0D6ED25B30D4EA2FEA282071676A6190F797EEF2F9 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 237 |
Entropy (8bit): | 6.1480026084285395 |
Encrypted: | false |
MD5: | 9FB559A691078558E77D6848202F6541 |
SHA1: | EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 |
SHA-256: | 6D8A01DC7647BC218D003B58FE04049E24A9359900B7E0CEBAE76EDF85B8B914 |
SHA-512: | 0E08938568CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCFB74437DE520395234D0009D452FB96A8ECE236B |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 32344 |
Entropy (8bit): | 1.7964997007651438 |
Encrypted: | false |
MD5: | 5ECF5A32CFAB54495B48D2CCBEE8CA13 |
SHA1: | C433742C87F51A718328AB60DBE980027F68DABA |
SHA-256: | 4041310B2BED4A4D2F7F93D6F6E739343DC60510220E93CB395DC3587A08EB49 |
SHA-512: | 9FAD4C735EC84B29F2B4AB555C877F734A479AA5CADC20F01F023CDDAD1E34ABC83868303AA1AD0369724CBB19EF28E363623F59DCE13C1F4B855D2A5109A2D0 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 19032 |
Entropy (8bit): | 1.6001453261648433 |
Encrypted: | false |
MD5: | 43ACC548E138218EE998F3E3531017EC |
SHA1: | 3A649F5EC04F2C5791255E77DE6E37D9BC766784 |
SHA-256: | 7C3D8D566EE1ED13183BB47EA484BE886FC6F8AA567A79F0EBC23DB5AA991C55 |
SHA-512: | D48C448437D7B4DF8FB08FA38DB0E23C9ADCBD1AC5575AD65D8586EEA1BE534F97C1216A6E2D31ED049880DDF9C51D961624F7A7993E04EF6EBAAF10401184E9 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 179342 |
Entropy (8bit): | 6.1136516921731925 |
Encrypted: | false |
MD5: | 83A6D6EE025FE64D36806FE5F19E993B |
SHA1: | 64947772E7E4293897E9A8DB7A1AFA604645A63F |
SHA-256: | AC806D78D25581983F1200B8F3D89C233A76C9D87B03AE1D929EA89D0A72EDC6 |
SHA-512: | 6247E287ABD074F93F727243D3F0E0C2F78DB3399EEC3517A8DF1920EE7E48C3FCA08F77AF52505EBD51534B7F181FBB73C9B26C2EB1F8E665EC7DB88D345A37 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 237 |
Entropy (8bit): | 6.1480026084285395 |
Encrypted: | false |
MD5: | 9FB559A691078558E77D6848202F6541 |
SHA1: | EA13848D33C2C7F4F4BAA39348AEB1DBFAD3DF31 |
SHA-256: | 6D8A01DC7647BC218D003B58FE04049E24A9359900B7E0CEBAE76EDF85B8B914 |
SHA-512: | 0E08938568CD123BE8A20B87D9A3AAF5CB05249DE7F8286FF99D3FA35FC7AF7A9D9797DD6EFB6D1E722147DCFB74437DE520395234D0009D452FB96A8ECE236B |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 16 |
Entropy (8bit): | 1.6216407621868583 |
Encrypted: | false |
MD5: | FA518E3DFAE8CA3A0E495460FD60C791 |
SHA1: | E4F30E49120657D37267C0162FD4A08934800C69 |
SHA-256: | 775853600060162C4B4E5F883F9FD5A278E61C471B3EE1826396B6D129499AA7 |
SHA-512: | D21667F3FB081D39B579178E74E9BB1B6E9A97F2659029C165729A58F1787DC0ADADD980CD026C7A601D416665A81AC13A69E49A6A2FE2FDD0967938AA645C07 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 267 |
Entropy (8bit): | 5.147435832584224 |
Encrypted: | false |
MD5: | 959536020CA127F18BD07A5FE1972972 |
SHA1: | D4EA106947195F61CC6D3B00ADED8AFB9DB8BCB1 |
SHA-256: | C012460B6A7E99E383919EBBAE7C38B7085416E023EDA2F6AAEBA6C9119B1B71 |
SHA-512: | 5E40116E5C44E578F8F2847CEC891106567627112EE8967C10091EEB97DBDFD4B587650222A4E99FE6608608ABB8FFE6C7611CCFCD38EA19BFE8426DE494FCAD |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 179342 |
Entropy (8bit): | 6.1136516921731925 |
Encrypted: | false |
MD5: | 83A6D6EE025FE64D36806FE5F19E993B |
SHA1: | 64947772E7E4293897E9A8DB7A1AFA604645A63F |
SHA-256: | AC806D78D25581983F1200B8F3D89C233A76C9D87B03AE1D929EA89D0A72EDC6 |
SHA-512: | 6247E287ABD074F93F727243D3F0E0C2F78DB3399EEC3517A8DF1920EE7E48C3FCA08F77AF52505EBD51534B7F181FBB73C9B26C2EB1F8E665EC7DB88D345A37 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 26 |
Entropy (8bit): | 3.95006375643621 |
Encrypted: | false |
MD5: | FBCCF14D504B7B2DBCB5A5BDA75BD93B |
SHA1: | D59FC84CDD5217C6CF74785703655F78DA6B582B |
SHA-256: | EACD09517CE90D34BA562171D15AC40D302F0E691B439F91BE1B6406E25F5913 |
SHA-512: | AA1D2B1EA3C9DE3CCADB319D4E3E3276A2F27DD1A5244FE72DE2B6F94083DDDC762480482C5C2E53F803CD9E3973DDEFC68966F974E124307B5043E654443B98 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Internet Explorer\iexplore.exe |
File Type: | |
Size (bytes): | 1 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
MD5: | ECCBC87E4B5CE2FE28308FD9F2A7BAF3 |
SHA1: | 77DE68DAECD823BABBB58EDB1C8E14D7106E83BB |
SHA-256: | 4E07408562BEDB8B60CE05C1DECFE3AD16B72230967DE01F640B7E4729B49FCE |
SHA-512: | 3BAFBF08882A2D10133093A1B8433F50563B93C14ACD05B79028EB1D12799027241450980651994501423A66C276AE26C43B739BC65C4E16B10C3AF6C202AEBB |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Size (bytes): | 162 |
Entropy (8bit): | 2.961078520155895 |
Encrypted: | false |
MD5: | 1F0584A60FA9C24867B6055FD12F0C55 |
SHA1: | 2FEDAAE200EA70F753B72788BB32836C8959EBD9 |
SHA-256: | 1962E21A769721CA64CE0EDBF40602D40B1A0FCB70CA94F63A666ADC7E75CE81 |
SHA-512: | D9E3F4E5B9356A193C6ED3EC62AA237A95354828397FC9DCBB26A07AC2456876D8AD524C97DC9A3B2A9499C00A2E2C65388986DE2D3262C062A744547E67BBBA |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Size (bytes): | 53596 |
Entropy (8bit): | 7.879608410788067 |
Encrypted: | false |
MD5: | DF58042846990A1F644E8EAF20228387 |
SHA1: | CD359028C8EBA46450BB697AA1605BB994912238 |
SHA-256: | EA0318505E37077766C39447BBD1C7028D0B4DA8A4962324231867DB143144EE |
SHA-512: | 0B5EB9E88501344513CAF4A81BB8B36CD12313DAB95F121C3BB7EB49B74D95D2CD6BE64C0BBF2762043CE311A7EB53FD4FD60C83B4A6B4278D61F74952F95615 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Size (bytes): | 1024 |
Entropy (8bit): | 0.05390218305374581 |
Encrypted: | false |
MD5: | 5D4D94EE7E06BBB0AF9584119797B23A |
SHA1: | DBB111419C704F116EFA8E72471DD83E86E49677 |
SHA-256: | 4826C0D860AF884D3343CA6460B0006A7A2CE7DBCCC4D743208585D997CC5FD1 |
SHA-512: | 95F83AE84CAFCCED5EAF504546725C34D5F9710E5CA2D11761486970F2FBECCB25F9CF50BBFC272BD75E1A66A18B7783F09E1C1454AFDA519624BC2BB2F28BA4 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Size (bytes): | 2118 |
Entropy (8bit): | 0.6223600170475735 |
Encrypted: | false |
MD5: | A3E912891B3EBAA77D823917A16E0F85 |
SHA1: | 8338E5B21213E4C36DEFFC6DF1434D6FFD77DA8F |
SHA-256: | 36D89C5BBD661D226F9A6BC0D0CD841504AD32E94203F20BD77A8FA6282496BA |
SHA-512: | E787BA192D133CE97F9C666F919A696E531FAE557CCF67E1CCCB75936EAF0EC6E8C8E10F0888F929BA4721758339ECFDD41D555E1ACBCF5645C6F577F480DCF1 |
Malicious: | false |
Reputation: | low |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Size (bytes): | 162 |
Entropy (8bit): | 2.961078520155895 |
Encrypted: | false |
MD5: | 1F0584A60FA9C24867B6055FD12F0C55 |
SHA1: | 2FEDAAE200EA70F753B72788BB32836C8959EBD9 |
SHA-256: | 1962E21A769721CA64CE0EDBF40602D40B1A0FCB70CA94F63A666ADC7E75CE81 |
SHA-512: | D9E3F4E5B9356A193C6ED3EC62AA237A95354828397FC9DCBB26A07AC2456876D8AD524C97DC9A3B2A9499C00A2E2C65388986DE2D3262C062A744547E67BBBA |
Malicious: | false |
Reputation: | low |
Process: | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Size (bytes): | 8016 |
Entropy (8bit): | 3.5556092318168546 |
Encrypted: | false |
MD5: | 27CA54F1BCCF1888157C3E432208555B |
SHA1: | CC5B547791696B3A37A4FE935720957A35FCECC1 |
SHA-256: | B194F388A591AC66049A265FCE86F2BC3A207DD55A799E08460EC9BB0147F697 |
SHA-512: | 9AFAE81EA5B3C9639106F03BA9F09B5A6A4ABD4FC5A203A179FB557984D8B5F0D479B03C0C9A25F6FC721F69E9787BD82CA15BF2E515162606686B038AAF06D6 |
Malicious: | false |
Reputation: | low |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
borsacat.com | 185.2.4.75 | true | true | unknown | |
a767.dscg3.akamai.net | 23.10.249.50 | true | false | high | |
leonfurniturestore.com | 184.175.67.101 | true | false | unknown | |
www.leonfurniturestore.com | unknown | unknown | true | unknown |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
false |
| unknown | |
false |
| unknown | |
true |
| unknown |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| low | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| low | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| low | ||
false |
| low | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|
185.2.4.75 | Italy | 29550 | SIMPLYTRANSITGB | true | |
181.15.224.57 | Argentina | 7303 | TelecomArgentinaSAAR | false | |
184.175.67.101 | United States | 7393 | CYBERCON-CYBERCONINCUS | false | |
184.101.191.86 | United States | 209 | CENTURYLINK-US-LEGACY-QWEST-QwestCommunicationsCompany | false |
Static File Info |
---|
No static file info |
---|
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 12, 2019 20:12:32.337133884 CET | 54991 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:32.350378036 CET | 53 | 54991 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:33.425010920 CET | 51176 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:33.453460932 CET | 53 | 51176 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:33.470921993 CET | 49222 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:33.472393036 CET | 49223 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:34.736893892 CET | 80 | 49223 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:34.737168074 CET | 49223 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:34.738228083 CET | 49223 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:34.891047001 CET | 80 | 49223 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:34.893855095 CET | 80 | 49223 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:34.893960953 CET | 80 | 49223 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:34.894073009 CET | 49223 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:34.894273043 CET | 49223 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:34.936444998 CET | 80 | 49222 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:34.936590910 CET | 49222 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:34.960808992 CET | 49810 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:35.000349998 CET | 53 | 49810 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:35.001652956 CET | 49224 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:35.010405064 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:35.044192076 CET | 80 | 49223 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:35.147753954 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:35.147972107 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:36.264995098 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:36.403073072 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:36.409296036 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:36.409337044 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:36.409413099 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:36.409452915 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:36.409517050 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:36.428388119 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:36.567502022 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:36.567692995 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:36.893261909 CET | 55151 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:36.896470070 CET | 53216 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:36.906105042 CET | 53 | 55151 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:36.924123049 CET | 53 | 53216 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:36.938716888 CET | 49792 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:36.972624063 CET | 53 | 49792 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:37.461997032 CET | 50672 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:37.509768009 CET | 53 | 50672 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:37.520483017 CET | 54414 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:37.556268930 CET | 53 | 54414 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:38.073010921 CET | 49224 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.199223042 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.209449053 CET | 443 | 49224 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.209567070 CET | 49224 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.209943056 CET | 49224 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.346519947 CET | 443 | 49224 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.346550941 CET | 443 | 49224 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.346662998 CET | 49224 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.347173929 CET | 49224 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.377011061 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381496906 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381541967 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381571054 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381597996 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381628036 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381647110 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.381659031 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381690025 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381716013 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381725073 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.381747007 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381778955 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.381805897 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.383946896 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.404459000 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.519891977 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.519934893 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.519963980 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520019054 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.520080090 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520167112 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520174980 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.520203114 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520234108 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520265102 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520273924 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.520296097 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520327091 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520361900 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.520555973 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.520628929 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.523196936 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.523240089 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.523267031 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.523722887 CET | 443 | 49224 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.523824930 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.661611080 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.661653996 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.661681890 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.661729097 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.661731958 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.661789894 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.661818981 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.661906958 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.661945105 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.662036896 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.662110090 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.662446022 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.662484884 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.662550926 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.662586927 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.662885904 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.662925005 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.662972927 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.662992001 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.663007975 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.663037062 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.663064957 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.663511038 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.802603006 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.802645922 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.802746058 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.802802086 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.802985907 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.803025961 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.803097963 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.803121090 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.803133965 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.803186893 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.803340912 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.803400993 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804287910 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804357052 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804372072 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804390907 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804421902 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804451942 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804482937 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804486990 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804523945 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804527044 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804541111 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804557085 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.804630995 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804666042 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804680109 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.804692984 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.945195913 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.945276022 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.945305109 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.945337057 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.945382118 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.945385933 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.945413113 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.945415974 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.945430994 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.946772099 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.946821928 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.946865082 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.946897984 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.946934938 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.946949005 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.946962118 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.946974039 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.947144032 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.947177887 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.947216034 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.947232008 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.947247028 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.947253942 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:38.947278976 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:38.947371006 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.085220098 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.085269928 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.085297108 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.085324049 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.085350990 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.086508989 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.086635113 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.531497955 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.645396948 CET | 61734 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:39.648289919 CET | 55067 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:39.658978939 CET | 53 | 61734 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:39.669900894 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.669955969 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.669994116 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670030117 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670036077 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.670087099 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670118093 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670169115 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670172930 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.670213938 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670272112 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.670273066 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670305014 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670320034 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.670335054 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670365095 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670392990 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.670393944 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670424938 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670450926 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.670454979 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.670511961 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.670892954 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.675796986 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.676918983 CET | 53 | 55067 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808290958 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808342934 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808470964 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808485985 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.808516026 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808551073 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808634043 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808661938 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.808695078 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.809138060 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809196949 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809242010 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809298992 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809309959 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.809325933 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809353113 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809379101 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809405088 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809431076 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.809480906 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.810667038 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.845415115 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.946796894 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.946876049 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.946904898 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.946928978 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:12:39.946960926 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:39.947792053 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:40.152353048 CET | 49225 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:12:40.289781094 CET | 443 | 49225 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:13:01.806658983 CET | 64117 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:13:01.853526115 CET | 53 | 64117 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:13:01.888464928 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:01.919332027 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:01.919459105 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:01.920069933 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:01.951787949 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:01.956264973 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:01.958029032 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.006755114 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006795883 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006824970 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006850958 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006876945 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006905079 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006923914 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.006933928 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006968021 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.006985903 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.007011890 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.007082939 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.038960934 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039000988 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039016962 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039047003 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039062023 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039077997 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039097071 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039112091 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039125919 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039176941 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039194107 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.039225101 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.039902925 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.076041937 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.076087952 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.076107979 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.076124907 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.076138973 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.076277971 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.076328039 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.076358080 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.076384068 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.076411009 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.107306957 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.107333899 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.107351065 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.107412100 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.107464075 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.107503891 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.107542992 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.107566118 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.107580900 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.107589960 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.107599020 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.107717037 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.107765913 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.107796907 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.139389038 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.139410973 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.139532089 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.139571905 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.139628887 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.139659882 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.139688015 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.139718056 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.139746904 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.139843941 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.139883995 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.139909029 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.139981985 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.140017033 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.170738935 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.170799971 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.170850039 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.170878887 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.170900106 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.170922041 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.170958042 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.170984983 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.171010971 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.171034098 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.171149015 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.171194077 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.172239065 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.201862097 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.201901913 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.201931000 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.201991081 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.202039957 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.202102900 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.202116966 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.202146053 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.202984095 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.203037024 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.203092098 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.203305960 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.233059883 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.233098030 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.233129978 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.233158112 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.233203888 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.233372927 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.234075069 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.234112024 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.234138012 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.234164000 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.234210968 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.234651089 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.234692097 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.234857082 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.263885975 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.263923883 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.263951063 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.263986111 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.264024973 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.265382051 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.265422106 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.265467882 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.265479088 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.265522003 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.265558004 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.265583992 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.265613079 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.295144081 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.295181036 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.295206070 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.295231104 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.295269966 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.296350956 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.296458960 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.296538115 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.296545029 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.296588898 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.296638012 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.296678066 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.296685934 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.296756029 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.326261044 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.326420069 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.326483011 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.326495886 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.326517105 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.326586962 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.327299118 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.327351093 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.327406883 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.327444077 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.327464104 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.327493906 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.327568054 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.327615023 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.340084076 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.399004936 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.399046898 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.399075985 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.399102926 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.399158001 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.399234056 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.399301052 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.399317026 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.399728060 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.429800034 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.429843903 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.429896116 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.429927111 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.429941893 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.429958105 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.429974079 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.430259943 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.430289030 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.430305958 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.430403948 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.430440903 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.430474043 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.430723906 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.461740017 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.461788893 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.461831093 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.461982012 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.462133884 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.462178946 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.462205887 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.462209940 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.462239981 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.462270021 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.462316036 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.462354898 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.462359905 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.462373018 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.466866970 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.493976116 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.494275093 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.494358063 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.494430065 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.494455099 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.494515896 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.494545937 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.494558096 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.494575024 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.494627953 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.499057055 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.499097109 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.499140978 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.526432037 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.526487112 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.526561975 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.526588917 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.526612043 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.526659012 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.526700974 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.526722908 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.526746035 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.526820898 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.529714108 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.529756069 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.529813051 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.529845953 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.558239937 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.558300972 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.558340073 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.558448076 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.558506012 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.558526993 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.558554888 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.558558941 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.558702946 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.558746099 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.560910940 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.560942888 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.561152935 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.561230898 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.589127064 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.589169025 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.589195967 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.589226961 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.589257002 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.589359999 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.591973066 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.621845961 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.621912003 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.621939898 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.621982098 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.622011900 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.622028112 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.622040987 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.623708963 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.654042006 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.654083967 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.654110909 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.654136896 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.654263973 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.655940056 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.655981064 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.656122923 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.685142994 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.685184956 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.685213089 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.685239077 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.685384035 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.685436964 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.685463905 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.685491085 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.687490940 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.687531948 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.687704086 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.687756062 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.716766119 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.716830969 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.716860056 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.716891050 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.716938019 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.716999054 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.717036009 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.719222069 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.719263077 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.719413042 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.719485044 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.748128891 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.748200893 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.748235941 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.748271942 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.748399019 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.750556946 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.756611109 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:02.779481888 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.779517889 CET | 80 | 49231 | 185.2.4.75 | 192.168.1.16 |
Feb 12, 2019 20:13:02.779716015 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:03.552023888 CET | 49231 | 80 | 192.168.1.16 | 185.2.4.75 |
Feb 12, 2019 20:13:04.939016104 CET | 80 | 49222 | 184.175.67.101 | 192.168.1.16 |
Feb 12, 2019 20:13:04.939162970 CET | 49222 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:13:32.183868885 CET | 62987 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:13:32.211658001 CET | 53 | 62987 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:13:32.261043072 CET | 49234 | 443 | 192.168.1.16 | 184.101.191.86 |
Feb 12, 2019 20:13:35.275908947 CET | 49234 | 443 | 192.168.1.16 | 184.101.191.86 |
Feb 12, 2019 20:13:41.291460991 CET | 49234 | 443 | 192.168.1.16 | 184.101.191.86 |
Feb 12, 2019 20:13:49.975699902 CET | 49222 | 80 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:13:49.975836992 CET | 49224 | 443 | 192.168.1.16 | 184.175.67.101 |
Feb 12, 2019 20:13:53.374639988 CET | 49235 | 443 | 192.168.1.16 | 184.101.191.86 |
Feb 12, 2019 20:13:56.369808912 CET | 49235 | 443 | 192.168.1.16 | 184.101.191.86 |
Feb 12, 2019 20:14:02.448437929 CET | 49235 | 443 | 192.168.1.16 | 184.101.191.86 |
Feb 12, 2019 20:14:18.295737028 CET | 49236 | 80 | 192.168.1.16 | 181.15.224.57 |
Feb 12, 2019 20:14:21.306782007 CET | 49236 | 80 | 192.168.1.16 | 181.15.224.57 |
Feb 12, 2019 20:14:27.306844950 CET | 49236 | 80 | 192.168.1.16 | 181.15.224.57 |
Feb 12, 2019 20:14:32.188111067 CET | 80 | 49236 | 181.15.224.57 | 192.168.1.16 |
Feb 12, 2019 20:14:32.188301086 CET | 49236 | 80 | 192.168.1.16 | 181.15.224.57 |
Feb 12, 2019 20:14:33.609991074 CET | 49236 | 80 | 192.168.1.16 | 181.15.224.57 |
Feb 12, 2019 20:14:35.801887035 CET | 80 | 49236 | 181.15.224.57 | 192.168.1.16 |
Feb 12, 2019 20:14:44.746947050 CET | 80 | 49236 | 181.15.224.57 | 192.168.1.16 |
Feb 12, 2019 20:14:44.747045994 CET | 49236 | 80 | 192.168.1.16 | 181.15.224.57 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 12, 2019 20:12:32.337133884 CET | 54991 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:32.350378036 CET | 53 | 54991 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:33.425010920 CET | 51176 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:33.453460932 CET | 53 | 51176 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:34.960808992 CET | 49810 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:35.000349998 CET | 53 | 49810 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:36.893261909 CET | 55151 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:36.896470070 CET | 53216 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:36.906105042 CET | 53 | 55151 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:36.924123049 CET | 53 | 53216 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:36.938716888 CET | 49792 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:36.972624063 CET | 53 | 49792 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:37.461997032 CET | 50672 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:37.509768009 CET | 53 | 50672 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:37.520483017 CET | 54414 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:37.556268930 CET | 53 | 54414 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:39.645396948 CET | 61734 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:39.648289919 CET | 55067 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:12:39.658978939 CET | 53 | 61734 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:12:39.676918983 CET | 53 | 55067 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:13:01.806658983 CET | 64117 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:13:01.853526115 CET | 53 | 64117 | 8.8.8.8 | 192.168.1.16 |
Feb 12, 2019 20:13:32.183868885 CET | 62987 | 53 | 192.168.1.16 | 8.8.8.8 |
Feb 12, 2019 20:13:32.211658001 CET | 53 | 62987 | 8.8.8.8 | 192.168.1.16 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Feb 12, 2019 20:12:33.425010920 CET | 192.168.1.16 | 8.8.8.8 | 0x747a | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 12, 2019 20:12:34.960808992 CET | 192.168.1.16 | 8.8.8.8 | 0xa374 | Standard query (0) | A (IP address) | IN (0x0001) | |
Feb 12, 2019 20:13:01.806658983 CET | 192.168.1.16 | 8.8.8.8 | 0x176c | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Feb 12, 2019 20:12:33.453460932 CET | 8.8.8.8 | 192.168.1.16 | 0x747a | No error (0) | 184.175.67.101 | A (IP address) | IN (0x0001) | ||
Feb 12, 2019 20:12:35.000349998 CET | 8.8.8.8 | 192.168.1.16 | 0xa374 | No error (0) | leonfurniturestore.com | CNAME (Canonical name) | IN (0x0001) | ||
Feb 12, 2019 20:12:35.000349998 CET | 8.8.8.8 | 192.168.1.16 | 0xa374 | No error (0) | 184.175.67.101 | A (IP address) | IN (0x0001) | ||
Feb 12, 2019 20:12:37.509768009 CET | 8.8.8.8 | 192.168.1.16 | 0x61b3 | No error (0) | 23.10.249.50 | A (IP address) | IN (0x0001) | ||
Feb 12, 2019 20:12:37.509768009 CET | 8.8.8.8 | 192.168.1.16 | 0x61b3 | No error (0) | 23.10.249.17 | A (IP address) | IN (0x0001) | ||
Feb 12, 2019 20:13:01.853526115 CET | 8.8.8.8 | 192.168.1.16 | 0x176c | No error (0) | 185.2.4.75 | A (IP address) | IN (0x0001) | ||
Feb 12, 2019 20:13:32.211658001 CET | 8.8.8.8 | 192.168.1.16 | 0x2bd1 | No error (0) | cs9.wpc.v0cdn.net | CNAME (Canonical name) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.1.16 | 49223 | 184.175.67.101 | 80 | C:\Program Files\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Feb 12, 2019 20:12:34.738228083 CET | 0 | OUT | |
Feb 12, 2019 20:12:34.893855095 CET | 1 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.1.16 | 49231 | 185.2.4.75 | 80 | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Feb 12, 2019 20:13:01.920069933 CET | 217 | OUT | |
Feb 12, 2019 20:13:01.956264973 CET | 218 | IN | |
Feb 12, 2019 20:13:01.958029032 CET | 218 | OUT | |
Feb 12, 2019 20:13:02.006755114 CET | 219 | IN |