Analysis Overview
SHA256
7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f
Threat Level: Known bad
The file 7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f was found to be: Known bad.
Malicious Activity Summary
SmokeLoader
Amadey
Detect ZGRat V1
Pitou
DcRat
Lumma Stealer
ZGRat
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Downloads MZ/PE file
Blocklisted process makes network request
Reads data files stored by FTP clients
UPX packed file
Deletes itself
Loads dropped DLL
Identifies Wine through registry keys
Executes dropped EXE
Reads user/profile data of web browsers
Reads WinSCP keys stored on the system
Checks BIOS information in registry
Reads local data of messenger clients
Checks installed software on the system
Adds Run key to start application
Writes to the Master Boot Record (MBR)
Accesses cryptocurrency files/wallets, possible credential harvesting
Legitimate hosting services abused for malware hosting/C2
Suspicious use of SetThreadContext
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Windows directory
Enumerates physical storage devices
Unsigned PE
Program crash
Checks processor information in registry
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious behavior: GetForegroundWindowSpam
Creates scheduled task(s)
Checks SCSI registry key(s)
Suspicious use of SetWindowsHookEx
Runs ping.exe
Uses Task Scheduler COM API
Suspicious behavior: MapViewOfSection
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-03-14 05:05
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-14 05:05
Reported
2024-03-14 05:10
Platform
win7-20240221-en
Max time kernel
318s
Max time network
330s
Command Line
Signatures
Amadey
Detect ZGRat V1
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Pitou
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
SmokeLoader
ZGRat
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
Downloads MZ/PE file
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
Deletes itself
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\5228.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\5228.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7533.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\B2B0.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\B9D2.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\C613.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\DBB6.exe | N/A |
Identifies Wine through registry keys
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000\Software\Wine | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\5228.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\5228.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\CSRSS = "\"C:\\ProgramData\\Drivers\\csrss.exe\"" | C:\Users\Admin\AppData\Local\Temp\5228.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Users\Admin\AppData\Local\Temp\B9D2.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 1772 set thread context of 1648 | N/A | C:\Users\Admin\AppData\Local\Temp\5228.exe | C:\Users\Admin\AppData\Local\Temp\5228.exe |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\explorgu.job | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\7533.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\368B.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe
"C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe"
C:\Users\Admin\AppData\Local\Temp\368B.exe
C:\Users\Admin\AppData\Local\Temp\368B.exe
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\48A5.dll
C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\48A5.dll
C:\Users\Admin\AppData\Local\Temp\5228.exe
C:\Users\Admin\AppData\Local\Temp\5228.exe
C:\Users\Admin\AppData\Local\Temp\5228.exe
C:\Users\Admin\AppData\Local\Temp\5228.exe
C:\Users\Admin\AppData\Local\Temp\7533.exe
C:\Users\Admin\AppData\Local\Temp\7533.exe
C:\Users\Admin\AppData\Local\Temp\B2B0.exe
C:\Users\Admin\AppData\Local\Temp\B2B0.exe
C:\Users\Admin\AppData\Local\Temp\B9D2.exe
C:\Users\Admin\AppData\Local\Temp\B9D2.exe
C:\Users\Admin\AppData\Local\Temp\C613.exe
C:\Users\Admin\AppData\Local\Temp\C613.exe
C:\Users\Admin\AppData\Local\Temp\DBB6.exe
C:\Users\Admin\AppData\Local\Temp\DBB6.exe
C:\Users\Admin\AppData\Local\Temp\is-M25FA.tmp\DBB6.tmp
"C:\Users\Admin\AppData\Local\Temp\is-M25FA.tmp\DBB6.tmp" /SL5="$801F4,1678053,54272,C:\Users\Admin\AppData\Local\Temp\DBB6.exe"
C:\Users\Admin\AppData\Local\Temp\FD4B.exe
C:\Users\Admin\AppData\Local\Temp\FD4B.exe
C:\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe
"C:\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe"
C:\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe
"C:\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe" -i
C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
"C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe"
C:\Users\Admin\AppData\Local\Temp\april.exe
"C:\Users\Admin\AppData\Local\Temp\april.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1376 -s 580
C:\Users\Admin\AppData\Local\Temp\8A00.exe
C:\Users\Admin\AppData\Local\Temp\8A00.exe
C:\Users\Admin\AppData\Local\Temp\is-UBEUJ.tmp\april.tmp
"C:\Users\Admin\AppData\Local\Temp\is-UBEUJ.tmp\april.tmp" /SL5="$70160,1697899,56832,C:\Users\Admin\AppData\Local\Temp\april.exe"
C:\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe
"C:\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe" -s
C:\Users\Admin\AppData\Local\Temp\u19g.0.exe
"C:\Users\Admin\AppData\Local\Temp\u19g.0.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | selebration17io.io | udp |
| RU | 91.215.85.120:80 | selebration17io.io | tcp |
| RU | 185.215.113.45:80 | 185.215.113.45 | tcp |
| US | 50.7.8.141:443 | tcp | |
| N/A | 127.0.0.1:49293 | tcp | |
| FI | 65.21.5.137:447 | tcp | |
| LU | 107.189.14.106:9001 | tcp | |
| FR | 62.210.97.21:443 | tcp | |
| FI | 65.21.5.137:447 | tcp | |
| LU | 107.189.14.106:9001 | tcp | |
| N/A | 127.0.0.1:32677 | tcp | |
| DE | 185.172.128.19:80 | 185.172.128.19 | tcp |
| US | 8.8.8.8:53 | midnight.bestsup.su | udp |
| US | 104.21.29.103:80 | midnight.bestsup.su | tcp |
| US | 8.8.8.8:53 | recruiting.transnet.net | udp |
| US | 8.8.8.8:53 | login.ihserc.com | udp |
| US | 8.8.8.8:53 | backoffice.plexusworldwide.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| N/A | 127.0.0.1:32677 | tcp | |
| N/A | 127.0.0.1:32677 | tcp | |
| N/A | 127.0.0.1:32677 | tcp | |
| N/A | 127.0.0.1:32677 | tcp | |
| N/A | 127.0.0.1:49386 | tcp | |
| N/A | 127.0.0.1:49393 | tcp | |
| N/A | 127.0.0.1:49397 | tcp | |
| N/A | 127.0.0.1:49401 | tcp | |
| N/A | 127.0.0.1:49406 | tcp | |
| N/A | 127.0.0.1:49411 | tcp | |
| N/A | 127.0.0.1:49417 | tcp | |
| N/A | 127.0.0.1:49423 | tcp | |
| N/A | 127.0.0.1:49430 | tcp | |
| N/A | 127.0.0.1:49432 | tcp | |
| N/A | 127.0.0.1:49438 | tcp | |
| US | 8.8.8.8:53 | login.ihserc.com | udp |
| US | 8.8.8.8:53 | recruiting.transnet.net | udp |
| US | 8.8.8.8:53 | recruiting.transnet.net | udp |
| US | 8.8.8.8:53 | backoffice.plexusworldwide.com | udp |
| US | 8.8.8.8:53 | muziekgallerij.biz | udp |
| US | 8.8.8.8:53 | inloggen.centraalbeheer.nl | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | inloggen.centraalbeheer.nl | udp |
| US | 8.8.8.8:53 | consumidorpositivo.com.br | udp |
| US | 8.8.8.8:53 | muziekgallerij.biz | udp |
| US | 8.8.8.8:53 | muziekgallerij.biz | udp |
| US | 8.8.8.8:53 | consumidorpositivo.com.br | udp |
| US | 8.8.8.8:53 | iptv4web.net | udp |
| US | 8.8.8.8:53 | animeflv.net | udp |
| US | 8.8.8.8:53 | alt3.gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | iptv4web.net | udp |
| US | 8.8.8.8:53 | renuevo.yoigo.com | udp |
| US | 8.8.8.8:53 | iptv4web.net | udp |
| US | 8.8.8.8:53 | renuevo.yoigo.com | udp |
| US | 8.8.8.8:53 | animeflv.net | udp |
| US | 8.8.8.8:53 | aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | getpaidto.com | udp |
| US | 8.8.8.8:53 | wifi.fbmi.cvut.cz | udp |
| US | 8.8.8.8:53 | getpaidto.com | udp |
| US | 8.8.8.8:53 | sammobile.com | udp |
| US | 8.8.8.8:53 | driveandlife.mercedes-benz.de | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | gradapp.clarkson.edu | udp |
| US | 8.8.8.8:53 | alt1.aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | wifi.fbmi.cvut.cz | udp |
| US | 8.8.8.8:53 | wifi.fbmi.cvut.cz | udp |
| US | 8.8.8.8:53 | sammobile.com | udp |
| US | 8.8.8.8:53 | sammobile.com | udp |
| US | 8.8.8.8:53 | getpaidto-com.mail.protection.outlook.com | udp |
| US | 8.8.8.8:53 | driveandlife.mercedes-benz.de | udp |
| US | 8.8.8.8:53 | driveandlife.mercedes-benz.de | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | gradapp.clarkson.edu | udp |
| US | 8.8.8.8:53 | srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | geometrinrete.it | udp |
| US | 8.8.8.8:53 | portal.kenoby.com | udp |
| US | 8.8.8.8:53 | secure01c.chase.com | udp |
| US | 8.8.8.8:53 | geometrinrete.it | udp |
| US | 8.8.8.8:53 | geometrinrete.it | udp |
| US | 8.8.8.8:53 | us-smtp-inbound-1.mimecast.com | udp |
| US | 8.8.8.8:53 | portal.kenoby.com | udp |
| US | 8.8.8.8:53 | secure01c.chase.com | udp |
| US | 34.198.122.35:465 | gradapp.clarkson.edu | tcp |
| FR | 52.222.169.58:21 | portal.kenoby.com | tcp |
| DE | 85.115.23.186:995 | driveandlife.mercedes-benz.de | tcp |
| EC | 190.152.216.14:143 | srienlinea.sri.gob.ec | tcp |
| US | 159.53.232.29:22 | secure01c.chase.com | tcp |
| FR | 52.222.169.58:443 | portal.kenoby.com | tcp |
| EC | 190.152.216.14:465 | srienlinea.sri.gob.ec | tcp |
| US | 34.198.122.35:995 | gradapp.clarkson.edu | tcp |
| US | 8.8.8.8:53 | sportdafa.net | udp |
| US | 8.8.8.8:53 | mho.sutterhealth.org | udp |
| US | 8.8.8.8:53 | lightxz.com | udp |
| US | 8.8.8.8:53 | pvpro.com | udp |
| US | 8.8.8.8:53 | mho.sutterhealth.org | udp |
| US | 8.8.8.8:53 | sportdafa.net | udp |
| US | 8.8.8.8:53 | mail.cassageometri.it | udp |
| US | 8.8.8.8:53 | lightxz.com | udp |
| US | 8.8.8.8:53 | sportdafa.net | udp |
| FR | 52.222.169.125:21 | portal.kenoby.com | tcp |
| US | 198.217.74.193:22 | mho.sutterhealth.org | tcp |
| US | 159.53.232.29:443 | secure01c.chase.com | tcp |
| US | 8.8.8.8:53 | pvpro.com | udp |
| US | 8.8.8.8:53 | gupy.io | udp |
| US | 159.53.232.29:21 | secure01c.chase.com | tcp |
| EC | 190.152.216.14:80 | srienlinea.sri.gob.ec | tcp |
| EC | 190.152.216.14:995 | srienlinea.sri.gob.ec | tcp |
| IT | 93.34.10.196:143 | mail.cassageometri.it | tcp |
| US | 172.67.131.234:22 | lightxz.com | tcp |
| IT | 93.34.10.196:465 | mail.cassageometri.it | tcp |
| TW | 110.50.231.130:22 | sportdafa.net | tcp |
| NL | 142.251.9.14:143 | alt3.gmr-smtp-in.l.google.com | tcp |
| TW | 110.50.231.130:21 | sportdafa.net | tcp |
| US | 198.217.74.193:21 | mho.sutterhealth.org | tcp |
| US | 159.53.232.29:143 | secure01c.chase.com | tcp |
| FR | 52.222.169.58:143 | portal.kenoby.com | tcp |
| EC | 190.152.216.14:80 | srienlinea.sri.gob.ec | tcp |
| IT | 93.34.10.196:995 | mail.cassageometri.it | tcp |
| US | 159.53.232.29:465 | secure01c.chase.com | tcp |
| NL | 142.251.9.14:465 | alt3.gmr-smtp-in.l.google.com | tcp |
| US | 172.67.131.234:21 | lightxz.com | tcp |
| FR | 52.222.169.58:465 | portal.kenoby.com | tcp |
| US | 8.8.8.8:53 | exaysro.com | udp |
| US | 8.8.8.8:53 | imgflip.com | udp |
| US | 75.2.60.5:22 | pvpro.com | tcp |
| US | 104.21.12.29:22 | lightxz.com | tcp |
| US | 8.8.8.8:53 | exaysro.com | udp |
| US | 8.8.8.8:53 | vampire.rinetworks.org | udp |
| FR | 52.222.169.125:143 | portal.kenoby.com | tcp |
| US | 104.21.12.29:21 | lightxz.com | tcp |
| US | 159.53.232.29:995 | secure01c.chase.com | tcp |
| US | 8.8.8.8:53 | imgflip.com | udp |
| US | 8.8.8.8:53 | _dc-mx.9d6b731d98a0.lightxz.com | udp |
| US | 8.8.8.8:53 | websec01.esl-asia.com | udp |
| FR | 52.222.169.125:465 | portal.kenoby.com | tcp |
| EC | 190.152.216.14:143 | srienlinea.sri.gob.ec | tcp |
| DE | 88.99.26.79:22 | exaysro.com | tcp |
| US | 8.8.8.8:53 | elearning.esgee-oran.dz | udp |
| US | 8.8.8.8:53 | ftp.inloggen.centraalbeheer.nl | udp |
| US | 8.8.8.8:53 | platinum.lcfhc.com | udp |
| DE | 88.99.26.79:21 | exaysro.com | tcp |
| US | 8.8.8.8:53 | ftp.muziekgallerij.biz | udp |
| US | 8.8.8.8:53 | elearning.esgee-oran.dz | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | vampire.rinetworks.org | udp |
| US | 8.8.8.8:53 | ridgeattahoeresort.hotelwifi.com | udp |
| US | 8.8.8.8:53 | trmpc.com | udp |
| US | 8.8.8.8:53 | platinum.lcfhc.com | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| IT | 93.34.10.228:80 | geometrinrete.it | tcp |
| US | 8.8.8.8:53 | games.ladbrokes.com | udp |
| AR | 190.220.21.28:80 | trmpc.com | tcp |
| FR | 52.222.169.58:80 | portal.kenoby.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 159.53.232.29:80 | secure01c.chase.com | tcp |
| GB | 23.48.165.132:22 | secure03b.chase.com | tcp |
| US | 172.67.131.234:80 | lightxz.com | tcp |
| US | 198.217.74.193:80 | mho.sutterhealth.org | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| BE | 108.177.15.26:143 | aspmx.l.google.com | tcp |
| NL | 142.251.9.14:143 | alt3.gmr-smtp-in.l.google.com | tcp |
| FR | 52.222.169.58:143 | portal.kenoby.com | tcp |
| US | 8.8.8.8:53 | ridgeattahoeresort.hotelwifi.com | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | vi-vn.facebook.com | udp |
| US | 8.8.8.8:53 | yunpanjingling.com | udp |
| US | 8.8.8.8:53 | docsity.com | udp |
| US | 8.8.8.8:53 | srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | games.ladbrokes.com | udp |
| US | 8.8.8.8:53 | games.ladbrokes.com | udp |
| US | 8.8.8.8:53 | www.geometrinrete.it | udp |
| US | 8.8.8.8:53 | ssh.inloggen.centraalbeheer.nl | udp |
| US | 8.8.8.8:53 | vi-vn.facebook.com | udp |
| US | 8.8.8.8:53 | srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | ssh.muziekgallerij.biz | udp |
| US | 8.8.8.8:53 | mail.inloggen.centraalbeheer.nl | udp |
| US | 8.8.8.8:53 | mx156.hostedmxserver.com | udp |
| US | 8.8.8.8:53 | yunpanjingling.com | udp |
| US | 8.8.8.8:53 | recruiting.transnet.net | udp |
| US | 8.8.8.8:53 | mail.muziekgallerij.biz | udp |
| US | 8.8.8.8:53 | yunpanjingling.com | udp |
| US | 8.8.8.8:53 | ftp.wifi.fbmi.cvut.cz | udp |
| US | 75.2.60.5:80 | pvpro.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | docsity.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| TW | 110.50.231.130:80 | sportdafa.net | tcp |
| IT | 93.34.10.228:443 | www.geometrinrete.it | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IT | 93.34.10.228:80 | www.geometrinrete.it | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.18.255.14:80 | imgflip.com | tcp |
| US | 198.217.74.193:443 | mho.sutterhealth.org | tcp |
| US | 8.8.8.8:53 | lootbits.io | udp |
| US | 8.8.8.8:53 | quiubi.it | udp |
| US | 8.8.8.8:53 | lootbits.io | udp |
| FR | 52.222.169.58:443 | portal.kenoby.com | tcp |
| DE | 88.99.26.79:80 | exaysro.com | tcp |
| DE | 88.99.26.79:80 | exaysro.com | tcp |
| US | 172.67.131.234:443 | lightxz.com | tcp |
| EC | 190.152.216.14:80 | srienlinea.sri.gob.ec | tcp |
| GB | 23.48.165.132:80 | secure03b.chase.com | tcp |
| US | 67.227.226.240:80 | platinum.lcfhc.com | tcp |
| US | 75.140.39.18:80 | ridgeattahoeresort.hotelwifi.com | tcp |
| US | 8.8.8.8:53 | ad2prosper.com | udp |
| US | 8.8.8.8:53 | ad2prosper.com | udp |
| DE | 161.97.135.201:80 | elearning.esgee-oran.dz | tcp |
| EC | 190.152.216.14:80 | srienlinea.sri.gob.ec | tcp |
| US | 159.53.232.29:80 | secure01c.chase.com | tcp |
| AT | 195.72.134.91:80 | games.ladbrokes.com | tcp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | quiubi.it | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | kwork.com | udp |
| US | 8.8.8.8:53 | new.edmodo.com | udp |
| US | 8.8.8.8:53 | papp.csps-efpc.gc.ca | udp |
| US | 8.8.8.8:53 | kolabjar-asnpintar.lan.go.id | udp |
| US | 8.8.8.8:53 | admission1cet2019.mahacet.org.in | udp |
| US | 8.8.8.8:53 | na.wargaming.net | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | windscribe.com | udp |
| US | 8.8.8.8:53 | login.uptobox.com | udp |
| US | 8.8.8.8:53 | mail.wifi.fbmi.cvut.cz | udp |
| US | 8.8.8.8:53 | kwork.com | udp |
| US | 8.8.8.8:53 | sutterhealth.org | udp |
| US | 8.8.8.8:53 | mx2.hc576-90.c3s2.iphmx.com | udp |
| US | 8.8.8.8:53 | mx2.hc576-90.c3s2.iphmx.com | udp |
| US | 8.8.8.8:53 | www.ladbrokes.com | udp |
| US | 8.8.8.8:53 | papp.csps-efpc.gc.ca | udp |
| US | 8.8.8.8:53 | mail.tokenrush.com | udp |
| US | 8.8.8.8:53 | mail.tokenrush.com | udp |
| US | 8.8.8.8:53 | ww7.lcfhc.com | udp |
| US | 8.8.8.8:53 | new.edmodo.com | udp |
| US | 8.8.8.8:53 | _dc-mx.1e0587fad4b6.ad2prosper.com | udp |
| US | 8.8.8.8:53 | kolabjar-asnpintar.lan.go.id | udp |
| US | 8.8.8.8:53 | _dc-mx.1e0587fad4b6.ad2prosper.com | udp |
| US | 8.8.8.8:53 | na.wargaming.net | udp |
| US | 8.8.8.8:53 | kolabjar-asnpintar.lan.go.id | udp |
| US | 8.8.8.8:53 | admission1cet2019.mahacet.org.in | udp |
| US | 8.8.8.8:53 | kolabjar-asnpintar.lan.go.id | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | windscribe.com | udp |
| US | 104.18.255.14:443 | imgflip.com | tcp |
| US | 8.8.8.8:53 | login.uptobox.com | udp |
| US | 8.8.8.8:53 | login.uptobox.com | udp |
| US | 8.8.8.8:53 | track.saferoad.net | udp |
| US | 8.8.8.8:53 | supraforums.com | udp |
| US | 75.140.39.18:80 | ridgeattahoeresort.hotelwifi.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 162.159.135.232:80 | discord.com | tcp |
| US | 69.16.230.226:80 | yunpanjingling.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 199.59.243.225:80 | ww7.lcfhc.com | tcp |
| DE | 88.99.26.79:80 | exaysro.com | tcp |
| IT | 193.41.205.114:80 | quiubi.it | tcp |
| IT | 93.34.10.228:80 | www.geometrinrete.it | tcp |
| US | 8.8.8.8:53 | track.saferoad.net | udp |
| US | 8.8.8.8:53 | supraforums.com | udp |
| US | 8.8.8.8:53 | meine.sbk.org | udp |
| US | 8.8.8.8:53 | equipodelideres.com | udp |
| US | 8.8.8.8:53 | portaleargo.it | udp |
| US | 8.8.8.8:53 | watchfaces.be | udp |
| US | 8.8.8.8:53 | ftp.sportdafa.net | udp |
| US | 8.8.8.8:53 | member.hide.me | udp |
| US | 8.8.8.8:53 | persona.patria.org.ve | udp |
| GB | 23.48.165.149:80 | secure03b.chase.com | tcp |
| US | 69.16.230.226:80 | yunpanjingling.com | tcp |
| BE | 108.177.15.26:143 | aspmx.l.google.com | tcp |
| US | 76.76.21.61:22 | track.saferoad.net | tcp |
| FR | 52.222.149.46:80 | docsity.com | tcp |
| US | 172.67.171.232:80 | ad2prosper.com | tcp |
| US | 172.67.131.234:80 | lightxz.com | tcp |
| EC | 190.152.216.14:80 | srienlinea.sri.gob.ec | tcp |
| GB | 163.70.147.22:80 | vi-vn.facebook.com | tcp |
| US | 198.217.74.193:443 | mho.sutterhealth.org | tcp |
| US | 104.18.138.44:443 | www.ladbrokes.com | tcp |
| US | 8.8.8.8:53 | pokemon-planet.com | udp |
| US | 76.76.21.142:22 | track.saferoad.net | tcp |
| DE | 161.97.135.201:80 | elearning.esgee-oran.dz | tcp |
| US | 75.2.60.5:80 | pvpro.com | tcp |
| US | 172.67.196.236:80 | lootbits.io | tcp |
| DE | 88.99.26.79:80 | exaysro.com | tcp |
| AT | 195.72.134.91:222 | games.ladbrokes.com | tcp |
| US | 172.67.131.234:990 | lightxz.com | tcp |
| DE | 161.97.135.201:443 | elearning.esgee-oran.dz | tcp |
| US | 172.67.29.218:443 | login.uptobox.com | tcp |
| US | 104.21.12.29:990 | lightxz.com | tcp |
| US | 104.22.30.128:443 | login.uptobox.com | tcp |
| US | 8.8.8.8:53 | proxy-nl.hide.me | udp |
| AT | 195.72.135.91:222 | games.ladbrokes.com | tcp |
| US | 67.227.226.240:80 | platinum.lcfhc.com | tcp |
| US | 8.8.8.8:53 | portal.kenoby.com | udp |
| US | 199.59.243.225:80 | ww7.lcfhc.com | tcp |
| US | 8.8.8.8:53 | meine.sbk.org | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | mailgw.mirafox.ru | udp |
| US | 8.8.8.8:53 | linkomanija.net | udp |
| US | 8.8.8.8:53 | kidsgetmoney.co | udp |
| US | 8.8.8.8:53 | sigatuljamea.net | udp |
| US | 8.8.8.8:53 | abacus.rblbank.com | udp |
| US | 8.8.8.8:53 | snipe.games | udp |
| US | 8.8.8.8:53 | util01.verticalscope.com | udp |
| US | 8.8.8.8:53 | ftp.secure01c.chase.com | udp |
| US | 8.8.8.8:53 | mail.driveandlife.mercedes-benz.de | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | watchfaces.be | udp |
| US | 8.8.8.8:53 | mailgw.mirafox.ru | udp |
| US | 8.8.8.8:53 | watchfaces.be | udp |
| US | 8.8.8.8:53 | watchfaces.be | udp |
| US | 8.8.8.8:53 | ftp.elearning.esgee-oran.dz | udp |
| US | 8.8.8.8:53 | equipodelideres.com | udp |
| US | 8.8.8.8:53 | persona.patria.org.ve | udp |
| US | 8.8.8.8:53 | portaleargo.it | udp |
| US | 8.8.8.8:53 | gupy.io | udp |
| US | 8.8.8.8:53 | pokemon-planet.com | udp |
| US | 8.8.8.8:53 | member.hide.me | udp |
| US | 8.8.8.8:53 | srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | mail.srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | backoffice.plexusworldwide.com | udp |
| US | 8.8.8.8:53 | portaleargo.it | udp |
| US | 8.8.8.8:53 | alt1.gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | ftp.portal.kenoby.com | udp |
| US | 8.8.8.8:53 | proxy-nl.hide.me | udp |
| IT | 193.41.205.114:80 | quiubi.it | tcp |
| US | 172.67.171.232:80 | ad2prosper.com | tcp |
| US | 8.8.8.8:53 | ssh.wifi.fbmi.cvut.cz | udp |
| US | 8.8.8.8:53 | mail.secure01c.chase.com | udp |
| US | 8.8.8.8:53 | vi-vn.facebook.com | udp |
| US | 8.8.8.8:53 | mail.gradapp.clarkson.edu | udp |
| US | 8.8.8.8:53 | alt3.gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | snipe.games | udp |
| US | 8.8.8.8:53 | ftp.mho.sutterhealth.org | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | abacus.rblbank.com | udp |
| US | 8.8.8.8:53 | linkomanija.net | udp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 159.53.232.29:80 | secure01c.chase.com | tcp |
| TW | 110.50.231.130:443 | sportdafa.net | tcp |
| US | 172.67.29.218:80 | login.uptobox.com | tcp |
| US | 104.20.93.59:80 | windscribe.com | tcp |
| ID | 103.123.66.203:80 | kolabjar-asnpintar.lan.go.id | tcp |
| US | 104.18.255.14:80 | imgflip.com | tcp |
| IT | 93.34.10.228:80 | www.geometrinrete.it | tcp |
| US | 76.76.21.61:80 | track.saferoad.net | tcp |
| NL | 93.171.200.41:80 | kwork.com | tcp |
| US | 92.223.56.72:80 | na.wargaming.net | tcp |
| US | 151.101.65.91:80 | supraforums.com | tcp |
| US | 159.53.232.29:80 | secure01c.chase.com | tcp |
| DE | 192.248.187.111:80 | member.hide.me | tcp |
| US | 8.8.8.8:53 | sportybet.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | spool.mail.gandi.net | udp |
| US | 8.8.8.8:53 | indihome.co.id | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | games.ladbrokes.com | udp |
| US | 8.8.8.8:53 | sigatuljamea.net | udp |
| ID | 103.123.66.203:80 | kolabjar-asnpintar.lan.go.id | tcp |
| US | 104.18.255.14:80 | imgflip.com | tcp |
| US | 76.76.21.61:80 | track.saferoad.net | tcp |
| DE | 192.248.187.111:80 | member.hide.me | tcp |
| DE | 46.4.33.44:80 | watchfaces.be | tcp |
| DE | 83.125.32.46:80 | meine.sbk.org | tcp |
| GB | 92.123.241.50:80 | store.steampowered.com | tcp |
| GB | 23.214.154.77:80 | steamcommunity.com | tcp |
| VE | 190.205.112.69:80 | persona.patria.org.ve | tcp |
| US | 67.227.226.240:80 | platinum.lcfhc.com | tcp |
| US | 172.67.68.54:80 | pokemon-planet.com | tcp |
| US | 8.8.8.8:53 | leadlyf.in | udp |
| US | 8.8.8.8:53 | shopee.co.id | udp |
| US | 8.8.8.8:53 | zzcartoon.com | udp |
| US | 8.8.8.8:53 | games.ladbrokes.com | udp |
| US | 8.8.8.8:53 | patria.org.ve | udp |
| US | 8.8.8.8:53 | kidsgetmoney.co | udp |
| US | 8.8.8.8:53 | metin2alaska.ro | udp |
| US | 8.8.8.8:53 | kidsgetmoney.co | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | abacus.rblbank.com | udp |
| US | 8.8.8.8:53 | srienlinea.sri.gob.ec | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | docsity.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | leadlyf.in | udp |
| US | 8.8.8.8:53 | kwork.com | udp |
| US | 8.8.8.8:53 | ftp.vampire.rinetworks.org | udp |
| US | 8.8.8.8:53 | shopee.co.id | udp |
| US | 8.8.8.8:53 | ftp.platinum.lcfhc.com | udp |
| US | 8.8.8.8:53 | ftp.pvpro.com | udp |
| US | 8.8.8.8:53 | eforward5.registrar-servers.com | udp |
| US | 8.8.8.8:53 | backoffice.plexusworldwide.com | udp |
| US | 8.8.8.8:53 | ftp.secure03b.chase.com | udp |
| US | 8.8.8.8:53 | ftp.accounts.google.com | udp |
| US | 67.227.226.240:80 | ftp.platinum.lcfhc.com | tcp |
| US | 8.8.8.8:53 | mail.portal.kenoby.com | udp |
| US | 8.8.8.8:53 | ftp.ridgeattahoeresort.hotelwifi.com | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | park-mx.above.com | udp |
| US | 8.8.8.8:53 | portal.kenoby.com | udp |
| US | 8.8.8.8:53 | aspmx2.googlemail.com | udp |
| US | 8.8.8.8:53 | ftp.exaysro.com | udp |
| US | 8.8.8.8:53 | ftp.recruiting.transnet.net | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | ftp.yunpanjingling.com | udp |
| US | 8.8.8.8:53 | zzcartoon.com | udp |
| VE | 190.205.112.68:80 | persona.patria.org.ve | tcp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | alt3.aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | ftp.imgflip.com | udp |
| US | 8.8.8.8:53 | mail.mho.sutterhealth.org | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | patria.org.ve | udp |
| US | 8.8.8.8:53 | metin2alaska.ro | udp |
| US | 8.8.8.8:53 | dashboard.aquicard.com.br | udp |
| US | 8.8.8.8:53 | m.chaturbate.com | udp |
| DE | 185.172.128.90:80 | 185.172.128.90 | tcp |
| US | 92.223.56.72:80 | na.wargaming.net | tcp |
| US | 75.140.39.18:80 | ridgeattahoeresort.hotelwifi.com | tcp |
| US | 162.255.119.58:80 | snipe.games | tcp |
| TW | 110.50.231.130:80 | sportdafa.net | tcp |
| SE | 88.80.28.163:80 | linkomanija.net | tcp |
| US | 8.8.8.8:53 | nidoe.org | udp |
| US | 8.8.8.8:53 | dashboard.aquicard.com.br | udp |
| US | 8.8.8.8:53 | sportybet.com | udp |
| FR | 52.222.169.125:80 | portal.kenoby.com | tcp |
| TW | 110.50.231.130:80 | sportdafa.net | tcp |
| US | 8.8.8.8:53 | casinovenetian.com | udp |
| US | 8.8.8.8:53 | pnc.cnas.dz | udp |
| US | 8.8.8.8:53 | ssh.pvpro.com | udp |
| US | 8.8.8.8:53 | m.chaturbate.com | udp |
| US | 8.8.8.8:53 | mxa-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | casinovenetian.com | udp |
| US | 8.8.8.8:53 | abacus.rblbank.com | udp |
| US | 8.8.8.8:53 | mail.zzcartoon.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | ftp.vi-vn.facebook.com | udp |
| US | 8.8.8.8:53 | enlinea.sunarp.gob.pe | udp |
| DE | 88.99.26.79:80 | ftp.exaysro.com | tcp |
| US | 172.67.171.232:80 | ad2prosper.com | tcp |
| DE | 161.97.135.201:80 | elearning.esgee-oran.dz | tcp |
| US | 162.255.119.58:80 | snipe.games | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| GB | 163.70.147.22:443 | vi-vn.facebook.com | tcp |
| US | 103.224.182.253:80 | kidsgetmoney.co | tcp |
| US | 8.8.8.8:53 | account.mojang.com | udp |
| US | 8.8.8.8:53 | ssh.sportdafa.net | udp |
| US | 8.8.8.8:53 | pnc.cnas.dz | udp |
| US | 8.8.8.8:53 | mail.metin2alaska.ro | udp |
| US | 8.8.8.8:53 | fr.socialclub.rockstargames.com | udp |
| US | 8.8.8.8:53 | ssh.accounts.google.com | udp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | correo.patria.org.ve | udp |
| US | 8.8.8.8:53 | mail.ridgeattahoeresort.hotelwifi.com | udp |
| US | 8.8.8.8:53 | backoffice.plexusworldwide.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | ftp.lootbits.io | udp |
| US | 72.9.102.3:80 | sigatuljamea.net | tcp |
| IT | 193.41.205.114:80 | quiubi.it | tcp |
| US | 8.8.8.8:53 | pop.inloggen.centraalbeheer.nl | udp |
| US | 75.2.60.5:80 | pvpro.com | tcp |
| GB | 23.48.165.150:80 | abacus.rblbank.com | tcp |
| US | 8.8.8.8:53 | secure03b.chase.com | udp |
| US | 8.8.8.8:53 | account.mojang.com | udp |
| ID | 180.250.116.205:80 | indihome.co.id | tcp |
| US | 103.224.182.253:80 | kidsgetmoney.co | tcp |
| US | 172.67.68.54:80 | pokemon-planet.com | tcp |
| ZA | 66.22.96.44:80 | recruiting.transnet.net | tcp |
| DE | 18.159.22.34:80 | sportybet.com | tcp |
| AT | 195.72.135.91:80 | games.ladbrokes.com | tcp |
| US | 198.217.74.193:80 | mho.sutterhealth.org | tcp |
| US | 69.16.230.226:80 | ftp.yunpanjingling.com | tcp |
| NL | 93.171.200.41:443 | kwork.com | tcp |
| US | 151.101.65.91:80 | supraforums.com | tcp |
| US | 104.20.93.59:443 | windscribe.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 92.223.56.72:80 | na.wargaming.net | tcp |
| VE | 190.205.112.69:80 | persona.patria.org.ve | tcp |
| US | 172.67.196.236:443 | lootbits.io | tcp |
| US | 8.8.8.8:53 | oams.statefarm.com | udp |
| ZA | 66.22.96.44:80 | recruiting.transnet.net | tcp |
| FR | 52.222.169.125:443 | portal.kenoby.com | tcp |
| SG | 202.181.90.248:80 | shopee.co.id | tcp |
| US | 198.217.74.193:80 | mho.sutterhealth.org | tcp |
| VE | 190.205.112.69:80 | persona.patria.org.ve | tcp |
| DE | 185.172.128.187:80 | 185.172.128.187 | tcp |
| US | 8.8.8.8:53 | kacare.taleo.net | udp |
| US | 8.8.8.8:53 | www.linkomanija.net | udp |
| US | 8.8.8.8:53 | ssh.secure01c.chase.com | udp |
| US | 8.8.8.8:53 | ftp.games.ladbrokes.com | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | mail.gecomail.net | udp |
| US | 8.8.8.8:53 | ssh.mho.sutterhealth.org | udp |
| US | 8.8.8.8:53 | enlinea.sunarp.gob.pe | udp |
Files
memory/2540-1-0x0000000000590000-0x0000000000690000-memory.dmp
memory/2540-2-0x0000000000220000-0x000000000022B000-memory.dmp
memory/2540-3-0x0000000000400000-0x0000000000474000-memory.dmp
memory/1380-4-0x00000000026F0000-0x0000000002706000-memory.dmp
memory/2540-8-0x0000000000220000-0x000000000022B000-memory.dmp
memory/2540-5-0x0000000000400000-0x0000000000474000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\368B.exe
| MD5 | b6297922e4d7e05d1b009613d201883e |
| SHA1 | b6c739fd153f0078e115386bd0f87d784c1b5588 |
| SHA256 | 91a101f00488af2027b7fee5bfe9a14f290bcc401d183d352c9de40625af3700 |
| SHA512 | ab503a34d096ba5b6695505054e12ddf16ddd1407c1737d0fb5655b21947bab4de49e546b0ee1bbc9cdd581b8f32522ec720d27fa0fe9b79796ea0e3a6e3be79 |
memory/2472-18-0x0000000000E10000-0x00000000012BE000-memory.dmp
memory/2472-19-0x00000000776F0000-0x00000000776F2000-memory.dmp
memory/2472-20-0x0000000000E10000-0x00000000012BE000-memory.dmp
memory/2472-23-0x0000000000550000-0x0000000000551000-memory.dmp
memory/2472-24-0x00000000027C0000-0x00000000027C1000-memory.dmp
memory/2472-32-0x00000000004E0000-0x00000000004E1000-memory.dmp
memory/2472-31-0x00000000003C0000-0x00000000003C1000-memory.dmp
memory/2472-30-0x0000000000D80000-0x0000000000D81000-memory.dmp
memory/2472-29-0x0000000000560000-0x0000000000561000-memory.dmp
memory/2472-28-0x0000000000500000-0x0000000000501000-memory.dmp
memory/2472-27-0x0000000000410000-0x0000000000411000-memory.dmp
memory/2472-26-0x00000000005B0000-0x00000000005B1000-memory.dmp
memory/2472-25-0x00000000003A0000-0x00000000003A1000-memory.dmp
memory/2472-22-0x00000000006E0000-0x00000000006E1000-memory.dmp
memory/2472-21-0x00000000006C0000-0x00000000006C1000-memory.dmp
memory/2472-34-0x0000000002820000-0x0000000002821000-memory.dmp
memory/2472-33-0x00000000004F0000-0x00000000004F1000-memory.dmp
memory/2472-36-0x00000000027D0000-0x00000000027D1000-memory.dmp
memory/2472-37-0x00000000003B0000-0x00000000003B1000-memory.dmp
memory/2472-38-0x0000000002A60000-0x0000000002A61000-memory.dmp
memory/2472-43-0x0000000000E10000-0x00000000012BE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\48A5.dll
| MD5 | b0fb18cfcac1983582e7fd67b2843ce8 |
| SHA1 | ca29cf7cee80be38c5d667d5e8c00e6ea11b3294 |
| SHA256 | 4132c2587cfe85b944d95835d8d0bf92a08a0f831ea26a45c826146048347f45 |
| SHA512 | 4d9e1b14ef1a8adc15d38846c0a4e1d762e76fd944c76621ef6ac3a8482d14e40cfd4d7a14853d7a99cca2a99aa438eba996e842f1172f5f9a8f34ba1d97daf9 |
memory/1444-48-0x0000000010000000-0x00000000102CE000-memory.dmp
memory/1444-47-0x00000000000D0000-0x00000000000D6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\5228.exe
| MD5 | 1524fb466e4e5631c795cd9c2b245a26 |
| SHA1 | f2c08688e48f56c59a781895e3736d6ab8d85148 |
| SHA256 | c47d56f11a42325c13283b85f18af8354dfcfb3a27bb5de5035887cbf5d27686 |
| SHA512 | 701992a982205c84fa1be4fc4aaaf62dcfdbe466825fe744667fc89209bdc476129cefccdcf0e5523543fa5370f38668b6381aec5bd919a8dddccbdadff3e89b |
C:\Users\Admin\AppData\Local\Temp\5228.exe
| MD5 | 996c2b1fb60f980ea6618aeefbe4cebf |
| SHA1 | a8553f7f723132a1d35f7a57cae1a2e267cbc2ac |
| SHA256 | f91c0a4753cdb98cce0ade020917fdefe7a8daf88d23b4c07595de741402ca50 |
| SHA512 | 4af8fb921a332c5ac3d43b85bc23c859e431702e00852537bf1831c7af8b990d880808d044a1317873c77fbdecb1af7c97bed9edd9e2185bcbfa390c463f9056 |
memory/1772-56-0x0000000001F40000-0x00000000020F8000-memory.dmp
memory/1444-60-0x00000000022B0000-0x00000000023DB000-memory.dmp
memory/1772-62-0x0000000002100000-0x00000000022B7000-memory.dmp
memory/1648-61-0x000000007EFDE000-0x000000007EFDF000-memory.dmp
\Users\Admin\AppData\Local\Temp\5228.exe
| MD5 | 63d1f70922c62844b5856e85bafa7b67 |
| SHA1 | 7d99bd240da3a671964cbda611f339c228c5d6bc |
| SHA256 | 5a82e42ffcee94f2298b5e054b875bdcbb15d41efde46b8bd8de56e0d79720c9 |
| SHA512 | 5cf1ab9304868652bdbff3f46a37b07c4472e903ca2500633095daaafdf507d13d3292d1816af60d15c97ef8d74c77968619bff533460cc78c9e3933a83b6979 |
memory/1772-57-0x0000000001F40000-0x00000000020F8000-memory.dmp
memory/1444-63-0x00000000023E0000-0x00000000024EF000-memory.dmp
memory/1648-67-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1444-70-0x00000000023E0000-0x00000000024EF000-memory.dmp
memory/1648-72-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-71-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\5228.exe
| MD5 | bd1c101a8f6ebea4d6a4ae14a78730eb |
| SHA1 | 198580a768815345d70b97c05f2c2af91e5ae5e5 |
| SHA256 | 778e7f48509365fff760d55cd3ecdf67898ae7a8d5c69e93f8d4669e9a35b784 |
| SHA512 | a8985e69d89dc512bedbe80da236040d1fee42e1c3cfc830528568b0956c6a8c2616da27b4fc1bbb567e641b1680a2ff971013d385b04404ce4b6a6b41ed4a97 |
memory/1444-73-0x00000000023E0000-0x00000000024EF000-memory.dmp
memory/1648-74-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-75-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-76-0x0000000000400000-0x0000000000848000-memory.dmp
\Users\Admin\AppData\Local\Temp\48A5.dll
| MD5 | e4b2691c9225ae6705f1737a21be4ce6 |
| SHA1 | e1fe9879b90ce0a179c725b0b9edd7e4fa807960 |
| SHA256 | 02439c5310339f090f35e6425652db389ca4f3663fef02706038457934011d33 |
| SHA512 | 1fe36915a45f3c8a26ac08c5fd17fe69c42a103a3efcb8d45aefdf8c09a30153068a8ba9c4d4191cc933a347bfea8dc6c7f5e64a53a75cb1323dbe2f7d11c0fd |
memory/1648-78-0x0000000000230000-0x0000000000236000-memory.dmp
memory/1648-81-0x0000000002B40000-0x0000000002C6B000-memory.dmp
memory/1648-82-0x0000000002C70000-0x0000000002D7F000-memory.dmp
memory/1648-85-0x0000000002C70000-0x0000000002D7F000-memory.dmp
memory/1648-86-0x0000000002C70000-0x0000000002D7F000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7533.exe
| MD5 | 68a9bf2ea7d3e606644b594a3420d9cc |
| SHA1 | 4366fbef31500ca265fad6f0a080802fc69c5465 |
| SHA256 | 3b386b16dc4c9683d3c7a30270a133ed87c06675d8c76c2a9fb0cb77bb50448f |
| SHA512 | dec7d0e2e6259b50f3971919e9492950a3392e7228827d3e879ed69d19d93e058c68f234728a2aa88f4ef1ad61788c027ac84a0126ca8a340707ff04587241e4 |
memory/1376-96-0x0000000000A30000-0x0000000000FCE000-memory.dmp
memory/1376-97-0x00000000741D0000-0x00000000748BE000-memory.dmp
memory/1376-98-0x00000000027E0000-0x0000000002820000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus.tmp
| MD5 | 0e82665af2b5fb32d0f44731689e4242 |
| SHA1 | 3598cb67ba0ec0def68deb9306ac803390909c00 |
| SHA256 | 6a8815b2dd74277d3c4cce7d277226602e381c73710c4bd37f071a602c2997e9 |
| SHA512 | 73ed8ed727bc6cb779012380a9c24ccf964b2d6889b88badafd6c4adffb8a08bb96d94948294a581e14be4eb33b8139880beedd6381cf589a98a75f2853a635a |
memory/1376-107-0x0000000005130000-0x000000000536A000-memory.dmp
memory/1648-108-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdescs.new
| MD5 | 4c4b85a2175bfe5d3ade50f148ca8782 |
| SHA1 | 31dcace2496812ac1c02a0c70dc58820ae5d1d21 |
| SHA256 | 39009cc8983254701dddd4a0b9ba097febcc5a407f1f07fb7fad470f808b22c5 |
| SHA512 | 1ee6c604e20d482ae4a9a7daf5100cecadd5c33ed6e2412b626c717c929012401b1f506e679f0e9a83af84ed0830a39cf210c1ae1ab0c0893066e756c3739037 |
memory/1648-123-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\B2B0.exe
| MD5 | d8475e3eb1b8088c1b747799b20802be |
| SHA1 | 27727b8406dd18ae5ddc347257eac438f1dc08c2 |
| SHA256 | 40201bb18c81921d55236144105f37012832f6e321f41f5f48f7469420df0990 |
| SHA512 | 27bc79e9633f19f92efb72ae5e11603fe2ae0587cf532188b2bb8f2351123167556faf4ea347f0a394c6f3ab0d98374b9f9d7cecb4aa491117415fb9eed70726 |
memory/1648-130-0x0000000000400000-0x0000000000848000-memory.dmp
memory/3036-131-0x0000000000C90000-0x0000000001971000-memory.dmp
memory/3036-137-0x0000000000080000-0x0000000000081000-memory.dmp
memory/3036-139-0x0000000000C90000-0x0000000001971000-memory.dmp
memory/3036-140-0x0000000000080000-0x0000000000081000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\B9D2.exe
| MD5 | a1b5ee1b9649ab629a7ac257e2392f8d |
| SHA1 | dc1b14b6d57589440fb3021c9e06a3e3191968dc |
| SHA256 | 2bfd95260a4c52d4474cd51e74469fc3de94caed28937ff0ce99ded66af97e65 |
| SHA512 | 50ccbb9fd4ea2da847c6be5988e1e82e28d551b06cc9122b921dbd40eff4b657a81a010cea76f29e88fda06f8c053090b38d04eb89a6d63ec4f42ef68b1cf82b |
memory/3048-147-0x0000000001EE0000-0x0000000001FE0000-memory.dmp
memory/3048-148-0x0000000001CF0000-0x0000000001D5B000-memory.dmp
memory/1376-149-0x00000000741D0000-0x00000000748BE000-memory.dmp
memory/3048-150-0x0000000000400000-0x0000000001A77000-memory.dmp
memory/1376-156-0x00000000027E0000-0x0000000002820000-memory.dmp
memory/1560-157-0x00000000741D0000-0x00000000748BE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\C613.exe
| MD5 | 08c7993cba41d1e99087c7563d86acbb |
| SHA1 | 23c7393fe790acbeed959c6198c8c5657da1e7ef |
| SHA256 | 791146f020de235494a4d80045743b22dd12430a8fe20d90ddd89e95ec2deb5b |
| SHA512 | 623250d5e18f0324338d8fe5b86244982d10fa9a6302cb30102783646745373199012aa35df245dec1853044fc67165af2cf94666abcaad6ef8b321fe74db1a2 |
memory/1560-161-0x0000000000C90000-0x0000000000EE2000-memory.dmp
memory/1648-163-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-164-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-167-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-166-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-169-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-172-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-176-0x0000000000400000-0x0000000000848000-memory.dmp
memory/2376-188-0x0000000000400000-0x0000000000414000-memory.dmp
memory/1648-182-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-190-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-186-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-189-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DBB6.exe
| MD5 | 4735622a4d5d0771efbfb92ffc9fba61 |
| SHA1 | 1731917ad5377e71016757197d9c07bfbf678aee |
| SHA256 | e31a9f98aaa50eb3da3e33b6683602973d4ad3732a8db379338f55b74cd9a349 |
| SHA512 | 7859a9cac724bf8b32fe3474c8cfb6ae42cc14c798d526640e06931e3e2f93206c74b40a8545a404c80655ba1e7741cc7bea5e718171c58cdced6abbfc867734 |
C:\Users\Admin\AppData\Local\Temp\DBB6.exe
| MD5 | 40ecea626cfe1e64779a5ea2ceb518c4 |
| SHA1 | 75799ebc2ce17392e4c0acde7c0ab436ad774822 |
| SHA256 | ed31f7dcf98513e14e25c0f22bd4a1497ed952fdc5711b857accbafceaa4f1c6 |
| SHA512 | 7d8c31202253bb212ee1b57f02039f70ace45234fdf80980cc89c0c8b295c0b9a8e9be392aaaa3c5e0560391d115c9630e45c93509ed0579e498df6606882ae8 |
memory/1648-179-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-185-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-175-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-171-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-170-0x0000000000400000-0x0000000000848000-memory.dmp
memory/1648-165-0x0000000000400000-0x0000000000848000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-M25FA.tmp\DBB6.tmp
| MD5 | 33da9dc521f467c0405d3ef5377ce04b |
| SHA1 | 5249d7ce5dfabe5ee6d2fc7d3f3eba1e866b7d1f |
| SHA256 | dbab8a7b2b45fc7001d5e34d3d45ccbe93a7591f12910281acf2c32f8c4e631c |
| SHA512 | a3093637e1d731eab58080e10706db1afbf6e79fbac6593733b61033f97875ecbe230311e9741d349625ec3a66a6435318846d35290db8cd00af76d692699a55 |
C:\Users\Admin\AppData\Local\Temp\FD4B.exe
| MD5 | b0e6bfe2af835722aca24eeacfa0954a |
| SHA1 | 8544c34b982719be70a3def063fb9066f1a5a191 |
| SHA256 | e9a0ef41ea783e19d37b4fac34ddf58371526af7bf6ff915a263b427da293fa7 |
| SHA512 | 19227e1fc6854b5a983de63e91f1429d6e73c9581d06140729f348196363d0ca248a99000196b0aa3d3d4daab0dababac495846a1024ab687e9619b8f680b27b |
\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe
| MD5 | 4f858826f9718b6e9e49ec1f194a736b |
| SHA1 | bed8c04c74d341bf65ae183470662082f4eceb69 |
| SHA256 | 43bd481bd77f8851b7f15d5a8715910173b2e8914f662d0c19469d01cac4c478 |
| SHA512 | 799cd40eb1097d3cdb2bbccc09f14a16d85e15e82508b8e873539d0194a2b2c14e971af4c6189d7cd97be8721187993a0d2691188a4a255f232042ed48a0db71 |
\Users\Admin\AppData\Local\Temp\is-JA57J.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
memory/2672-346-0x0000000000240000-0x0000000000241000-memory.dmp
\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe
| MD5 | 9e0470e1bd2b7c442279118061c19857 |
| SHA1 | 2e6fa6784f8aaf89432b525e7b292172a27d7763 |
| SHA256 | 25e248690151bad544174164ec0229ce661777fd15cd2ae5989711753e49d551 |
| SHA512 | de81e9b9a1231618ae0398bf7bc1fbc1fdef7c009827ae629a5fe05ec9b57a76b556ca1b6f417527b6fd2c79a376ad900451308f21b2cb25109bfa3ee1257082 |
memory/2828-419-0x00000000002C0000-0x000000000076E000-memory.dmp
C:\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe
| MD5 | c006470e81f5f36c23ec87c787235655 |
| SHA1 | 5628eade71c424664965621dc447fc3a5ecff66a |
| SHA256 | 03185bbe42edbaa454e379c801c789135fa62d50d867230d5c62bf83cbf8126e |
| SHA512 | add9def79546edca49a7573b08d5123bce8856cc4751d7e688802996c4c6d96f3b7845154d3432af9b3c9ebd84c664b6b6bafa877828e3379926d4b05d99ad72 |
memory/2828-429-0x00000000025F0000-0x00000000025F1000-memory.dmp
\Users\Admin\AppData\Local\Temp\is-JA57J.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
memory/2828-447-0x0000000002650000-0x0000000002651000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe
| MD5 | c7118610fefdaad90083c662bd4ef37f |
| SHA1 | 9c051ff43747b8b52032b3cbe4d5b9a1edf8b9a5 |
| SHA256 | 333836d1c49ef069087f74844295e31ac2273b5337c2c2d70eb3c8f74901af14 |
| SHA512 | 7afa9b4b623927dee5a46ce471eb73dfa295dd989f789accf274526c618e2996ed5bd0d0a1930d84395a01412ccd966eca51359187e5612d18a988206e09d256 |
memory/2828-472-0x00000000024C0000-0x00000000024C1000-memory.dmp
\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
| MD5 | 7366f0044a6f6fce8d8b3adaa5838002 |
| SHA1 | b9757f241bd22b5cec7ad5311bdf6cc66692567d |
| SHA256 | 98636cfcc4c3808a366148983668d49f22a8865cc4a0dadc973292fe319951f1 |
| SHA512 | e800650e083286e7dceb26c5b2b09098d1d339a4c05e821f36d78426859d5d1ad363704e486028b505326d6919984f63797aba01461ffab346f26d936837aa35 |
memory/2672-557-0x00000000032F0000-0x00000000034C9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\april.exe
| MD5 | 19ba43aa42c53451c975c06447a43df2 |
| SHA1 | 781da85d380aba1a2cb05ba1de6e1ece48d5477f |
| SHA256 | f5e837bdc79926049beff61498129e21941c3cf9da43638feb6154e6620287e0 |
| SHA512 | 8746fcb8005e4533c02dd6f60ecff58e6a9013c8ae2a134380952b7465ccb24793530e5d2326495163d39536c84c4b1fe0542aed0d54613aaa2a45201c824442 |
memory/1560-626-0x00000000741D0000-0x00000000748BE000-memory.dmp
\Users\Admin\AppData\Local\Temp\7533.exe
| MD5 | 24aaf9a318d245f08d87d583687cf458 |
| SHA1 | d26c2c180abb2ad2c153dc889face8afc8fa1521 |
| SHA256 | 55f1c8bae65f385b7ccfb4d7628f73415aab9fbf4b691022e069af9fe9154d6b |
| SHA512 | fb5b4522330003bb6d770728c3f188a9eb25bb22c15d533e2f6c9aa06913fd13db816a469cc4976f40d1d66d133a3f123c6b08dafdc40010cfafc1231c484f05 |
memory/2340-669-0x0000000000400000-0x00000000005D9000-memory.dmp
\Users\Admin\AppData\Local\Temp\7533.exe
| MD5 | b3674dd7c25b9820fe93139d212d8c88 |
| SHA1 | 39130657f748b86d4a3dacd2740653471d6c7e55 |
| SHA256 | c5e29462361b9c0a62d9ca21faffa1fdcac44cf13f73f0ec5ab50e2aed904bf8 |
| SHA512 | 45d2f044ab290c8296ed2c5dc98aab71a37ea3665b15cbacaa8d34b26c89465373aa570cc232cbdab6b9eb836e7e90731c929b32118098c7dd89e1cbc141cf6f |
C:\Users\Admin\AppData\Local\Temp\april.exe
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/1844-769-0x00000000012C0000-0x000000000176E000-memory.dmp
\Users\Admin\AppData\Local\Temp\7533.exe
| MD5 | bfe987d9cdb4fdfc1258a2918890d7e8 |
| SHA1 | f8746f694d3ec972824e155c20866a0889edb92f |
| SHA256 | 75545e8b415438c2b466d9f59075f262a2932bffde9dbfe7788ba291befe35a3 |
| SHA512 | 52a3ae5a5c8817bf61b5e042b82a2a4e48bc5cfc5f379719526325a26c50fbe46962b91ea3f2da1cb49ba9db4e3ef1ab23255851a8ff3fd5f37807be95555ef2 |
\Users\Admin\AppData\Local\Temp\7533.exe
| MD5 | f6e4c8cd26710fed940c182f9da0c9c1 |
| SHA1 | 7458c638a33d79677e5f55d2108212779b55d06e |
| SHA256 | 69d3da358977a702c9cc23368430d5548bb72c199f31b2696a3a41c631578001 |
| SHA512 | b6055e9a3030a3600ad7f48e27fa69619524fcd2975cd9bbc04276609edee67cb9a9a8176ec5cdcca5c306d6f74c7d56d22bc7ba5e6015f81aa53d17e4cad936 |
\Users\Admin\AppData\Local\Temp\april.exe
| MD5 | f39dd4217ca407ca45ec79e43e1939a2 |
| SHA1 | c52b1e1f33008c38755f8aeebd91302bafb5ae20 |
| SHA256 | 055a30c4c817c6d85dc96971bf974f47eec8a420a02084e02a40d05bfc1ff58a |
| SHA512 | a2444bc348f4eb3ecf9cb1850559d2c3e4ec48e2ea3caefb7608ee88c92da40e7cf2ee2c187c929eaa90cc22ad4a8fa72eeda944fd9ecfcf658779d7aa9be307 |
memory/2828-540-0x00000000002C0000-0x000000000076E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
| MD5 | 8e3d884097d2dad555573d99e916af96 |
| SHA1 | 649d9267b6255240ce09c9f982e214b524b78648 |
| SHA256 | 6b3d6c581a7a255fb198b15792cd67de204da441a7c757d2f8bf473837c36457 |
| SHA512 | 7a9f99e2e9a56fb1858222ff7ba373ceea2016e6f718ddc0e4500a08baeeaae850c5d8fdf5c88eba33e8ba419d68767df24a88563e703001db826f025c54cb1b |
C:\Users\Admin\AppData\Local\Temp\8A00.exe
| MD5 | 5edc27f4fb945833e627a554407746a1 |
| SHA1 | ce0f744e2a827d7ba428562f7fd4932e6f144cbc |
| SHA256 | 608f8c358e578d87c5668673eff699f5bceb5a9fff9a9b51a0da6b1be51b1466 |
| SHA512 | 4deea18efe3c586f7a7ceb240819b88fc17ea3ad1bef238eec9c7d4d2ab50e3b4040cf4cf544fd82e0607da41b83fde156205904faf5a3b329df461fcbbc3c50 |
\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
| MD5 | 45c17dad6e6c98a98fb9dad9a590bf12 |
| SHA1 | 321ce27cbd995ebf4afedce1c9cfde4bd0e6e988 |
| SHA256 | fd1b61ec759d7eafe3ec746a44efd266ee9ec60e5afeec244a745006ae3ad2ba |
| SHA512 | 991499094f80952ac766884c755beb65c76682f6b0628c7ba3aea0a28db33841bce68f6326bed42c08e0378134495fc3632edafb71bec174b9a1e4a0a16f5c20 |
C:\Windows\Tasks\explorgu.job
| MD5 | df656e5dad4286a2e4d65793a2191ffc |
| SHA1 | e99f333f3b661164ef2f94a4ebd2cb90a456f1d6 |
| SHA256 | 38f49113d3bbcdad0e7eed7a134a21c4355fe9379a70bc74092f2b6bad0558f5 |
| SHA512 | 7eefbe4b48da2341c130fb7119764e7d9eec05e36c6360872b657f573f5cb6be94d2329af2339330d1ed0c037e73e43e1a0cdf812b9ce60dfd1eacb97626e31d |
\??\c:\users\admin\appdata\local\temp\is-ubeuj.tmp\april.tmp
| MD5 | 3f632e368fb2c86defcdebb66abc39eb |
| SHA1 | cd515a69cc5f764ef605f4995854754a0eafdb7a |
| SHA256 | 71d82bd60c77a6939fc311c9dd16209291d5637e5919ce76280be849bc18fcf5 |
| SHA512 | 12349b3407a192f34b15f393030877a98f0cf679522bfc3189af0989707d8dd49a21ed64d4238ab9493466fcbc4d368ccadc657a20aecf9a16404e306a81049f |
memory/4860-1562-0x0000000000220000-0x000000000022B000-memory.dmp
memory/4860-1611-0x0000000000400000-0x0000000000724000-memory.dmp
memory/4860-1533-0x0000000000906000-0x000000000091B000-memory.dmp
C:\Users\Admin\AppData\Local\Email Box Organizer\is-O6512.tmp
| MD5 | 6231b452e676ade27ca0ceb3a3cf874a |
| SHA1 | f8236dbf9fa3b2835bbb5a8d08dab3a155f310d1 |
| SHA256 | 9941eee1cafffad854ab2dfd49bf6e57b181efeb4e2d731ba7a28f5ab27e91cf |
| SHA512 | f5882a3cded0a4e498519de5679ea12a0ea275c220e318af1762855a94bdac8dc5413d1c5d1a55a7cc31cfebcf4647dcf1f653195536ce1826a3002cf01aa12c |
C:\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe
| MD5 | 7a8f28fd05ccc91e836fd56251a4425d |
| SHA1 | 1d78fada34f0a1064bdb692c562be6c817fbaa7f |
| SHA256 | a50c12cc04019fdcd0d9ca0c9cfc4e69bb988245444930ac3ba5fc7ae8d1df2f |
| SHA512 | 9a4253468e9bf3b88df9a0f2291df306125f1bdb79b53a4233ac7e5a07c440e9a0e6f2d5e9482bba1e269ed8548cd55eb6dc24970196e8c1d3c25029d40a7d83 |
memory/2340-2309-0x0000000000400000-0x00000000005D9000-memory.dmp
C:\Users\Admin\AppData\Local\Text Ultra Edit\textultraedit.exe
| MD5 | c876e5b3c07e5ad433d05681a04a94f5 |
| SHA1 | 95bd9a7eec8de2190e039a6f82e187dcbacf478e |
| SHA256 | f07877f4e0337e63f8ab4d02c7b46865e6c258a43fc9fa57bee80edbf96e965d |
| SHA512 | d63bdc8c3f9c7c0ce846c8886c509c9567e394498bc3fc5bdd5eef0540ed993d8aab7cd3f19559be9ba5d41540124c53a8b68de2752ce12d43ba50f466eaa587 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-03-14 05:05
Reported
2024-03-14 05:10
Platform
win10-20240214-en
Max time kernel
300s
Max time network
301s
Command Line
Signatures
Amadey
DcRat
Detect ZGRat V1
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Lumma Stealer
Pitou
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
SmokeLoader
ZGRat
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\F4A1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\E94A.exe | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
Downloads MZ/PE file
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\E94A.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\E94A.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\F4A1.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\F4A1.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe | N/A |
Deletes itself
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
Identifies Wine through registry keys
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-3356371483-1660115160-1611493187-1000\Software\Wine | C:\Users\Admin\AppData\Local\Temp\F4A1.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3356371483-1660115160-1611493187-1000\Software\Wine | C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3356371483-1660115160-1611493187-1000\Software\Wine | C:\Users\Admin\AppData\Local\Temp\E94A.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3381.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-3E88D.tmp\april.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-E7JB1.tmp\CE4F.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\77BE.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe | N/A |
Reads WinSCP keys stored on the system
Reads data files stored by FTP clients
Reads local data of messenger clients
Reads user/profile data of web browsers
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\CSRSS = "\"C:\\ProgramData\\Drivers\\csrss.exe\"" | C:\Users\Admin\AppData\Local\Temp\3381.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3356371483-1660115160-1611493187-1000\Software\Microsoft\Windows\CurrentVersion\Run\Ledger-Live Updater = "C:\\Users\\Admin\\AppData\\Local\\Temp\\GCGHJEBGHJ.exe" | C:\Users\Admin\AppData\Local\Temp\GCGHJEBGHJ.exe | N/A |
Checks installed software on the system
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Users\Admin\AppData\Local\Temp\BE7E.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\F4A1.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\E94A.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 948 set thread context of 216 | N/A | C:\Users\Admin\AppData\Local\Temp\3381.exe | C:\Users\Admin\AppData\Local\Temp\3381.exe |
| PID 2836 set thread context of 4860 | N/A | C:\Users\Admin\AppData\Local\Temp\77BE.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\explorgu.job | C:\Users\Admin\AppData\Local\Temp\F4A1.exe | N/A |
Enumerates physical storage devices
Program crash
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\FD8E.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Roaming\furgrss | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\FD8E.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\FD8E.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Roaming\furgrss | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Roaming\furgrss | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe | N/A |
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\FD8E.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\furgrss | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
| Token: SeCreatePagefilePrivilege | N/A | N/A | N/A |
| Token: SeShutdownPrivilege | N/A | N/A | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-3E88D.tmp\april.tmp | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\u1l0.1.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe
"C:\Users\Admin\AppData\Local\Temp\7159c4581077ad7284ade1d4236127150fd08cc7ece7692a86673092eb64416f.exe"
C:\Users\Admin\AppData\Local\Temp\F4A1.exe
C:\Users\Admin\AppData\Local\Temp\F4A1.exe
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\D89.dll
C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\D89.dll
C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
C:\Users\Admin\AppData\Local\Temp\00c07260dc\explorgu.exe
C:\Users\Admin\AppData\Local\Temp\3381.exe
C:\Users\Admin\AppData\Local\Temp\3381.exe
C:\Users\Admin\AppData\Local\Temp\3381.exe
C:\Users\Admin\AppData\Local\Temp\3381.exe
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll, Main
C:\Windows\system32\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll, Main
C:\Windows\system32\netsh.exe
netsh wlan show profiles
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -Command Compress-Archive -Path 'C:\Users\Admin\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\Admin\AppData\Local\Temp\356371483166_Desktop.zip' -CompressionLevel Optimal
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Users\Admin\AppData\Roaming\006700e5a2ab05\clip64.dll, Main
C:\Users\Admin\AppData\Local\Temp\77BE.exe
C:\Users\Admin\AppData\Local\Temp\77BE.exe
C:\Users\Admin\AppData\Local\Temp\B555.exe
C:\Users\Admin\AppData\Local\Temp\B555.exe
C:\Users\Admin\AppData\Local\Temp\BE7E.exe
C:\Users\Admin\AppData\Local\Temp\BE7E.exe
C:\Users\Admin\AppData\Local\Temp\C6EB.exe
C:\Users\Admin\AppData\Local\Temp\C6EB.exe
C:\Users\Admin\AppData\Local\Temp\CE4F.exe
C:\Users\Admin\AppData\Local\Temp\CE4F.exe
C:\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe
"C:\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe"
C:\Users\Admin\AppData\Local\Temp\april.exe
"C:\Users\Admin\AppData\Local\Temp\april.exe"
C:\Users\Admin\AppData\Local\Temp\is-E7JB1.tmp\CE4F.tmp
"C:\Users\Admin\AppData\Local\Temp\is-E7JB1.tmp\CE4F.tmp" /SL5="$11006A,1536393,54272,C:\Users\Admin\AppData\Local\Temp\CE4F.exe"
C:\Users\Admin\AppData\Local\Temp\is-3E88D.tmp\april.tmp
"C:\Users\Admin\AppData\Local\Temp\is-3E88D.tmp\april.tmp" /SL5="$100060,1697899,56832,C:\Users\Admin\AppData\Local\Temp\april.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2752 -s 992
C:\Users\Admin\AppData\Local\Temp\E94A.exe
C:\Users\Admin\AppData\Local\Temp\E94A.exe
C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe
"C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Users\Admin\AppData\Local\Temp\u1l0.1.exe
"C:\Users\Admin\AppData\Local\Temp\u1l0.1.exe"
C:\Users\Admin\AppData\Local\Temp\FD8E.exe
C:\Users\Admin\AppData\Local\Temp\FD8E.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Roaming\Temp\Task.bat" "
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4860 -s 944
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4860 -s 944
C:\Windows\SysWOW64\chcp.com
chcp 1251
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\Admin\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\Admin\AppData\Local\Temp\GCGHJEBGHJ.exe"
C:\Users\Admin\AppData\Local\Temp\GCGHJEBGHJ.exe
"C:\Users\Admin\AppData\Local\Temp\GCGHJEBGHJ.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C ping 2.2.2.2 -n 1 -w 3000 > Nul & Del C:\Users\Admin\AppData\Local\Temp\GCGHJEBGHJ.exe
C:\Windows\SysWOW64\PING.EXE
ping 2.2.2.2 -n 1 -w 3000
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 216 -s 43060
C:\Users\Admin\AppData\Roaming\iwrgrss
C:\Users\Admin\AppData\Roaming\iwrgrss
C:\Users\Admin\AppData\Roaming\furgrss
C:\Users\Admin\AppData\Roaming\furgrss
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9220 -s 480
Network
| Country | Destination | Domain | Proto |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | selebration17io.io | udp |
| RU | 91.215.85.120:80 | selebration17io.io | tcp |
| RU | 185.215.113.45:80 | 185.215.113.45 | tcp |
| US | 8.8.8.8:53 | 45.113.215.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.85.215.91.in-addr.arpa | udp |
| RU | 185.215.113.32:80 | 185.215.113.32 | tcp |
| US | 8.8.8.8:53 | 32.113.215.185.in-addr.arpa | udp |
| RU | 185.215.113.32:80 | 185.215.113.32 | tcp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| DE | 185.172.128.19:80 | 185.172.128.19 | tcp |
| US | 8.8.8.8:53 | 19.128.172.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | midnight.bestsup.su | udp |
| US | 104.21.29.103:80 | midnight.bestsup.su | tcp |
| US | 104.21.94.2:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | 2.94.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wisemassiveharmonious.shop | udp |
| US | 172.67.181.250:443 | tcp | |
| US | 8.8.8.8:53 | 250.181.67.172.in-addr.arpa | udp |
| DE | 185.172.128.90:80 | 185.172.128.90 | tcp |
| US | 8.8.8.8:53 | 90.128.172.185.in-addr.arpa | udp |
| DE | 185.172.128.187:80 | 185.172.128.187 | tcp |
| US | 8.8.8.8:53 | 187.128.172.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trmpc.com | udp |
| DE | 185.172.128.187:80 | 185.172.128.187 | tcp |
| DE | 185.172.128.126:80 | 185.172.128.126 | tcp |
| CO | 186.112.12.181:80 | trmpc.com | tcp |
| US | 8.8.8.8:53 | 126.128.172.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.12.112.186.in-addr.arpa | udp |
| US | 8.8.8.8:53 | herdbescuitinjurywu.shop | udp |
| US | 172.67.206.194:443 | herdbescuitinjurywu.shop | tcp |
| DE | 185.172.128.145:80 | 185.172.128.145 | tcp |
| US | 8.8.8.8:53 | 145.128.172.185.in-addr.arpa | udp |
| US | 172.67.181.250:443 | wisemassiveharmonious.shop | tcp |
| US | 8.8.8.8:53 | 194.206.67.172.in-addr.arpa | udp |
| RU | 185.215.113.32:80 | tcp | |
| FI | 95.216.154.139:9001 | tcp | |
| DE | 188.68.53.92:443 | tcp | |
| US | 199.249.230.155:443 | tcp | |
| DE | 185.172.128.187:80 | 185.172.128.187 | tcp |
| US | 8.8.8.8:53 | 107.116.69.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.178.17.96.in-addr.arpa | udp |
| CA | 198.100.149.77:443 | tcp | |
| US | 8.8.8.8:53 | nidoe.org | udp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| US | 8.8.8.8:53 | 220.17.13.186.in-addr.arpa | udp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| DE | 8.209.79.125:9001 | tcp | |
| CA | 199.58.81.140:443 | tcp | |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| US | 8.8.8.8:53 | 140.81.58.199.in-addr.arpa | udp |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| DE | 94.130.185.68:9001 | tcp | |
| DE | 109.123.242.121:443 | tcp | |
| AR | 186.13.17.220:80 | nidoe.org | tcp |
| US | 8.8.8.8:53 | 121.242.123.109.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.185.130.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp | |
| N/A | 127.0.0.1:50278 | tcp | |
| DE | 204.10.194.74:443 | tcp | |
| US | 8.8.8.8:53 | 74.194.10.204.in-addr.arpa | udp |
| DE | 109.123.242.121:443 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| DE | 94.130.185.68:9001 | tcp | |
| DE | 204.10.194.74:443 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| US | 8.8.8.8:53 | retail.onlinesbi.com | udp |
| US | 8.8.8.8:53 | retail.onlinesbi.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:50454 | tcp | |
| N/A | 127.0.0.1:50459 | tcp | |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | nhdsports.info | udp |
| US | 8.8.8.8:53 | nhdsports.info | udp |
| US | 8.8.8.8:53 | tplinkrepeater.net | udp |
| US | 8.8.8.8:53 | tplinkrepeater.net | udp |
| US | 8.8.8.8:53 | gamebanana.com | udp |
| US | 8.8.8.8:53 | alt4.gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | gamebanana.com | udp |
| US | 8.8.8.8:53 | es-la.facebook.com | udp |
| US | 8.8.8.8:53 | secure.wakfu.com | udp |
| US | 8.8.8.8:53 | secure.wakfu.com | udp |
| US | 8.8.8.8:53 | 8591.com.tw | udp |
| US | 8.8.8.8:53 | es-la.facebook.com | udp |
| US | 8.8.8.8:53 | mx2.hostinger.vn | udp |
| US | 8.8.8.8:53 | 8591.com.tw | udp |
| US | 8.8.8.8:53 | genymotion.com | udp |
| US | 8.8.8.8:53 | isaac.mx.cloudflare.net | udp |
| US | 8.8.8.8:53 | genymotion.com | udp |
| US | 8.8.8.8:53 | discuss.howtogeek.com | udp |
| US | 8.8.8.8:53 | discuss.howtogeek.com | udp |
| N/A | 127.0.0.1:50463 | tcp | |
| N/A | 127.0.0.1:50469 | tcp | |
| N/A | 127.0.0.1:50472 | tcp | |
| N/A | 127.0.0.1:50476 | tcp | |
| N/A | 127.0.0.1:50482 | tcp | |
| N/A | 127.0.0.1:50485 | tcp | |
| N/A | 127.0.0.1:50489 | tcp | |
| N/A | 127.0.0.1:50496 | tcp | |
| N/A | 127.0.0.1:50499 | tcp | |
| N/A | 127.0.0.1:50502 | tcp | |
| N/A | 127.0.0.1:50505 | tcp | |
| N/A | 127.0.0.1:50512 | tcp | |
| N/A | 127.0.0.1:50513 | tcp | |
| N/A | 127.0.0.1:50517 | tcp | |
| N/A | 127.0.0.1:50522 | tcp | |
| N/A | 127.0.0.1:50526 | tcp | |
| N/A | 127.0.0.1:50532 | tcp | |
| N/A | 127.0.0.1:50537 | tcp | |
| N/A | 127.0.0.1:50541 | tcp | |
| N/A | 127.0.0.1:50543 | tcp | |
| N/A | 127.0.0.1:50549 | tcp | |
| N/A | 127.0.0.1:50553 | tcp | |
| N/A | 127.0.0.1:50557 | tcp | |
| N/A | 127.0.0.1:50560 | tcp | |
| N/A | 127.0.0.1:50566 | tcp | |
| N/A | 127.0.0.1:50569 | tcp | |
| N/A | 127.0.0.1:50575 | tcp | |
| N/A | 127.0.0.1:50578 | tcp | |
| N/A | 127.0.0.1:50582 | tcp | |
| N/A | 127.0.0.1:50584 | tcp | |
| N/A | 127.0.0.1:50587 | tcp | |
| N/A | 127.0.0.1:50591 | tcp | |
| N/A | 127.0.0.1:50594 | tcp | |
| N/A | 127.0.0.1:50597 | tcp | |
| N/A | 127.0.0.1:50600 | tcp | |
| N/A | 127.0.0.1:50603 | tcp | |
| N/A | 127.0.0.1:50611 | tcp | |
| N/A | 127.0.0.1:50615 | tcp | |
| N/A | 127.0.0.1:50617 | tcp | |
| N/A | 127.0.0.1:50622 | tcp | |
| N/A | 127.0.0.1:50625 | tcp | |
| N/A | 127.0.0.1:50628 | tcp | |
| N/A | 127.0.0.1:50632 | tcp | |
| N/A | 127.0.0.1:50635 | tcp | |
| N/A | 127.0.0.1:50639 | tcp | |
| N/A | 127.0.0.1:50643 | tcp | |
| N/A | 127.0.0.1:50650 | tcp | |
| N/A | 127.0.0.1:50653 | tcp | |
| N/A | 127.0.0.1:50657 | tcp | |
| N/A | 127.0.0.1:50662 | tcp | |
| N/A | 127.0.0.1:50665 | tcp | |
| N/A | 127.0.0.1:50669 | tcp | |
| N/A | 127.0.0.1:50675 | tcp | |
| N/A | 127.0.0.1:50678 | tcp | |
| N/A | 127.0.0.1:50681 | tcp | |
| N/A | 127.0.0.1:50684 | tcp | |
| US | 8.8.8.8:53 | koha.ekutuphane.gov.tr | udp |
| US | 8.8.8.8:53 | aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | iris.fbr.gov.pk | udp |
| IE | 52.214.111.170:80 | secure.wakfu.com | tcp |
| US | 8.8.8.8:53 | koha.ekutuphane.gov.tr | udp |
| US | 8.8.8.8:53 | workplace.zoho.com | udp |
| BE | 74.125.71.84:21 | accounts.google.com | tcp |
| IE | 52.214.111.170:465 | secure.wakfu.com | tcp |
| GB | 163.70.147.22:995 | es-la.facebook.com | tcp |
| IE | 172.253.116.27:143 | aspmx.l.google.com | tcp |
| NL | 142.250.179.147:22 | discuss.howtogeek.com | tcp |
| NL | 142.250.179.147:21 | discuss.howtogeek.com | tcp |
| US | 8.8.8.8:53 | workplace.zoho.com | udp |
| US | 8.8.8.8:53 | iris.fbr.gov.pk | udp |
| US | 8.8.8.8:53 | freefilefillableforms.com | udp |
| IE | 52.214.111.170:995 | secure.wakfu.com | tcp |
| IE | 172.253.116.27:143 | aspmx.l.google.com | tcp |
| TW | 203.69.66.10:80 | 8591.com.tw | tcp |
| IE | 172.253.116.27:465 | aspmx.l.google.com | tcp |
| N/A | 127.0.0.1:50690 | tcp | |
| N/A | 127.0.0.1:50694 | tcp | |
| N/A | 127.0.0.1:50697 | tcp | |
| N/A | 127.0.0.1:50701 | tcp | |
| N/A | 127.0.0.1:50707 | tcp | |
| N/A | 127.0.0.1:50709 | tcp | |
| N/A | 127.0.0.1:50713 | tcp | |
| NL | 142.250.179.147:443 | discuss.howtogeek.com | tcp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 170.111.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | freefilefillableforms.com | udp |
| TR | 88.255.66.202:22 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:21 | koha.ekutuphane.gov.tr | tcp |
| SG | 74.125.200.14:143 | alt4.gmr-smtp-in.l.google.com | tcp |
| TR | 88.255.66.202:443 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | jiocontactcenter.jio.com | udp |
| US | 8.8.8.8:53 | jiocontactcenter.jio.com | udp |
| US | 8.8.8.8:53 | app.oss.go.id | udp |
| IE | 172.253.116.27:465 | aspmx.l.google.com | tcp |
| US | 104.17.171.23:80 | genymotion.com | tcp |
| SG | 74.125.200.14:465 | alt4.gmr-smtp-in.l.google.com | tcp |
| BE | 74.125.71.84:80 | accounts.google.com | tcp |
| IE | 52.214.111.170:80 | secure.wakfu.com | tcp |
| US | 136.143.191.104:22 | workplace.zoho.com | tcp |
| US | 136.143.191.104:21 | workplace.zoho.com | tcp |
| PK | 103.125.60.77:21 | iris.fbr.gov.pk | tcp |
| US | 216.66.74.140:22 | freefilefillableforms.com | tcp |
| PK | 103.125.60.77:22 | iris.fbr.gov.pk | tcp |
| PK | 103.125.60.77:443 | iris.fbr.gov.pk | tcp |
| US | 8.8.8.8:53 | www.howtogeek.com | udp |
| US | 8.8.8.8:53 | app.oss.go.id | udp |
| N/A | 127.0.0.1:50717 | tcp | |
| N/A | 127.0.0.1:50720 | tcp | |
| N/A | 127.0.0.1:50725 | tcp | |
| N/A | 127.0.0.1:50730 | tcp | |
| N/A | 127.0.0.1:50735 | tcp | |
| N/A | 127.0.0.1:50740 | tcp | |
| N/A | 127.0.0.1:50742 | tcp | |
| N/A | 127.0.0.1:50746 | tcp | |
| N/A | 127.0.0.1:50751 | tcp | |
| N/A | 127.0.0.1:50755 | tcp | |
| N/A | 127.0.0.1:50757 | tcp | |
| N/A | 127.0.0.1:50760 | tcp | |
| N/A | 127.0.0.1:50774 | tcp | |
| N/A | 127.0.0.1:50778 | tcp | |
| N/A | 127.0.0.1:50780 | tcp | |
| N/A | 127.0.0.1:50782 | tcp | |
| N/A | 127.0.0.1:50788 | tcp | |
| N/A | 127.0.0.1:50792 | tcp | |
| N/A | 127.0.0.1:50795 | tcp | |
| N/A | 127.0.0.1:50811 | tcp | |
| N/A | 127.0.0.1:50817 | tcp | |
| N/A | 127.0.0.1:50820 | tcp | |
| N/A | 127.0.0.1:50831 | tcp | |
| N/A | 127.0.0.1:50834 | tcp | |
| N/A | 127.0.0.1:50840 | tcp | |
| N/A | 127.0.0.1:50851 | tcp | |
| NL | 142.250.179.147:143 | discuss.howtogeek.com | tcp |
| IE | 172.253.116.27:995 | aspmx.l.google.com | tcp |
| US | 8.8.8.8:53 | mx.zoho.com | udp |
| US | 136.143.191.104:443 | workplace.zoho.com | tcp |
| US | 216.66.74.140:21 | freefilefillableforms.com | tcp |
| IE | 172.253.116.27:995 | aspmx.l.google.com | tcp |
| N/A | 127.0.0.1:50853 | tcp | |
| SG | 74.125.200.14:995 | alt4.gmr-smtp-in.l.google.com | tcp |
| NL | 142.250.179.147:80 | discuss.howtogeek.com | tcp |
| US | 8.8.8.8:53 | 147.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.66.255.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | identity.sieltecloud.it | udp |
| US | 8.8.8.8:53 | elabschool.net | udp |
| US | 8.8.8.8:53 | elabschool.net | udp |
| TR | 88.255.66.202:143 | koha.ekutuphane.gov.tr | tcp |
| NL | 142.250.179.147:465 | discuss.howtogeek.com | tcp |
| US | 8.8.8.8:53 | mail.freefilefillableforms.com | udp |
| US | 8.8.8.8:53 | www.genymotion.com | udp |
| US | 8.8.8.8:53 | identity.sieltecloud.it | udp |
| IN | 49.40.13.81:22 | jiocontactcenter.jio.com | tcp |
| IN | 49.40.13.81:21 | jiocontactcenter.jio.com | tcp |
| US | 216.66.74.140:443 | freefilefillableforms.com | tcp |
| BE | 74.125.71.84:80 | accounts.google.com | tcp |
| US | 3.222.102.97:443 | www.howtogeek.com | tcp |
| PK | 103.125.60.77:143 | iris.fbr.gov.pk | tcp |
| NL | 142.250.179.147:995 | discuss.howtogeek.com | tcp |
| US | 8.8.8.8:53 | vps4.ikame.vn | udp |
| US | 8.8.8.8:53 | 23.171.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.60.125.103.in-addr.arpa | udp |
| IE | 52.31.102.54:465 | secure.wakfu.com | tcp |
| US | 136.143.191.104:80 | workplace.zoho.com | tcp |
| US | 136.143.191.44:465 | mx.zoho.com | tcp |
| PK | 103.125.60.77:995 | iris.fbr.gov.pk | tcp |
| PK | 103.125.60.77:465 | iris.fbr.gov.pk | tcp |
| PK | 103.125.60.77:80 | iris.fbr.gov.pk | tcp |
| IE | 52.31.102.54:995 | secure.wakfu.com | tcp |
| N/A | 127.0.0.1:50856 | tcp | |
| N/A | 127.0.0.1:50858 | tcp | |
| N/A | 127.0.0.1:50862 | tcp | |
| N/A | 127.0.0.1:50865 | tcp | |
| N/A | 127.0.0.1:50873 | tcp | |
| N/A | 127.0.0.1:50882 | tcp | |
| TR | 88.255.66.202:465 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | vps4.ikame.vn | udp |
| US | 8.8.8.8:53 | mangadna.com | udp |
| US | 38.109.47.204:143 | mail.freefilefillableforms.com | tcp |
| SG | 206.189.42.180:22 | elabschool.net | tcp |
| US | 136.143.191.44:143 | mx.zoho.com | tcp |
| TR | 88.255.66.202:80 | koha.ekutuphane.gov.tr | tcp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| N/A | 127.0.0.1:50897 | tcp | |
| US | 104.17.171.23:443 | www.genymotion.com | tcp |
| IN | 49.40.13.81:443 | jiocontactcenter.jio.com | tcp |
| US | 8.8.8.8:53 | 104.191.143.136.in-addr.arpa | udp |
| IT | 185.107.185.52:22 | identity.sieltecloud.it | tcp |
| US | 8.8.8.8:53 | mangadna.com | udp |
| TR | 88.255.66.202:25056 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:64389 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:59114 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:34548 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:6714 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:57391 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:53593 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:32094 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:55722 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:464 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:61906 | koha.ekutuphane.gov.tr | tcp |
| IE | 52.214.111.170:80 | secure.wakfu.com | tcp |
| SG | 206.189.42.180:21 | elabschool.net | tcp |
| TR | 88.255.66.202:31909 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:40884 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:32014 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:8867 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:12063 | koha.ekutuphane.gov.tr | tcp |
| US | 38.109.47.204:465 | mail.freefilefillableforms.com | tcp |
| TR | 88.255.66.202:995 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:27424 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:17453 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:16519 | koha.ekutuphane.gov.tr | tcp |
| US | 216.66.74.140:80 | freefilefillableforms.com | tcp |
| US | 136.143.191.44:995 | mx.zoho.com | tcp |
| TR | 88.255.66.202:9243 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:51567 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:34410 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:37941 | koha.ekutuphane.gov.tr | tcp |
| IT | 185.107.185.52:21 | identity.sieltecloud.it | tcp |
| TR | 88.255.66.202:22656 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:48094 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | newsbild.in | udp |
| US | 8.8.8.8:53 | fivemtr.com | udp |
| US | 8.8.8.8:53 | newsbild.in | udp |
| TR | 88.255.66.202:10360 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:14936 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:63044 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:38432 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:30261 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:50156 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:53937 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:52340 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:43166 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:51043 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | 97.102.222.3.in-addr.arpa | udp |
| TR | 88.255.66.202:22219 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:4677 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:18078 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:27062 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:43247 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:31260 | koha.ekutuphane.gov.tr | tcp |
| US | 38.109.47.204:995 | mail.freefilefillableforms.com | tcp |
| US | 3.222.102.97:443 | www.howtogeek.com | tcp |
| IT | 185.107.185.52:443 | identity.sieltecloud.it | tcp |
| VN | 123.31.17.39:22 | vps4.ikame.vn | tcp |
| TR | 88.255.66.202:29494 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:47318 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:42470 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:10512 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:39704 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:1562 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:47348 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:29621 | koha.ekutuphane.gov.tr | tcp |
| IE | 54.220.153.4:465 | secure.wakfu.com | tcp |
| VN | 123.31.17.39:21 | vps4.ikame.vn | tcp |
| US | 8.8.8.8:53 | fivemtr.com | udp |
| SG | 206.189.42.180:443 | elabschool.net | tcp |
| IN | 49.40.13.81:143 | jiocontactcenter.jio.com | tcp |
| IE | 54.220.153.4:995 | secure.wakfu.com | tcp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | academico.educarecuador.gob.ec | udp |
| US | 8.8.8.8:53 | 81.13.40.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.74.66.216.in-addr.arpa | udp |
| IN | 49.40.13.81:443 | jiocontactcenter.jio.com | tcp |
| VN | 123.31.17.39:443 | vps4.ikame.vn | tcp |
| US | 172.67.137.97:22 | mangadna.com | tcp |
| US | 172.67.137.97:21 | mangadna.com | tcp |
| IN | 49.40.13.81:465 | jiocontactcenter.jio.com | tcp |
| IN | 49.40.13.81:80 | jiocontactcenter.jio.com | tcp |
| US | 8.8.8.8:53 | academico.educarecuador.gob.ec | udp |
| US | 8.8.8.8:53 | app.oss.go.id | udp |
| IT | 185.107.185.52:143 | identity.sieltecloud.it | tcp |
| PK | 103.125.60.77:80 | iris.fbr.gov.pk | tcp |
| US | 136.143.191.104:80 | workplace.zoho.com | tcp |
| SG | 206.189.42.180:143 | elabschool.net | tcp |
| N/A | 127.0.0.1:50900 | tcp | |
| US | 136.143.191.104:443 | workplace.zoho.com | tcp |
| BE | 74.125.71.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.irs.gov | udp |
| NL | 185.107.56.58:22 | fivemtr.com | tcp |
| US | 104.21.80.164:22 | newsbild.in | tcp |
| IN | 49.40.13.81:443 | jiocontactcenter.jio.com | tcp |
| IN | 49.40.13.81:995 | jiocontactcenter.jio.com | tcp |
| NL | 142.250.179.147:80 | discuss.howtogeek.com | tcp |
| IE | 52.214.111.170:80 | secure.wakfu.com | tcp |
| IT | 185.107.185.52:465 | identity.sieltecloud.it | tcp |
| IT | 185.107.185.52:80 | identity.sieltecloud.it | tcp |
| US | 8.8.8.8:53 | id.zalo.me | udp |
| SG | 206.189.42.180:80 | elabschool.net | tcp |
| SG | 206.189.42.180:465 | elabschool.net | tcp |
| US | 104.17.171.23:80 | www.genymotion.com | tcp |
| US | 172.67.137.97:443 | mangadna.com | tcp |
| US | 8.8.8.8:53 | 52.185.107.185.in-addr.arpa | udp |
| US | 216.66.74.140:80 | freefilefillableforms.com | tcp |
| US | 104.21.80.164:21 | newsbild.in | tcp |
| US | 8.8.8.8:53 | id.zalo.me | udp |
| N/A | 127.0.0.1:50903 | tcp | |
| N/A | 127.0.0.1:50906 | tcp | |
| N/A | 127.0.0.1:50914 | tcp | |
| N/A | 127.0.0.1:50917 | tcp | |
| N/A | 127.0.0.1:50921 | tcp | |
| N/A | 127.0.0.1:50924 | tcp | |
| N/A | 127.0.0.1:50929 | tcp | |
| N/A | 127.0.0.1:50933 | tcp | |
| N/A | 127.0.0.1:50935 | tcp | |
| N/A | 127.0.0.1:50945 | tcp | |
| N/A | 127.0.0.1:50949 | tcp | |
| N/A | 127.0.0.1:50952 | tcp | |
| N/A | 127.0.0.1:50956 | tcp | |
| N/A | 127.0.0.1:50958 | tcp | |
| VN | 123.31.17.39:143 | vps4.ikame.vn | tcp |
| NL | 185.107.56.58:21 | fivemtr.com | tcp |
| PK | 103.125.60.77:443 | iris.fbr.gov.pk | tcp |
| IT | 185.107.185.52:995 | identity.sieltecloud.it | tcp |
| US | 104.21.26.165:22 | mangadna.com | tcp |
| TR | 88.255.66.202:80 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | mazmo.net | udp |
| US | 8.8.8.8:53 | mx2.hostinger.in | udp |
| TR | 88.255.66.202:61611 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:11889 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:54352 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:43910 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:52514 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:2779 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:49149 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:32633 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:34326 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:59377 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:7 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:62481 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:50314 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:30658 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:33564 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:44881 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:65421 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:25546 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:36046 | koha.ekutuphane.gov.tr | tcp |
| US | 104.21.80.164:443 | newsbild.in | tcp |
| TR | 88.255.66.202:13703 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:12516 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:52288 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:3676 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:35769 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | mazmo.net | udp |
| EC | 181.113.66.59:22 | academico.educarecuador.gob.ec | tcp |
| EC | 181.113.66.59:21 | academico.educarecuador.gob.ec | tcp |
| SG | 206.189.42.180:995 | elabschool.net | tcp |
| US | 104.91.117.44:443 | www.irs.gov | tcp |
| US | 104.21.26.165:21 | mangadna.com | tcp |
| IT | 185.107.185.52:80 | identity.sieltecloud.it | tcp |
| VN | 123.31.17.39:465 | vps4.ikame.vn | tcp |
| US | 172.67.137.97:143 | mangadna.com | tcp |
| VN | 123.31.17.39:80 | vps4.ikame.vn | tcp |
| US | 172.67.151.144:22 | newsbild.in | tcp |
| BE | 74.125.71.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | m.moj.hrvatskitelekom.hr | udp |
| US | 8.8.8.8:53 | 97.137.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.42.189.206.in-addr.arpa | udp |
| TR | 88.255.66.202:57757 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:46844 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:46272 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:8414 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:46878 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:39133 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:25493 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:19495 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:17397 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:4473 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:19123 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:54013 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:54755 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:52697 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:62878 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:34460 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:6504 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:49317 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:39083 | koha.ekutuphane.gov.tr | tcp |
| BE | 74.125.71.84:21 | accounts.google.com | tcp |
| NL | 185.107.56.58:443 | fivemtr.com | tcp |
| TR | 88.255.66.202:52641 | koha.ekutuphane.gov.tr | tcp |
| EC | 181.113.66.59:443 | academico.educarecuador.gob.ec | tcp |
| US | 8.8.8.8:53 | m.moj.hrvatskitelekom.hr | udp |
| GB | 163.70.147.22:995 | es-la.facebook.com | tcp |
| IE | 172.253.116.27:143 | aspmx.l.google.com | tcp |
| VN | 49.213.95.230:22 | id.zalo.me | tcp |
| NL | 142.250.179.147:22 | discuss.howtogeek.com | tcp |
| NL | 142.250.179.147:21 | discuss.howtogeek.com | tcp |
| IE | 52.214.111.170:465 | secure.wakfu.com | tcp |
| VN | 123.31.17.39:995 | vps4.ikame.vn | tcp |
| US | 172.67.137.97:80 | mangadna.com | tcp |
| US | 172.65.182.103:143 | mx2.hostinger.in | tcp |
| NL | 185.107.56.58:143 | fivemtr.com | tcp |
| IE | 172.253.116.27:143 | aspmx.l.google.com | tcp |
| IE | 172.253.116.27:465 | aspmx.l.google.com | tcp |
| TR | 88.255.66.202:22 | koha.ekutuphane.gov.tr | tcp |
| US | 172.67.151.144:21 | newsbild.in | tcp |
| N/A | 127.0.0.1:50961 | tcp | |
| TR | 88.255.66.202:21 | koha.ekutuphane.gov.tr | tcp |
| IE | 52.214.111.170:995 | secure.wakfu.com | tcp |
| US | 216.66.74.140:80 | freefilefillableforms.com | tcp |
| US | 8.8.8.8:53 | 164.80.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.117.91.104.in-addr.arpa | udp |
| VN | 49.213.95.230:21 | id.zalo.me | tcp |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | lisans.zulaoyun.com | udp |
| US | 172.67.137.97:465 | mangadna.com | tcp |
| US | 76.76.21.123:22 | mazmo.net | tcp |
| SG | 206.189.42.180:80 | elabschool.net | tcp |
| US | 172.67.137.97:995 | mangadna.com | tcp |
| SG | 74.125.200.14:143 | alt4.gmr-smtp-in.l.google.com | tcp |
| IE | 172.253.116.27:995 | aspmx.l.google.com | tcp |
| US | 172.65.182.103:465 | mx2.hostinger.in | tcp |
| US | 104.21.80.164:80 | newsbild.in | tcp |
| PK | 103.125.60.77:22 | iris.fbr.gov.pk | tcp |
| NL | 185.107.56.58:80 | fivemtr.com | tcp |
| NL | 185.107.56.58:465 | fivemtr.com | tcp |
| TR | 88.255.66.202:80 | koha.ekutuphane.gov.tr | tcp |
| NL | 142.250.179.147:80 | discuss.howtogeek.com | tcp |
| SG | 74.125.200.14:995 | alt4.gmr-smtp-in.l.google.com | tcp |
| IE | 52.214.111.170:80 | secure.wakfu.com | tcp |
| IE | 172.253.116.27:995 | aspmx.l.google.com | tcp |
| US | 136.143.191.104:80 | workplace.zoho.com | tcp |
| US | 104.17.171.23:443 | www.genymotion.com | tcp |
| EC | 181.113.66.59:143 | academico.educarecuador.gob.ec | tcp |
| NL | 185.107.56.58:80 | fivemtr.com | tcp |
| N/A | 127.0.0.1:50973 | tcp | |
| N/A | 127.0.0.1:50976 | tcp | |
| N/A | 127.0.0.1:50979 | tcp | |
| N/A | 127.0.0.1:50983 | tcp | |
| N/A | 127.0.0.1:50994 | tcp | |
| N/A | 127.0.0.1:50999 | tcp | |
| US | 136.143.191.104:22 | workplace.zoho.com | tcp |
| IN | 49.40.13.81:80 | jiocontactcenter.jio.com | tcp |
| US | 104.21.26.165:143 | mangadna.com | tcp |
| TR | 88.255.66.202:3331 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:61265 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:25029 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:17178 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:20892 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:63292 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:45891 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:4296 | koha.ekutuphane.gov.tr | tcp |
| VN | 49.213.95.230:443 | id.zalo.me | tcp |
| US | 8.8.8.8:53 | app.oss.go.id | udp |
| TR | 88.255.66.202:22204 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:32985 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:9792 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:44621 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:59767 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:2397 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:35213 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:38092 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:22656 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:49070 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:62707 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:4765 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:9549 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:29430 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:19942 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:194 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:11522 | koha.ekutuphane.gov.tr | tcp |
| NL | 142.250.179.147:465 | discuss.howtogeek.com | tcp |
| US | 76.76.21.123:21 | mazmo.net | tcp |
| PK | 103.125.60.77:21 | iris.fbr.gov.pk | tcp |
| US | 8.8.8.8:53 | 58.56.107.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.66.113.181.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.182.65.172.in-addr.arpa | udp |
| US | 104.21.26.165:465 | mangadna.com | tcp |
| US | 76.76.21.9:22 | mazmo.net | tcp |
| IE | 52.31.102.54:465 | secure.wakfu.com | tcp |
| US | 136.143.191.104:21 | workplace.zoho.com | tcp |
| SG | 74.125.200.14:465 | alt4.gmr-smtp-in.l.google.com | tcp |
| US | 216.66.74.140:22 | freefilefillableforms.com | tcp |
| NL | 185.107.56.58:995 | fivemtr.com | tcp |
| IN | 49.40.13.81:22 | jiocontactcenter.jio.com | tcp |
| US | 172.65.182.103:995 | mx2.hostinger.in | tcp |
| US | 172.67.137.97:80 | mangadna.com | tcp |
| NL | 142.250.179.147:143 | discuss.howtogeek.com | tcp |
| EC | 181.113.66.59:465 | academico.educarecuador.gob.ec | tcp |
| EC | 181.113.66.59:80 | academico.educarecuador.gob.ec | tcp |
| US | 216.66.74.140:21 | freefilefillableforms.com | tcp |
| PK | 103.125.60.77:465 | iris.fbr.gov.pk | tcp |
| IE | 52.31.102.54:995 | secure.wakfu.com | tcp |
| US | 8.8.8.8:53 | remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | alt3.aspmx.l.google.com | udp |
| IE | 172.253.116.27:465 | aspmx.l.google.com | tcp |
| TR | 88.255.66.202:143 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:465 | koha.ekutuphane.gov.tr | tcp |
| HR | 195.29.149.38:22 | m.moj.hrvatskitelekom.hr | tcp |
| US | 76.76.21.123:443 | mazmo.net | tcp |
| US | 136.143.191.44:143 | mx.zoho.com | tcp |
| US | 38.109.47.204:143 | mail.freefilefillableforms.com | tcp |
| SG | 206.189.42.180:22 | elabschool.net | tcp |
| HR | 195.29.149.38:21 | m.moj.hrvatskitelekom.hr | tcp |
| US | 104.21.26.165:995 | mangadna.com | tcp |
| IN | 49.40.13.81:21 | jiocontactcenter.jio.com | tcp |
| US | 104.21.80.164:80 | newsbild.in | tcp |
| PK | 103.125.60.77:143 | iris.fbr.gov.pk | tcp |
| EC | 181.113.66.59:995 | academico.educarecuador.gob.ec | tcp |
| NL | 142.250.179.147:995 | discuss.howtogeek.com | tcp |
| IT | 185.107.185.52:22 | identity.sieltecloud.it | tcp |
| VN | 49.213.95.230:143 | id.zalo.me | tcp |
| TR | 88.255.66.202:80 | koha.ekutuphane.gov.tr | tcp |
| NL | 185.107.56.58:80 | fivemtr.com | tcp |
| US | 136.143.191.44:465 | mx.zoho.com | tcp |
| TR | 88.255.66.202:995 | koha.ekutuphane.gov.tr | tcp |
| US | 136.143.191.44:995 | mx.zoho.com | tcp |
| IT | 185.107.185.52:21 | identity.sieltecloud.it | tcp |
| US | 172.67.137.97:22 | mangadna.com | tcp |
| HR | 195.29.149.38:443 | m.moj.hrvatskitelekom.hr | tcp |
| PK | 103.125.60.77:995 | iris.fbr.gov.pk | tcp |
| US | 76.76.21.9:21 | mazmo.net | tcp |
| TR | 88.255.66.202:55230 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:42702 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:60951 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:39339 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:6866 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:27624 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:33471 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:25771 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:1600 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:50251 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:61845 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:32210 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:63033 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:35212 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:48252 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:44929 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:4533 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:285 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:37740 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:9919 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:6570 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:21206 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:24833 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:60794 | koha.ekutuphane.gov.tr | tcp |
| US | 172.65.182.103:143 | mx2.hostinger.in | tcp |
| US | 172.67.137.97:443 | mangadna.com | tcp |
| VN | 123.31.17.39:22 | vps4.ikame.vn | tcp |
| US | 38.109.47.204:995 | mail.freefilefillableforms.com | tcp |
| NL | 142.251.9.26:143 | alt3.aspmx.l.google.com | tcp |
| VN | 49.213.95.230:80 | id.zalo.me | tcp |
| VN | 49.213.95.230:465 | id.zalo.me | tcp |
| N/A | 127.0.0.1:51020 | tcp | |
| SG | 206.189.42.180:21 | elabschool.net | tcp |
| US | 172.67.137.97:21 | mangadna.com | tcp |
| VN | 123.31.17.39:21 | vps4.ikame.vn | tcp |
| IT | 185.107.185.52:143 | identity.sieltecloud.it | tcp |
| N/A | 127.0.0.1:51024 | tcp | |
| N/A | 127.0.0.1:51029 | tcp | |
| N/A | 127.0.0.1:51032 | tcp | |
| N/A | 127.0.0.1:51035 | tcp | |
| N/A | 127.0.0.1:51039 | tcp | |
| N/A | 127.0.0.1:51042 | tcp | |
| N/A | 127.0.0.1:51047 | tcp | |
| US | 104.21.26.165:22 | mangadna.com | tcp |
| US | 8.8.8.8:53 | elabs-smaraw.labschool-unj.sch.id | udp |
| SG | 206.189.42.180:143 | elabschool.net | tcp |
| TW | 203.69.66.10:80 | 8591.com.tw | tcp |
| US | 136.143.191.104:80 | workplace.zoho.com | tcp |
| US | 104.21.26.165:21 | mangadna.com | tcp |
| US | 104.21.80.164:22 | newsbild.in | tcp |
| US | 104.21.53.101:443 | elabs-smaraw.labschool-unj.sch.id | tcp |
| US | 8.8.8.8:53 | lisans.zulaoyun.com | udp |
| BE | 74.125.71.84:80 | accounts.google.com | tcp |
| N/A | 127.0.0.1:51058 | tcp | |
| N/A | 127.0.0.1:51084 | tcp | |
| N/A | 127.0.0.1:51087 | tcp | |
| N/A | 127.0.0.1:51090 | tcp | |
| N/A | 127.0.0.1:51096 | tcp | |
| N/A | 127.0.0.1:51099 | tcp | |
| N/A | 127.0.0.1:51102 | tcp | |
| N/A | 127.0.0.1:51106 | tcp | |
| N/A | 127.0.0.1:51110 | tcp | |
| US | 8.8.8.8:53 | remotedesktop.google.com | udp |
| US | 104.22.43.162:21 | lisans.zulaoyun.com | tcp |
| US | 172.67.151.144:22 | newsbild.in | tcp |
| US | 8.8.8.8:53 | transaccionesenlinea.com.co | udp |
| PK | 103.125.60.77:80 | iris.fbr.gov.pk | tcp |
| NL | 142.250.179.206:22 | remotedesktop.google.com | tcp |
| N/A | 127.0.0.1:51118 | tcp | |
| US | 172.67.22.152:21 | lisans.zulaoyun.com | tcp |
| US | 8.8.8.8:53 | 230.95.213.49.in-addr.arpa | udp |
| N/A | 127.0.0.1:51128 | tcp | |
| N/A | 127.0.0.1:51131 | tcp | |
| N/A | 127.0.0.1:51133 | tcp | |
| N/A | 127.0.0.1:51135 | tcp | |
| N/A | 127.0.0.1:51138 | tcp | |
| N/A | 127.0.0.1:51144 | tcp | |
| N/A | 127.0.0.1:51147 | tcp | |
| N/A | 127.0.0.1:51150 | tcp | |
| N/A | 127.0.0.1:51152 | tcp | |
| N/A | 127.0.0.1:51154 | tcp | |
| N/A | 127.0.0.1:51160 | tcp | |
| N/A | 127.0.0.1:51164 | tcp | |
| N/A | 127.0.0.1:51170 | tcp | |
| N/A | 127.0.0.1:51173 | tcp | |
| US | 8.8.8.8:53 | app.oss.go.id | udp |
| US | 76.76.21.123:80 | mazmo.net | tcp |
| US | 8.8.8.8:53 | genymobile.cloudflareaccess.com | udp |
| US | 8.8.8.8:53 | transaccionesenlinea.com.co | udp |
| US | 8.8.8.8:53 | 123.21.76.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eprs01.philhealth.gov.ph | udp |
| US | 8.8.8.8:53 | eprs01.philhealth.gov.ph | udp |
| US | 8.8.8.8:53 | v3m.gtarcade.com | udp |
| US | 8.8.8.8:53 | ftp.app.oss.go.id | udp |
| US | 8.8.8.8:53 | v3m.gtarcade.com | udp |
| US | 8.8.8.8:53 | grab.tc | udp |
| US | 104.21.80.164:443 | newsbild.in | tcp |
| US | 3.222.102.97:443 | www.howtogeek.com | tcp |
| IE | 52.214.111.170:80 | secure.wakfu.com | tcp |
| NL | 185.107.56.58:80 | fivemtr.com | tcp |
| US | 104.19.194.29:443 | genymobile.cloudflareaccess.com | tcp |
| IN | 49.40.13.81:80 | jiocontactcenter.jio.com | tcp |
| US | 8.8.8.8:53 | grab.tc | udp |
| US | 8.8.8.8:53 | bdsmboard.org | udp |
| US | 8.8.8.8:53 | bdsmboard.org | udp |
| US | 8.8.8.8:53 | ruangguree.com | udp |
| US | 216.66.74.140:80 | freefilefillableforms.com | tcp |
| US | 136.143.191.104:443 | workplace.zoho.com | tcp |
| HR | 195.29.149.38:80 | m.moj.hrvatskitelekom.hr | tcp |
| NL | 185.107.56.58:80 | fivemtr.com | tcp |
| N/A | 127.0.0.1:51178 | tcp | |
| EC | 181.113.66.59:443 | academico.educarecuador.gob.ec | tcp |
| TR | 88.255.66.202:80 | koha.ekutuphane.gov.tr | tcp |
| US | 104.22.43.162:80 | lisans.zulaoyun.com | tcp |
| TR | 88.255.66.202:6392 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:61265 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:21579 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:9306 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:13578 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:38796 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:1565 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:51221 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:232 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:18276 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:43335 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:39989 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:65461 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:8113 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:16129 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:61398 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:253 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:51244 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:40360 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:31171 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:63610 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:17862 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:47659 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:52181 | koha.ekutuphane.gov.tr | tcp |
| US | 172.67.137.97:80 | mangadna.com | tcp |
| NL | 142.250.179.206:80 | remotedesktop.google.com | tcp |
| VN | 123.31.17.39:80 | vps4.ikame.vn | tcp |
| IT | 185.107.185.52:80 | identity.sieltecloud.it | tcp |
| EC | 181.113.66.59:80 | academico.educarecuador.gob.ec | tcp |
| VN | 49.213.95.230:443 | id.zalo.me | tcp |
| N/A | 127.0.0.1:51181 | tcp | |
| N/A | 127.0.0.1:51191 | tcp | |
| N/A | 127.0.0.1:51195 | tcp | |
| N/A | 127.0.0.1:51197 | tcp | |
| N/A | 127.0.0.1:51204 | tcp | |
| N/A | 127.0.0.1:51209 | tcp | |
| N/A | 127.0.0.1:51214 | tcp | |
| N/A | 127.0.0.1:51223 | tcp | |
| N/A | 127.0.0.1:51227 | tcp | |
| N/A | 127.0.0.1:51232 | tcp | |
| N/A | 127.0.0.1:51238 | tcp | |
| US | 8.8.8.8:53 | ruangguree.com | udp |
| US | 8.8.8.8:53 | hepsibahis886.com | udp |
| N/A | 127.0.0.1:51244 | tcp | |
| N/A | 127.0.0.1:51249 | tcp | |
| N/A | 127.0.0.1:51255 | tcp | |
| N/A | 127.0.0.1:51257 | tcp | |
| N/A | 127.0.0.1:51260 | tcp | |
| N/A | 127.0.0.1:51263 | tcp | |
| N/A | 127.0.0.1:51266 | tcp | |
| N/A | 127.0.0.1:51270 | tcp | |
| N/A | 127.0.0.1:51275 | tcp | |
| N/A | 127.0.0.1:51282 | tcp | |
| N/A | 127.0.0.1:51304 | tcp | |
| N/A | 127.0.0.1:51309 | tcp | |
| N/A | 127.0.0.1:51312 | tcp | |
| N/A | 127.0.0.1:51317 | tcp | |
| N/A | 127.0.0.1:51320 | tcp | |
| N/A | 127.0.0.1:51324 | tcp | |
| N/A | 127.0.0.1:51326 | tcp | |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| US | 8.8.8.8:53 | hepsibahis886.com | udp |
| N/A | 127.0.0.1:51328 | tcp | |
| N/A | 127.0.0.1:51331 | tcp | |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| US | 8.8.8.8:53 | cadastro.trigg.com.br | udp |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| RU | 185.215.113.32:80 | 185.215.113.32 | tcp |
| US | 8.8.8.8:53 | cadastro.trigg.com.br | udp |
| N/A | 127.0.0.1:51335 | tcp | |
| BE | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | windscribe.com | udp |
| US | 8.8.8.8:53 | 101.53.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| N/A | 127.0.0.1:51337 | tcp | |
| US | 8.8.8.8:53 | windscribe.com | udp |
| N/A | 127.0.0.1:51339 | tcp | |
| US | 8.8.8.8:53 | conta.uol.com.br | udp |
| US | 8.8.8.8:53 | genshin.mihoyo.com | udp |
| US | 8.8.8.8:53 | conta.uol.com.br | udp |
| US | 8.8.8.8:53 | genshin.mihoyo.com | udp |
| US | 8.8.8.8:53 | siakad-old.uns.ac.id | udp |
| N/A | 127.0.0.1:51342 | tcp | |
| US | 8.8.8.8:53 | siakad-old.uns.ac.id | udp |
| US | 8.8.8.8:53 | my.hirezstudios.com | udp |
| N/A | 127.0.0.1:51344 | tcp | |
| N/A | 127.0.0.1:51347 | tcp | |
| HR | 195.29.149.38:80 | m.moj.hrvatskitelekom.hr | tcp |
| US | 8.8.8.8:53 | my.hirezstudios.com | udp |
| US | 8.8.8.8:53 | list.zugehao.com | udp |
| N/A | 127.0.0.1:51352 | tcp | |
| US | 8.8.8.8:53 | list.zugehao.com | udp |
| US | 8.8.8.8:53 | accounts.intuit.com | udp |
| US | 8.8.8.8:53 | alt1.aspmx.l.google.com | udp |
| N/A | 127.0.0.1:51356 | tcp | |
| US | 8.8.8.8:53 | accounts.intuit.com | udp |
| US | 8.8.8.8:53 | sim-monsters.com | udp |
| N/A | 127.0.0.1:51358 | tcp | |
| CO | 190.144.155.91:80 | transaccionesenlinea.com.co | tcp |
| US | 8.8.8.8:53 | sim-monsters.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 76.76.21.123:80 | mazmo.net | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | learning.nebosh.org.uk | udp |
| SG | 206.189.42.180:80 | elabschool.net | tcp |
| US | 8.8.8.8:53 | edofe.org | udp |
| US | 8.8.8.8:53 | learning.nebosh.org.uk | udp |
| US | 8.8.8.8:53 | 29.194.19.104.in-addr.arpa | udp |
| US | 104.17.171.23:80 | www.genymotion.com | tcp |
| US | 8.8.8.8:53 | edofe.org | udp |
| N/A | 127.0.0.1:51366 | tcp | |
| CO | 190.144.155.91:80 | transaccionesenlinea.com.co | tcp |
| US | 8.8.8.8:53 | maismedicos.saude.gov.br | udp |
| US | 8.8.8.8:53 | iris.fbr.gov.pk | udp |
| US | 8.8.8.8:53 | es-la.facebook.com | udp |
| N/A | 127.0.0.1:51369 | tcp | |
| N/A | 127.0.0.1:51377 | tcp | |
| US | 8.8.8.8:53 | secure.wakfu.com | udp |
| N/A | 127.0.0.1:51380 | tcp | |
| N/A | 127.0.0.1:51384 | tcp | |
| US | 8.8.8.8:53 | 162.43.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | v3m.gtarcade.com | udp |
| US | 8.8.8.8:53 | linda.mx.cloudflare.net | udp |
| NL | 142.250.179.147:80 | discuss.howtogeek.com | tcp |
| US | 8.8.8.8:53 | ftp.app.oss.go.id | udp |
| US | 8.8.8.8:53 | app.oss.go.id | udp |
| US | 8.8.8.8:53 | maismedicos.saude.gov.br | udp |
| US | 8.8.8.8:53 | www.irs.gov | udp |
| US | 8.8.8.8:53 | community.vortal.biz | udp |
| N/A | 127.0.0.1:51392 | tcp | |
| N/A | 127.0.0.1:51397 | tcp | |
| US | 8.8.8.8:53 | 206.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eprs01.philhealth.gov.ph | udp |
| US | 8.8.8.8:53 | mail.bdsmboard.org | udp |
| US | 8.8.8.8:53 | ruangguree.com | udp |
| US | 8.8.8.8:53 | community.vortal.biz | udp |
| US | 8.8.8.8:53 | dps.phlpost.gov.ph | udp |
| US | 8.8.8.8:53 | dps.phlpost.gov.ph | udp |
| US | 8.8.8.8:53 | contribuyente.seniat.gob.ve | udp |
| US | 8.8.8.8:53 | contribuyente.seniat.gob.ve | udp |
| US | 8.8.8.8:53 | wmp.fuioupay.com | udp |
| US | 8.8.8.8:53 | wmp.fuioupay.com | udp |
| US | 8.8.8.8:53 | online.anidub.com | udp |
| US | 8.8.8.8:53 | online.anidub.com | udp |
| US | 8.8.8.8:53 | superfolls.com | udp |
| US | 8.8.8.8:53 | scarlet-clicks.info | udp |
| US | 8.8.8.8:53 | beritapolisi.com | udp |
| US | 8.8.8.8:53 | beritapolisi.com | udp |
| US | 8.8.8.8:53 | scarlet-clicks.info | udp |
| US | 8.8.8.8:53 | play.martabak66.com | udp |
| US | 8.8.8.8:53 | play.martabak66.com | udp |
| US | 8.8.8.8:53 | www38.receita.fazenda.gov.br | udp |
| US | 8.8.8.8:53 | www38.receita.fazenda.gov.br | udp |
| BE | 74.125.71.84:80 | accounts.google.com | tcp |
| TR | 88.255.66.202:80 | koha.ekutuphane.gov.tr | tcp |
| GB | 104.96.173.85:80 | v3m.gtarcade.com | tcp |
| US | 136.143.191.104:80 | workplace.zoho.com | tcp |
| NL | 45.88.106.192:80 | mail.bdsmboard.org | tcp |
| TR | 88.255.66.202:8246 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:55132 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:62519 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:11986 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:21233 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:62697 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:53524 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:42352 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:34916 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:29997 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:61281 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:26772 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:61024 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:62787 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:53740 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:65246 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:35251 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:49548 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:13544 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | cpanel.loatah.com | udp |
| TR | 88.255.66.202:24028 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:22047 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:53971 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:40675 | koha.ekutuphane.gov.tr | tcp |
| TR | 88.255.66.202:12639 | koha.ekutuphane.gov.tr | tcp |
| US | 8.8.8.8:53 | cpanel.loatah.com | udp |
| US | 8.8.8.8:53 | gsuite.google.com | udp |
| US | 8.8.8.8:53 | certcollection.org | udp |
| US | 8.8.8.8:53 | gsuite.google.com | udp |
| US | 8.8.8.8:53 | certcollection.org | udp |
| US | 8.8.8.8:53 | hookupgirlfriends.com | udp |
| BE | 74.125.71.84:80 | accounts.google.com | tcp |
| US | 172.67.163.126:80 | grab.tc | tcp |
| NL | 142.250.179.206:80 | remotedesktop.google.com | tcp |
| GB | 104.96.173.85:80 | v3m.gtarcade.com | tcp |
| PH | 122.3.229.138:80 | eprs01.philhealth.gov.ph | tcp |
| EC | 181.113.66.59:80 | academico.educarecuador.gob.ec | tcp |
| US | 216.66.74.140:80 | freefilefillableforms.com | tcp |
| N/A | 127.0.0.1:51399 | tcp | |
| US | 76.223.67.189:80 | hepsibahis886.com | tcp |
| US | 8.8.8.8:53 | hookupgirlfriends.com | udp |
| US | 8.8.8.8:53 | idplr.com | udp |
| US | 8.8.8.8:53 | ruangguree.com | udp |
| US | 8.8.8.8:53 | idplr.com | udp |
| US | 8.8.8.8:53 | cracked.io | udp |
| US | 8.8.8.8:53 | cracked.io | udp |
| US | 8.8.8.8:53 | authenticate.riotgames.com | udp |
| US | 8.8.8.8:53 | authenticate.riotgames.com | udp |
| US | 8.8.8.8:53 | videos.bookmarking.site | udp |
| N/A | 127.0.0.1:51401 | tcp | |
| N/A | 127.0.0.1:51409 | tcp | |
| N/A | 127.0.0.1:51412 | tcp | |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| US | 8.8.8.8:53 | videos.bookmarking.site | udp |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| US | 8.8.8.8:53 | studenthub.hud.ac.uk | udp |
| US | 8.8.8.8:53 | lgn.edu.gov.il | udp |
| US | 8.8.8.8:53 | studenthub.hud.ac.uk | udp |
| US | 8.8.8.8:53 | lgn.edu.gov.il | udp |
| US | 8.8.8.8:53 | connectfss.cudenver.com | udp |
| N/A | 127.0.0.1:51416 | tcp | |
| N/A | 127.0.0.1:51419 | tcp | |
| N/A | 127.0.0.1:51423 | tcp | |
| N/A | 127.0.0.1:51427 | tcp | |
| N/A | 127.0.0.1:51429 | tcp | |
| N/A | 127.0.0.1:51431 | tcp | |
| N/A | 127.0.0.1:51434 | tcp | |
| N/A | 127.0.0.1:51436 | tcp | |
| N/A | 127.0.0.1:51441 | tcp | |
| N/A | 127.0.0.1:51452 | tcp | |
| N/A | 127.0.0.1:51456 | tcp | |
| N/A | 127.0.0.1:51458 | tcp | |
| N/A | 127.0.0.1:51462 | tcp | |
| N/A | 127.0.0.1:51464 | tcp | |
| N/A | 127.0.0.1:51466 | tcp | |
| N/A | 127.0.0.1:51475 | tcp | |
| N/A | 127.0.0.1:51479 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:51483 | tcp | |
| N/A | 127.0.0.1:51487 | tcp | |
| N/A | 127.0.0.1:51489 | tcp | |
| N/A | 127.0.0.1:51491 | tcp | |
| N/A | 127.0.0.1:51495 | tcp | |
| N/A | 127.0.0.1:51498 | tcp | |
| US | 8.8.8.8:53 | connectfss.cudenver.com | udp |
| US | 8.8.8.8:53 | pumpit.sk | udp |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| US | 8.8.8.8:53 | pumpit.sk | udp |
| US | 8.8.8.8:53 | cadastro.trigg.com.br | udp |
| US | 8.8.8.8:53 | orbis-bvdinfo-com.proxy.unimib.it | udp |
| US | 8.8.8.8:53 | orbis-bvdinfo-com.proxy.unimib.it | udp |
| US | 8.8.8.8:53 | upload.xvideos.com | udp |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| N/A | 127.0.0.1:51501 | tcp | |
| US | 8.8.8.8:53 | upload.xvideos.com | udp |
| US | 8.8.8.8:53 | account.91.com | udp |
| US | 8.8.8.8:53 | savethecat.informe.com | udp |
| US | 8.8.8.8:53 | account.91.com | udp |
| US | 8.8.8.8:53 | savethecat.informe.com | udp |
| US | 8.8.8.8:53 | vfun.valofe.com | udp |
| US | 8.8.8.8:53 | app.ipay.com.bd | udp |
| US | 8.8.8.8:53 | vfun.valofe.com | udp |
| N/A | 127.0.0.1:51506 | tcp | |
| US | 8.8.8.8:53 | app.ipay.com.bd | udp |
| US | 8.8.8.8:53 | centrodemocraticoorellana.com | udp |
| US | 8.8.8.8:53 | centrodemocraticoorellana.com | udp |
| US | 8.8.8.8:53 | aries.elluel.net | udp |
| US | 8.8.8.8:53 | aries.elluel.net | udp |
| N/A | 127.0.0.1:51511 | tcp | |
| N/A | 127.0.0.1:51514 | tcp | |
| N/A | 127.0.0.1:51516 | tcp | |
| N/A | 127.0.0.1:51521 | tcp | |
| N/A | 127.0.0.1:51534 | tcp | |
| N/A | 127.0.0.1:51536 | tcp | |
| N/A | 127.0.0.1:51538 | tcp | |
| N/A | 127.0.0.1:51547 | tcp | |
| N/A | 127.0.0.1:51556 | tcp | |
| N/A | 127.0.0.1:51559 | tcp | |
| N/A | 127.0.0.1:51562 | tcp | |
| N/A | 127.0.0.1:51564 | tcp | |
| N/A | 127.0.0.1:51570 | tcp | |
| N/A | 127.0.0.1:51573 | tcp | |
| N/A | 127.0.0.1:51580 | tcp | |
| N/A | 127.0.0.1:51583 | tcp | |
| N/A | 127.0.0.1:51586 | tcp | |
| N/A | 127.0.0.1:51590 | tcp | |
| N/A | 127.0.0.1:51592 | tcp | |
| N/A | 127.0.0.1:51594 | tcp | |
| N/A | 127.0.0.1:51596 | tcp | |
| N/A | 127.0.0.1:51598 | tcp | |
| N/A | 127.0.0.1:51608 | tcp | |
| N/A | 127.0.0.1:51614 | tcp | |
| N/A | 127.0.0.1:51616 | tcp | |
| N/A | 127.0.0.1:51622 | tcp | |
| N/A | 127.0.0.1:51629 | tcp | |
| N/A | 127.0.0.1:51632 | tcp | |
| N/A | 127.0.0.1:51645 | tcp | |
| N/A | 127.0.0.1:51664 | tcp | |
| N/A | 127.0.0.1:51667 | tcp | |
| N/A | 127.0.0.1:51671 | tcp | |
| N/A | 127.0.0.1:51673 | tcp | |
| N/A | 127.0.0.1:51678 | tcp | |
| N/A | 127.0.0.1:51684 | tcp | |
| N/A | 127.0.0.1:51686 | tcp | |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| US | 8.8.8.8:53 | accounts.mobisystems.com | udp |
| US | 8.8.8.8:53 | accounts.mobisystems.com | udp |
| US | 8.8.8.8:53 | m.enzocasino.com | udp |
| US | 8.8.8.8:53 | m.enzocasino.com | udp |
| US | 8.8.8.8:53 | cadastro.trigg.com.br | udp |
| US | 8.8.8.8:53 | ccp.netcup.net | udp |
| US | 8.8.8.8:53 | web.cdslindia.com | udp |
| N/A | 127.0.0.1:51688 | tcp | |
| US | 8.8.8.8:53 | ccp.netcup.net | udp |
| US | 8.8.8.8:53 | web.cdslindia.com | udp |
| US | 8.8.8.8:53 | login.oracle.com | udp |
| N/A | 127.0.0.1:51690 | tcp | |
| N/A | 127.0.0.1:51692 | tcp | |
| N/A | 127.0.0.1:51695 | tcp | |
| N/A | 127.0.0.1:51700 | tcp | |
| N/A | 127.0.0.1:51703 | tcp | |
| N/A | 127.0.0.1:51706 | tcp | |
| N/A | 127.0.0.1:51719 | tcp | |
| N/A | 127.0.0.1:51729 | tcp | |
| N/A | 127.0.0.1:51732 | tcp | |
| N/A | 127.0.0.1:51734 | tcp | |
| N/A | 127.0.0.1:51737 | tcp | |
| N/A | 127.0.0.1:51740 | tcp | |
| N/A | 127.0.0.1:51742 | tcp | |
| N/A | 127.0.0.1:51758 | tcp | |
| N/A | 127.0.0.1:51763 | tcp | |
| N/A | 127.0.0.1:51777 | tcp | |
| N/A | 127.0.0.1:51781 | tcp | |
| N/A | 127.0.0.1:51786 | tcp | |
| N/A | 127.0.0.1:51788 | tcp | |
| US | 8.8.8.8:53 | login.oracle.com | udp |
| US | 8.8.8.8:53 | rpvoid.com | udp |
| US | 8.8.8.8:53 | rpvoid.com | udp |
| US | 8.8.8.8:53 | intranet.cousinoapps.com | udp |
| US | 8.8.8.8:53 | eu1-ds-iam.3dexperience.3ds.com | udp |
| US | 8.8.8.8:53 | intranet.cousinoapps.com | udp |
| US | 8.8.8.8:53 | eu1-ds-iam.3dexperience.3ds.com | udp |
| US | 8.8.8.8:53 | ztracker.cc | udp |
| US | 8.8.8.8:53 | customer.comcast.com | udp |
| US | 8.8.8.8:53 | ztracker.cc | udp |
| US | 8.8.8.8:53 | customer.comcast.com | udp |
| N/A | 127.0.0.1:51793 | tcp | |
| N/A | 127.0.0.1:51795 | tcp | |
| N/A | 127.0.0.1:51797 | tcp | |
| N/A | 127.0.0.1:51799 | tcp | |
| N/A | 127.0.0.1:51804 | tcp | |
| N/A | 127.0.0.1:51812 | tcp | |
| N/A | 127.0.0.1:51814 | tcp | |
| N/A | 127.0.0.1:51818 | tcp | |
| N/A | 127.0.0.1:51820 | tcp | |
| N/A | 127.0.0.1:51826 | tcp | |
| N/A | 127.0.0.1:51829 | tcp | |
| N/A | 127.0.0.1:51832 | tcp | |
| N/A | 127.0.0.1:51850 | tcp | |
| N/A | 127.0.0.1:51855 | tcp | |
| N/A | 127.0.0.1:51864 | tcp | |
| N/A | 127.0.0.1:51866 | tcp | |
| N/A | 127.0.0.1:51868 | tcp | |
| N/A | 127.0.0.1:51870 | tcp | |
| N/A | 127.0.0.1:51875 | tcp | |
| N/A | 127.0.0.1:51877 | tcp | |
| N/A | 127.0.0.1:51879 | tcp | |
| N/A | 127.0.0.1:51881 | tcp | |
| N/A | 127.0.0.1:51884 | tcp | |
| N/A | 127.0.0.1:51886 | tcp | |
| N/A | 127.0.0.1:51897 | tcp | |
| N/A | 127.0.0.1:51907 | tcp | |
| N/A | 127.0.0.1:51910 | tcp | |
| N/A | 127.0.0.1:51916 | tcp | |
| N/A | 127.0.0.1:51929 | tcp | |
| N/A | 127.0.0.1:51931 | tcp | |
| N/A | 127.0.0.1:51940 | tcp | |
| N/A | 127.0.0.1:51945 | tcp | |
| N/A | 127.0.0.1:51948 | tcp | |
| N/A | 127.0.0.1:51955 | tcp | |
| N/A | 127.0.0.1:51960 | tcp | |
| N/A | 127.0.0.1:51962 | tcp | |
| N/A | 127.0.0.1:51964 | tcp | |
| N/A | 127.0.0.1:51971 | tcp | |
| N/A | 127.0.0.1:51976 | tcp | |
| N/A | 127.0.0.1:51979 | tcp | |
| N/A | 127.0.0.1:51991 | tcp | |
| N/A | 127.0.0.1:51995 | tcp | |
| N/A | 127.0.0.1:52002 | tcp | |
| N/A | 127.0.0.1:52005 | tcp | |
| N/A | 127.0.0.1:52007 | tcp | |
| N/A | 127.0.0.1:52011 | tcp | |
| N/A | 127.0.0.1:52024 | tcp | |
| N/A | 127.0.0.1:52029 | tcp | |
| N/A | 127.0.0.1:52031 | tcp | |
| N/A | 127.0.0.1:52033 | tcp | |
| N/A | 127.0.0.1:52035 | tcp | |
| N/A | 127.0.0.1:52037 | tcp | |
| N/A | 127.0.0.1:52039 | tcp | |
| N/A | 127.0.0.1:52045 | tcp | |
| N/A | 127.0.0.1:52056 | tcp | |
| N/A | 127.0.0.1:52061 | tcp | |
| N/A | 127.0.0.1:52064 | tcp | |
| N/A | 127.0.0.1:52067 | tcp | |
| N/A | 127.0.0.1:52069 | tcp | |
| N/A | 127.0.0.1:52073 | tcp | |
| N/A | 127.0.0.1:52078 | tcp | |
| N/A | 127.0.0.1:52088 | tcp | |
| N/A | 127.0.0.1:52095 | tcp | |
| N/A | 127.0.0.1:52100 | tcp | |
| N/A | 127.0.0.1:52105 | tcp | |
| N/A | 127.0.0.1:52111 | tcp | |
| N/A | 127.0.0.1:52115 | tcp | |
| N/A | 127.0.0.1:52128 | tcp | |
| N/A | 127.0.0.1:52137 | tcp | |
| N/A | 127.0.0.1:52141 | tcp | |
| N/A | 127.0.0.1:52143 | tcp | |
| N/A | 127.0.0.1:52148 | tcp | |
| N/A | 127.0.0.1:52151 | tcp | |
| N/A | 127.0.0.1:52153 | tcp | |
| N/A | 127.0.0.1:52155 | tcp | |
| N/A | 127.0.0.1:52157 | tcp | |
| N/A | 127.0.0.1:52160 | tcp | |
| N/A | 127.0.0.1:52164 | tcp | |
| N/A | 127.0.0.1:52167 | tcp | |
| N/A | 127.0.0.1:52175 | tcp | |
| N/A | 127.0.0.1:52179 | tcp | |
| N/A | 127.0.0.1:52183 | tcp | |
| N/A | 127.0.0.1:52186 | tcp | |
| N/A | 127.0.0.1:52190 | tcp | |
| N/A | 127.0.0.1:52195 | tcp | |
| N/A | 127.0.0.1:52204 | tcp | |
| N/A | 127.0.0.1:52207 | tcp | |
| N/A | 127.0.0.1:52214 | tcp | |
| N/A | 127.0.0.1:52219 | tcp | |
| N/A | 127.0.0.1:52221 | tcp | |
| N/A | 127.0.0.1:52224 | tcp | |
| N/A | 127.0.0.1:52227 | tcp | |
| N/A | 127.0.0.1:52229 | tcp | |
| N/A | 127.0.0.1:52231 | tcp | |
| N/A | 127.0.0.1:52233 | tcp | |
| N/A | 127.0.0.1:52235 | tcp | |
| N/A | 127.0.0.1:52238 | tcp | |
| N/A | 127.0.0.1:52246 | tcp | |
| US | 8.8.8.8:53 | secure.eveonline.com | udp |
| US | 8.8.8.8:53 | console.command.kw.com | udp |
| US | 8.8.8.8:53 | conta.uol.com.br | udp |
| US | 8.8.8.8:53 | secure.eveonline.com | udp |
| US | 8.8.8.8:53 | console.command.kw.com | udp |
| US | 8.8.8.8:53 | poppy.espianglobal.com | udp |
| US | 8.8.8.8:53 | bb.ccmu.edu.cn | udp |
| US | 8.8.8.8:53 | bb.ccmu.edu.cn | udp |
| US | 8.8.8.8:53 | da.hostvn.net | udp |
| US | 8.8.8.8:53 | da.hostvn.net | udp |
| US | 8.8.8.8:53 | ru.wargaming.net | udp |
| US | 8.8.8.8:53 | ru.wargaming.net | udp |
| US | 8.8.8.8:53 | etherscan.io | udp |
| US | 8.8.8.8:53 | etherscan.io | udp |
| US | 8.8.8.8:53 | connect.secure.wellsfargo.com | udp |
| US | 8.8.8.8:53 | connect.secure.wellsfargo.com | udp |
| US | 8.8.8.8:53 | m.wyylde.com | udp |
| US | 8.8.8.8:53 | m.wyylde.com | udp |
| US | 8.8.8.8:53 | nicereview.asia | udp |
| US | 8.8.8.8:53 | tplinkrepeater.net | udp |
| US | 8.8.8.8:53 | nicereview.asia | udp |
| US | 8.8.8.8:53 | baigiang.violet.vn | udp |
| US | 8.8.8.8:53 | baigiang.violet.vn | udp |
| US | 8.8.8.8:53 | id1.cloud.huawei.com | udp |
| US | 8.8.8.8:53 | id1.cloud.huawei.com | udp |
| US | 8.8.8.8:53 | cfe-metiers.com | udp |
| US | 8.8.8.8:53 | cfe-metiers.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | sts.edustar.vic.edu.au | udp |
| US | 8.8.8.8:53 | accounts.phoenixnetwork.net | udp |
| US | 8.8.8.8:53 | accounts.phoenixnetwork.net | udp |
| US | 8.8.8.8:53 | sts.edustar.vic.edu.au | udp |
| US | 8.8.8.8:53 | ueinnovaschool.edu.ec | udp |
| US | 8.8.8.8:53 | ueinnovaschool.edu.ec | udp |
| US | 8.8.8.8:53 | connect.telenordigital.com | udp |
| US | 8.8.8.8:53 | connect.telenordigital.com | udp |
| US | 8.8.8.8:53 | catalogue-library-brocku-ca.proxy.library.brocku.ca | udp |
| US | 8.8.8.8:53 | centrodiopinione.it | udp |
| US | 8.8.8.8:53 | catalogue-library-brocku-ca.proxy.library.brocku.ca | udp |
| US | 8.8.8.8:53 | centrodiopinione.it | udp |
| US | 8.8.8.8:53 | platform.garena.vn | udp |
| US | 8.8.8.8:53 | platform.garena.vn | udp |
| US | 8.8.8.8:53 | accounts.intuit.com | udp |
| US | 8.8.8.8:53 | condurbyalexandru.com | udp |
| US | 8.8.8.8:53 | condurbyalexandru.com | udp |
| US | 8.8.8.8:53 | alahlynet.com.eg | udp |
| US | 8.8.8.8:53 | copasaatende.powerappsportals.com | udp |
| US | 8.8.8.8:53 | alahlynet.com.eg | udp |
| US | 8.8.8.8:53 | copasaatende.powerappsportals.com | udp |
| US | 8.8.8.8:53 | minhaconta.levelupgames.com.br | udp |
| US | 8.8.8.8:53 | olp.anb.com.sa | udp |
| US | 8.8.8.8:53 | olp.anb.com.sa | udp |
| US | 8.8.8.8:53 | sexysims.info | udp |
| US | 8.8.8.8:53 | minhaconta.levelupgames.com.br | udp |
| US | 8.8.8.8:53 | skycheats.com | udp |
| US | 8.8.8.8:53 | skycheats.com | udp |
| US | 8.8.8.8:53 | jeopardylabs.com | udp |
| US | 8.8.8.8:53 | arcgames.com | udp |
| US | 8.8.8.8:53 | arcgames.com | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | us-smtp-inbound-1.mimecast.com | udp |
| US | 8.8.8.8:53 | secure.twitch.tv | udp |
| US | 8.8.8.8:53 | portal.dim.com.ar | udp |
| US | 8.8.8.8:53 | portal.dim.com.ar | udp |
| US | 8.8.8.8:53 | clientes.pitucomputer.com.ar | udp |
| US | 8.8.8.8:53 | clientes.pitucomputer.com.ar | udp |
| US | 8.8.8.8:53 | secure.twitch.tv | udp |
| US | 8.8.8.8:53 | razerid.razer.com | udp |
| US | 8.8.8.8:53 | myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | razerid.razer.com | udp |
| US | 8.8.8.8:53 | myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | eu-smtp-inbound-1.mimecast.com | udp |
| US | 8.8.8.8:53 | mail.es-la.facebook.com | udp |
| US | 8.8.8.8:53 | ftp.discuss.howtogeek.com | udp |
| US | 8.8.8.8:53 | ftp.accounts.google.com | udp |
| US | 8.8.8.8:53 | aspmx2.googlemail.com | udp |
| US | 8.8.8.8:53 | mail.secure.wakfu.com | udp |
| US | 8.8.8.8:53 | ftp.koha.ekutuphane.gov.tr | udp |
| US | 8.8.8.8:53 | v3m.gtarcade.com | udp |
| US | 8.8.8.8:53 | alt2.gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | ftp.workplace.zoho.com | udp |
| US | 8.8.8.8:53 | mail.app.oss.go.id | udp |
| US | 8.8.8.8:53 | ssh.app.oss.go.id | udp |
| US | 8.8.8.8:53 | app.oss.go.id | udp |
| US | 8.8.8.8:53 | ftp.app.oss.go.id | udp |
| US | 8.8.8.8:53 | ftp.iris.fbr.gov.pk | udp |
| US | 8.8.8.8:53 | 85.173.96.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.163.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.106.88.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ftp.jiocontactcenter.jio.com | udp |
| US | 8.8.8.8:53 | ftp.freefilefillableforms.com | udp |
| US | 8.8.8.8:53 | ruangguree.com | udp |
| US | 8.8.8.8:53 | eprs01.philhealth.gov.ph | udp |
| US | 8.8.8.8:53 | 138.229.3.122.in-addr.arpa | udp |
| US | 8.8.8.8:53 | _dc-mx.696e29cb38a5.scarlet-clicks.info | udp |
| US | 8.8.8.8:53 | mx1.hostinger.co.id | udp |
| US | 8.8.8.8:53 | cpanel.loatah.com | udp |
| US | 8.8.8.8:53 | eagle.mxlogin.com | udp |
| US | 8.8.8.8:53 | www.irs.gov | udp |
| US | 8.8.8.8:53 | mail.discuss.howtogeek.com | udp |
| US | 8.8.8.8:53 | 189.67.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | _dc-mx.a676a8b2959b.idplr.com | udp |
| US | 8.8.8.8:53 | _dc-mx.7ccd47d3d4fa.cracked.io | udp |
| US | 8.8.8.8:53 | ferrepasa.com | udp |
| US | 8.8.8.8:53 | studenthub.hud.ac.uk | udp |
| US | 8.8.8.8:53 | pumpit.sk | udp |
| US | 8.8.8.8:53 | ftp.elabschool.net | udp |
| US | 8.8.8.8:53 | orbis-bvdinfo-com.proxy.unimib.it | udp |
| US | 8.8.8.8:53 | aspmx5.googlemail.com | udp |
| US | 8.8.8.8:53 | account.91.com | udp |
| US | 8.8.8.8:53 | savethecat.informe.com | udp |
| US | 8.8.8.8:53 | mail.koha.ekutuphane.gov.tr | udp |
| US | 8.8.8.8:53 | centrodemocraticoorellana.com | udp |
| US | 8.8.8.8:53 | ftp.identity.sieltecloud.it | udp |
| US | 8.8.8.8:53 | accounts-mobisystems-com.mail.protection.outlook.com | udp |
| US | 8.8.8.8:53 | ftp.mangadna.com | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.134.221.88.in-addr.arpa | udp |
| N/A | 127.0.0.1:52249 | tcp | |
| N/A | 127.0.0.1:52254 | tcp | |
| N/A | 127.0.0.1:52258 | tcp | |
| N/A | 127.0.0.1:52263 | tcp | |
| N/A | 127.0.0.1:52267 | tcp | |
| N/A | 127.0.0.1:52269 | tcp | |
| N/A | 127.0.0.1:52271 | tcp | |
| N/A | 127.0.0.1:52273 | tcp | |
| N/A | 127.0.0.1:52275 | tcp | |
| N/A | 127.0.0.1:52277 | tcp | |
| N/A | 127.0.0.1:52280 | tcp | |
| N/A | 127.0.0.1:52283 | tcp | |
| N/A | 127.0.0.1:52286 | tcp | |
| N/A | 127.0.0.1:52288 | tcp | |
| N/A | 127.0.0.1:52290 | tcp | |
| N/A | 127.0.0.1:52293 | tcp | |
| N/A | 127.0.0.1:52299 | tcp | |
| N/A | 127.0.0.1:52302 | tcp | |
| N/A | 127.0.0.1:52305 | tcp | |
| N/A | 127.0.0.1:52312 | tcp | |
| N/A | 127.0.0.1:52315 | tcp | |
| N/A | 127.0.0.1:52318 | tcp | |
| N/A | 127.0.0.1:52322 | tcp | |
| N/A | 127.0.0.1:52325 | tcp | |
| N/A | 127.0.0.1:52328 | tcp | |
| N/A | 127.0.0.1:52332 | tcp | |
| N/A | 127.0.0.1:52336 | tcp | |
| N/A | 127.0.0.1:52346 | tcp | |
| N/A | 127.0.0.1:52352 | tcp | |
| N/A | 127.0.0.1:52355 | tcp | |
| N/A | 127.0.0.1:52363 | tcp | |
| N/A | 127.0.0.1:52368 | tcp | |
| N/A | 127.0.0.1:52372 | tcp | |
| N/A | 127.0.0.1:52374 | tcp | |
| N/A | 127.0.0.1:52380 | tcp | |
| N/A | 127.0.0.1:52386 | tcp | |
| N/A | 127.0.0.1:52391 | tcp | |
| N/A | 127.0.0.1:52393 | tcp | |
| N/A | 127.0.0.1:52395 | tcp | |
| N/A | 127.0.0.1:52399 | tcp | |
| N/A | 127.0.0.1:52401 | tcp | |
| N/A | 127.0.0.1:52405 | tcp | |
| N/A | 127.0.0.1:52408 | tcp | |
| N/A | 127.0.0.1:52410 | tcp | |
| N/A | 127.0.0.1:52413 | tcp | |
| N/A | 127.0.0.1:52421 | tcp | |
| N/A | 127.0.0.1:52427 | tcp | |
| N/A | 127.0.0.1:52429 | tcp | |
| N/A | 127.0.0.1:52434 | tcp | |
| N/A | 127.0.0.1:52438 | tcp | |
| N/A | 127.0.0.1:52441 | tcp | |
| N/A | 127.0.0.1:52444 | tcp | |
| N/A | 127.0.0.1:52449 | tcp | |
| N/A | 127.0.0.1:52455 | tcp | |
| N/A | 127.0.0.1:52459 | tcp | |
| N/A | 127.0.0.1:52463 | tcp | |
| N/A | 127.0.0.1:52466 | tcp | |
| N/A | 127.0.0.1:52470 | tcp | |
| N/A | 127.0.0.1:52483 | tcp | |
| N/A | 127.0.0.1:52487 | tcp | |
| N/A | 127.0.0.1:52493 | tcp | |
| N/A | 127.0.0.1:52495 | tcp | |
| N/A | 127.0.0.1:52498 | tcp | |
| N/A | 127.0.0.1:52501 | tcp | |
| N/A | 127.0.0.1:52503 | tcp | |
| N/A | 127.0.0.1:52505 | tcp | |
| N/A | 127.0.0.1:52508 | tcp | |
| N/A | 127.0.0.1:52512 | tcp | |
| N/A | 127.0.0.1:52514 | tcp | |
| N/A | 127.0.0.1:52519 | tcp | |
| N/A | 127.0.0.1:52523 | tcp | |
| N/A | 127.0.0.1:52525 | tcp | |
| N/A | 127.0.0.1:52528 | tcp | |
| N/A | 127.0.0.1:52530 | tcp | |
| N/A | 127.0.0.1:52532 | tcp | |
| N/A | 127.0.0.1:52548 | tcp | |
| N/A | 127.0.0.1:52552 | tcp | |
| N/A | 127.0.0.1:52555 | tcp | |
| N/A | 127.0.0.1:52558 | tcp | |
| N/A | 127.0.0.1:52562 | tcp | |
| N/A | 127.0.0.1:52566 | tcp | |
| N/A | 127.0.0.1:52570 | tcp | |
| N/A | 127.0.0.1:52574 | tcp | |
| N/A | 127.0.0.1:52585 | tcp | |
| N/A | 127.0.0.1:52588 | tcp | |
| N/A | 127.0.0.1:52591 | tcp | |
| N/A | 127.0.0.1:52594 | tcp | |
| N/A | 127.0.0.1:52597 | tcp | |
| N/A | 127.0.0.1:52599 | tcp | |
| N/A | 127.0.0.1:52606 | tcp | |
| N/A | 127.0.0.1:52608 | tcp | |
| N/A | 127.0.0.1:52611 | tcp | |
| N/A | 127.0.0.1:52615 | tcp | |
| N/A | 127.0.0.1:52619 | tcp | |
| N/A | 127.0.0.1:52624 | tcp | |
| N/A | 127.0.0.1:52630 | tcp | |
| N/A | 127.0.0.1:52634 | tcp | |
| N/A | 127.0.0.1:52638 | tcp | |
| N/A | 127.0.0.1:52641 | tcp | |
| N/A | 127.0.0.1:52643 | tcp | |
| N/A | 127.0.0.1:52645 | tcp | |
| N/A | 127.0.0.1:52650 | tcp | |
| N/A | 127.0.0.1:52653 | tcp | |
| N/A | 127.0.0.1:52662 | tcp | |
| N/A | 127.0.0.1:52665 | tcp | |
| N/A | 127.0.0.1:52667 | tcp | |
| N/A | 127.0.0.1:52670 | tcp | |
| N/A | 127.0.0.1:52677 | tcp | |
| N/A | 127.0.0.1:52681 | tcp | |
| N/A | 127.0.0.1:52687 | tcp | |
| N/A | 127.0.0.1:52689 | tcp | |
| N/A | 127.0.0.1:52691 | tcp | |
| N/A | 127.0.0.1:52694 | tcp | |
| N/A | 127.0.0.1:52700 | tcp | |
| N/A | 127.0.0.1:52705 | tcp | |
| N/A | 127.0.0.1:52709 | tcp | |
| N/A | 127.0.0.1:52712 | tcp | |
| N/A | 127.0.0.1:52718 | tcp | |
| N/A | 127.0.0.1:52723 | tcp | |
| N/A | 127.0.0.1:52726 | tcp | |
| N/A | 127.0.0.1:52729 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:52819 | tcp | |
| N/A | 127.0.0.1:52822 | tcp | |
| N/A | 127.0.0.1:52826 | tcp | |
| N/A | 127.0.0.1:52851 | tcp | |
| N/A | 127.0.0.1:52854 | tcp | |
| N/A | 127.0.0.1:52857 | tcp | |
| N/A | 127.0.0.1:52859 | tcp | |
| N/A | 127.0.0.1:52861 | tcp | |
| N/A | 127.0.0.1:52864 | tcp | |
| N/A | 127.0.0.1:52866 | tcp | |
| N/A | 127.0.0.1:52868 | tcp | |
| N/A | 127.0.0.1:52870 | tcp | |
| N/A | 127.0.0.1:52872 | tcp | |
| N/A | 127.0.0.1:52874 | tcp | |
| N/A | 127.0.0.1:52877 | tcp | |
| N/A | 127.0.0.1:52880 | tcp | |
| N/A | 127.0.0.1:52882 | tcp | |
| N/A | 127.0.0.1:52884 | tcp | |
| N/A | 127.0.0.1:52886 | tcp | |
| N/A | 127.0.0.1:52888 | tcp | |
| N/A | 127.0.0.1:52890 | tcp | |
| N/A | 127.0.0.1:52892 | tcp | |
| N/A | 127.0.0.1:52894 | tcp | |
| N/A | 127.0.0.1:52897 | tcp | |
| N/A | 127.0.0.1:52899 | tcp | |
| N/A | 127.0.0.1:52902 | tcp | |
| N/A | 127.0.0.1:52904 | tcp | |
| N/A | 127.0.0.1:52906 | tcp | |
| N/A | 127.0.0.1:52908 | tcp | |
| N/A | 127.0.0.1:52910 | tcp | |
| N/A | 127.0.0.1:52912 | tcp | |
| N/A | 127.0.0.1:52915 | tcp | |
| N/A | 127.0.0.1:52917 | tcp | |
| N/A | 127.0.0.1:52919 | tcp | |
| N/A | 127.0.0.1:52922 | tcp | |
| N/A | 127.0.0.1:52924 | tcp | |
| N/A | 127.0.0.1:52926 | tcp | |
| N/A | 127.0.0.1:52928 | tcp | |
| N/A | 127.0.0.1:52930 | tcp | |
| N/A | 127.0.0.1:52932 | tcp | |
| N/A | 127.0.0.1:52934 | tcp | |
| N/A | 127.0.0.1:52936 | tcp | |
| N/A | 127.0.0.1:52938 | tcp | |
| N/A | 127.0.0.1:52940 | tcp | |
| N/A | 127.0.0.1:52943 | tcp | |
| N/A | 127.0.0.1:52945 | tcp | |
| N/A | 127.0.0.1:52947 | tcp | |
| N/A | 127.0.0.1:52951 | tcp | |
| N/A | 127.0.0.1:52949 | tcp | |
| N/A | 127.0.0.1:52953 | tcp | |
| N/A | 127.0.0.1:52955 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:52958 | tcp | |
| N/A | 127.0.0.1:52960 | tcp | |
| N/A | 127.0.0.1:52962 | tcp | |
| N/A | 127.0.0.1:52964 | tcp | |
| N/A | 127.0.0.1:52966 | tcp | |
| N/A | 127.0.0.1:52968 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:52971 | tcp | |
| N/A | 127.0.0.1:52973 | tcp | |
| N/A | 127.0.0.1:52975 | tcp | |
| N/A | 127.0.0.1:52977 | tcp | |
| N/A | 127.0.0.1:52979 | tcp | |
| N/A | 127.0.0.1:52981 | tcp | |
| N/A | 127.0.0.1:52983 | tcp | |
| N/A | 127.0.0.1:52985 | tcp | |
| N/A | 127.0.0.1:52987 | tcp | |
| N/A | 127.0.0.1:52989 | tcp | |
| N/A | 127.0.0.1:52991 | tcp | |
| N/A | 127.0.0.1:52993 | tcp | |
| N/A | 127.0.0.1:52995 | tcp | |
| N/A | 127.0.0.1:52997 | tcp | |
| N/A | 127.0.0.1:53000 | tcp | |
| N/A | 127.0.0.1:53002 | tcp | |
| N/A | 127.0.0.1:53004 | tcp | |
| N/A | 127.0.0.1:53009 | tcp | |
| N/A | 127.0.0.1:53013 | tcp | |
| N/A | 127.0.0.1:53016 | tcp | |
| N/A | 127.0.0.1:53018 | tcp | |
| N/A | 127.0.0.1:53020 | tcp | |
| N/A | 127.0.0.1:53023 | tcp | |
| N/A | 127.0.0.1:53025 | tcp | |
| N/A | 127.0.0.1:53027 | tcp | |
| N/A | 127.0.0.1:53029 | tcp | |
| N/A | 127.0.0.1:53031 | tcp | |
| N/A | 127.0.0.1:53033 | tcp | |
| N/A | 127.0.0.1:53035 | tcp | |
| N/A | 127.0.0.1:53037 | tcp | |
| N/A | 127.0.0.1:53039 | tcp | |
| N/A | 127.0.0.1:53057 | tcp | |
| N/A | 127.0.0.1:53063 | tcp | |
| N/A | 127.0.0.1:53065 | tcp | |
| N/A | 127.0.0.1:53068 | tcp | |
| N/A | 127.0.0.1:53070 | tcp | |
| N/A | 127.0.0.1:53072 | tcp | |
| N/A | 127.0.0.1:53074 | tcp | |
| N/A | 127.0.0.1:53076 | tcp | |
| N/A | 127.0.0.1:53084 | tcp | |
| N/A | 127.0.0.1:53089 | tcp | |
| N/A | 127.0.0.1:53097 | tcp | |
| N/A | 127.0.0.1:53108 | tcp | |
| N/A | 127.0.0.1:53127 | tcp | |
| N/A | 127.0.0.1:53138 | tcp | |
| N/A | 127.0.0.1:53142 | tcp | |
| N/A | 127.0.0.1:53171 | tcp | |
| N/A | 127.0.0.1:53175 | tcp | |
| N/A | 127.0.0.1:53185 | tcp | |
| N/A | 127.0.0.1:53187 | tcp | |
| N/A | 127.0.0.1:53189 | tcp | |
| N/A | 127.0.0.1:53192 | tcp | |
| N/A | 127.0.0.1:53194 | tcp | |
| N/A | 127.0.0.1:53204 | tcp | |
| N/A | 127.0.0.1:53206 | tcp | |
| N/A | 127.0.0.1:53208 | tcp | |
| N/A | 127.0.0.1:53210 | tcp | |
| N/A | 127.0.0.1:53212 | tcp | |
| N/A | 127.0.0.1:53214 | tcp | |
| N/A | 127.0.0.1:53216 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:53221 | tcp | |
| N/A | 127.0.0.1:53223 | tcp | |
| N/A | 127.0.0.1:53225 | tcp | |
| N/A | 127.0.0.1:53227 | tcp | |
| N/A | 127.0.0.1:53230 | tcp | |
| N/A | 127.0.0.1:53232 | tcp | |
| N/A | 127.0.0.1:53234 | tcp | |
| N/A | 127.0.0.1:53236 | tcp | |
| N/A | 127.0.0.1:53239 | tcp | |
| N/A | 127.0.0.1:53242 | tcp | |
| N/A | 127.0.0.1:53244 | tcp | |
| N/A | 127.0.0.1:53246 | tcp | |
| N/A | 127.0.0.1:53248 | tcp | |
| N/A | 127.0.0.1:53255 | tcp | |
| N/A | 127.0.0.1:53262 | tcp | |
| N/A | 127.0.0.1:53265 | tcp | |
| N/A | 127.0.0.1:53267 | tcp | |
| N/A | 127.0.0.1:53269 | tcp | |
| N/A | 127.0.0.1:53272 | tcp | |
| N/A | 127.0.0.1:53276 | tcp | |
| N/A | 127.0.0.1:53280 | tcp | |
| N/A | 127.0.0.1:53287 | tcp | |
| N/A | 127.0.0.1:53291 | tcp | |
| N/A | 127.0.0.1:53297 | tcp | |
| N/A | 127.0.0.1:53315 | tcp | |
| N/A | 127.0.0.1:53319 | tcp | |
| N/A | 127.0.0.1:53322 | tcp | |
| N/A | 127.0.0.1:53326 | tcp | |
| N/A | 127.0.0.1:53332 | tcp | |
| N/A | 127.0.0.1:53334 | tcp | |
| N/A | 127.0.0.1:53340 | tcp | |
| N/A | 127.0.0.1:53343 | tcp | |
| N/A | 127.0.0.1:53347 | tcp | |
| N/A | 127.0.0.1:53351 | tcp | |
| N/A | 127.0.0.1:53354 | tcp | |
| N/A | 127.0.0.1:53363 | tcp | |
| N/A | 127.0.0.1:53368 | tcp | |
| N/A | 127.0.0.1:53373 | tcp | |
| N/A | 127.0.0.1:53377 | tcp | |
| N/A | 127.0.0.1:53383 | tcp | |
| N/A | 127.0.0.1:53385 | tcp | |
| N/A | 127.0.0.1:53389 | tcp | |
| N/A | 127.0.0.1:53396 | tcp | |
| N/A | 127.0.0.1:53402 | tcp | |
| N/A | 127.0.0.1:53406 | tcp | |
| N/A | 127.0.0.1:53410 | tcp | |
| N/A | 127.0.0.1:53413 | tcp | |
| N/A | 127.0.0.1:53420 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:53425 | tcp | |
| N/A | 127.0.0.1:53430 | tcp | |
| N/A | 127.0.0.1:53434 | tcp | |
| N/A | 127.0.0.1:53437 | tcp | |
| N/A | 127.0.0.1:53440 | tcp | |
| N/A | 127.0.0.1:53443 | tcp | |
| N/A | 127.0.0.1:53450 | tcp | |
| N/A | 127.0.0.1:53457 | tcp | |
| N/A | 127.0.0.1:53456 | tcp | |
| N/A | 127.0.0.1:53463 | tcp | |
| N/A | 127.0.0.1:53470 | tcp | |
| N/A | 127.0.0.1:53472 | tcp | |
| N/A | 127.0.0.1:53474 | tcp | |
| N/A | 127.0.0.1:53478 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:53484 | tcp | |
| N/A | 127.0.0.1:53489 | tcp | |
| N/A | 127.0.0.1:53493 | tcp | |
| N/A | 127.0.0.1:53498 | tcp | |
| N/A | 127.0.0.1:53505 | tcp | |
| N/A | 127.0.0.1:53508 | tcp | |
| N/A | 127.0.0.1:53510 | tcp | |
| N/A | 127.0.0.1:53512 | tcp | |
| N/A | 127.0.0.1:53517 | tcp | |
| N/A | 127.0.0.1:53523 | tcp | |
| N/A | 127.0.0.1:53528 | tcp | |
| N/A | 127.0.0.1:53532 | tcp | |
| N/A | 127.0.0.1:53536 | tcp | |
| N/A | 127.0.0.1:53541 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:53545 | tcp | |
| N/A | 127.0.0.1:53550 | tcp | |
| N/A | 127.0.0.1:53553 | tcp | |
| N/A | 127.0.0.1:53558 | tcp | |
| N/A | 127.0.0.1:53564 | tcp | |
| N/A | 127.0.0.1:53567 | tcp | |
| N/A | 127.0.0.1:53570 | tcp | |
| N/A | 127.0.0.1:53574 | tcp | |
| N/A | 127.0.0.1:53576 | tcp | |
| N/A | 127.0.0.1:53580 | tcp | |
| N/A | 127.0.0.1:53586 | tcp | |
| N/A | 127.0.0.1:53589 | tcp | |
| N/A | 127.0.0.1:53594 | tcp | |
| N/A | 127.0.0.1:53597 | tcp | |
| N/A | 127.0.0.1:53600 | tcp | |
| N/A | 127.0.0.1:53602 | tcp | |
| N/A | 127.0.0.1:53605 | tcp | |
| N/A | 127.0.0.1:53614 | tcp | |
| N/A | 127.0.0.1:53618 | tcp | |
| N/A | 127.0.0.1:53622 | tcp | |
| N/A | 127.0.0.1:53625 | tcp | |
| N/A | 127.0.0.1:53629 | tcp | |
| N/A | 127.0.0.1:53634 | tcp | |
| N/A | 127.0.0.1:53638 | tcp | |
| N/A | 127.0.0.1:53642 | tcp | |
| N/A | 127.0.0.1:53646 | tcp | |
| N/A | 127.0.0.1:53654 | tcp | |
| N/A | 127.0.0.1:53657 | tcp | |
| N/A | 127.0.0.1:53663 | tcp | |
| N/A | 127.0.0.1:53668 | tcp | |
| N/A | 127.0.0.1:53672 | tcp | |
| N/A | 127.0.0.1:53674 | tcp | |
| N/A | 127.0.0.1:53678 | tcp | |
| N/A | 127.0.0.1:53680 | tcp | |
| N/A | 127.0.0.1:53685 | tcp | |
| N/A | 127.0.0.1:53687 | tcp | |
| N/A | 127.0.0.1:53690 | tcp | |
| N/A | 127.0.0.1:53694 | tcp | |
| N/A | 127.0.0.1:53697 | tcp | |
| N/A | 127.0.0.1:53701 | tcp | |
| N/A | 127.0.0.1:53704 | tcp | |
| N/A | 127.0.0.1:53712 | tcp | |
| N/A | 127.0.0.1:53717 | tcp | |
| N/A | 127.0.0.1:53721 | tcp | |
| N/A | 127.0.0.1:53724 | tcp | |
| N/A | 127.0.0.1:53728 | tcp | |
| N/A | 127.0.0.1:53733 | tcp | |
| N/A | 127.0.0.1:53736 | tcp | |
| N/A | 127.0.0.1:53744 | tcp | |
| N/A | 127.0.0.1:53749 | tcp | |
| N/A | 127.0.0.1:53754 | tcp | |
| N/A | 127.0.0.1:53756 | tcp | |
| N/A | 127.0.0.1:53760 | tcp | |
| N/A | 127.0.0.1:53763 | tcp | |
| N/A | 127.0.0.1:53766 | tcp | |
| N/A | 127.0.0.1:53771 | tcp | |
| N/A | 127.0.0.1:53773 | tcp | |
| N/A | 127.0.0.1:53777 | tcp | |
| N/A | 127.0.0.1:53781 | tcp | |
| N/A | 127.0.0.1:53785 | tcp | |
| N/A | 127.0.0.1:53790 | tcp | |
| N/A | 127.0.0.1:53794 | tcp | |
| N/A | 127.0.0.1:53802 | tcp | |
| N/A | 127.0.0.1:53805 | tcp | |
| N/A | 127.0.0.1:53809 | tcp | |
| N/A | 127.0.0.1:53813 | tcp | |
| N/A | 127.0.0.1:53815 | tcp | |
| N/A | 127.0.0.1:53821 | tcp | |
| N/A | 127.0.0.1:53824 | tcp | |
| N/A | 127.0.0.1:53827 | tcp | |
| N/A | 127.0.0.1:53831 | tcp | |
| N/A | 127.0.0.1:53833 | tcp | |
| N/A | 127.0.0.1:53845 | tcp | |
| N/A | 127.0.0.1:53849 | tcp | |
| N/A | 127.0.0.1:53852 | tcp | |
| N/A | 127.0.0.1:53859 | tcp | |
| N/A | 127.0.0.1:53861 | tcp | |
| N/A | 127.0.0.1:53864 | tcp | |
| N/A | 127.0.0.1:53867 | tcp | |
| N/A | 127.0.0.1:53870 | tcp | |
| N/A | 127.0.0.1:53873 | tcp | |
| N/A | 127.0.0.1:53877 | tcp | |
| N/A | 127.0.0.1:53885 | tcp | |
| N/A | 127.0.0.1:53890 | tcp | |
| N/A | 127.0.0.1:53894 | tcp | |
| N/A | 127.0.0.1:53897 | tcp | |
| N/A | 127.0.0.1:53901 | tcp | |
| N/A | 127.0.0.1:53904 | tcp | |
| N/A | 127.0.0.1:53909 | tcp | |
| N/A | 127.0.0.1:53918 | tcp | |
| N/A | 127.0.0.1:53919 | tcp | |
| N/A | 127.0.0.1:53924 | tcp | |
| N/A | 127.0.0.1:53928 | tcp | |
| N/A | 127.0.0.1:53932 | tcp | |
| N/A | 127.0.0.1:53936 | tcp | |
| N/A | 127.0.0.1:53940 | tcp | |
| N/A | 127.0.0.1:53942 | tcp | |
| N/A | 127.0.0.1:53945 | tcp | |
| N/A | 127.0.0.1:53949 | tcp | |
| N/A | 127.0.0.1:53955 | tcp | |
| N/A | 127.0.0.1:53961 | tcp | |
| N/A | 127.0.0.1:53963 | tcp | |
| N/A | 127.0.0.1:53969 | tcp | |
| N/A | 127.0.0.1:53974 | tcp | |
| N/A | 127.0.0.1:53979 | tcp | |
| N/A | 127.0.0.1:53982 | tcp | |
| N/A | 127.0.0.1:53984 | tcp | |
| N/A | 127.0.0.1:53988 | tcp | |
| N/A | 127.0.0.1:53992 | tcp | |
| N/A | 127.0.0.1:53997 | tcp | |
| N/A | 127.0.0.1:54003 | tcp | |
| N/A | 127.0.0.1:54005 | tcp | |
| N/A | 127.0.0.1:54008 | tcp | |
| N/A | 127.0.0.1:54017 | tcp | |
| N/A | 127.0.0.1:54022 | tcp | |
| N/A | 127.0.0.1:54025 | tcp | |
| N/A | 127.0.0.1:54030 | tcp | |
| N/A | 127.0.0.1:54033 | tcp | |
| N/A | 127.0.0.1:54037 | tcp | |
| N/A | 127.0.0.1:54039 | tcp | |
| N/A | 127.0.0.1:54042 | tcp | |
| N/A | 127.0.0.1:54045 | tcp | |
| N/A | 127.0.0.1:54051 | tcp | |
| N/A | 127.0.0.1:54058 | tcp | |
| N/A | 127.0.0.1:54061 | tcp | |
| N/A | 127.0.0.1:54069 | tcp | |
| N/A | 127.0.0.1:54073 | tcp | |
| N/A | 127.0.0.1:54075 | tcp | |
| N/A | 127.0.0.1:54079 | tcp | |
| N/A | 127.0.0.1:54082 | tcp | |
| N/A | 127.0.0.1:54086 | tcp | |
| N/A | 127.0.0.1:54092 | tcp | |
| N/A | 127.0.0.1:54095 | tcp | |
| N/A | 127.0.0.1:54098 | tcp | |
| N/A | 127.0.0.1:54102 | tcp | |
| N/A | 127.0.0.1:54108 | tcp | |
| N/A | 127.0.0.1:54113 | tcp | |
| N/A | 127.0.0.1:54116 | tcp | |
| N/A | 127.0.0.1:54119 | tcp | |
| N/A | 127.0.0.1:54124 | tcp | |
| N/A | 127.0.0.1:54128 | tcp | |
| N/A | 127.0.0.1:54133 | tcp | |
| N/A | 127.0.0.1:54136 | tcp | |
| N/A | 127.0.0.1:54142 | tcp | |
| N/A | 127.0.0.1:54145 | tcp | |
| N/A | 127.0.0.1:54155 | tcp | |
| N/A | 127.0.0.1:54158 | tcp | |
| N/A | 127.0.0.1:54160 | tcp | |
| N/A | 127.0.0.1:54163 | tcp | |
| N/A | 127.0.0.1:54167 | tcp | |
| N/A | 127.0.0.1:54175 | tcp | |
| N/A | 127.0.0.1:54180 | tcp | |
| N/A | 127.0.0.1:54183 | tcp | |
| N/A | 127.0.0.1:54186 | tcp | |
| N/A | 127.0.0.1:54190 | tcp | |
| N/A | 127.0.0.1:54194 | tcp | |
| N/A | 127.0.0.1:54196 | tcp | |
| N/A | 127.0.0.1:54199 | tcp | |
| N/A | 127.0.0.1:54202 | tcp | |
| N/A | 127.0.0.1:54207 | tcp | |
| N/A | 127.0.0.1:54209 | tcp | |
| N/A | 127.0.0.1:54214 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:54219 | tcp | |
| N/A | 127.0.0.1:54224 | tcp | |
| N/A | 127.0.0.1:54227 | tcp | |
| N/A | 127.0.0.1:54232 | tcp | |
| N/A | 127.0.0.1:54236 | tcp | |
| N/A | 127.0.0.1:54239 | tcp | |
| N/A | 127.0.0.1:54241 | tcp | |
| N/A | 127.0.0.1:54247 | tcp | |
| N/A | 127.0.0.1:54251 | tcp | |
| N/A | 127.0.0.1:54253 | tcp | |
| N/A | 127.0.0.1:54259 | tcp | |
| N/A | 127.0.0.1:54261 | tcp | |
| N/A | 127.0.0.1:54268 | tcp | |
| N/A | 127.0.0.1:54274 | tcp | |
| N/A | 127.0.0.1:54277 | tcp | |
| N/A | 127.0.0.1:54281 | tcp | |
| N/A | 127.0.0.1:54288 | tcp | |
| N/A | 127.0.0.1:54292 | tcp | |
| N/A | 127.0.0.1:54298 | tcp | |
| N/A | 127.0.0.1:54301 | tcp | |
| N/A | 127.0.0.1:54303 | tcp | |
| N/A | 127.0.0.1:54307 | tcp | |
| N/A | 127.0.0.1:54311 | tcp | |
| N/A | 127.0.0.1:54314 | tcp | |
| N/A | 127.0.0.1:54319 | tcp | |
| N/A | 127.0.0.1:54322 | tcp | |
| N/A | 127.0.0.1:54325 | tcp | |
| N/A | 127.0.0.1:54328 | tcp | |
| N/A | 127.0.0.1:54332 | tcp | |
| N/A | 127.0.0.1:54336 | tcp | |
| N/A | 127.0.0.1:54339 | tcp | |
| N/A | 127.0.0.1:54348 | tcp | |
| N/A | 127.0.0.1:54351 | tcp | |
| N/A | 127.0.0.1:54353 | tcp | |
| N/A | 127.0.0.1:54360 | tcp | |
| N/A | 127.0.0.1:54369 | tcp | |
| N/A | 127.0.0.1:54375 | tcp | |
| N/A | 127.0.0.1:54379 | tcp | |
| N/A | 127.0.0.1:54382 | tcp | |
| N/A | 127.0.0.1:54386 | tcp | |
| N/A | 127.0.0.1:54388 | tcp | |
| N/A | 127.0.0.1:54390 | tcp | |
| N/A | 127.0.0.1:54397 | tcp | |
| N/A | 127.0.0.1:54401 | tcp | |
| N/A | 127.0.0.1:54405 | tcp | |
| N/A | 127.0.0.1:54409 | tcp | |
| N/A | 127.0.0.1:54413 | tcp | |
| N/A | 127.0.0.1:54415 | tcp | |
| N/A | 127.0.0.1:54419 | tcp | |
| N/A | 127.0.0.1:54422 | tcp | |
| N/A | 127.0.0.1:54426 | tcp | |
| N/A | 127.0.0.1:54431 | tcp | |
| N/A | 127.0.0.1:54436 | tcp | |
| N/A | 127.0.0.1:54440 | tcp | |
| N/A | 127.0.0.1:54443 | tcp | |
| N/A | 127.0.0.1:54454 | tcp | |
| N/A | 127.0.0.1:54458 | tcp | |
| N/A | 127.0.0.1:54460 | tcp | |
| N/A | 127.0.0.1:54463 | tcp | |
| N/A | 127.0.0.1:54467 | tcp | |
| N/A | 127.0.0.1:54471 | tcp | |
| N/A | 127.0.0.1:54478 | tcp | |
| N/A | 127.0.0.1:54482 | tcp | |
| N/A | 127.0.0.1:54490 | tcp | |
| N/A | 127.0.0.1:54493 | tcp | |
| N/A | 127.0.0.1:54496 | tcp | |
| N/A | 127.0.0.1:54499 | tcp | |
| N/A | 127.0.0.1:54503 | tcp | |
| N/A | 127.0.0.1:54510 | tcp | |
| N/A | 127.0.0.1:54515 | tcp | |
| N/A | 127.0.0.1:54519 | tcp | |
| N/A | 127.0.0.1:54522 | tcp | |
| N/A | 127.0.0.1:54526 | tcp | |
| N/A | 127.0.0.1:54529 | tcp | |
| N/A | 127.0.0.1:54534 | tcp | |
| N/A | 127.0.0.1:54538 | tcp | |
| N/A | 127.0.0.1:54544 | tcp | |
| N/A | 127.0.0.1:54547 | tcp | |
| N/A | 127.0.0.1:54549 | tcp | |
| N/A | 127.0.0.1:54553 | tcp | |
| N/A | 127.0.0.1:54556 | tcp | |
| N/A | 127.0.0.1:54558 | tcp | |
| N/A | 127.0.0.1:54562 | tcp | |
| N/A | 127.0.0.1:54567 | tcp | |
| N/A | 127.0.0.1:54571 | tcp | |
| N/A | 127.0.0.1:54575 | tcp | |
| N/A | 127.0.0.1:54581 | tcp | |
| N/A | 127.0.0.1:54584 | tcp | |
| N/A | 127.0.0.1:54587 | tcp | |
| N/A | 127.0.0.1:54594 | tcp | |
| N/A | 127.0.0.1:54600 | tcp | |
| N/A | 127.0.0.1:54602 | tcp | |
| N/A | 127.0.0.1:54606 | tcp | |
| N/A | 127.0.0.1:54609 | tcp | |
| N/A | 127.0.0.1:54612 | tcp | |
| N/A | 127.0.0.1:54617 | tcp | |
| N/A | 127.0.0.1:54621 | tcp | |
| N/A | 127.0.0.1:54627 | tcp | |
| N/A | 127.0.0.1:54630 | tcp | |
| N/A | 127.0.0.1:54637 | tcp | |
| N/A | 127.0.0.1:54643 | tcp | |
| N/A | 127.0.0.1:54645 | tcp | |
| N/A | 127.0.0.1:54649 | tcp | |
| N/A | 127.0.0.1:54658 | tcp | |
| N/A | 127.0.0.1:54662 | tcp | |
| N/A | 127.0.0.1:54666 | tcp | |
| N/A | 127.0.0.1:54670 | tcp | |
| N/A | 127.0.0.1:54674 | tcp | |
| N/A | 127.0.0.1:54677 | tcp | |
| N/A | 127.0.0.1:54681 | tcp | |
| N/A | 127.0.0.1:54684 | tcp | |
| N/A | 127.0.0.1:54686 | tcp | |
| N/A | 127.0.0.1:54691 | tcp | |
| N/A | 127.0.0.1:54693 | tcp | |
| N/A | 127.0.0.1:54696 | tcp | |
| N/A | 127.0.0.1:54698 | tcp | |
| N/A | 127.0.0.1:54701 | tcp | |
| N/A | 127.0.0.1:54711 | tcp | |
| N/A | 127.0.0.1:54715 | tcp | |
| N/A | 127.0.0.1:54720 | tcp | |
| N/A | 127.0.0.1:54725 | tcp | |
| N/A | 127.0.0.1:54728 | tcp | |
| N/A | 127.0.0.1:54732 | tcp | |
| N/A | 127.0.0.1:54736 | tcp | |
| N/A | 127.0.0.1:54739 | tcp | |
| N/A | 127.0.0.1:54743 | tcp | |
| N/A | 127.0.0.1:54746 | tcp | |
| N/A | 127.0.0.1:54750 | tcp | |
| N/A | 127.0.0.1:54752 | tcp | |
| N/A | 127.0.0.1:54755 | tcp | |
| N/A | 127.0.0.1:54759 | tcp | |
| N/A | 127.0.0.1:54766 | tcp | |
| N/A | 127.0.0.1:54775 | tcp | |
| N/A | 127.0.0.1:54778 | tcp | |
| N/A | 127.0.0.1:54782 | tcp | |
| N/A | 127.0.0.1:54788 | tcp | |
| N/A | 127.0.0.1:54794 | tcp | |
| N/A | 127.0.0.1:54798 | tcp | |
| N/A | 127.0.0.1:54801 | tcp | |
| N/A | 127.0.0.1:54809 | tcp | |
| N/A | 127.0.0.1:54812 | tcp | |
| N/A | 127.0.0.1:54815 | tcp | |
| N/A | 127.0.0.1:54820 | tcp | |
| N/A | 127.0.0.1:54824 | tcp | |
| N/A | 127.0.0.1:54827 | tcp | |
| N/A | 127.0.0.1:54830 | tcp | |
| N/A | 127.0.0.1:54833 | tcp | |
| N/A | 127.0.0.1:54838 | tcp | |
| N/A | 127.0.0.1:54843 | tcp | |
| N/A | 127.0.0.1:54845 | tcp | |
| N/A | 127.0.0.1:54849 | tcp | |
| N/A | 127.0.0.1:54858 | tcp | |
| N/A | 127.0.0.1:54861 | tcp | |
| N/A | 127.0.0.1:54865 | tcp | |
| N/A | 127.0.0.1:54867 | tcp | |
| N/A | 127.0.0.1:54871 | tcp | |
| N/A | 127.0.0.1:54875 | tcp | |
| N/A | 127.0.0.1:54878 | tcp | |
| N/A | 127.0.0.1:54884 | tcp | |
| N/A | 127.0.0.1:54889 | tcp | |
| N/A | 127.0.0.1:54893 | tcp | |
| N/A | 127.0.0.1:54898 | tcp | |
| N/A | 127.0.0.1:54901 | tcp | |
| N/A | 127.0.0.1:54903 | tcp | |
| N/A | 127.0.0.1:54910 | tcp | |
| N/A | 127.0.0.1:54914 | tcp | |
| N/A | 127.0.0.1:54920 | tcp | |
| N/A | 127.0.0.1:54923 | tcp | |
| N/A | 127.0.0.1:54925 | tcp | |
| N/A | 127.0.0.1:54936 | tcp | |
| N/A | 127.0.0.1:54939 | tcp | |
| N/A | 127.0.0.1:54942 | tcp | |
| N/A | 127.0.0.1:54946 | tcp | |
| N/A | 127.0.0.1:54950 | tcp | |
| N/A | 127.0.0.1:54954 | tcp | |
| N/A | 127.0.0.1:54962 | tcp | |
| N/A | 127.0.0.1:54965 | tcp | |
| N/A | 127.0.0.1:54967 | tcp | |
| N/A | 127.0.0.1:54971 | tcp | |
| N/A | 127.0.0.1:54976 | tcp | |
| N/A | 127.0.0.1:54979 | tcp | |
| N/A | 127.0.0.1:54982 | tcp | |
| N/A | 127.0.0.1:54984 | tcp | |
| N/A | 127.0.0.1:54986 | tcp | |
| N/A | 127.0.0.1:54993 | tcp | |
| N/A | 127.0.0.1:54997 | tcp | |
| N/A | 127.0.0.1:54999 | tcp | |
| N/A | 127.0.0.1:55001 | tcp | |
| N/A | 127.0.0.1:55006 | tcp | |
| N/A | 127.0.0.1:55009 | tcp | |
| N/A | 127.0.0.1:55015 | tcp | |
| N/A | 127.0.0.1:55020 | tcp | |
| N/A | 127.0.0.1:55026 | tcp | |
| N/A | 127.0.0.1:55028 | tcp | |
| N/A | 127.0.0.1:55032 | tcp | |
| N/A | 127.0.0.1:55040 | tcp | |
| N/A | 127.0.0.1:55047 | tcp | |
| N/A | 127.0.0.1:55050 | tcp | |
| N/A | 127.0.0.1:55054 | tcp | |
| N/A | 127.0.0.1:55059 | tcp | |
| N/A | 127.0.0.1:55063 | tcp | |
| N/A | 127.0.0.1:55068 | tcp | |
| N/A | 127.0.0.1:55071 | tcp | |
| N/A | 127.0.0.1:55076 | tcp | |
| N/A | 127.0.0.1:55079 | tcp | |
| N/A | 127.0.0.1:55081 | tcp | |
| N/A | 127.0.0.1:55085 | tcp | |
| N/A | 127.0.0.1:55088 | tcp | |
| N/A | 127.0.0.1:55091 | tcp | |
| N/A | 127.0.0.1:55095 | tcp | |
| N/A | 127.0.0.1:55097 | tcp | |
| N/A | 127.0.0.1:55102 | tcp | |
| N/A | 127.0.0.1:55105 | tcp | |
| N/A | 127.0.0.1:55109 | tcp | |
| N/A | 127.0.0.1:55113 | tcp | |
| N/A | 127.0.0.1:55117 | tcp | |
| N/A | 127.0.0.1:55122 | tcp | |
| N/A | 127.0.0.1:55126 | tcp | |
| N/A | 127.0.0.1:55132 | tcp | |
| N/A | 127.0.0.1:55136 | tcp | |
| N/A | 127.0.0.1:55140 | tcp | |
| N/A | 127.0.0.1:55144 | tcp | |
| N/A | 127.0.0.1:55147 | tcp | |
| N/A | 127.0.0.1:55151 | tcp | |
| N/A | 127.0.0.1:55154 | tcp | |
| N/A | 127.0.0.1:55157 | tcp | |
| N/A | 127.0.0.1:55162 | tcp | |
| N/A | 127.0.0.1:55165 | tcp | |
| N/A | 127.0.0.1:55170 | tcp | |
| N/A | 127.0.0.1:55174 | tcp | |
| N/A | 127.0.0.1:55178 | tcp | |
| N/A | 127.0.0.1:55183 | tcp | |
| N/A | 127.0.0.1:55186 | tcp | |
| N/A | 127.0.0.1:55189 | tcp | |
| N/A | 127.0.0.1:55197 | tcp | |
| N/A | 127.0.0.1:55199 | tcp | |
| N/A | 127.0.0.1:55203 | tcp | |
| N/A | 127.0.0.1:55208 | tcp | |
| N/A | 127.0.0.1:55212 | tcp | |
| N/A | 127.0.0.1:55216 | tcp | |
| N/A | 127.0.0.1:55220 | tcp | |
| N/A | 127.0.0.1:55224 | tcp | |
| N/A | 127.0.0.1:55228 | tcp | |
| N/A | 127.0.0.1:55231 | tcp | |
| N/A | 127.0.0.1:55237 | tcp | |
| N/A | 127.0.0.1:55240 | tcp | |
| N/A | 127.0.0.1:55245 | tcp | |
| N/A | 127.0.0.1:55248 | tcp | |
| N/A | 127.0.0.1:55252 | tcp | |
| N/A | 127.0.0.1:55256 | tcp | |
| N/A | 127.0.0.1:55260 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:55266 | tcp | |
| N/A | 127.0.0.1:55270 | tcp | |
| N/A | 127.0.0.1:55273 | tcp | |
| N/A | 127.0.0.1:55278 | tcp | |
| N/A | 127.0.0.1:55281 | tcp | |
| N/A | 127.0.0.1:55283 | tcp | |
| N/A | 127.0.0.1:55287 | tcp | |
| N/A | 127.0.0.1:55293 | tcp | |
| N/A | 127.0.0.1:55297 | tcp | |
| N/A | 127.0.0.1:55299 | tcp | |
| N/A | 127.0.0.1:55303 | tcp | |
| N/A | 127.0.0.1:55310 | tcp | |
| N/A | 127.0.0.1:55312 | tcp | |
| N/A | 127.0.0.1:55316 | tcp | |
| N/A | 127.0.0.1:55320 | tcp | |
| N/A | 127.0.0.1:55324 | tcp | |
| N/A | 127.0.0.1:55328 | tcp | |
| N/A | 127.0.0.1:55332 | tcp | |
| N/A | 127.0.0.1:55336 | tcp | |
| N/A | 127.0.0.1:55342 | tcp | |
| N/A | 127.0.0.1:55346 | tcp | |
| N/A | 127.0.0.1:55350 | tcp | |
| N/A | 127.0.0.1:55354 | tcp | |
| N/A | 127.0.0.1:55358 | tcp | |
| N/A | 127.0.0.1:55362 | tcp | |
| N/A | 127.0.0.1:55366 | tcp | |
| N/A | 127.0.0.1:55371 | tcp | |
| N/A | 127.0.0.1:55373 | tcp | |
| N/A | 127.0.0.1:55378 | tcp | |
| N/A | 127.0.0.1:55384 | tcp | |
| N/A | 127.0.0.1:55386 | tcp | |
| N/A | 127.0.0.1:55390 | tcp | |
| N/A | 127.0.0.1:55393 | tcp | |
| N/A | 127.0.0.1:55399 | tcp | |
| N/A | 127.0.0.1:55403 | tcp | |
| N/A | 127.0.0.1:55408 | tcp | |
| N/A | 127.0.0.1:55410 | tcp | |
| N/A | 127.0.0.1:55413 | tcp | |
| N/A | 127.0.0.1:55419 | tcp | |
| N/A | 127.0.0.1:55422 | tcp | |
| N/A | 127.0.0.1:55427 | tcp | |
| N/A | 127.0.0.1:55430 | tcp | |
| N/A | 127.0.0.1:55435 | tcp | |
| N/A | 127.0.0.1:55438 | tcp | |
| N/A | 127.0.0.1:55442 | tcp | |
| N/A | 127.0.0.1:55447 | tcp | |
| N/A | 127.0.0.1:55450 | tcp | |
| N/A | 127.0.0.1:55455 | tcp | |
| N/A | 127.0.0.1:55458 | tcp | |
| N/A | 127.0.0.1:55462 | tcp | |
| N/A | 127.0.0.1:55466 | tcp | |
| N/A | 127.0.0.1:55470 | tcp | |
| N/A | 127.0.0.1:55473 | tcp | |
| N/A | 127.0.0.1:55480 | tcp | |
| N/A | 127.0.0.1:55483 | tcp | |
| N/A | 127.0.0.1:55488 | tcp | |
| N/A | 127.0.0.1:55490 | tcp | |
| N/A | 127.0.0.1:55493 | tcp | |
| N/A | 127.0.0.1:55499 | tcp | |
| N/A | 127.0.0.1:55502 | tcp | |
| N/A | 127.0.0.1:55505 | tcp | |
| N/A | 127.0.0.1:55511 | tcp | |
| N/A | 127.0.0.1:55515 | tcp | |
| N/A | 127.0.0.1:55519 | tcp | |
| N/A | 127.0.0.1:55522 | tcp | |
| N/A | 127.0.0.1:55524 | tcp | |
| N/A | 127.0.0.1:55530 | tcp | |
| N/A | 127.0.0.1:55534 | tcp | |
| N/A | 127.0.0.1:55538 | tcp | |
| N/A | 127.0.0.1:55542 | tcp | |
| N/A | 127.0.0.1:55547 | tcp | |
| N/A | 127.0.0.1:55552 | tcp | |
| N/A | 127.0.0.1:55555 | tcp | |
| N/A | 127.0.0.1:55565 | tcp | |
| N/A | 127.0.0.1:55567 | tcp | |
| N/A | 127.0.0.1:55569 | tcp | |
| N/A | 127.0.0.1:55571 | tcp | |
| N/A | 127.0.0.1:55573 | tcp | |
| N/A | 127.0.0.1:55575 | tcp | |
| N/A | 127.0.0.1:55577 | tcp | |
| N/A | 127.0.0.1:55622 | tcp | |
| N/A | 127.0.0.1:55626 | tcp | |
| N/A | 127.0.0.1:55628 | tcp | |
| N/A | 127.0.0.1:55630 | tcp | |
| N/A | 127.0.0.1:55634 | tcp | |
| N/A | 127.0.0.1:55640 | tcp | |
| N/A | 127.0.0.1:55646 | tcp | |
| N/A | 127.0.0.1:55648 | tcp | |
| N/A | 127.0.0.1:55653 | tcp | |
| N/A | 127.0.0.1:55698 | tcp | |
| N/A | 127.0.0.1:55700 | tcp | |
| N/A | 127.0.0.1:55707 | tcp | |
| N/A | 127.0.0.1:55713 | tcp | |
| N/A | 127.0.0.1:55715 | tcp | |
| N/A | 127.0.0.1:55719 | tcp | |
| N/A | 127.0.0.1:55721 | tcp | |
| N/A | 127.0.0.1:55723 | tcp | |
| N/A | 127.0.0.1:55724 | tcp | |
| N/A | 127.0.0.1:55727 | tcp | |
| N/A | 127.0.0.1:55731 | tcp | |
| N/A | 127.0.0.1:55733 | tcp | |
| N/A | 127.0.0.1:55735 | tcp | |
| N/A | 127.0.0.1:55738 | tcp | |
| N/A | 127.0.0.1:55740 | tcp | |
| N/A | 127.0.0.1:55742 | tcp | |
| N/A | 127.0.0.1:55744 | tcp | |
| N/A | 127.0.0.1:55746 | tcp | |
| N/A | 127.0.0.1:55748 | tcp | |
| N/A | 127.0.0.1:55750 | tcp | |
| N/A | 127.0.0.1:55752 | tcp | |
| N/A | 127.0.0.1:55754 | tcp | |
| N/A | 127.0.0.1:55756 | tcp | |
| N/A | 127.0.0.1:55758 | tcp | |
| N/A | 127.0.0.1:55760 | tcp | |
| N/A | 127.0.0.1:55762 | tcp | |
| N/A | 127.0.0.1:55764 | tcp | |
| N/A | 127.0.0.1:55766 | tcp | |
| N/A | 127.0.0.1:55769 | tcp | |
| N/A | 127.0.0.1:55772 | tcp | |
| N/A | 127.0.0.1:55775 | tcp | |
| N/A | 127.0.0.1:55777 | tcp | |
| N/A | 127.0.0.1:55779 | tcp | |
| N/A | 127.0.0.1:55781 | tcp | |
| N/A | 127.0.0.1:55783 | tcp | |
| N/A | 127.0.0.1:55785 | tcp | |
| N/A | 127.0.0.1:55787 | tcp | |
| N/A | 127.0.0.1:55789 | tcp | |
| N/A | 127.0.0.1:55791 | tcp | |
| N/A | 127.0.0.1:55793 | tcp | |
| N/A | 127.0.0.1:55794 | tcp | |
| N/A | 127.0.0.1:55797 | tcp | |
| N/A | 127.0.0.1:55799 | tcp | |
| N/A | 127.0.0.1:55801 | tcp | |
| N/A | 127.0.0.1:55804 | tcp | |
| N/A | 127.0.0.1:55806 | tcp | |
| N/A | 127.0.0.1:55808 | tcp | |
| N/A | 127.0.0.1:55810 | tcp | |
| N/A | 127.0.0.1:55813 | tcp | |
| N/A | 127.0.0.1:55814 | tcp | |
| N/A | 127.0.0.1:55818 | tcp | |
| N/A | 127.0.0.1:55820 | tcp | |
| N/A | 127.0.0.1:55822 | tcp | |
| N/A | 127.0.0.1:55824 | tcp | |
| N/A | 127.0.0.1:55826 | tcp | |
| N/A | 127.0.0.1:55828 | tcp | |
| N/A | 127.0.0.1:55830 | tcp | |
| N/A | 127.0.0.1:55833 | tcp | |
| N/A | 127.0.0.1:55835 | tcp | |
| N/A | 127.0.0.1:55838 | tcp | |
| N/A | 127.0.0.1:55840 | tcp | |
| N/A | 127.0.0.1:55842 | tcp | |
| N/A | 127.0.0.1:55844 | tcp | |
| N/A | 127.0.0.1:55845 | tcp | |
| N/A | 127.0.0.1:55848 | tcp | |
| N/A | 127.0.0.1:55850 | tcp | |
| N/A | 127.0.0.1:55853 | tcp | |
| N/A | 127.0.0.1:55855 | tcp | |
| N/A | 127.0.0.1:55857 | tcp | |
| N/A | 127.0.0.1:55860 | tcp | |
| N/A | 127.0.0.1:55862 | tcp | |
| N/A | 127.0.0.1:55882 | tcp | |
| N/A | 127.0.0.1:55886 | tcp | |
| N/A | 127.0.0.1:55889 | tcp | |
| N/A | 127.0.0.1:55900 | tcp | |
| N/A | 127.0.0.1:55905 | tcp | |
| N/A | 127.0.0.1:55907 | tcp | |
| N/A | 127.0.0.1:55916 | tcp | |
| N/A | 127.0.0.1:55936 | tcp | |
| N/A | 127.0.0.1:55940 | tcp | |
| N/A | 127.0.0.1:55942 | tcp | |
| N/A | 127.0.0.1:55949 | tcp | |
| N/A | 127.0.0.1:55965 | tcp | |
| N/A | 127.0.0.1:55969 | tcp | |
| N/A | 127.0.0.1:55971 | tcp | |
| N/A | 127.0.0.1:55982 | tcp | |
| N/A | 127.0.0.1:55986 | tcp | |
| N/A | 127.0.0.1:55991 | tcp | |
| N/A | 127.0.0.1:55995 | tcp | |
| N/A | 127.0.0.1:56004 | tcp | |
| N/A | 127.0.0.1:56008 | tcp | |
| N/A | 127.0.0.1:56011 | tcp | |
| N/A | 127.0.0.1:56015 | tcp | |
| N/A | 127.0.0.1:56017 | tcp | |
| N/A | 127.0.0.1:56019 | tcp | |
| N/A | 127.0.0.1:56021 | tcp | |
| N/A | 127.0.0.1:56023 | tcp | |
| N/A | 127.0.0.1:56025 | tcp | |
| N/A | 127.0.0.1:56027 | tcp | |
| N/A | 127.0.0.1:56029 | tcp | |
| N/A | 127.0.0.1:56031 | tcp | |
| N/A | 127.0.0.1:56033 | tcp | |
| N/A | 127.0.0.1:56035 | tcp | |
| N/A | 127.0.0.1:56115 | tcp | |
| N/A | 127.0.0.1:56116 | tcp | |
| N/A | 127.0.0.1:56114 | tcp | |
| N/A | 127.0.0.1:56113 | tcp | |
| N/A | 127.0.0.1:56121 | tcp | |
| N/A | 127.0.0.1:56112 | tcp | |
| N/A | 127.0.0.1:56110 | tcp | |
| N/A | 127.0.0.1:56109 | tcp | |
| N/A | 127.0.0.1:56107 | tcp | |
| N/A | 127.0.0.1:56105 | tcp | |
| N/A | 127.0.0.1:56104 | tcp | |
| N/A | 127.0.0.1:56102 | tcp | |
| N/A | 127.0.0.1:56101 | tcp | |
| N/A | 127.0.0.1:56100 | tcp | |
| N/A | 127.0.0.1:56098 | tcp | |
| N/A | 127.0.0.1:56095 | tcp | |
| N/A | 127.0.0.1:56134 | tcp | |
| N/A | 127.0.0.1:56083 | tcp | |
| N/A | 127.0.0.1:56076 | tcp | |
| N/A | 127.0.0.1:56079 | tcp | |
| N/A | 127.0.0.1:56073 | tcp | |
| N/A | 127.0.0.1:56072 | tcp | |
| N/A | 127.0.0.1:56070 | tcp | |
| N/A | 127.0.0.1:56066 | tcp | |
| N/A | 127.0.0.1:56062 | tcp | |
| N/A | 127.0.0.1:56060 | tcp | |
| N/A | 127.0.0.1:56145 | tcp | |
| N/A | 127.0.0.1:56056 | tcp | |
| N/A | 127.0.0.1:56148 | tcp | |
| N/A | 127.0.0.1:56150 | tcp | |
| N/A | 127.0.0.1:56152 | tcp | |
| N/A | 127.0.0.1:56051 | tcp | |
| N/A | 127.0.0.1:56155 | tcp | |
| N/A | 127.0.0.1:56048 | tcp | |
| N/A | 127.0.0.1:56158 | tcp | |
| N/A | 127.0.0.1:56047 | tcp | |
| N/A | 127.0.0.1:56161 | tcp | |
| N/A | 127.0.0.1:56163 | tcp | |
| N/A | 127.0.0.1:56045 | tcp | |
| N/A | 127.0.0.1:56041 | tcp | |
| N/A | 127.0.0.1:56167 | tcp | |
| N/A | 127.0.0.1:56039 | tcp | |
| N/A | 127.0.0.1:56170 | tcp | |
| N/A | 127.0.0.1:56172 | tcp | |
| N/A | 127.0.0.1:56174 | tcp | |
| N/A | 127.0.0.1:56177 | tcp | |
| N/A | 127.0.0.1:56037 | tcp | |
| N/A | 127.0.0.1:56181 | tcp | |
| N/A | 127.0.0.1:56183 | tcp | |
| N/A | 127.0.0.1:56185 | tcp | |
| N/A | 127.0.0.1:56187 | tcp | |
| N/A | 127.0.0.1:56189 | tcp | |
| N/A | 127.0.0.1:56191 | tcp | |
| N/A | 127.0.0.1:56193 | tcp | |
| N/A | 127.0.0.1:56246 | tcp | |
| N/A | 127.0.0.1:56253 | tcp | |
| N/A | 127.0.0.1:56255 | tcp | |
| N/A | 127.0.0.1:56262 | tcp | |
| N/A | 127.0.0.1:56265 | tcp | |
| N/A | 127.0.0.1:56270 | tcp | |
| N/A | 127.0.0.1:56275 | tcp | |
| N/A | 127.0.0.1:56278 | tcp | |
| N/A | 127.0.0.1:56281 | tcp | |
| N/A | 127.0.0.1:56284 | tcp | |
| N/A | 127.0.0.1:56286 | tcp | |
| N/A | 127.0.0.1:56290 | tcp | |
| N/A | 127.0.0.1:56297 | tcp | |
| N/A | 127.0.0.1:56299 | tcp | |
| N/A | 127.0.0.1:56307 | tcp | |
| N/A | 127.0.0.1:56310 | tcp | |
| N/A | 127.0.0.1:56312 | tcp | |
| N/A | 127.0.0.1:56314 | tcp | |
| N/A | 127.0.0.1:56322 | tcp | |
| N/A | 127.0.0.1:56325 | tcp | |
| N/A | 127.0.0.1:56329 | tcp | |
| N/A | 127.0.0.1:56334 | tcp | |
| N/A | 127.0.0.1:56337 | tcp | |
| N/A | 127.0.0.1:56340 | tcp | |
| N/A | 127.0.0.1:56343 | tcp | |
| N/A | 127.0.0.1:56345 | tcp | |
| N/A | 127.0.0.1:56349 | tcp | |
| N/A | 127.0.0.1:56352 | tcp | |
| N/A | 127.0.0.1:56355 | tcp | |
| N/A | 127.0.0.1:56361 | tcp | |
| N/A | 127.0.0.1:56366 | tcp | |
| N/A | 127.0.0.1:56369 | tcp | |
| N/A | 127.0.0.1:56373 | tcp | |
| N/A | 127.0.0.1:56376 | tcp | |
| N/A | 127.0.0.1:56378 | tcp | |
| N/A | 127.0.0.1:56387 | tcp | |
| N/A | 127.0.0.1:56390 | tcp | |
| N/A | 127.0.0.1:56393 | tcp | |
| N/A | 127.0.0.1:56397 | tcp | |
| N/A | 127.0.0.1:56400 | tcp | |
| N/A | 127.0.0.1:56406 | tcp | |
| N/A | 127.0.0.1:56408 | tcp | |
| N/A | 127.0.0.1:56416 | tcp | |
| N/A | 127.0.0.1:56418 | tcp | |
| N/A | 127.0.0.1:56422 | tcp | |
| N/A | 127.0.0.1:56424 | tcp | |
| N/A | 127.0.0.1:56427 | tcp | |
| N/A | 127.0.0.1:56432 | tcp | |
| N/A | 127.0.0.1:56439 | tcp | |
| N/A | 127.0.0.1:56441 | tcp | |
| N/A | 127.0.0.1:56443 | tcp | |
| N/A | 127.0.0.1:56449 | tcp | |
| N/A | 127.0.0.1:56453 | tcp | |
| N/A | 127.0.0.1:56456 | tcp | |
| N/A | 127.0.0.1:56460 | tcp | |
| N/A | 127.0.0.1:56465 | tcp | |
| N/A | 127.0.0.1:56470 | tcp | |
| N/A | 127.0.0.1:56473 | tcp | |
| N/A | 127.0.0.1:56476 | tcp | |
| N/A | 127.0.0.1:56480 | tcp | |
| N/A | 127.0.0.1:56484 | tcp | |
| N/A | 127.0.0.1:56487 | tcp | |
| N/A | 127.0.0.1:56490 | tcp | |
| N/A | 127.0.0.1:56493 | tcp | |
| N/A | 127.0.0.1:56496 | tcp | |
| N/A | 127.0.0.1:56499 | tcp | |
| N/A | 127.0.0.1:56504 | tcp | |
| N/A | 127.0.0.1:56507 | tcp | |
| N/A | 127.0.0.1:56515 | tcp | |
| N/A | 127.0.0.1:56517 | tcp | |
| N/A | 127.0.0.1:56520 | tcp | |
| N/A | 127.0.0.1:56527 | tcp | |
| N/A | 127.0.0.1:56529 | tcp | |
| N/A | 127.0.0.1:56531 | tcp | |
| N/A | 127.0.0.1:56535 | tcp | |
| N/A | 127.0.0.1:56541 | tcp | |
| N/A | 127.0.0.1:56544 | tcp | |
| N/A | 127.0.0.1:56546 | tcp | |
| N/A | 127.0.0.1:56553 | tcp | |
| N/A | 127.0.0.1:56557 | tcp | |
| N/A | 127.0.0.1:56561 | tcp | |
| N/A | 127.0.0.1:56567 | tcp | |
| N/A | 127.0.0.1:56569 | tcp | |
| N/A | 127.0.0.1:56573 | tcp | |
| N/A | 127.0.0.1:56575 | tcp | |
| N/A | 127.0.0.1:56580 | tcp | |
| N/A | 127.0.0.1:56584 | tcp | |
| N/A | 127.0.0.1:56586 | tcp | |
| N/A | 127.0.0.1:56589 | tcp | |
| N/A | 127.0.0.1:56595 | tcp | |
| N/A | 127.0.0.1:56599 | tcp | |
| N/A | 127.0.0.1:56603 | tcp | |
| N/A | 127.0.0.1:56608 | tcp | |
| N/A | 127.0.0.1:56611 | tcp | |
| N/A | 127.0.0.1:56614 | tcp | |
| N/A | 127.0.0.1:56617 | tcp | |
| N/A | 127.0.0.1:56621 | tcp | |
| N/A | 127.0.0.1:56626 | tcp | |
| N/A | 127.0.0.1:56628 | tcp | |
| N/A | 127.0.0.1:56635 | tcp | |
| N/A | 127.0.0.1:56639 | tcp | |
| N/A | 127.0.0.1:56642 | tcp | |
| N/A | 127.0.0.1:56650 | tcp | |
| N/A | 127.0.0.1:56653 | tcp | |
| N/A | 127.0.0.1:56659 | tcp | |
| N/A | 127.0.0.1:56661 | tcp | |
| N/A | 127.0.0.1:56664 | tcp | |
| N/A | 127.0.0.1:56667 | tcp | |
| N/A | 127.0.0.1:56674 | tcp | |
| N/A | 127.0.0.1:56676 | tcp | |
| N/A | 127.0.0.1:56680 | tcp | |
| N/A | 127.0.0.1:56683 | tcp | |
| N/A | 127.0.0.1:56685 | tcp | |
| N/A | 127.0.0.1:56690 | tcp | |
| N/A | 127.0.0.1:56693 | tcp | |
| N/A | 127.0.0.1:56701 | tcp | |
| N/A | 127.0.0.1:56707 | tcp | |
| N/A | 127.0.0.1:56713 | tcp | |
| N/A | 127.0.0.1:56715 | tcp | |
| N/A | 127.0.0.1:56724 | tcp | |
| N/A | 127.0.0.1:56726 | tcp | |
| N/A | 127.0.0.1:56728 | tcp | |
| N/A | 127.0.0.1:56730 | tcp | |
| N/A | 127.0.0.1:56739 | tcp | |
| N/A | 127.0.0.1:56742 | tcp | |
| N/A | 127.0.0.1:56745 | tcp | |
| N/A | 127.0.0.1:56748 | tcp | |
| N/A | 127.0.0.1:56751 | tcp | |
| N/A | 127.0.0.1:56755 | tcp | |
| N/A | 127.0.0.1:56758 | tcp | |
| N/A | 127.0.0.1:56761 | tcp | |
| N/A | 127.0.0.1:56765 | tcp | |
| N/A | 127.0.0.1:56769 | tcp | |
| N/A | 127.0.0.1:56773 | tcp | |
| N/A | 127.0.0.1:56776 | tcp | |
| N/A | 127.0.0.1:56780 | tcp | |
| N/A | 127.0.0.1:56785 | tcp | |
| N/A | 127.0.0.1:56789 | tcp | |
| N/A | 127.0.0.1:56794 | tcp | |
| N/A | 127.0.0.1:56796 | tcp | |
| N/A | 127.0.0.1:56799 | tcp | |
| N/A | 127.0.0.1:56806 | tcp | |
| N/A | 127.0.0.1:56809 | tcp | |
| N/A | 127.0.0.1:56814 | tcp | |
| N/A | 127.0.0.1:56818 | tcp | |
| N/A | 127.0.0.1:56821 | tcp | |
| N/A | 127.0.0.1:56823 | tcp | |
| N/A | 127.0.0.1:56827 | tcp | |
| N/A | 127.0.0.1:56830 | tcp | |
| N/A | 127.0.0.1:56838 | tcp | |
| N/A | 127.0.0.1:56841 | tcp | |
| N/A | 127.0.0.1:56845 | tcp | |
| N/A | 127.0.0.1:56849 | tcp | |
| N/A | 127.0.0.1:56852 | tcp | |
| N/A | 127.0.0.1:56857 | tcp | |
| N/A | 127.0.0.1:56859 | tcp | |
| N/A | 127.0.0.1:56861 | tcp | |
| N/A | 127.0.0.1:56863 | tcp | |
| N/A | 127.0.0.1:56865 | tcp | |
| N/A | 127.0.0.1:56867 | tcp | |
| N/A | 127.0.0.1:56869 | tcp | |
| N/A | 127.0.0.1:56871 | tcp | |
| N/A | 127.0.0.1:56873 | tcp | |
| N/A | 127.0.0.1:56875 | tcp | |
| N/A | 127.0.0.1:56877 | tcp | |
| N/A | 127.0.0.1:56879 | tcp | |
| N/A | 127.0.0.1:56881 | tcp | |
| N/A | 127.0.0.1:56883 | tcp | |
| N/A | 127.0.0.1:56885 | tcp | |
| N/A | 127.0.0.1:56887 | tcp | |
| N/A | 127.0.0.1:56889 | tcp | |
| N/A | 127.0.0.1:56891 | tcp | |
| N/A | 127.0.0.1:56893 | tcp | |
| N/A | 127.0.0.1:56895 | tcp | |
| N/A | 127.0.0.1:56897 | tcp | |
| N/A | 127.0.0.1:56899 | tcp | |
| N/A | 127.0.0.1:56901 | tcp | |
| N/A | 127.0.0.1:56903 | tcp | |
| N/A | 127.0.0.1:56905 | tcp | |
| N/A | 127.0.0.1:56907 | tcp | |
| N/A | 127.0.0.1:56909 | tcp | |
| N/A | 127.0.0.1:56911 | tcp | |
| N/A | 127.0.0.1:56913 | tcp | |
| N/A | 127.0.0.1:56915 | tcp | |
| N/A | 127.0.0.1:56917 | tcp | |
| N/A | 127.0.0.1:56919 | tcp | |
| N/A | 127.0.0.1:56921 | tcp | |
| N/A | 127.0.0.1:56923 | tcp | |
| N/A | 127.0.0.1:56925 | tcp | |
| N/A | 127.0.0.1:56927 | tcp | |
| N/A | 127.0.0.1:56929 | tcp | |
| N/A | 127.0.0.1:56931 | tcp | |
| N/A | 127.0.0.1:56933 | tcp | |
| N/A | 127.0.0.1:56935 | tcp | |
| N/A | 127.0.0.1:56937 | tcp | |
| N/A | 127.0.0.1:56939 | tcp | |
| N/A | 127.0.0.1:56941 | tcp | |
| N/A | 127.0.0.1:56943 | tcp | |
| N/A | 127.0.0.1:56945 | tcp | |
| N/A | 127.0.0.1:56947 | tcp | |
| N/A | 127.0.0.1:56949 | tcp | |
| N/A | 127.0.0.1:56951 | tcp | |
| N/A | 127.0.0.1:56953 | tcp | |
| N/A | 127.0.0.1:56955 | tcp | |
| N/A | 127.0.0.1:56957 | tcp | |
| N/A | 127.0.0.1:56959 | tcp | |
| N/A | 127.0.0.1:56961 | tcp | |
| N/A | 127.0.0.1:56963 | tcp | |
| N/A | 127.0.0.1:56965 | tcp | |
| N/A | 127.0.0.1:56967 | tcp | |
| N/A | 127.0.0.1:56969 | tcp | |
| N/A | 127.0.0.1:56971 | tcp | |
| N/A | 127.0.0.1:56973 | tcp | |
| N/A | 127.0.0.1:56975 | tcp | |
| N/A | 127.0.0.1:56977 | tcp | |
| N/A | 127.0.0.1:56979 | tcp | |
| N/A | 127.0.0.1:56981 | tcp | |
| N/A | 127.0.0.1:56983 | tcp | |
| N/A | 127.0.0.1:56985 | tcp | |
| N/A | 127.0.0.1:56987 | tcp | |
| N/A | 127.0.0.1:56989 | tcp | |
| N/A | 127.0.0.1:56991 | tcp | |
| N/A | 127.0.0.1:56993 | tcp | |
| N/A | 127.0.0.1:56995 | tcp | |
| N/A | 127.0.0.1:56997 | tcp | |
| N/A | 127.0.0.1:56999 | tcp | |
| N/A | 127.0.0.1:57001 | tcp | |
| N/A | 127.0.0.1:57003 | tcp | |
| N/A | 127.0.0.1:57005 | tcp | |
| N/A | 127.0.0.1:57007 | tcp | |
| N/A | 127.0.0.1:57009 | tcp | |
| N/A | 127.0.0.1:57011 | tcp | |
| N/A | 127.0.0.1:57013 | tcp | |
| N/A | 127.0.0.1:57015 | tcp | |
| N/A | 127.0.0.1:57017 | tcp | |
| N/A | 127.0.0.1:57019 | tcp | |
| N/A | 127.0.0.1:57021 | tcp | |
| N/A | 127.0.0.1:57023 | tcp | |
| N/A | 127.0.0.1:57025 | tcp | |
| N/A | 127.0.0.1:57027 | tcp | |
| N/A | 127.0.0.1:57029 | tcp | |
| N/A | 127.0.0.1:57031 | tcp | |
| N/A | 127.0.0.1:57033 | tcp | |
| N/A | 127.0.0.1:57035 | tcp | |
| N/A | 127.0.0.1:57037 | tcp | |
| N/A | 127.0.0.1:57039 | tcp | |
| N/A | 127.0.0.1:57041 | tcp | |
| N/A | 127.0.0.1:57043 | tcp | |
| N/A | 127.0.0.1:57045 | tcp | |
| N/A | 127.0.0.1:57047 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57051 | tcp | |
| N/A | 127.0.0.1:57053 | tcp | |
| N/A | 127.0.0.1:57055 | tcp | |
| N/A | 127.0.0.1:57057 | tcp | |
| N/A | 127.0.0.1:57059 | tcp | |
| N/A | 127.0.0.1:57061 | tcp | |
| N/A | 127.0.0.1:57063 | tcp | |
| N/A | 127.0.0.1:57069 | tcp | |
| N/A | 127.0.0.1:57072 | tcp | |
| N/A | 127.0.0.1:57077 | tcp | |
| N/A | 127.0.0.1:57083 | tcp | |
| N/A | 127.0.0.1:57088 | tcp | |
| N/A | 127.0.0.1:57091 | tcp | |
| N/A | 127.0.0.1:57094 | tcp | |
| N/A | 127.0.0.1:57098 | tcp | |
| N/A | 127.0.0.1:57100 | tcp | |
| N/A | 127.0.0.1:57102 | tcp | |
| N/A | 127.0.0.1:57104 | tcp | |
| N/A | 127.0.0.1:57106 | tcp | |
| N/A | 127.0.0.1:57108 | tcp | |
| N/A | 127.0.0.1:57110 | tcp | |
| N/A | 127.0.0.1:57112 | tcp | |
| N/A | 127.0.0.1:57114 | tcp | |
| N/A | 127.0.0.1:57116 | tcp | |
| N/A | 127.0.0.1:57118 | tcp | |
| N/A | 127.0.0.1:57120 | tcp | |
| N/A | 127.0.0.1:57122 | tcp | |
| N/A | 127.0.0.1:57124 | tcp | |
| N/A | 127.0.0.1:57126 | tcp | |
| N/A | 127.0.0.1:57128 | tcp | |
| N/A | 127.0.0.1:57130 | tcp | |
| N/A | 127.0.0.1:57132 | tcp | |
| N/A | 127.0.0.1:57134 | tcp | |
| N/A | 127.0.0.1:57136 | tcp | |
| N/A | 127.0.0.1:57139 | tcp | |
| N/A | 127.0.0.1:57141 | tcp | |
| N/A | 127.0.0.1:57143 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57149 | tcp | |
| N/A | 127.0.0.1:57152 | tcp | |
| N/A | 127.0.0.1:57157 | tcp | |
| N/A | 127.0.0.1:57159 | tcp | |
| N/A | 127.0.0.1:57161 | tcp | |
| N/A | 127.0.0.1:57163 | tcp | |
| N/A | 127.0.0.1:57165 | tcp | |
| N/A | 127.0.0.1:57167 | tcp | |
| N/A | 127.0.0.1:57169 | tcp | |
| N/A | 127.0.0.1:57171 | tcp | |
| N/A | 127.0.0.1:57173 | tcp | |
| N/A | 127.0.0.1:57175 | tcp | |
| N/A | 127.0.0.1:57177 | tcp | |
| N/A | 127.0.0.1:57179 | tcp | |
| N/A | 127.0.0.1:57181 | tcp | |
| N/A | 127.0.0.1:57183 | tcp | |
| N/A | 127.0.0.1:57185 | tcp | |
| N/A | 127.0.0.1:57187 | tcp | |
| N/A | 127.0.0.1:57189 | tcp | |
| N/A | 127.0.0.1:57191 | tcp | |
| N/A | 127.0.0.1:57193 | tcp | |
| N/A | 127.0.0.1:57195 | tcp | |
| N/A | 127.0.0.1:57197 | tcp | |
| N/A | 127.0.0.1:57199 | tcp | |
| N/A | 127.0.0.1:57201 | tcp | |
| N/A | 127.0.0.1:57203 | tcp | |
| N/A | 127.0.0.1:57205 | tcp | |
| N/A | 127.0.0.1:57207 | tcp | |
| N/A | 127.0.0.1:57211 | tcp | |
| N/A | 127.0.0.1:57213 | tcp | |
| N/A | 127.0.0.1:57215 | tcp | |
| N/A | 127.0.0.1:57217 | tcp | |
| N/A | 127.0.0.1:57219 | tcp | |
| N/A | 127.0.0.1:57221 | tcp | |
| N/A | 127.0.0.1:57223 | tcp | |
| N/A | 127.0.0.1:57225 | tcp | |
| N/A | 127.0.0.1:57227 | tcp | |
| N/A | 127.0.0.1:57229 | tcp | |
| N/A | 127.0.0.1:57231 | tcp | |
| N/A | 127.0.0.1:57233 | tcp | |
| N/A | 127.0.0.1:57235 | tcp | |
| N/A | 127.0.0.1:57237 | tcp | |
| N/A | 127.0.0.1:57239 | tcp | |
| N/A | 127.0.0.1:57241 | tcp | |
| N/A | 127.0.0.1:57243 | tcp | |
| N/A | 127.0.0.1:57245 | tcp | |
| N/A | 127.0.0.1:57247 | tcp | |
| N/A | 127.0.0.1:57249 | tcp | |
| N/A | 127.0.0.1:57251 | tcp | |
| N/A | 127.0.0.1:57253 | tcp | |
| N/A | 127.0.0.1:57255 | tcp | |
| N/A | 127.0.0.1:57257 | tcp | |
| N/A | 127.0.0.1:57259 | tcp | |
| N/A | 127.0.0.1:57261 | tcp | |
| N/A | 127.0.0.1:57263 | tcp | |
| N/A | 127.0.0.1:57265 | tcp | |
| N/A | 127.0.0.1:57267 | tcp | |
| N/A | 127.0.0.1:57269 | tcp | |
| N/A | 127.0.0.1:57271 | tcp | |
| N/A | 127.0.0.1:57273 | tcp | |
| N/A | 127.0.0.1:57275 | tcp | |
| N/A | 127.0.0.1:57277 | tcp | |
| N/A | 127.0.0.1:57279 | tcp | |
| N/A | 127.0.0.1:57281 | tcp | |
| N/A | 127.0.0.1:57283 | tcp | |
| N/A | 127.0.0.1:57285 | tcp | |
| N/A | 127.0.0.1:57287 | tcp | |
| N/A | 127.0.0.1:57289 | tcp | |
| N/A | 127.0.0.1:57291 | tcp | |
| N/A | 127.0.0.1:57293 | tcp | |
| N/A | 127.0.0.1:57295 | tcp | |
| N/A | 127.0.0.1:57303 | tcp | |
| N/A | 127.0.0.1:57308 | tcp | |
| N/A | 127.0.0.1:57310 | tcp | |
| N/A | 127.0.0.1:57313 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57322 | tcp | |
| N/A | 127.0.0.1:57325 | tcp | |
| N/A | 127.0.0.1:57327 | tcp | |
| N/A | 127.0.0.1:57329 | tcp | |
| N/A | 127.0.0.1:57331 | tcp | |
| N/A | 127.0.0.1:57333 | tcp | |
| N/A | 127.0.0.1:57335 | tcp | |
| N/A | 127.0.0.1:57337 | tcp | |
| N/A | 127.0.0.1:57339 | tcp | |
| N/A | 127.0.0.1:57341 | tcp | |
| N/A | 127.0.0.1:57343 | tcp | |
| N/A | 127.0.0.1:57345 | tcp | |
| N/A | 127.0.0.1:57347 | tcp | |
| N/A | 127.0.0.1:57349 | tcp | |
| N/A | 127.0.0.1:57351 | tcp | |
| N/A | 127.0.0.1:57353 | tcp | |
| N/A | 127.0.0.1:57355 | tcp | |
| N/A | 127.0.0.1:57357 | tcp | |
| N/A | 127.0.0.1:57359 | tcp | |
| N/A | 127.0.0.1:57361 | tcp | |
| N/A | 127.0.0.1:57363 | tcp | |
| N/A | 127.0.0.1:57365 | tcp | |
| N/A | 127.0.0.1:57367 | tcp | |
| N/A | 127.0.0.1:57369 | tcp | |
| N/A | 127.0.0.1:57371 | tcp | |
| N/A | 127.0.0.1:57373 | tcp | |
| N/A | 127.0.0.1:57375 | tcp | |
| N/A | 127.0.0.1:57377 | tcp | |
| N/A | 127.0.0.1:57379 | tcp | |
| N/A | 127.0.0.1:57381 | tcp | |
| N/A | 127.0.0.1:57383 | tcp | |
| N/A | 127.0.0.1:57389 | tcp | |
| N/A | 127.0.0.1:57391 | tcp | |
| N/A | 127.0.0.1:57394 | tcp | |
| N/A | 127.0.0.1:57396 | tcp | |
| N/A | 127.0.0.1:57398 | tcp | |
| N/A | 127.0.0.1:57400 | tcp | |
| N/A | 127.0.0.1:57403 | tcp | |
| N/A | 127.0.0.1:57405 | tcp | |
| N/A | 127.0.0.1:57407 | tcp | |
| N/A | 127.0.0.1:57409 | tcp | |
| N/A | 127.0.0.1:57411 | tcp | |
| N/A | 127.0.0.1:57413 | tcp | |
| N/A | 127.0.0.1:57415 | tcp | |
| N/A | 127.0.0.1:57417 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57420 | tcp | |
| N/A | 127.0.0.1:57426 | tcp | |
| N/A | 127.0.0.1:57428 | tcp | |
| N/A | 127.0.0.1:57430 | tcp | |
| N/A | 127.0.0.1:57432 | tcp | |
| N/A | 127.0.0.1:57434 | tcp | |
| N/A | 127.0.0.1:57436 | tcp | |
| N/A | 127.0.0.1:57438 | tcp | |
| N/A | 127.0.0.1:57440 | tcp | |
| N/A | 127.0.0.1:57442 | tcp | |
| N/A | 127.0.0.1:57444 | tcp | |
| N/A | 127.0.0.1:57446 | tcp | |
| N/A | 127.0.0.1:57448 | tcp | |
| N/A | 127.0.0.1:57450 | tcp | |
| N/A | 127.0.0.1:57452 | tcp | |
| N/A | 127.0.0.1:57454 | tcp | |
| N/A | 127.0.0.1:57456 | tcp | |
| N/A | 127.0.0.1:57458 | tcp | |
| N/A | 127.0.0.1:57460 | tcp | |
| N/A | 127.0.0.1:57462 | tcp | |
| N/A | 127.0.0.1:57464 | tcp | |
| N/A | 127.0.0.1:57466 | tcp | |
| N/A | 127.0.0.1:57468 | tcp | |
| N/A | 127.0.0.1:57470 | tcp | |
| N/A | 127.0.0.1:57472 | tcp | |
| N/A | 127.0.0.1:57474 | tcp | |
| N/A | 127.0.0.1:57477 | tcp | |
| N/A | 127.0.0.1:57479 | tcp | |
| N/A | 127.0.0.1:57481 | tcp | |
| N/A | 127.0.0.1:57483 | tcp | |
| N/A | 127.0.0.1:57485 | tcp | |
| N/A | 127.0.0.1:57487 | tcp | |
| N/A | 127.0.0.1:57489 | tcp | |
| N/A | 127.0.0.1:57495 | tcp | |
| N/A | 127.0.0.1:57500 | tcp | |
| N/A | 127.0.0.1:57503 | tcp | |
| N/A | 127.0.0.1:57507 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57513 | tcp | |
| N/A | 127.0.0.1:57515 | tcp | |
| N/A | 127.0.0.1:57517 | tcp | |
| N/A | 127.0.0.1:57519 | tcp | |
| N/A | 127.0.0.1:57521 | tcp | |
| N/A | 127.0.0.1:57523 | tcp | |
| N/A | 127.0.0.1:57525 | tcp | |
| N/A | 127.0.0.1:57527 | tcp | |
| N/A | 127.0.0.1:57529 | tcp | |
| N/A | 127.0.0.1:57531 | tcp | |
| N/A | 127.0.0.1:57533 | tcp | |
| N/A | 127.0.0.1:57535 | tcp | |
| N/A | 127.0.0.1:57537 | tcp | |
| N/A | 127.0.0.1:57539 | tcp | |
| N/A | 127.0.0.1:57541 | tcp | |
| N/A | 127.0.0.1:57543 | tcp | |
| N/A | 127.0.0.1:57545 | tcp | |
| N/A | 127.0.0.1:57547 | tcp | |
| N/A | 127.0.0.1:57549 | tcp | |
| N/A | 127.0.0.1:57551 | tcp | |
| N/A | 127.0.0.1:57553 | tcp | |
| N/A | 127.0.0.1:57555 | tcp | |
| N/A | 127.0.0.1:57557 | tcp | |
| N/A | 127.0.0.1:57559 | tcp | |
| N/A | 127.0.0.1:57561 | tcp | |
| N/A | 127.0.0.1:57563 | tcp | |
| N/A | 127.0.0.1:57565 | tcp | |
| N/A | 127.0.0.1:57567 | tcp | |
| N/A | 127.0.0.1:57569 | tcp | |
| N/A | 127.0.0.1:57571 | tcp | |
| N/A | 127.0.0.1:57576 | tcp | |
| N/A | 127.0.0.1:57580 | tcp | |
| N/A | 127.0.0.1:57582 | tcp | |
| N/A | 127.0.0.1:57584 | tcp | |
| N/A | 127.0.0.1:57586 | tcp | |
| N/A | 127.0.0.1:57588 | tcp | |
| N/A | 127.0.0.1:57590 | tcp | |
| N/A | 127.0.0.1:57592 | tcp | |
| N/A | 127.0.0.1:57594 | tcp | |
| N/A | 127.0.0.1:57596 | tcp | |
| N/A | 127.0.0.1:57598 | tcp | |
| N/A | 127.0.0.1:57600 | tcp | |
| N/A | 127.0.0.1:57602 | tcp | |
| N/A | 127.0.0.1:57604 | tcp | |
| N/A | 127.0.0.1:57608 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57618 | tcp | |
| N/A | 127.0.0.1:57621 | tcp | |
| N/A | 127.0.0.1:57623 | tcp | |
| N/A | 127.0.0.1:57625 | tcp | |
| N/A | 127.0.0.1:57627 | tcp | |
| N/A | 127.0.0.1:57635 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57640 | tcp | |
| N/A | 127.0.0.1:31330 | tcp | |
| N/A | 127.0.0.1:57646 | tcp | |
| N/A | 127.0.0.1:57651 | tcp | |
| N/A | 127.0.0.1:57655 | tcp | |
| N/A | 127.0.0.1:57658 | tcp | |
| N/A | 127.0.0.1:57660 | tcp | |
| N/A | 127.0.0.1:57662 | tcp | |
| N/A | 127.0.0.1:57664 | tcp | |
| N/A | 127.0.0.1:57666 | tcp | |
| N/A | 127.0.0.1:57668 | tcp | |
| N/A | 127.0.0.1:57670 | tcp | |
| N/A | 127.0.0.1:57672 | tcp | |
| N/A | 127.0.0.1:57674 | tcp | |
| N/A | 127.0.0.1:57676 | tcp | |
| N/A | 127.0.0.1:57678 | tcp | |
| N/A | 127.0.0.1:57680 | tcp | |
| N/A | 127.0.0.1:57682 | tcp | |
| N/A | 127.0.0.1:57684 | tcp | |
| N/A | 127.0.0.1:57686 | tcp | |
| N/A | 127.0.0.1:57688 | tcp | |
| N/A | 127.0.0.1:57690 | tcp | |
| N/A | 127.0.0.1:57692 | tcp | |
| N/A | 127.0.0.1:57694 | tcp | |
| N/A | 127.0.0.1:57696 | tcp | |
| N/A | 127.0.0.1:57698 | tcp | |
| N/A | 127.0.0.1:57700 | tcp | |
| N/A | 127.0.0.1:57702 | tcp | |
| N/A | 127.0.0.1:57704 | tcp | |
| N/A | 127.0.0.1:57706 | tcp | |
| N/A | 127.0.0.1:57708 | tcp | |
| N/A | 127.0.0.1:57710 | tcp | |
| N/A | 127.0.0.1:57712 | tcp | |
| N/A | 127.0.0.1:57714 | tcp | |
| N/A | 127.0.0.1:57716 | tcp | |
| N/A | 127.0.0.1:57718 | tcp | |
| N/A | 127.0.0.1:57720 | tcp | |
| N/A | 127.0.0.1:57722 | tcp | |
| N/A | 127.0.0.1:57726 | tcp | |
| N/A | 127.0.0.1:57734 | tcp | |
| N/A | 127.0.0.1:57739 | tcp | |
| N/A | 127.0.0.1:57741 | tcp | |
| N/A | 127.0.0.1:57743 | tcp | |
| N/A | 127.0.0.1:57745 | tcp | |
| N/A | 127.0.0.1:57747 | tcp | |
| N/A | 127.0.0.1:57749 | tcp | |
| N/A | 127.0.0.1:57751 | tcp | |
| N/A | 127.0.0.1:57753 | tcp | |
| N/A | 127.0.0.1:57755 | tcp | |
| N/A | 127.0.0.1:57757 | tcp | |
| N/A | 127.0.0.1:57759 | tcp | |
| N/A | 127.0.0.1:57761 | tcp | |
| N/A | 127.0.0.1:57763 | tcp | |
| N/A | 127.0.0.1:57765 | tcp | |
| N/A | 127.0.0.1:57767 | tcp | |
| N/A | 127.0.0.1:57769 | tcp | |
| N/A | 127.0.0.1:57771 | tcp | |
| N/A | 127.0.0.1:57773 | tcp | |
| N/A | 127.0.0.1:57775 | tcp | |
| N/A | 127.0.0.1:57777 | tcp | |
| N/A | 127.0.0.1:57779 | tcp | |
| N/A | 127.0.0.1:57781 | tcp | |
| N/A | 127.0.0.1:57783 | tcp | |
| N/A | 127.0.0.1:57785 | tcp | |
| N/A | 127.0.0.1:57787 | tcp | |
| N/A | 127.0.0.1:57789 | tcp | |
| N/A | 127.0.0.1:57791 | tcp | |
| N/A | 127.0.0.1:57793 | tcp | |
| N/A | 127.0.0.1:57795 | tcp | |
| N/A | 127.0.0.1:57797 | tcp | |
| N/A | 127.0.0.1:57801 | tcp | |
| N/A | 127.0.0.1:57804 | tcp |
Files
memory/2432-1-0x0000000000670000-0x0000000000770000-memory.dmp
memory/2432-2-0x00000000005C0000-0x00000000005CB000-memory.dmp
memory/2432-3-0x0000000000400000-0x0000000000474000-memory.dmp
memory/3396-4-0x0000000000680000-0x0000000000696000-memory.dmp
memory/2432-5-0x0000000000400000-0x0000000000474000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\F4A1.exe
| MD5 | b6297922e4d7e05d1b009613d201883e |
| SHA1 | b6c739fd153f0078e115386bd0f87d784c1b5588 |
| SHA256 | 91a101f00488af2027b7fee5bfe9a14f290bcc401d183d352c9de40625af3700 |
| SHA512 | ab503a34d096ba5b6695505054e12ddf16ddd1407c1737d0fb5655b21947bab4de49e546b0ee1bbc9cdd581b8f32522ec720d27fa0fe9b79796ea0e3a6e3be79 |
memory/3496-15-0x0000000000FA0000-0x000000000144E000-memory.dmp
memory/3496-16-0x0000000077614000-0x0000000077615000-memory.dmp
memory/3496-17-0x0000000000FA0000-0x000000000144E000-memory.dmp
memory/3496-18-0x0000000004B60000-0x0000000004B61000-memory.dmp
memory/3496-19-0x0000000004B70000-0x0000000004B71000-memory.dmp
memory/3496-20-0x0000000004B50000-0x0000000004B51000-memory.dmp
memory/3496-21-0x0000000004B90000-0x0000000004B91000-memory.dmp
memory/3496-22-0x00000000014A0000-0x00000000014A1000-memory.dmp
memory/3496-23-0x0000000004B40000-0x0000000004B41000-memory.dmp
memory/3496-24-0x0000000004B80000-0x0000000004B81000-memory.dmp
memory/3496-26-0x0000000004BB0000-0x0000000004BB1000-memory.dmp
memory/3496-27-0x0000000004BA0000-0x0000000004BA1000-memory.dmp
memory/3496-32-0x0000000000FA0000-0x000000000144E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\D89.dll
| MD5 | b0fb18cfcac1983582e7fd67b2843ce8 |
| SHA1 | ca29cf7cee80be38c5d667d5e8c00e6ea11b3294 |
| SHA256 | 4132c2587cfe85b944d95835d8d0bf92a08a0f831ea26a45c826146048347f45 |
| SHA512 | 4d9e1b14ef1a8adc15d38846c0a4e1d762e76fd944c76621ef6ac3a8482d14e40cfd4d7a14853d7a99cca2a99aa438eba996e842f1172f5f9a8f34ba1d97daf9 |
memory/3888-37-0x0000000000C70000-0x0000000000C76000-memory.dmp
memory/3888-36-0x0000000010000000-0x00000000102CE000-memory.dmp
memory/4064-41-0x00000000000D0000-0x000000000057E000-memory.dmp
memory/4064-42-0x00000000000D0000-0x000000000057E000-memory.dmp
memory/4064-43-0x00000000053A0000-0x00000000053A1000-memory.dmp
memory/4064-44-0x00000000053B0000-0x00000000053B1000-memory.dmp
memory/4064-45-0x0000000005390000-0x0000000005391000-memory.dmp
memory/4064-46-0x00000000053D0000-0x00000000053D1000-memory.dmp
memory/4064-48-0x0000000005380000-0x0000000005381000-memory.dmp
memory/4064-47-0x0000000005370000-0x0000000005371000-memory.dmp
memory/4064-49-0x00000000053C0000-0x00000000053C1000-memory.dmp
memory/4064-50-0x00000000053F0000-0x00000000053F1000-memory.dmp
memory/4064-51-0x00000000053E0000-0x00000000053E1000-memory.dmp
memory/3888-52-0x0000000004D00000-0x0000000004E2B000-memory.dmp
memory/3888-53-0x0000000004E30000-0x0000000004F3F000-memory.dmp
memory/3888-56-0x0000000004E30000-0x0000000004F3F000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\3381.exe
| MD5 | 9c82326b794d66cc844997c637141141 |
| SHA1 | dca040d356ffaedbc2f3b4ac96f053bac89dc425 |
| SHA256 | 622e7db744a2f64e18840e5639355e3ffd56e869f1065ba4539e68ef9ae77827 |
| SHA512 | 22da3fbdf5aa3fbee58bcbf38c2703eba691ed37b370d67ed2ebfd42c6fa2a45f53c6ce1f41d800e820e1a2a5501c1780c43a54671818050fda4e96d15120ea2 |
C:\Users\Admin\AppData\Local\Temp\3381.exe
| MD5 | 6ae4ca1c7be2cf71b400e10cb7e4831f |
| SHA1 | ed78eeb987b9c38fd29cca778c4b4614004dea87 |
| SHA256 | 29288ba93ac38582c5a1248fa8115037e2983e3bc9bc2fd8816685fbbad79c8f |
| SHA512 | 1fb096cb9eacbe87fee3f6523d9a24346ba8fee7e16cd8e956fda3e4998a3407e1ff2c65e8d08f08aefa3c9954b514a06b4f88b6c8cdccc3e7f9e4965e5754e5 |
memory/3888-62-0x0000000010000000-0x00000000102CE000-memory.dmp
memory/4064-63-0x00000000000D0000-0x000000000057E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\3381.exe
| MD5 | 1537bc8951e9a634e77f9384fbdc34b7 |
| SHA1 | 29def1624e976094f10d249f754feb88dab86085 |
| SHA256 | 7fd01d51e4b359714597ca0456918dbb85243ad6ba76ed8636d6bf0ca2bb0085 |
| SHA512 | 066ff7649eae1b42a781c8a408598b5826cd0c311d3e94aa421f2a88ac9556b3e4c972cebbf93190dbb3a087265405a226aeb47f9a9a1f0cf6c4e5ae77db9efd |
memory/948-66-0x0000000002440000-0x00000000025F7000-memory.dmp
memory/216-69-0x0000000000400000-0x0000000000848000-memory.dmp
memory/216-65-0x0000000000400000-0x0000000000848000-memory.dmp
memory/216-70-0x0000000000400000-0x0000000000848000-memory.dmp
memory/948-64-0x0000000002280000-0x000000000243C000-memory.dmp
memory/216-71-0x0000000000400000-0x0000000000848000-memory.dmp
memory/216-72-0x0000000000400000-0x0000000000848000-memory.dmp
\Users\Admin\AppData\Local\Temp\D89.dll
| MD5 | 1060fd39dd59beb40e14fe0e4ace2e31 |
| SHA1 | 09e8919b412eabd289fde3bd96d58c78c9aa6d2c |
| SHA256 | d8583c18b114d9588f9a18521da329af544142dc7a590405f9c0169e412c3b32 |
| SHA512 | 8521abe5066426c3304a1dafd16c70c1bfeea360202d5a10c2c0ad394b4725314cbb8c4633d93a1e40d283226c8935d6b3e3ec972494082203d3da5856de942a |
memory/216-73-0x0000000000400000-0x0000000000848000-memory.dmp
memory/216-76-0x0000000002BC0000-0x0000000002BC6000-memory.dmp
C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll
| MD5 | 03eeff9b7a5e98e34a7763d55723f710 |
| SHA1 | a8b524e7b80e50b377c63d698875acef8fd1d452 |
| SHA256 | 23099085f75f48a51fd8e434ddaf27aaa01f3d88511f83cc129fc8cdcb9e99a8 |
| SHA512 | 23777a8f9294663a773ab840fc67f31abc874231e5cc47c59299a2b308afcadddad6411f2323ff3a9d8c1539e4cfacf95aebc857312211e7589daca40627a5d1 |
\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll
| MD5 | 110491d4525b395198eebbb782926211 |
| SHA1 | 7d4f6f749b249a9029aa186c02e825df3fb13e60 |
| SHA256 | 8b93023ae96aef0f40376b5299dbabe6bd41749c91a7a70abd685e87dead2ff4 |
| SHA512 | e25a8ee6544af321a9b0ca3dc462bd1b767371bbc25302fd9d5842fc701c7c720848b43958a6c09872bb03fdd4778f2118be51852dc6f73b2f720ddb4e6051fc |
C:\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll
| MD5 | a21ba51320e246460cd10fd9d940ca1f |
| SHA1 | 253437834f3537debd72664218c2bb077f07b3a8 |
| SHA256 | 85f872e7dc95829e4fb98c1932b1f704124ab476278e2c665978859236209a98 |
| SHA512 | 02cc643f962517da3694e2e523eb7a552b18fcad9865cafa64ac6de6af55cf14cacc75d35caca5539a0405a4ca23cde662c56fa990e5b7adf096355a788025bb |
\Users\Admin\AppData\Roaming\006700e5a2ab05\cred64.dll
| MD5 | 2b8a8ea6910f577975cb58798903be8f |
| SHA1 | 0e8323cdf239fa69b790b55086e7584c848942ca |
| SHA256 | b158173d358e706986eb127a3ea6df1592e5d9a2f1c58973fed10ce4984ca015 |
| SHA512 | fea0eae7b639c42117ba2ad54770bf43925ec4778cccfcf66ae1641616f7f5f25f8d94fe60b37049c96434653f08998ce596c57b3c24a2dc44f99555a745c214 |
memory/216-90-0x0000000002D20000-0x0000000002E4B000-memory.dmp
memory/216-91-0x0000000002E60000-0x0000000002F6F000-memory.dmp
memory/216-94-0x0000000002E60000-0x0000000002F6F000-memory.dmp
memory/4064-98-0x00000000000D0000-0x000000000057E000-memory.dmp
memory/4580-100-0x00007FFAC3ED0000-0x00007FFAC48BC000-memory.dmp
memory/4580-102-0x000001E424F10000-0x000001E424F20000-memory.dmp
memory/4580-105-0x000001E424F10000-0x000001E424F20000-memory.dmp
memory/4580-106-0x000001E425030000-0x000001E425052000-memory.dmp
C:\Users\Admin\AppData\Roaming\006700e5a2ab05\clip64.dll
| MD5 | 2afdbe3b99a4736083066a13e4b5d11a |
| SHA1 | 4d4856cf02b3123ac16e63d4a448cdbcb1633546 |
| SHA256 | 8d31b39170909595b518b1a03e9ec950540fabd545ed14817cac5c84b91599ee |
| SHA512 | d89b3c46854153e60e3fa825b394344eee33936d7dbf186af9d95c9adae54428609e3bf21a18d38fce3d96f3e0b8e4e0ed25cb5004fbe288de3aef3a85b1d93f |
memory/4580-109-0x000001E4250E0000-0x000001E425156000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_jaybhaij.abi.ps1
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
C:\Users\Admin\AppData\Local\Temp\77BE.exe
| MD5 | a335c41b723ddd04dd87e06e01ced896 |
| SHA1 | 457f31907867a9dcc6092cc8dba6792d35848025 |
| SHA256 | f9a872ab04dd12294d169510f5616ad204b08b2b89f3462ca175d648b6016ed0 |
| SHA512 | f4198f23c44b026a7311471b65951b26eae02935b73449b2c81283a575c43e3b2341f63f04351454f182cbf3866f0b21b8d13495e4dd24fbbb3354d4d536e0ae |
C:\Users\Admin\AppData\Local\Temp\77BE.exe
| MD5 | e297eac588f5af1f623da454f781ccf4 |
| SHA1 | bfeca77f7a04021f2a49d110311c526600419c9e |
| SHA256 | 1ec2d639bb4a44cfbddbfc77abbfc42b6e32076f45945d6713791d86d5067ab4 |
| SHA512 | c20ebd1f366c385ce3a58f043fb8e4a6b4d3e16d4019fca73a760b1add70567de27d7fcc2b0aa83a5496f01020304fd88c7afab09caaa70cc156eafc871e9100 |
memory/2836-133-0x0000000072130000-0x000000007281E000-memory.dmp
memory/2836-134-0x0000000000BB0000-0x000000000114E000-memory.dmp
memory/4064-136-0x00000000000D0000-0x000000000057E000-memory.dmp
memory/2836-137-0x0000000005FD0000-0x00000000064FC000-memory.dmp
memory/2836-140-0x0000000005AA0000-0x0000000005AC0000-memory.dmp
memory/2836-139-0x0000000005950000-0x0000000005960000-memory.dmp
memory/2836-135-0x0000000005A00000-0x0000000005A9C000-memory.dmp
memory/2836-143-0x0000000005BC0000-0x0000000005DFA000-memory.dmp
memory/4580-155-0x000001E424F10000-0x000001E424F20000-memory.dmp
memory/4064-154-0x00000000000D0000-0x000000000057E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\B555.exe
| MD5 | 96d67f280282e98728c0bcfab7c6ba66 |
| SHA1 | 4b04f5f1c56cc47b2807820b29f16726079d1954 |
| SHA256 | ffbfff539a7a75ca7079d9f91c8ddca14ae371b83360ab482bce3168bc2859e5 |
| SHA512 | dd3f240cc3947fde508283c8a111493c9e3e8850541ba2aad5612cc6dad9aafb4ff733050fc1742b4374fa9589d9119ec61b7309565949745f75e630e962ab25 |
C:\Users\Admin\AppData\Local\Temp\B555.exe
| MD5 | abd805e888636cf4f52a7d59b93c7d72 |
| SHA1 | dbfa9e552301570f0a3785e4c41a372550644286 |
| SHA256 | 5991dbefe05fba8882aa8c4053423ee0fc3fd458a632b10464725a62e67c7948 |
| SHA512 | 95cf4525b8d391670c8a6beb77f3002a91844208d992f88d2dece1f774699a23d2e5ae3b9a3293356e238eb3be05595b9c95f3c38b013733b0bab1a0cf74c80b |
memory/4064-161-0x00000000000D0000-0x000000000057E000-memory.dmp
memory/2752-166-0x0000000000D60000-0x0000000001A41000-memory.dmp
memory/2752-176-0x0000000000890000-0x0000000000891000-memory.dmp
memory/2752-178-0x00000000008A0000-0x00000000008A1000-memory.dmp
memory/3940-179-0x0000000001BF0000-0x0000000001CF0000-memory.dmp
memory/2752-180-0x00000000008B0000-0x00000000008B1000-memory.dmp
memory/3940-182-0x0000000003590000-0x00000000035FB000-memory.dmp
memory/2752-184-0x0000000000960000-0x0000000000961000-memory.dmp
memory/3940-181-0x0000000000400000-0x0000000001A77000-memory.dmp
memory/2752-183-0x0000000000950000-0x0000000000951000-memory.dmp
memory/2752-177-0x0000000000D60000-0x0000000001A41000-memory.dmp
memory/2752-185-0x0000000000970000-0x0000000000971000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\BE7E.exe
| MD5 | f1476375aad02d3b026e065d8c0a6030 |
| SHA1 | fb361b96971e0d481634cb43728ccc72deebeda6 |
| SHA256 | f0ecef7cc77d8d1195981cc513c27b5d1a8fba7ada6b0af5f503fa725cc87d56 |
| SHA512 | 5c5b9ae530fe081ffcfac546c47e6a9d9444b30c9e6c368b6a33ba3c8accb3283139a2bdff4d688eaed94f28ba9bf2d5165e3388821c6af794d956b21d51eb20 |
C:\Users\Admin\AppData\Local\Temp\BE7E.exe
| MD5 | 7b1154cc17b815fb519594bb08b774b1 |
| SHA1 | b46ba90dccbab308e94bb65dc84bdc19e2d31e11 |
| SHA256 | 40bcd0f2dff5d0f3b57de6484c334417823157012199f26f014850c18ff89c46 |
| SHA512 | e8722970938c8a237c139c70cb5238485b9ff89f06b31dacf92b81c28e13b9b2ac3da8351c64eb300ea10c35cfcf0304b37208319d025fd661aa66121fafa24b |
memory/2752-187-0x0000000000400000-0x0000000001A77000-memory.dmp
memory/2752-190-0x0000000000400000-0x0000000001A77000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\C6EB.exe
| MD5 | d496d8d95417d98a79e218be42992eb4 |
| SHA1 | ae65fb606a91608c95e591a2ade4bdd423c00be0 |
| SHA256 | 4be754f9d4366145c81740a503bc785f1cc6c9ada4d99425160c7c4726dcb868 |
| SHA512 | 4bb5b116bfb7ab1ca5cfcff1a4e32ff27fdb64317fbbced2cf5fbab8136d9502b44bd30dd8a3db443bc5738217ed23f91f67d70850af2410730443882e68429f |
memory/2260-194-0x0000000000480000-0x00000000006D2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\C6EB.exe
| MD5 | f27aaaf8abd82370a0812bd6d3e83fe5 |
| SHA1 | 8439ef9ee532b7603168ec6f53a2c7ea566134c4 |
| SHA256 | d39b949778354bb07d73db1b82c7d6c91adf6f3e5f76ce168e2906d6b9fc8e8b |
| SHA512 | 252b8f78827d284acbfc4a37c58babf0479d078fb534ec9a9373bf4faa3b30864d5161aae03b884fe74b6400b404c56906bb8f7b25899dcbfff0cdcf38b7b9f8 |
memory/2752-192-0x0000000000400000-0x0000000001A77000-memory.dmp
memory/2752-196-0x0000000000400000-0x0000000001A77000-memory.dmp
memory/2752-197-0x0000000000400000-0x0000000001A77000-memory.dmp
memory/2752-198-0x0000000000400000-0x0000000001A77000-memory.dmp
memory/2260-201-0x0000000072130000-0x000000007281E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\CE4F.exe
| MD5 | 3d575663fc8da3ae70492d6617bb3d04 |
| SHA1 | d34ce14a6d170b3f2b690ac7a2030a8b7d7d10a6 |
| SHA256 | 8bfaa1a88018b1815734b045c1fe78486bca95b57ca1d6c38fee3ecb340739ae |
| SHA512 | 76ded99466d32f6fe965b3c80b28ac5d9a9de21b7676a6aeed5573dc47f54637777269dd87032a07e470866017e3fdbc3db3a7f43defad5f7c9714a520a07469 |
C:\Users\Admin\AppData\Local\Temp\CE4F.exe
| MD5 | 8d67b37df06bed7bcf517b0245a2b1ea |
| SHA1 | df18ff0111f73d3686e3f3f45367abeca3536f1f |
| SHA256 | d0516a386af7422a7eda8662e18777a78d0848ba527880b56d8b08638abbd8ca |
| SHA512 | f0dfa57b41e7d151ccddc8def0f74a7e8099bd1ae9f73a8c80c2ec873e6ab229890251bf35bdd4f5535b84ba9b732c73ff8ca1e114bc2e721984181eff16b711 |
C:\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe
| MD5 | eaf2d1a50c7ffcc819b7aad942a30925 |
| SHA1 | 93496ec96508cb2408b8710fe59a210071704236 |
| SHA256 | 84df7a65d38cff9da6d33ef603a73dbebd4c8f16dd81f48d2ea99e00e0a7afc4 |
| SHA512 | 232351f3233ddf541cf1c3cc9ef847de251c06b34b09e84e2983d7afc7d8749320a45204da77855a0a8fc2261c91b8d34be5e6ce02b842374c40bcaf0bfedf45 |
C:\Users\Admin\AppData\Local\Temp\InstallSetup_four.exe
| MD5 | 09ccfa4309ccbea2020715900d33f12c |
| SHA1 | 5f58e585a9eb92ab453c59e405866b8b5fafcce3 |
| SHA256 | 18856d026d50d828af04a36bf42967ca9aba89ee9bf9b3140c7d40f13b5d7517 |
| SHA512 | 0fd556f954a5136f2fd933053a8b1ac5cd5e5a0b0174a00529d552262993c166af1bf0ee80de9d56e1605fa34bc77b87641af27ff731ff5e21452daed76a7933 |
memory/4580-208-0x00007FFAC3ED0000-0x00007FFAC48BC000-memory.dmp
memory/1348-206-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\april.exe
| MD5 | 1e894d416c7b7f67a2e352698183285f |
| SHA1 | 3d222daf7fe4a3d090b126a0cd174387bb7939ae |
| SHA256 | c38f1f94f2836d80f04d18aea6dd83ef11eb3d91b9f599e61ecd0eb2f17c0207 |
| SHA512 | 529cd884892b26b7f42a5367d8f6ff41cfe4684a7c63d12c889ed5e737bfa78d73ce4f51a9f133efc72f6434c66d681d085c40b3ed500df68d7fe2dd80b60931 |
memory/4580-225-0x000001E424F10000-0x000001E424F20000-memory.dmp
memory/2260-224-0x0000000072130000-0x000000007281E000-memory.dmp
memory/4580-221-0x000001E424F10000-0x000001E424F20000-memory.dmp
memory/5076-227-0x0000000000400000-0x0000000000414000-memory.dmp
memory/5076-219-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-E7JB1.tmp\CE4F.tmp
| MD5 | 5b9c13d0dbe645d0d52b649d97f1ea19 |
| SHA1 | e95a97a3dcc308a975d8de24638f58a9cd298dba |
| SHA256 | 65c5872476be2fa27894249189b4f013d94cc5602528ceb88ecd74f91130329d |
| SHA512 | 4e7e20b4a7369adc0b2f6751bf380c5aa869cddadeb6505773e8b5086cefe38707a5a145240cf88078fe419e355ba103da06227ac4e26d0c90cbd22d74c54afb |
C:\Users\Admin\AppData\Local\Temp\is-E7JB1.tmp\CE4F.tmp
| MD5 | dc0fe66bd72edeb9688cdd5cdd26d0aa |
| SHA1 | ed34a2e54e0f39860170fd929bd544e9c0727be6 |
| SHA256 | d82f372dd0b9f699504cbbe370b7e7d6df55de0155fdcb6687e8e04ce889c36a |
| SHA512 | 5810097c1a29410547d6b406cbe75188e4443b0b2c36709ff1577b8b9527323012829f0dc584347688adc49230a06d2bebf7eb9d1c7f5522bf521a7f07b22314 |
C:\Users\Admin\AppData\Local\Temp\is-3E88D.tmp\april.tmp
| MD5 | d86ec70b2e4a0f4b4d94f22bd1e39d15 |
| SHA1 | 692b19bec468d04bda14c50abd7a3f9f41383c2c |
| SHA256 | 7c80e078079000c28fb44dfc0c5ab5f0efb0658dd08bbf51bd6abb0bf9a69b87 |
| SHA512 | 3dd0a5b8714fad00554460d9628971aa1fd6f9450c6f18cb41ec7ae428801a4c0c2305839d91126f0a439d2ff239bf89fa14589fd1714dd51c8905323cde38e4 |
C:\Users\Admin\AppData\Local\Temp\april.exe
| MD5 | 8403dd5bdb3f77f365baa6f3f7735f1d |
| SHA1 | 778a01c51611da5329485e0b24a9130f50401ad2 |
| SHA256 | 9c5b3501400e87715d53ae4ecd69aa9c8fb9a790e049771bbb676c3451a5bc7f |
| SHA512 | 9da213a6f56b0697f02216d409d5c37178bbc82b9f886901f4c19c421bd8f5b9ba4c26b5e0826b2e5f81422f7693d390f673e40fa37200d4fcb63cc19d89a5e5 |
C:\Users\Admin\AppData\Local\Temp\is-3E88D.tmp\april.tmp
| MD5 | beba3a95a8a89b5b7b8b17d634ccb91c |
| SHA1 | 9d3c0a54787fe70d9e3f79663829c10d0a5620ca |
| SHA256 | e1db568f7c6018c246907bed9ace57b9f5840d58591af591499e788556424f06 |
| SHA512 | bf60c43403cbbab9838df5e7743ca767b5a40d2a35e0db86c9ff1d07c3f3ce9a51ae83ef33890d2a1a5beb4b4cd781346fcb689d164b0fe57361bdae76220093 |
memory/1348-216-0x0000000000400000-0x0000000000414000-memory.dmp
\Users\Admin\AppData\Local\Temp\is-I6U4A.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
memory/2836-259-0x0000000072130000-0x000000007281E000-memory.dmp
C:\Users\Admin\AppData\Local\Text Ultra Edit\is-I60B6.tmp
| MD5 | df2c5006cbe65133a6d64269213acb0a |
| SHA1 | 56c4917ec197a70665c298955b1761026f9dd526 |
| SHA256 | 00a418611975b98fe0460cf707cbca1b9c9831941fa81e6ba167f72fa9da7ee4 |
| SHA512 | fe92e6727eaf8426016e952a81573ad675d14b1820ddd28194169f973e860c6ddfa8a2b26459b23caf404106d4c58a565a5aeec562bbf3b32c616ff819bdfa20 |
memory/4064-250-0x00000000000D0000-0x000000000057E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-I6U49.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
memory/3940-278-0x0000000000400000-0x0000000001A77000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\E94A.exe
| MD5 | d1c85ae1427ba62efb3aa3408c2632e7 |
| SHA1 | a820c794e1fd690d7eba288dc8c4438217b9fca2 |
| SHA256 | 494b69f2db4fa7c42eb1a9f45c315519e4102c7eaa8e4f3ad8937a98d8779caa |
| SHA512 | 8e53140ee69f10756074b62532a4b95f1f29396aa823106847b1ec2903d2304cdbf2770d927377d8c0638d18bbf0c2dae5ba0aa57bc0f6dbf375224fc05c0663 |
C:\Users\Admin\AppData\Local\Temp\E94A.exe
| MD5 | d1ebeb602598d1978a67b6b49b8aeb18 |
| SHA1 | b6f7c55f4eee7ce1b3b940d5a0c16f24ab9fdfe7 |
| SHA256 | f3593a11977bdefc5b074f4b7c2ad376008607bc8030839f74720b094ecfc04b |
| SHA512 | 89b804e9fce6b33e3598e456f216e3c9c56666e20904c399a7b46a6b48f7fe0309bc41ae0510d7a68a6859c59ddf06cf457e214de5ef3d4c5d918f7a7f7b74b2 |
C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe
| MD5 | 3a15a9e69a1eb9cb66e956385a849fe7 |
| SHA1 | 99c918c4cf0b0f2e2e89bdad0995f96dc4e3a4ce |
| SHA256 | f7054f9a8a15807f8682a8c1d8bba6721d3c3e865c1b39cac2c8b53faf5cc342 |
| SHA512 | 085d4e94f7de745014ff34ce7a8629fff74cc86d647eea1a964cafdb7777328212874f63bd0ac4ec114b541a8de8e64f72d7c84bc71201b2c01647c82ea67ff5 |
memory/304-297-0x0000000001150000-0x00000000015FE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\u1l0.0.exe
| MD5 | eae8f1cff410a54725527cd0e759ce41 |
| SHA1 | 9537e90abd8c6da642f8c26b56fe35997add10f3 |
| SHA256 | 415a23efec7414a0d75d07b7f57f4af8a3c92deafd35e61226b1efa12cf22f94 |
| SHA512 | 2d735aac10c0638fc903aa073f12fa5346e1283c8463aa91371967c63047fac15deec8b4bf0f425eb63a9e1e75f6e7116e490c4677797551395b91e95167e5cc |
\Users\Admin\AppData\Local\Temp\Protect544cd51a.dll
| MD5 | 5608ccac23b730a4d1cbae136484e301 |
| SHA1 | 2305a947641782f4c51518a98ad838667fdec684 |
| SHA256 | fa7afc25b53b09a91583f5c8131498c32cbd2d1d2a7523ee9bc9ea57518e4ff1 |
| SHA512 | 91989352a968be34d5951cbb77ada58b5b8b458a18131a7bd39a2f8740c650099dbeb8ae7ee5ed1d42a09ca2cc829955521ae8d15fb7db4ccf5b831ab0e09f7a |
memory/4860-311-0x0000000000400000-0x0000000000448000-memory.dmp
memory/1348-312-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\u1l0.1.exe
| MD5 | 333cac6bc88d2fa02da0c960022daacd |
| SHA1 | 21669d401b94b3ae221cae30954c5a52941bcd8c |
| SHA256 | 1729bf35f2631d38186d3abdb8be65bcd90610e0dd35bde8c2f25ce18da66ee2 |
| SHA512 | ea4305d2cac81346e5055be946359ad761b0329e3c6e29cf7145dedbfc4d1d885f5a8de5cc61bd274dd7b1365d73a7c1c574b6927ac2020acf263e95c485a3e6 |
C:\Users\Admin\AppData\Local\Temp\FD8E.exe
| MD5 | 5edc27f4fb945833e627a554407746a1 |
| SHA1 | ce0f744e2a827d7ba428562f7fd4932e6f144cbc |
| SHA256 | 608f8c358e578d87c5668673eff699f5bceb5a9fff9a9b51a0da6b1be51b1466 |
| SHA512 | 4deea18efe3c586f7a7ceb240819b88fc17ea3ad1bef238eec9c7d4d2ab50e3b4040cf4cf544fd82e0607da41b83fde156205904faf5a3b329df461fcbbc3c50 |
C:\Users\Admin\AppData\Local\Temp\FD8E.exe
| MD5 | 60ef8fcca4f9da8cf89bb962773fc3f8 |
| SHA1 | 71ed24e6683ee16e9914e00c06e53584ee7d1a4d |
| SHA256 | e8b687535c0f3496609f5c2d8126865dcc8f260dc4cd52c8eb1f408e1eef5b87 |
| SHA512 | ffb400bc1419650c8fc73c9ae87e74309468274899254bc2908a144b7031c8d99ebd48cff9075d988aa5598b0b07d114726e8d21b39cfaf3a6cd05c104c33482 |
C:\Users\Admin\AppData\Roaming\Temp\Task.bat
| MD5 | 11bb3db51f701d4e42d3287f71a6a43e |
| SHA1 | 63a4ee82223be6a62d04bdfe40ef8ba91ae49a86 |
| SHA256 | 6be22058abfb22b40a42fb003f86b89e204a83024c03eb82cd53e2a0a047c331 |
| SHA512 | 907ad2c070cc1db89f43459a94d7f48985d939d749c9648b78572a266f0d3fde47813a129e9151dbf4a7d96d36f588172f57c88b8b947b56ed818d7d068abab2 |
\ProgramData\nss3.dll
| MD5 | 851d94fa37a2937beb3f401f4cc192df |
| SHA1 | b701e94ab2f4d1fe948688a9e0adef6da200e113 |
| SHA256 | c1f3e1cf97a8bf4fb1ab7020b33921b7ab969ef681e2245e1cddf20180102466 |
| SHA512 | 80e5bfbe79b440a2a8613c38fde8278d4feb9b0e1af576f2956fdcf8ffca0bfb96542acee5f1b20f8fe14d5613b74098c75845501dc370f024bfade1a14f825f |
C:\ProgramData\mozglue.dll
| MD5 | c8fd9be83bc728cc04beffafc2907fe9 |
| SHA1 | 95ab9f701e0024cedfbd312bcfe4e726744c4f2e |
| SHA256 | ba06a6ee0b15f5be5c4e67782eec8b521e36c107a329093ec400fe0404eb196a |
| SHA512 | fbb446f4a27ef510e616caad52945d6c9cc1fd063812c41947e579ec2b54df57c6dc46237ded80fca5847f38cbe1747a6c66a13e2c8c19c664a72be35eb8b040 |
C:\ProgramData\Are.docx
| MD5 | a33e5b189842c5867f46566bdbf7a095 |
| SHA1 | e1c06359f6a76da90d19e8fd95e79c832edb3196 |
| SHA256 | 5abf8e3d1f78de7b09d7f6fb87f9e80e60caacf13ef3c1289665653dacd7c454 |
| SHA512 | f2ad3812ec9b915e9618539b0f103f2e9acaad25fbbacd84941c954ce070af231324e83a4621e951c1dbae8d40d50410954e40dd52bbd46e34c54b0d1957407b |
C:\Users\Admin\AppData\Local\Temp\GCGHJEBGHJ.exe
| MD5 | 42b838cf8bdf67400525e128d917f6e0 |
| SHA1 | a578f6faec738912dba8c41e7abe1502c46d0cae |
| SHA256 | 0e4ffba62ce9a464aa1b7ff9f1e55ace8f51ff1e15102d856f801a81f8b4607d |
| SHA512 | f64b39d885375251ab7db72c57dc5b5095f0c6412169f1035d1f6a25b8415a2a01004d06bfa0267cf683ef7dea7a9f969ad43fde5a4376f1fcb65a57403433c0 |
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus.tmp
| MD5 | 0e82665af2b5fb32d0f44731689e4242 |
| SHA1 | 3598cb67ba0ec0def68deb9306ac803390909c00 |
| SHA256 | 6a8815b2dd74277d3c4cce7d277226602e381c73710c4bd37f071a602c2997e9 |
| SHA512 | 73ed8ed727bc6cb779012380a9c24ccf964b2d6889b88badafd6c4adffb8a08bb96d94948294a581e14be4eb33b8139880beedd6381cf589a98a75f2853a635a |
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdescs.new
| MD5 | 2b0c509517d70082aa8a8eb58e47dfab |
| SHA1 | 635e112f4ece4c2dbe0f974facac4e0e7f6ba87a |
| SHA256 | 2d26939ea83bf1e0a2b0e4519c3c86b3ee804838c3800d46d44a719b581893d3 |
| SHA512 | c6919a0db28e1197818dbd4768cb02dc1f36103141611e5f38eb5bb9529cf1696629fa97aa6899eac06dd3328bab577480a8ab05ce2806e800972058f08a985b |
C:\Users\Admin\AppData\Roaming\iwrgrss
| MD5 | dc17113b669a922924a7d74b6b3b6814 |
| SHA1 | d6c02f934a413443d69a4875aa66e0367fb67682 |
| SHA256 | 4795d38884a4d7b44ce88a49ce66668b20d2c739164a7d8022660984787049cc |
| SHA512 | 6a3090dd28dfc9ae685c0eaeb9cf5b06c259de6ed2b3d3ce43226696be1911bbbad6586ec2fbf42e39649459f3d3e608e845405093283a0865ffb2a8c0d53f14 |
C:\Users\Admin\AppData\Roaming\iwrgrss
| MD5 | 5b0cd690c67324baae906735b3441103 |
| SHA1 | 88e458a022d016d6d6b6552d0a417a02a96fd339 |
| SHA256 | 831a1e074b3485d33bcfd15e331989bb03c54def483b7b102f6fbbd7680ba05d |
| SHA512 | 2b1588023c71efc0fe7121d45cb2b62a566c65a7dc32b18bfde5844d2c33eb48c263e394046736498c2a78d28189928564301b87b7e9c0ae9f194cdffaf26ecd |