StartTime Dur Proto SrcAddr Sport Dir DstAddr Dport State sTos dTos TotPkts TotBytes Label 1970/01/01 01:00:00.000000 0.000000 llc 00:00:00:00:00:00 0 -> 00:00:00:00:00:00 0 INT 1 60 flow=Background 1970/01/01 01:00:10.317322 3.004809 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 01:00:10.547406 3.130323 arp 10.0.2.19 who 10.0.2.2 CON 6 252 flow=Background-ARP 1970/01/01 01:00:10.678199 1.992911 arp 0.0.0.0 who 10.0.2.19 INT 3 126 flow=Background-ARP 1970/01/01 01:00:10.678286 0.000000 ipv6-icmp :: 135 -> ff02::1:ffce:e387 0 NNS 0 1 78 flow=Background 1970/01/01 01:00:10.678323 3.995420 ipv6-icmp fe80::d5e6:502a:54ce:e387 133 -> ff02::2 0 NRS 0 2 140 flow=Background 1970/01/01 01:00:10.678370 0.500455 ipv6-icmp fe80::d5e6:502a:54ce:e387 143 -> ff02::16 0 UNK 0 2 180 flow=Background 1970/01/01 01:00:16.810265 4.002161 udp 10.0.2.19 53951 -> 8.8.8.8 53 INT 0 2 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:00:17.327712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:00:17.808804 3.003824 udp 10.0.2.19 53951 -> 8.8.4.4 53 INT 0 3 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:00:18.679102 0.000000 ipv6-icmp fe80::d5e6:502a:54ce:e387 133 -> ff02::2 0 NRS 0 1 70 flow=Background 1970/01/01 01:00:24.818486 0.000000 udp 10.0.2.19 53951 -> 8.8.8.8 53 REQ 0 1 76 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:00:24.818594 0.000000 udp 10.0.2.19 53951 -> 8.8.4.4 53 REQ 0 1 76 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:00:25.329241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:00:41.331806 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:01:13.338493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:02:11.413316 0.000152 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:02:11.413636 0.000000 udp 10.0.2.19 63633 -> 8.8.8.8 53 INT 0 1 76 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:02:11.491213 0.000214 arp 10.0.2.2 who 10.0.2.19 CON 2 84 flow=Background-ARP 1970/01/01 01:02:12.413084 0.078990 udp 10.0.2.19 63633 <-> 8.8.4.4 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:12.701895 0.845478 tcp 10.0.2.19 49158 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:18.694691 0.077628 udp 10.0.2.19 61897 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:18.772720 0.717507 tcp 10.0.2.19 49159 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:24.491792 0.077164 udp 10.0.2.19 61372 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:24.569360 0.746270 tcp 10.0.2.19 49160 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:30.323190 0.078156 udp 10.0.2.19 60060 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:30.401798 0.758449 tcp 10.0.2.19 49161 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:36.168053 0.081916 udp 10.0.2.19 55070 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:36.250548 0.767209 tcp 10.0.2.19 49162 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:42.026961 0.077979 udp 10.0.2.19 63229 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:42.105412 0.739971 tcp 10.0.2.19 49163 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:47.857442 0.076776 udp 10.0.2.19 53112 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:47.934643 0.758006 tcp 10.0.2.19 49164 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:53.694965 0.076431 udp 10.0.2.19 53325 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:53.771861 0.782193 tcp 10.0.2.19 49165 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:02:59.562338 0.076880 udp 10.0.2.19 51711 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:02:59.639668 0.735885 tcp 10.0.2.19 49166 -> 69.65.34.100 80 FSPA* 0 0 13 3473 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:05.383186 0.076868 udp 10.0.2.19 61667 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:03:05.460464 0.714754 tcp 10.0.2.19 49167 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:11.178705 0.076543 udp 10.0.2.19 59190 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/01 01:03:11.255687 0.732309 tcp 10.0.2.19 49168 -> 69.65.34.100 80 FSPA* 0 0 14 3527 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:11.991802 0.079140 udp 10.0.2.19 64521 <-> 8.8.8.8 53 CON 0 0 2 194 flow=From-Botnet-V2-DNS 1970/01/01 01:03:12.071422 1.227946 tcp 10.0.2.19 49169 -> 64.94.100.116 80 FSPA* 0 0 12 1441 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:13.300728 0.078193 udp 10.0.2.19 55228 <-> 8.8.8.8 53 CON 0 0 2 230 flow=From-Botnet-V2-DNS 1970/01/01 01:03:13.379359 1.843008 tcp 10.0.2.19 49170 -> 81.169.145.69 80 FSPA* 0 0 398 325727 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:15.461613 0.078273 udp 10.0.2.19 50193 <-> 8.8.8.8 53 CON 0 0 2 166 flow=From-Botnet-V2-DNS 1970/01/01 01:03:15.540394 0.436930 tcp 10.0.2.19 49171 -> 194.8.30.40 80 FSPA* 0 0 17 5730 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:15.978770 0.076687 udp 10.0.2.19 52672 <-> 8.8.8.8 53 CON 0 0 2 164 flow=From-Botnet-V2-DNS 1970/01/01 01:03:16.055893 0.291683 tcp 10.0.2.19 49172 -> 46.4.94.138 80 FSPA* 0 0 10 1379 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:16.349015 0.076603 udp 10.0.2.19 64009 <-> 8.8.8.8 53 CON 0 0 2 172 flow=From-Botnet-V2-DNS 1970/01/01 01:03:16.426277 0.253669 tcp 10.0.2.19 49173 -> 176.9.66.5 80 FSPA* 0 0 10 1686 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:16.680756 0.077295 udp 10.0.2.19 61472 <-> 8.8.8.8 53 CON 0 0 2 174 flow=From-Botnet-V2-DNS 1970/01/01 01:03:16.758369 0.206826 tcp 10.0.2.19 49174 -> 109.234.161.32 80 FSPA* 0 0 10 1377 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:03:42.533943 0.000000 udp 10.0.2.19 1701 -> 151.45.57.220 1244 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:03:50.654433 0.745685 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 8 3106 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:51.253172 3.006359 tcp 10.0.2.19 49175 -> 189.242.78.118 8614 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:03:51.666187 0.529868 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 8 3104 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:52.427728 0.454725 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 8 3090 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:52.948620 0.488278 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 8 3031 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:53.474734 0.663117 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 8 3051 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:54.443832 0.278349 udp 10.0.2.19 1701 <-> 109.231.62.73 7908 CON 0 0 8 2981 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:55.170735 0.000127 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:03:55.351572 0.828811 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 8 2940 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:56.690661 0.692343 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 8 3151 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:57.758886 0.836087 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 8 3161 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:58.972111 0.751464 udp 10.0.2.19 1701 <-> 200.91.49.183 7399 CON 0 0 8 3241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:03:59.951969 0.508524 udp 10.0.2.19 1701 <-> 109.193.194.29 7057 CON 0 0 8 3191 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:00.257748 0.000000 tcp 10.0.2.19 49175 -> 189.242.78.118 8614 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:00.505462 0.512292 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 4 1179 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:01.074416 0.218867 udp 10.0.2.19 1701 <-> 178.223.239.27 20246 CON 0 0 4 1219 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:01.377556 0.498817 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 4 1056 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:01.919292 0.273559 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 4 996 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:02.264403 0.350866 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 4 1196 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:02.644072 1.415015 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 4 1207 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:04.136655 0.477583 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 4 1188 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:04.705320 0.000000 udp 10.0.2.19 1701 -> 114.22.228.63 4513 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:11.865255 0.000000 udp 10.0.2.19 1701 -> 79.122.62.185 6833 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:20.768054 0.000000 udp 10.0.2.19 1701 -> 82.211.141.181 4826 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:26.636493 3.003690 tcp 10.0.2.19 49176 -> 151.45.9.200 2349 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:28.899314 0.304889 udp 10.0.2.19 1701 <-> 79.154.42.157 11925 CON 0 0 4 1247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:29.206444 2.997446 tcp 10.0.2.19 49177 -> 79.154.42.157 6187 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:29.644607 0.228460 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 4 1290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:29.959364 0.733909 udp 10.0.2.19 1701 <-> 177.68.90.31 4311 CON 0 0 4 1237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:30.871888 0.000000 udp 10.0.2.19 1701 -> 75.55.197.94 7275 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:31.172534 0.000125 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:04:35.638795 0.000000 tcp 10.0.2.19 49176 -> 151.45.9.200 2349 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:36.019804 0.000000 udp 10.0.2.19 1701 -> 178.94.67.10 9113 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:38.202980 0.000000 tcp 10.0.2.19 49177 -> 79.154.42.157 6187 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:42.179447 0.083383 udp 10.0.2.19 54631 <-> 8.8.8.8 53 CON 0 0 2 244 flow=From-Botnet-V2-DNS 1970/01/01 01:04:42.264628 0.260542 tcp 10.0.2.19 49178 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:04:42.564536 0.083792 udp 10.0.2.19 50316 <-> 8.8.8.8 53 CON 0 0 2 162 flow=From-Botnet-V2-DNS 1970/01/01 01:04:42.572259 0.096837 udp fe80::d5e6:502a:54ce:e387 55240 -> ff02::1:3 5355 INT 0 2 168 flow=Background 1970/01/01 01:04:42.572416 0.096992 udp 10.0.2.19 53608 -> 224.0.0.252 5355 INT 0 2 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:42.572454 0.096954 icmp 10.0.2.2 0x000b -> 10.0.2.19 0x0000 TXD 192 2 184 flow=Background 1970/01/01 01:04:42.648881 0.589949 tcp 10.0.2.19 49179 -> 173.194.70.94 80 SRPA* 0 0 85 75886 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:04:42.869295 1.502593 udp 10.0.2.19 137 -> 10.0.2.255 137 INT 0 3 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:43.170346 0.000000 udp 10.0.2.19 1701 -> 181.55.255.231 27621 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:43.874056 3.001349 tcp 10.0.2.19 49180 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:51.051640 0.000000 udp 10.0.2.19 1701 -> 190.165.6.146 9125 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:04:52.874257 0.000000 tcp 10.0.2.19 49180 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:58.884801 0.172788 tcp 10.0.2.19 49181 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:04:59.032588 0.496311 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 4 1187 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:04:59.057499 0.203580 tcp 10.0.2.19 49182 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:04:59.504196 1.038941 tcp 10.0.2.19 49183 -> 90.156.118.144 5237 FSPA* 0 0 14 1575 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:04:59.530300 2.997403 tcp 10.0.2.19 49184 -> 70.252.131.148 4102 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:04:59.769612 0.294658 udp 10.0.2.19 1701 <-> 41.96.126.57 20807 CON 0 0 4 1204 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:05:00.162356 0.000000 udp 10.0.2.19 1701 -> 176.73.147.65 3319 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:07.545551 0.000000 udp 10.0.2.19 1701 -> 190.106.248.231 1151 INT 0 1 293 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:08.526423 0.000000 tcp 10.0.2.19 49184 -> 70.252.131.148 4102 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:05:13.142738 0.450735 udp 10.0.2.19 1701 <-> 188.169.52.202 13639 CON 0 0 4 1078 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:05:13.745249 0.000000 udp 10.0.2.19 1701 -> 94.64.232.130 22875 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:19.763042 0.000000 udp 10.0.2.19 1701 -> 190.233.22.243 12766 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:25.690990 0.000000 udp 10.0.2.19 1701 -> 151.42.211.201 7478 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:33.783086 0.000000 udp 10.0.2.19 1701 -> 209.12.192.228 1965 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:38.689442 0.000127 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:05:39.541229 0.440565 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 4 1037 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:05:39.983372 3.002778 tcp 10.0.2.19 49185 -> 108.234.133.110 5212 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:05:40.607074 0.000000 udp 10.0.2.19 1701 -> 76.19.92.194 4756 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:48.984604 0.000000 tcp 10.0.2.19 49185 -> 108.234.133.110 5212 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 01:05:50.016099 0.611018 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 4 1214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:05:50.677122 0.000000 udp 10.0.2.19 1701 -> 187.151.170.232 27885 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:05:58.408048 0.000000 udp 10.0.2.19 1701 -> 70.15.249.138 12591 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:04.526776 0.000000 udp 10.0.2.19 1701 -> 95.241.115.233 6603 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:12.087857 0.000000 udp 10.0.2.19 1701 -> 188.121.218.120 7251 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:16.623804 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:06:18.577356 0.251379 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 4 1035 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:06:18.829521 4.930733 tcp 10.0.2.19 49186 -> 213.219.135.113 9545 SPA_* 0 0 470 342968 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:06:19.053806 0.000000 udp 10.0.2.19 1701 -> 98.250.117.232 6965 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:23.840284 2.607730 tcp 10.0.2.19 49186 -> 213.219.135.113 9545 FPA_* 0 0 106 74096 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:06:26.959314 0.354524 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 4 1231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:06:27.315330 4.952622 tcp 10.0.2.19 49187 -> 217.132.237.117 7227 SPA_* 0 0 284 205941 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:06:27.728747 0.632842 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 4 1117 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:06:28.491555 0.649630 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 4 1169 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:06:29.239346 0.851125 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 4 1131 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:06:30.223098 0.000000 udp 10.0.2.19 1701 -> 88.232.61.59 11482 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:32.335997 2.169088 tcp 10.0.2.19 49187 -> 217.132.237.117 7227 FPA_* 0 0 89 61264 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:06:38.696149 0.000000 udp 10.0.2.19 1701 -> 186.125.106.103 5479 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:45.786307 0.000000 udp 10.0.2.19 1701 -> 75.82.113.18 5737 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:51.584764 0.000000 udp 10.0.2.19 1701 -> 118.173.3.27 10593 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:06:58.504466 0.000000 udp 10.0.2.19 1701 -> 190.56.253.45 12522 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:05.149623 0.000000 udp 10.0.2.19 1701 -> 162.197.203.58 2770 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:10.131297 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:07:12.374368 0.000000 udp 10.0.2.19 1701 -> 68.40.213.191 7837 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:17.796716 3.190523 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 01:07:17.932826 0.000000 udp 10.0.2.19 1701 -> 72.184.109.119 5544 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:24.992901 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:07:26.244779 0.000000 udp 10.0.2.19 1701 -> 209.149.141.190 26146 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:32.263259 0.000000 udp 10.0.2.19 1701 -> 68.7.96.185 2114 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:32.993997 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:07:39.253679 0.000000 udp 10.0.2.19 1701 -> 190.38.41.24 4587 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:46.353944 0.000000 udp 10.0.2.19 1701 -> 63.254.227.46 7149 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:07:48.996722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:07:51.320076 0.000110 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:07:52.221673 0.000000 udp 10.0.2.19 1701 -> 71.238.8.184 4564 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:00.143455 0.000000 udp 10.0.2.19 1701 -> 96.250.168.28 3391 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:07.443732 0.234194 udp 10.0.2.19 1701 <-> 24.139.178.44 6717 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:08:07.767378 0.160915 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 792 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:08:08.561534 0.166534 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 724 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:08:08.797940 0.000000 udp 10.0.2.19 1701 -> 2.178.163.118 7128 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:15.174982 0.000000 udp 10.0.2.19 1701 -> 69.216.250.89 8730 INT 0 1 293 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:21.002817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:08:22.815910 0.000000 udp 10.0.2.19 1701 -> 115.132.36.119 20546 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:27.812636 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:08:29.635734 0.000000 udp 10.0.2.19 1701 -> 201.240.76.121 7682 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:36.074729 0.000000 udp 10.0.2.19 1701 -> 79.236.84.133 3615 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:42.443935 0.000000 udp 10.0.2.19 1701 -> 118.174.97.194 27388 INT 0 1 296 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:48.823181 0.000000 udp 10.0.2.19 1701 -> 218.241.238.162 12699 INT 0 1 314 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:08:56.804918 0.000000 udp 10.0.2.19 1701 -> 74.110.135.243 5095 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:09:03.714537 1.232996 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 684 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:09:05.033714 0.000000 udp 10.0.2.19 1701 -> 181.65.16.140 1044 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:09:08.320679 0.907572 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:09:10.794423 0.872879 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:09:17.482747 0.000000 udp 10.0.2.19 1701 -> 190.121.81.124 2286 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:09:25.706201 0.000000 udp 10.0.2.19 1701 -> 202.165.197.235 4075 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:09:31.013701 0.000000 udp 10.0.2.19 1701 -> 31.19.221.140 5522 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:09:38.104035 0.000000 udp 10.0.2.19 1701 -> 190.112.228.80 1801 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:09:42.740423 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:09:44.012898 0.171173 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:09:44.358886 0.000000 udp 10.0.2.19 1701 -> 46.49.73.107 26675 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:09:53.205601 0.165387 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 791 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:09:53.530836 0.169784 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 808 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:09:53.844160 0.000000 udp 10.0.2.19 1701 -> 188.142.76.175 7367 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:01.117035 0.000000 udp 10.0.2.19 1701 -> 200.88.105.164 5462 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:06.164794 0.000000 udp 10.0.2.19 1701 -> 213.131.60.18 8414 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:13.605346 0.122978 udp 10.0.2.19 1701 <-> 62.98.95.219 10008 CON 0 0 2 719 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:10:13.819147 0.000000 udp 10.0.2.19 1701 -> 74.10.65.138 19658 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:18.241856 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:10:20.335241 0.000000 udp 10.0.2.19 1701 -> 68.162.252.216 5281 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:25.692388 0.000000 udp 10.0.2.19 1701 -> 79.212.122.27 4772 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:33.253336 0.000000 udp 10.0.2.19 1701 -> 109.160.177.247 5709 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:41.825879 0.000000 udp 10.0.2.19 1701 -> 105.228.142.109 9419 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:48.194572 0.000000 udp 10.0.2.19 1701 -> 188.129.48.165 7513 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:10:52.741287 0.000059 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:10:56.406935 0.000000 udp 10.0.2.19 1701 -> 115.87.241.241 4104 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:11:03.166503 0.357377 udp 10.0.2.19 1701 <-> 181.65.3.210 11230 CON 0 0 2 815 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:05.659880 0.000000 udp 10.0.2.19 1701 -> 190.229.84.207 5394 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:11:12.459428 0.000000 udp 10.0.2.19 1701 -> 60.54.47.53 5576 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:11:18.838767 0.000000 udp 10.0.2.19 1701 -> 85.15.162.66 5776 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:11:29.003784 0.247980 udp 10.0.2.19 1701 <-> 108.92.1.214 9532 CON 0 0 2 691 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:29.317550 0.000000 udp 10.0.2.19 1701 -> 186.146.148.217 5455 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:11:33.900598 0.000170 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:11:35.031994 0.000000 udp 10.0.2.19 1701 -> 190.119.39.105 6298 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:11:40.059406 0.277159 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:40.337169 0.257703 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:40.595433 0.219533 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:40.815507 0.230010 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:41.046142 0.132749 udp 10.0.2.19 1701 <-> 109.231.62.73 7908 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:41.179346 0.267442 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:41.447361 0.405890 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:41.853839 0.148035 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:42.002538 0.212743 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:42.215769 0.454113 udp 10.0.2.19 1701 <-> 200.91.49.183 7399 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:42.670611 0.104576 udp 10.0.2.19 1701 <-> 109.193.194.29 7057 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:42.775700 0.105052 udp 10.0.2.19 1701 <-> 178.223.239.27 20246 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:42.881284 0.254136 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:43.135980 0.249718 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:43.386285 0.000000 udp 10.0.2.19 1701 -> 82.49.114.244 1787 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:11:58.670920 0.171310 tcp 10.0.2.19 49188 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:11:58.842727 0.201562 tcp 10.0.2.19 49189 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:11:59.045279 0.129750 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:59.175659 0.642256 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:11:59.818519 0.238328 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:00.057458 0.158006 udp 10.0.2.19 1701 <-> 79.154.42.157 11925 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:00.216109 0.114725 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:00.331454 0.349506 udp 10.0.2.19 1701 <-> 177.68.90.31 4311 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:00.681574 0.230385 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:00.912569 0.145938 udp 10.0.2.19 1701 <-> 41.96.126.57 20807 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:01.059108 0.216549 udp 10.0.2.19 1701 <-> 188.169.52.202 13639 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:01.276244 0.228875 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:01.505792 0.309168 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:01.815374 0.123301 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:01.939039 0.174760 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:02.114255 0.302510 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:02.417366 0.331400 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:02.749253 0.355554 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:03.105435 0.248994 udp 10.0.2.19 1701 <-> 24.139.178.44 6717 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:03.355017 0.170874 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:03.526639 0.160193 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:03.687493 0.428311 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:04.116424 0.176116 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:04.293098 0.176671 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:04.470388 0.158272 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:04.629226 0.167727 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:04.797589 0.120345 udp 10.0.2.19 1701 <-> 62.98.95.219 10008 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:04.918620 0.313637 udp 10.0.2.19 1701 <-> 181.65.3.210 11230 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:12:05.232900 0.245547 udp 10.0.2.19 1701 <-> 108.92.1.214 9532 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:14:26.091901 3.000187 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 01:14:33.098082 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:14:41.099588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:14:57.102276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:15:29.298957 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:21:34.816707 3.072060 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 01:21:41.894396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:21:49.896092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:22:05.899506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:22:37.905581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:28:41.912760 3.000193 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 01:28:48.918444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:28:56.920102 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:29:12.922967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:29:44.929212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:35:03.098041 0.000133 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:35:03.098263 0.704708 tcp 10.0.2.19 49190 -> 90.156.118.144 5237 FSPA* 0 0 14 1506 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:35:48.936554 3.000179 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 01:35:55.942565 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:36:03.943658 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:36:19.947214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:36:51.952920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:42:15.729721 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 01:42:15.730160 0.000000 udp 10.0.2.19 1701 -> 82.49.114.244 1787 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:42:32.545773 0.300731 tcp 10.0.2.19 49191 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:42:32.846998 0.216097 tcp 10.0.2.19 49192 -> 173.194.70.94 80 SRPA* 0 0 10 4836 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:42:33.064107 0.431630 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:33.496322 0.227408 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:33.724458 0.133325 udp 10.0.2.19 1701 <-> 109.231.62.73 7908 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:33.858450 0.297956 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:34.156788 0.222746 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:34.380144 0.261329 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:34.642209 0.213818 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:34.856613 0.218174 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:35.075337 0.409529 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:35.485459 0.000000 udp 10.0.2.19 1701 -> 178.223.239.27 20246 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:42:51.963167 0.174330 tcp 10.0.2.19 49193 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:42:52.137798 0.200574 tcp 10.0.2.19 49194 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:42:52.339058 0.265287 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:52.604936 0.243353 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:52.848956 0.104908 udp 10.0.2.19 1701 <-> 109.193.194.29 7057 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:42:52.954510 0.000000 udp 10.0.2.19 1701 -> 200.91.49.183 7399 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:42:55.960537 3.000096 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 01:43:02.966571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:43:08.366401 0.170829 tcp 10.0.2.19 49195 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:43:08.537690 0.209815 tcp 10.0.2.19 49196 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:43:08.748474 0.129830 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:43:08.878908 0.000000 udp 10.0.2.19 1701 -> 79.154.42.157 11925 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:43:10.968325 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:43:25.200356 0.170811 tcp 10.0.2.19 49197 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:43:25.371402 0.206748 tcp 10.0.2.19 49198 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:43:25.578845 0.319404 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:43:25.898853 0.230807 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:43:26.130019 0.244204 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:43:26.374619 0.350706 udp 10.0.2.19 1701 <-> 177.68.90.31 4311 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:43:26.756171 0.225079 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:43:26.970982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:43:26.981767 0.000000 udp 10.0.2.19 1701 -> 41.96.126.57 20807 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:43:44.388822 0.173697 tcp 10.0.2.19 49199 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:43:44.562812 0.203024 tcp 10.0.2.19 49200 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:43:44.766925 0.000000 udp 10.0.2.19 1701 -> 188.169.52.202 13639 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:43:58.976650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:44:00.530206 0.172377 tcp 10.0.2.19 49201 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:44:00.703059 0.201419 tcp 10.0.2.19 49202 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:44:00.905471 0.227988 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 568 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:01.134018 0.172780 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:01.307414 0.300620 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:01.608629 0.289019 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:01.898310 0.126058 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:02.024915 0.237062 udp 10.0.2.19 1701 <-> 24.139.178.44 6717 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:02.262550 0.177662 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:02.440752 0.337036 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:02.778258 0.394774 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:03.173414 0.171531 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:03.345303 0.426971 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:03.772736 0.169559 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:03.942938 0.183393 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:04.126943 0.174041 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:04.301548 0.000000 udp 10.0.2.19 1701 -> 181.65.3.210 11230 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:44:21.551672 0.178709 tcp 10.0.2.19 49203 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:44:21.730728 0.202670 tcp 10.0.2.19 49204 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:44:21.933931 0.000000 udp 10.0.2.19 1701 -> 108.92.1.214 9532 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:44:38.506562 0.171062 tcp 10.0.2.19 49205 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:44:38.677987 0.208145 tcp 10.0.2.19 49206 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:44:38.887077 0.144168 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 01:44:39.031829 0.000000 udp 10.0.2.19 1701 -> 62.98.95.219 10008 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 01:44:54.299122 0.175700 tcp 10.0.2.19 49207 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:44:54.475199 0.201011 tcp 10.0.2.19 49208 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 01:50:02.984725 3.000267 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 01:50:09.990175 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:50:17.992165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:50:33.994908 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:51:06.000892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:57:10.007682 3.001153 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 01:57:17.014676 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:57:25.015928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:57:41.019104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 01:58:13.024581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:04:17.032182 3.000781 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 02:04:24.038297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:04:32.040410 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:04:48.043178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:05:03.805758 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 02:05:03.806207 0.691184 tcp 10.0.2.19 49209 -> 90.156.118.144 5237 FSPA* 0 0 14 1561 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:05:20.048657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:11:24.056328 3.000112 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 02:11:31.062145 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:11:39.063679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:11:55.066789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:12:27.072731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:15:08.084935 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 02:15:08.085123 0.409444 udp 10.0.2.19 1701 <-> 200.91.49.183 7399 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:15:08.495241 0.000000 udp 10.0.2.19 1701 -> 178.223.239.27 20246 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:15:24.512290 0.172176 tcp 10.0.2.19 49210 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:15:24.684874 0.199325 tcp 10.0.2.19 49211 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:15:24.885213 0.000000 udp 10.0.2.19 1701 -> 79.154.42.157 11925 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:15:41.052831 0.172406 tcp 10.0.2.19 49212 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:15:41.224966 0.203645 tcp 10.0.2.19 49213 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:15:41.429581 0.000000 udp 10.0.2.19 1701 -> 188.169.52.202 13639 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:15:58.178904 0.172120 tcp 10.0.2.19 49214 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:15:58.351362 0.201105 tcp 10.0.2.19 49215 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:15:58.553448 0.000000 udp 10.0.2.19 1701 -> 41.96.126.57 20807 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:16:14.752634 0.172662 tcp 10.0.2.19 49216 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:16:14.925737 0.200634 tcp 10.0.2.19 49217 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:16:15.127309 0.000000 udp 10.0.2.19 1701 -> 62.98.95.219 10008 INT 0 1 94 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:16:33.129290 0.171697 tcp 10.0.2.19 49218 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:16:33.301402 0.203046 tcp 10.0.2.19 49219 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:16:33.505407 0.000000 udp 10.0.2.19 1701 -> 181.65.3.210 11230 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:16:48.841601 0.173298 tcp 10.0.2.19 49220 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:16:49.015197 0.209274 tcp 10.0.2.19 49221 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:16:49.226377 0.000000 udp 10.0.2.19 1701 -> 108.92.1.214 9532 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:17:06.176066 0.171742 tcp 10.0.2.19 49222 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:17:06.348409 0.205192 tcp 10.0.2.19 49223 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:17:06.554715 0.244272 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:06.799567 0.126019 udp 10.0.2.19 1701 <-> 109.231.62.73 7908 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:06.926180 0.266899 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:07.193692 0.264472 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:07.458495 0.219767 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:07.678789 0.254818 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:07.934158 0.406389 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:08.340981 0.219069 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:08.560707 0.238082 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:08.799366 0.246285 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:09.046380 0.256907 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:09.303899 0.000000 udp 10.0.2.19 1701 -> 109.193.194.29 7057 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:17:26.295276 0.171737 tcp 10.0.2.19 49224 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:17:26.467421 0.201464 tcp 10.0.2.19 49225 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:17:26.669883 0.128938 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:26.799385 0.204892 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:27.004939 0.235627 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:27.241142 0.355622 udp 10.0.2.19 1701 <-> 177.68.90.31 4311 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:27.597202 0.112775 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:27.710603 0.237921 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:27.949146 0.231677 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:28.181427 0.302379 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:28.484405 0.174818 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:28.659844 0.314827 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:28.975292 0.169332 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:29.145108 0.231817 udp 10.0.2.19 1701 <-> 24.139.178.44 6717 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:29.377638 0.124354 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:29.502579 0.326941 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:29.830329 0.159725 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:29.990708 0.429542 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:30.420850 0.360476 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:30.781944 0.166764 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:30.949175 0.180069 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:17:31.129876 0.000000 udp 10.0.2.19 1701 -> 95.104.77.164 5068 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:17:47.466040 0.171657 tcp 10.0.2.19 49226 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:17:47.638362 0.205723 tcp 10.0.2.19 49227 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:17:47.844632 0.171272 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:18:31.080383 3.000441 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 02:18:38.086818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:18:46.087674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:19:02.090878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:19:34.097187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:25:38.103091 3.001830 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 02:25:45.110254 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:25:53.111839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:26:09.114573 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:26:41.120961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:32:45.128039 3.000428 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 02:32:52.133999 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:33:00.136072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:33:16.138930 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:33:48.144437 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:35:04.505632 0.000176 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 02:35:04.505969 0.798861 tcp 10.0.2.19 49228 -> 90.156.118.144 5237 FSPA* 0 0 14 1617 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:39:52.152259 3.000576 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 02:39:59.158626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:40:07.159887 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:40:23.162367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:40:55.168992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:46:59.176682 2.999716 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 02:47:06.181937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:47:14.183358 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:47:30.186698 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:48:02.192555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:48:03.184262 0.000135 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 02:48:03.184518 0.000000 udp 10.0.2.19 1701 -> 109.193.194.29 7057 INT 0 1 93 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:48:18.811327 0.172468 tcp 10.0.2.19 49229 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:48:18.984109 0.198227 tcp 10.0.2.19 49230 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:48:19.183151 0.000000 udp 10.0.2.19 1701 -> 95.104.77.164 5068 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:48:36.504595 0.173001 tcp 10.0.2.19 49231 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:48:36.677512 0.200676 tcp 10.0.2.19 49232 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:48:36.879213 0.371256 udp 10.0.2.19 1701 <-> 200.91.49.183 7399 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:37.413337 0.228555 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:37.642626 0.219783 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:37.862978 0.270586 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:38.134366 0.124835 udp 10.0.2.19 1701 <-> 109.231.62.73 7908 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:38.259571 0.280548 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:39.078987 0.407901 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:39.487504 0.255214 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:39.743230 0.292061 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:40.035858 0.220297 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:40.256756 0.608458 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:40.865812 0.255229 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:41.121612 0.136542 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:41.258721 0.352519 udp 10.0.2.19 1701 <-> 177.68.90.31 4311 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:41.611813 0.109780 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:41.722302 0.237303 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:41.960307 0.840236 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:42.801174 0.300634 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:43.102331 0.175905 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:43.278813 0.231393 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:43.510773 0.233579 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:48:43.744945 0.000000 udp 10.0.2.19 1701 -> 24.139.178.44 6717 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 02:49:02.230600 0.173667 tcp 10.0.2.19 49233 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:49:02.404650 0.205321 tcp 10.0.2.19 49234 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 02:49:02.611145 0.113769 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:02.725351 0.287218 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:03.012969 0.162358 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 218 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:03.175904 0.321292 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:03.497695 0.164713 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:03.662967 0.425139 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:04.180427 0.383792 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 573 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:04.564774 0.172117 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:04.737347 0.161330 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:49:04.899065 0.161332 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 02:54:06.199130 3.001475 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 02:54:13.205706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:54:21.207346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:54:37.210385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 02:55:09.216483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:01:13.224478 3.000121 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 03:01:20.230486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:01:28.232313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:01:44.235628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:02:16.241668 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:05:05.304336 0.000187 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 03:05:05.304697 1.058411 tcp 10.0.2.19 49235 -> 90.156.118.144 5237 FSPA* 0 0 14 1544 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:08:20.246975 3.001473 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 03:08:27.254281 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:08:35.255864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:08:51.258332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:09:23.264890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:15:27.270431 3.002129 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 03:15:34.278318 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:15:42.279227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:15:58.282957 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:16:30.288546 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:19:05.502320 0.000166 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 03:19:05.502635 0.000000 udp 10.0.2.19 1701 -> 24.139.178.44 6717 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 03:19:22.969844 1.780477 tcp 10.0.2.19 49236 -> 173.194.70.103 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:19:23.171381 0.233461 tcp 10.0.2.19 49237 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:19:23.405816 0.240338 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:23.646628 0.355510 udp 10.0.2.19 1701 <-> 200.91.49.183 7399 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:24.002732 0.246176 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:24.249419 0.000000 udp 10.0.2.19 1701 -> 109.231.62.73 7908 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 03:19:43.148309 0.201577 tcp 10.0.2.19 49238 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:19:43.349698 0.233485 tcp 10.0.2.19 49239 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:19:43.583731 0.275353 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:43.859707 0.272727 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:44.132994 0.421864 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:44.555540 0.294170 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:44.850369 0.281454 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:45.132320 0.307116 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:45.439949 0.359913 udp 10.0.2.19 1701 <-> 177.68.90.31 4311 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:45.800208 0.393225 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:46.194048 0.276143 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:46.470759 0.267866 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:46.739143 0.145190 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:46.884964 0.250676 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:47.199613 0.260071 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:47.460287 0.237473 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:47.698552 0.318213 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:48.017392 0.188931 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:48.206850 0.245278 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:48.452593 0.132647 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:48.585804 4.167181 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:52.753461 0.178296 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:52.932350 0.339087 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:53.271970 0.186909 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:53.459495 0.200362 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:53.660438 0.435897 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:54.096954 0.373470 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:54.471002 0.191038 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:19:54.662560 0.171538 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:22:34.296043 2.999906 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 03:22:41.302509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:22:49.303802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:23:05.306612 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:23:37.312663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:29:41.320807 2.999383 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 03:29:48.325789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:29:56.327257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:30:12.330251 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:30:44.336161 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:35:06.363466 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 03:35:06.363850 0.773005 tcp 10.0.2.19 49240 -> 90.156.118.144 5237 FSPA* 0 0 14 1576 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:36:48.343830 3.000083 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 03:36:55.350081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:37:03.351039 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:37:19.354260 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:37:51.621159 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:43:55.626432 3.002264 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 03:44:02.634389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:44:10.635970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:44:26.638530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:44:58.644547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:50:01.080516 0.000176 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 03:50:01.080934 0.495483 udp 10.0.2.19 1701 -> 109.231.62.73 7908 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 03:50:01.576417 0.000000 icmp 109.231.62.73 0x0103 -> 10.0.2.19 0x6de7 URH 192 1 215 flow=Background 1970/01/01 03:50:17.275576 0.202426 tcp 10.0.2.19 49241 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:50:17.478330 0.234973 tcp 10.0.2.19 49242 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:50:17.714418 0.236494 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:17.951492 0.000000 udp 10.0.2.19 1701 -> 200.91.49.183 7399 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 03:50:34.980572 0.201835 tcp 10.0.2.19 49243 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:50:35.182642 0.230538 tcp 10.0.2.19 49244 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 03:50:35.414200 0.245217 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:35.666615 0.282545 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:35.949588 0.272643 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:36.222857 0.425054 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:36.648493 0.291890 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:36.940988 0.464634 udp 10.0.2.19 1701 <-> 177.68.90.31 4311 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:37.406301 0.226830 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:37.633720 0.199726 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:37.834256 0.259056 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:38.093793 0.550805 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:38.645150 0.267468 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:38.913217 0.151359 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:39.065071 0.178559 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:39.244161 0.256426 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:39.501223 0.241285 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:39.743068 0.243591 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:39.987226 0.137490 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:40.125254 0.317115 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:40.442967 0.186130 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:40.629667 0.333349 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:40.963644 0.186204 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:41.150447 0.378595 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:41.529617 0.185394 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:41.715595 0.180841 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:41.897034 0.187362 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:42.084923 0.173876 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:42.259385 0.441957 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:42.701899 0.408885 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 03:50:59.084316 0.000000 udp 10.0.2.19 1701 <- 76.226.114.217 1684 RSP 0 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 03:51:02.652766 2.999558 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 03:51:09.658408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:51:17.659361 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:51:33.662583 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:52:05.668451 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:58:09.676610 3.000048 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 03:58:16.682062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:58:24.684216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:58:40.686837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 03:59:12.692788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:05:07.263297 0.000143 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 04:05:07.263593 0.729541 tcp 10.0.2.19 49245 -> 90.156.118.144 5237 FSPA* 0 0 14 1635 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:05:16.700332 2.999635 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 04:05:23.705837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:05:31.707869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:05:48.031018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:06:20.037030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:12:24.044486 3.000251 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 04:12:31.050810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:12:39.051792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:12:55.055443 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:13:27.060857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:19:31.069091 2.999761 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 04:19:38.074456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:19:46.075649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:20:02.078852 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:20:34.084966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:20:51.530342 1.221988 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/01 04:20:52.752276 0.000000 udp 10.0.2.19 1701 -> 200.91.49.183 7399 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 04:21:11.272930 0.204965 tcp 10.0.2.19 49246 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:21:11.478584 0.236951 tcp 10.0.2.19 49247 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:21:11.716535 0.233253 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:11.950598 0.244871 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:12.195973 0.419563 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:12.615953 0.298127 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:12.914740 0.271838 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:13.187216 0.281848 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:13.469729 0.000000 udp 10.0.2.19 1701 -> 177.68.90.31 4311 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 04:21:29.787001 1.490123 tcp 10.0.2.19 49248 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:21:31.277559 0.230540 tcp 10.0.2.19 49249 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:21:31.508644 0.230912 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:31.740116 0.260269 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:32.001007 0.267034 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:32.268598 0.862731 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:33.131963 0.267711 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:33.400295 0.145466 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:33.546278 0.179010 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:33.725806 0.255909 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:33.982484 0.238754 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:34.221645 0.314351 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:34.536582 0.188667 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:34.725780 0.275908 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:35.002369 0.145253 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:35.148136 0.300726 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:35.449506 0.171450 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:35.621545 0.330552 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:35.952588 0.173632 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:36.126613 0.168653 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:36.295820 0.449224 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:36.745619 0.188154 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:36.934502 0.195084 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:21:37.129978 0.377487 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:26:39.334147 3.000843 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 04:26:46.340427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:26:54.341504 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:27:10.344617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:27:42.350757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:33:46.356871 3.001900 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 04:33:53.364470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:34:01.365630 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:34:17.368389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:34:49.374440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:35:09.393929 0.000347 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 04:35:09.394364 2.355985 tcp 10.0.2.19 49250 -> 90.156.118.144 5237 FSPA* 0 0 14 1752 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:40:53.382914 2.999226 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 04:41:00.388051 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:41:08.389622 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:41:24.392704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:41:56.398486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:48:00.407036 2.999418 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 04:48:07.412126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:48:15.413717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:48:31.416839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:49:03.422497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:51:37.864990 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 04:51:37.865211 0.000000 udp 10.0.2.19 1701 -> 177.68.90.31 4311 INT 0 1 108 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 04:51:56.325551 0.200827 tcp 10.0.2.19 49251 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:51:56.526696 0.234600 tcp 10.0.2.19 49252 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 04:51:56.763328 0.233823 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:56.997751 0.259200 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:57.257428 0.270249 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:57.528214 0.290512 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:57.819352 0.424591 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:58.244540 0.401214 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:58.646396 0.229395 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:58.876271 0.253102 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:59.129938 0.259924 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:59.390482 0.126628 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:59.517653 0.276711 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:59.794908 0.145998 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:51:59.941306 0.199804 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:00.141724 0.257344 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:00.399653 0.242100 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:00.642301 0.244231 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:00.887042 0.127418 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:01.015064 0.311799 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:01.327493 0.188785 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:01.516802 0.324107 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:01.841430 0.184361 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:02.026647 0.323221 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:02.350667 0.178268 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:02.529360 0.204269 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:02.734477 0.181064 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:02.915880 0.171171 udp 10.0.2.19 1701 <-> 41.103.153.125 13354 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:03.087422 0.444324 udp 10.0.2.19 1701 <-> 1.53.52.122 10326 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:03.532311 0.375778 udp 10.0.2.19 1701 <-> 190.11.116.7 6442 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 04:52:19.939482 0.000000 udp 10.0.2.19 1701 <- 84.59.131.0 7605 RSP 0 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 04:55:07.428418 3.002115 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 04:55:14.435998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:55:22.437651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:55:38.440750 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 04:56:10.446351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:02:14.454405 3.000119 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 05:02:21.459872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:02:29.461662 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:02:45.464257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:03:18.392035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:05:12.205939 0.000137 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 05:05:12.206262 1.005262 tcp 10.0.2.19 49253 -> 90.156.118.144 5237 FSPA* 0 0 14 1754 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:09:22.397091 3.002932 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 05:09:29.405103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:09:37.406602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:09:53.409894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:10:25.415617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:16:29.422515 3.001018 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 05:16:36.429169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:16:44.431228 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:17:00.434334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:17:32.440341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:22:07.706622 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 05:22:07.706937 0.270882 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:07.978639 0.237583 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:08.217879 0.246777 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:08.465177 0.279177 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:08.744893 0.419136 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:09.164605 0.346685 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:09.511883 0.641030 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:10.153462 0.545048 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:10.699075 0.232638 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:10.932262 0.330860 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:11.263674 0.275135 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:11.539296 0.139954 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:11.679773 0.478918 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:12.159025 0.259329 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:12.418773 0.236976 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:12.656327 0.223657 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:12.880328 0.187078 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:13.067756 0.252749 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:13.321094 0.127686 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:13.449386 0.000000 udp 10.0.2.19 1701 -> 75.24.145.94 1332 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:22:30.883171 0.209057 tcp 10.0.2.19 49254 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:22:31.092448 0.230877 tcp 10.0.2.19 49255 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:22:31.324176 0.183561 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:31.508179 0.325682 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:31.834504 0.191166 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:22:32.026501 0.000000 udp 10.0.2.19 1701 -> 41.103.153.125 13354 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:22:48.687341 0.202699 tcp 10.0.2.19 49256 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:22:48.890276 0.228035 tcp 10.0.2.19 49257 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:22:49.119247 0.000000 udp 10.0.2.19 1701 -> 1.53.52.122 10326 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:23:04.950008 0.202276 tcp 10.0.2.19 49258 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:23:05.152598 0.236085 tcp 10.0.2.19 49259 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:23:05.389653 0.182540 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:23:05.572816 0.197006 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:23:05.770577 0.000000 udp 10.0.2.19 1701 -> 190.11.116.7 6442 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:23:22.395469 0.200528 tcp 10.0.2.19 49260 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:23:22.596560 0.238112 tcp 10.0.2.19 49261 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:23:36.445496 3.002198 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 05:23:43.453704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:23:51.454792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:24:07.458073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:24:39.464077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:30:43.571612 3.000231 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 05:30:50.577511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:30:58.579197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:31:14.581744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:31:46.587823 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:35:13.266408 0.000141 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 05:35:13.266701 0.878443 tcp 10.0.2.19 49262 -> 90.156.118.144 5237 FSPA* 0 0 14 1754 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:37:50.595572 2.999725 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 05:37:57.601588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:38:05.903608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:38:21.906041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:38:53.912431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:44:57.917596 3.002175 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 05:45:04.925665 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:45:12.926924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:45:28.930277 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:46:00.936245 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:52:06.364451 3.001329 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 05:52:13.371670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:52:21.373062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:52:37.476584 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:53:09.482749 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:53:36.421572 0.333141 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 05:53:36.756020 0.247402 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:53:37.003923 0.000000 udp 10.0.2.19 1701 -> 1.53.52.122 10326 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:53:54.682427 0.203748 tcp 10.0.2.19 49263 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:53:54.886713 0.231970 tcp 10.0.2.19 49264 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:53:55.119249 0.000000 udp 10.0.2.19 1701 -> 41.103.153.125 13354 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:54:10.252172 0.202529 tcp 10.0.2.19 49265 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:54:10.454990 0.229758 tcp 10.0.2.19 49266 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:54:10.685541 0.000000 udp 10.0.2.19 1701 -> 190.11.116.7 6442 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:54:28.628670 0.201657 tcp 10.0.2.19 49267 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:54:28.830658 0.228794 tcp 10.0.2.19 49268 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:54:29.060470 0.280254 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:29.341324 0.237034 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:29.578953 0.235507 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:29.815044 0.270844 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:30.086521 0.602301 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:30.689375 0.420379 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:31.110407 0.260385 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:31.371386 0.142454 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:31.514493 0.228796 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:31.743861 0.141722 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:31.886173 0.281629 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:32.168427 0.329189 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:32.498284 0.716983 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:33.215801 0.239241 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:33.455626 0.280702 udp 10.0.2.19 1701 <-> 108.201.120.6 1089 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:33.736821 0.239550 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:33.976753 0.221130 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:34.198655 0.188632 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:34.387727 0.132594 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:34.520954 0.177276 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:34.698834 0.000000 udp 10.0.2.19 1701 -> 82.211.180.182 5457 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 05:54:52.522783 0.202802 tcp 10.0.2.19 49269 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:54:52.725438 0.229569 tcp 10.0.2.19 49270 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 05:54:52.955967 0.393427 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:53.349762 0.197039 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:54:53.547352 0.190570 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 05:59:13.650485 3.000167 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 05:59:20.656180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:59:28.657603 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 05:59:44.660918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:00:16.666707 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:05:15.196540 0.000150 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:05:15.196846 0.890096 tcp 10.0.2.19 49271 -> 90.156.118.144 5237 FSPA* 0 0 14 1606 flow=From-Botnet-V2-TCP-Established 1970/01/01 06:06:20.674442 3.000082 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 06:06:27.680352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:06:35.681891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:06:51.684987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:07:23.690361 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:13:27.698463 3.000106 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 06:13:34.704319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:13:42.705878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:13:58.708762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:14:30.715323 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:20:34.722079 3.000459 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 06:20:41.728153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:20:49.729772 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:21:05.733013 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:21:37.738306 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:25:09.002601 0.000136 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:25:09.002909 0.172200 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:09.175690 0.268533 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:09.444761 0.274697 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:09.720101 0.257309 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:09.978004 0.236514 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:10.215016 0.354698 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:10.570338 0.272264 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:10.842935 1.502717 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:12.346279 0.224283 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:12.570970 0.146802 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:12.718328 0.319110 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:13.037938 0.423449 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:13.461923 0.319706 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:13.782288 0.281924 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:14.064860 0.860968 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:14.926663 0.246960 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:15.173935 0.000000 udp 10.0.2.19 1701 -> 108.201.120.6 1089 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:25:34.112690 0.246191 tcp 10.0.2.19 49272 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 06:25:34.358616 0.238096 tcp 10.0.2.19 49273 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 06:25:34.597646 0.187270 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:34.785507 0.129975 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:34.916007 0.186070 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:35.102720 0.229601 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:35.332962 0.250076 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:35.583589 0.185868 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:35.770225 0.326823 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:25:36.097651 0.181399 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:27:41.744297 3.002475 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 06:27:48.751817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:27:56.753608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:28:12.756374 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:28:44.762235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:34:48.770498 3.000104 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 06:34:55.775993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:35:03.777126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:35:16.095529 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:35:16.095930 1.581106 tcp 10.0.2.19 49274 -> 90.156.118.144 5237 FSPA* 0 0 14 1642 flow=From-Botnet-V2-TCP-Established 1970/01/01 06:35:19.780515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:35:51.786608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:41:55.794179 3.000008 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 06:42:02.799931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:42:10.801718 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:42:26.804497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:42:59.651804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:49:03.659252 3.000045 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 06:49:10.665109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:49:18.666671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:49:34.669742 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:50:06.675367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:55:39.564446 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:55:39.564614 0.000000 udp 10.0.2.19 1701 -> 108.201.120.6 1089 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:55:56.953340 0.201461 tcp 10.0.2.19 49275 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 06:55:57.155092 0.239934 tcp 10.0.2.19 49276 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 06:55:57.396028 0.280403 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:55:57.676775 0.194958 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:55:57.872179 0.284801 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:55:58.157516 1.124204 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:55:59.282338 0.265832 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:55:59.548613 0.250068 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:55:59.799279 0.235132 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:00.035028 0.144080 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:00.179526 0.217542 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:00.397665 0.230361 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:00.628675 0.238787 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:00.868045 0.421294 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:01.289974 0.266215 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 212 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:01.556699 0.270525 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:01.827721 0.620338 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:02.448578 0.241209 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:02.690301 0.188925 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:02.879817 0.131816 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:03.012222 0.173175 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:03.185907 0.226695 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:03.413229 0.243669 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:03.657508 0.192245 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:03.850286 0.321706 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:04.172616 0.194392 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:07.426836 0.224796 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 686 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:07.652304 0.275313 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 737 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:07.928268 0.317211 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 773 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:08.246159 0.552097 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 822 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:08.798954 0.268261 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:09.067928 0.251914 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 848 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:09.320532 0.144409 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 737 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:09.465586 0.126240 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 723 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:09.592362 0.236257 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 686 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:09.829240 0.268189 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 721 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:10.097888 0.235309 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 739 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:10.333638 0.424409 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:10.683088 3.391316 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 06:56:10.758622 0.265863 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 840 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:12.080221 0.270662 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:12.351516 0.242157 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 689 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:12.594395 0.193677 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 739 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:12.788747 0.189480 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:12.978604 0.134371 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 785 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:13.113542 0.175789 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 761 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:13.289946 0.234242 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 786 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:13.524698 0.246991 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 701 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:13.772456 0.198038 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:13.971160 0.182377 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 740 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:14.154262 0.331333 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 687 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:14.486520 0.000000 udp 10.0.2.19 1701 -> 114.22.228.63 4513 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:56:18.079441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:56:21.214573 0.000000 udp 10.0.2.19 1701 -> 203.126.185.242 1549 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:56:26.080767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:56:29.245768 0.000000 udp 10.0.2.19 1701 -> 93.217.10.192 5683 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:56:33.902112 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:56:38.038553 0.000000 udp 10.0.2.19 1701 -> 187.57.162.209 4311 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:56:42.084047 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:56:44.498239 0.175738 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 799 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:56:44.933189 0.000000 udp 10.0.2.19 1701 -> 74.130.55.165 3244 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:56:52.038880 0.000000 udp 10.0.2.19 1701 -> 190.239.216.94 12651 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:00.611324 0.000000 udp 10.0.2.19 1701 -> 62.219.208.219 2016 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:09.423457 0.452323 udp 10.0.2.19 1701 <-> 180.253.82.119 20209 CON 0 0 2 798 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:57:10.038654 0.000000 udp 10.0.2.19 1701 -> 75.55.197.94 7275 INT 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:14.090250 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 06:57:14.400233 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:57:15.923421 0.000000 udp 10.0.2.19 1701 -> 190.71.26.129 20111 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:22.492620 0.000000 udp 10.0.2.19 1701 -> 190.167.37.219 2353 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:33.443662 0.000000 udp 10.0.2.19 1701 -> 122.172.166.115 5324 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:41.556671 0.000000 udp 10.0.2.19 1701 -> 178.94.67.10 9113 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:49.622837 0.000000 udp 10.0.2.19 1701 -> 58.152.27.157 6885 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:57:54.134690 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:57:56.704901 0.000000 udp 10.0.2.19 1701 -> 209.12.192.228 1458 INT 0 1 296 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:01.776728 0.000000 udp 10.0.2.19 1701 -> 180.250.198.14 14825 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:09.787190 0.000000 udp 10.0.2.19 1701 -> 95.241.115.233 6603 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:18.497912 0.573624 udp 10.0.2.19 1701 <-> 218.90.187.38 5021 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:19.106158 0.000000 udp 10.0.2.19 1701 -> 202.143.178.97 1196 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:24.825720 0.000000 udp 10.0.2.19 1701 -> 190.56.253.45 12522 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:29.474934 0.000136 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:58:30.594189 0.000000 udp 10.0.2.19 1701 -> 217.199.143.102 7779 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:36.679122 0.000000 udp 10.0.2.19 1701 -> 98.250.117.232 6965 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:43.983255 0.663425 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 716 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:44.767543 0.318195 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 783 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:45.202583 0.211092 udp 10.0.2.19 1701 <-> 85.107.67.138 23510 CON 0 0 2 787 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:45.514604 0.550307 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 782 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:46.194125 0.311207 udp 10.0.2.19 1701 <-> 200.120.218.207 8825 CON 0 0 2 835 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:46.586251 0.560207 udp 10.0.2.19 1701 <-> 180.247.233.74 14655 CON 0 0 2 675 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:47.216240 0.000000 udp 10.0.2.19 1701 -> 189.188.52.167 15722 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:58:53.472891 0.208587 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 795 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:53.774644 0.987909 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 823 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:54.862667 0.323054 udp 10.0.2.19 1701 <-> 190.235.27.151 22233 CON 0 0 2 706 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:55.292584 0.421843 udp 10.0.2.19 1701 <-> 36.83.114.37 26966 CON 0 0 2 741 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:55.820433 0.548277 udp 10.0.2.19 1701 <-> 1.4.129.61 15547 CON 0 0 2 797 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:58:56.455837 0.000000 udp 10.0.2.19 1701 -> 125.160.170.26 6475 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:59:03.974864 0.541783 udp 10.0.2.19 1701 <-> 113.165.116.48 29634 CON 0 0 2 830 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:04.613270 0.000000 udp 10.0.2.19 1701 -> 180.93.244.19 1423 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:59:08.558461 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:59:11.394443 0.347633 udp 10.0.2.19 1701 <-> 41.251.185.113 25875 CON 0 0 2 792 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:17.885776 0.000000 udp 10.0.2.19 1701 -> 77.108.94.108 4437 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:59:24.164463 0.000000 udp 10.0.2.19 1701 -> 209.87.253.158 29852 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:59:30.580121 0.607571 udp 10.0.2.19 1701 <-> 118.174.49.121 25066 CON 0 0 2 832 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:31.283953 0.000000 udp 10.0.2.19 1701 -> 187.160.203.71 1079 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:59:39.560502 0.000000 udp 10.0.2.19 1701 -> 95.35.33.27 28779 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:59:44.376776 0.875542 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 06:59:47.910198 0.531726 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 728 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:48.667175 0.283759 udp 10.0.2.19 1701 <-> 68.7.103.29 2114 CON 0 0 2 778 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:49.027566 0.000000 udp 10.0.2.19 1701 -> 190.235.129.64 1068 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 06:59:54.596871 0.233319 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 775 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:54.911724 0.178053 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 695 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:55.169953 0.345183 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 06:59:55.846466 0.000000 udp 10.0.2.19 1701 -> 58.186.228.111 6934 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:04.649020 0.000000 udp 10.0.2.19 1701 -> 110.164.37.169 2709 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:11.374330 0.000000 udp 10.0.2.19 1701 -> 67.200.208.186 5952 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:18.366465 0.915932 udp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 725 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:00:21.361094 0.000000 udp 10.0.2.19 1701 -> 178.90.81.197 5365 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:23.220400 0.000127 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 07:00:29.644425 0.000000 udp 10.0.2.19 1701 -> 61.19.224.238 4208 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:34.754722 0.408972 udp 10.0.2.19 1701 <-> 180.244.107.44 18028 CON 0 0 2 827 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:00:35.259421 0.505451 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:00:35.828347 0.440009 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 727 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:00:36.348245 0.381568 udp 10.0.2.19 1701 <-> 200.119.190.39 7773 CON 0 0 2 785 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:00:36.803754 0.000000 udp 10.0.2.19 1701 -> 83.235.19.134 28954 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:42.763191 0.000000 udp 10.0.2.19 1701 -> 205.210.7.254 26883 INT 0 1 306 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:49.917072 0.434831 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:00:50.429686 0.000000 udp 10.0.2.19 1701 -> 124.247.221.165 9154 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:00:57.793901 0.000000 udp 10.0.2.19 1701 -> 108.92.1.214 9532 INT 0 1 313 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:01:02.714148 0.000119 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 07:01:03.512608 1.723531 udp 10.0.2.19 1701 <-> 103.1.28.117 28933 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:01:05.320788 0.398785 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 684 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:01:05.935571 0.000000 udp 10.0.2.19 1701 -> 2.183.230.102 26384 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:01:13.193285 0.000000 udp 10.0.2.19 1701 -> 204.155.62.5 9854 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:01:21.409739 0.338239 udp 10.0.2.19 1701 <-> 59.96.161.63 16748 CON 0 0 2 832 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:03:20.200892 2.999901 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 07:03:27.206566 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:03:35.208614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:03:51.210955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:04:23.217530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:05:20.370104 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 07:05:20.370286 2.524218 tcp 10.0.2.19 49277 -> 90.156.118.144 5237 FSPA* 0 0 14 1508 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:10:36.228893 2.998866 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 07:10:43.233167 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:10:51.235252 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:11:07.237856 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:11:39.243989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:17:43.250027 3.001934 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 07:17:50.257602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:17:58.259190 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:18:14.261822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:18:59.296128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:25:07.077896 2.961008 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 07:25:13.984350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:25:21.866910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:25:37.644040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:26:09.207157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:31:41.973897 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 07:31:41.974225 0.234205 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:42.209081 0.152039 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:42.361741 0.272850 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:42.635251 0.125780 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:42.761565 0.252143 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:43.014354 0.228512 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:43.243500 0.423175 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:43.667297 0.393923 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:44.061793 0.258617 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:44.321035 0.236080 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:44.557744 0.261496 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:44.819836 0.272372 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:45.092744 0.188076 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:45.281348 0.228559 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:45.510538 0.139248 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:45.650379 0.178580 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:45.829503 0.248184 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:46.078253 0.222452 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:46.301230 0.363431 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:46.665268 0.202234 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:46.868099 0.173714 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:31:47.042351 0.000000 udp 10.0.2.19 1701 -> 180.253.82.119 20209 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:32:03.569307 0.201587 tcp 10.0.2.19 49278 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:32:03.771051 0.234897 tcp 10.0.2.19 49279 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:32:04.007079 0.558627 udp 10.0.2.19 1701 <-> 218.90.187.38 5021 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:04.566477 0.568963 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:05.135955 0.305342 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:05.441699 0.205283 udp 10.0.2.19 1701 <-> 85.107.67.138 23510 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:05.647467 0.314128 udp 10.0.2.19 1701 <-> 200.120.218.207 8825 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:05.962247 0.546809 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:06.509406 0.521499 udp 10.0.2.19 1701 <-> 180.247.233.74 14655 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:07.031538 0.190345 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:07.222462 0.415920 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:07.638937 0.326455 udp 10.0.2.19 1701 <-> 190.235.27.151 22233 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:07.965949 0.683083 udp 10.0.2.19 1701 <-> 1.4.129.61 15547 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:08.649591 0.488716 udp 10.0.2.19 1701 <-> 36.83.114.37 26966 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:09.138904 0.575014 udp 10.0.2.19 1701 <-> 113.165.116.48 29634 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:09.437549 2.999850 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 07:32:09.714524 0.504542 udp 10.0.2.19 1701 <-> 118.174.49.121 25066 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:10.219631 0.531556 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:10.751653 0.279527 udp 10.0.2.19 1701 <-> 68.7.103.29 2114 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:11.031561 0.189308 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:11.221228 0.241747 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:11.463510 0.344003 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:11.808213 0.750376 rtcp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:12.559083 0.000000 udp 10.0.2.19 1701 -> 180.244.107.44 18028 INT 0 1 111 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:32:16.442773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:32:24.444228 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:32:29.263323 0.980703 tcp 10.0.2.19 49280 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:32:30.244261 0.229241 tcp 10.0.2.19 49281 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:32:30.474282 0.494029 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:30.968694 0.419834 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:31.388935 0.412002 udp 10.0.2.19 1701 <-> 200.119.190.39 7773 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:31.801577 0.698446 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:32.500425 0.000000 udp 10.0.2.19 1701 -> 103.1.28.117 28933 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 07:32:40.827602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:32:48.500215 0.200310 tcp 10.0.2.19 49282 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:32:48.700346 0.233071 tcp 10.0.2.19 49283 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:32:48.934450 0.395694 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:32:49.330762 0.714308 udp 10.0.2.19 1701 <-> 59.96.161.63 16748 CON 0 0 3 660 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 07:33:12.833874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:35:25.405107 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 07:35:25.405297 1.973575 tcp 10.0.2.19 49284 -> 90.156.118.144 5237 FSPA* 0 0 14 1568 flow=From-Botnet-V2-TCP-Established 1970/01/01 07:39:18.843880 3.000866 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 07:39:25.850271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:39:33.852402 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:39:49.854737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:40:21.860837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:46:25.866171 3.002393 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 07:46:32.874291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:46:40.875679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:46:56.878819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:47:28.884921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:53:33.721773 3.001903 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 07:53:40.729264 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:53:48.730810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:54:04.733631 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 07:54:37.460903 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:00:41.468704 3.000074 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 08:00:48.474566 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:00:56.476111 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:01:12.479118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:01:44.484765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:03:18.770743 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 08:03:18.771073 0.000000 udp 10.0.2.19 1701 -> 180.253.82.119 20209 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:03:37.211532 0.200319 tcp 10.0.2.19 49285 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:03:37.412357 0.234621 tcp 10.0.2.19 49286 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:03:37.647995 0.000000 udp 10.0.2.19 1701 -> 180.244.107.44 18028 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:03:54.052479 0.198714 tcp 10.0.2.19 49287 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:03:54.251792 0.231851 tcp 10.0.2.19 49288 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:03:54.484170 0.000000 udp 10.0.2.19 1701 -> 103.1.28.117 28933 INT 0 1 87 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:04:10.517049 0.201368 tcp 10.0.2.19 49289 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:04:10.718991 0.227709 tcp 10.0.2.19 49290 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:04:10.947670 0.276648 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:11.224917 0.144429 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:11.370007 0.226562 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:11.597165 0.129011 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:11.726836 0.234767 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:11.962447 0.242200 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:12.205201 0.421118 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:12.626881 0.839929 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:13.467145 0.260570 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:13.728131 0.238978 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:13.967526 0.535299 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:14.503230 0.184180 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:14.687743 0.246249 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:14.934381 0.138758 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:15.073535 0.280638 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:15.354576 0.188419 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:15.543338 0.215305 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:15.759032 0.189036 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:15.948465 0.326795 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:16.275658 0.185494 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:16.461515 0.178971 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:16.640837 0.000000 udp 10.0.2.19 1701 -> 218.90.187.38 5021 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:04:35.572430 0.200877 tcp 10.0.2.19 49291 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:04:35.773502 0.233312 tcp 10.0.2.19 49292 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:04:36.007370 0.908964 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:36.916752 0.304787 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:37.221903 0.201780 udp 10.0.2.19 1701 <-> 85.107.67.138 23510 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:37.424031 0.305790 udp 10.0.2.19 1701 <-> 200.120.218.207 8825 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:37.730191 0.188041 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:37.918618 0.937101 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:38.856178 0.519424 udp 10.0.2.19 1701 <-> 180.247.233.74 14655 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:39.376119 0.414243 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:04:39.790809 0.000000 udp 10.0.2.19 1701 -> 1.4.129.61 15547 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:04:57.004153 0.201507 tcp 10.0.2.19 49293 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:04:57.206144 0.227466 tcp 10.0.2.19 49294 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:04:57.434169 0.000000 udp 10.0.2.19 1701 -> 190.235.27.151 22233 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:05:14.559089 0.201663 tcp 10.0.2.19 49295 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:05:14.761138 0.228857 tcp 10.0.2.19 49296 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:05:14.990951 0.446579 udp 10.0.2.19 1701 <-> 36.83.114.37 26966 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:15.438183 0.590920 udp 10.0.2.19 1701 <-> 113.165.116.48 29634 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:16.029745 0.535689 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:16.566210 0.509844 udp 10.0.2.19 1701 <-> 118.174.49.121 25066 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:17.076666 0.181615 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:17.258863 0.283520 udp 10.0.2.19 1701 <-> 68.7.103.29 2114 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:17.542737 0.689089 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:18.232412 0.348526 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:18.581540 0.588296 udp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:19.170489 0.492657 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:19.663743 0.423797 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:20.088117 0.000000 udp 10.0.2.19 1701 -> 200.119.190.39 7773 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:05:28.157129 2.330626 tcp 10.0.2.19 49297 -> 90.156.118.144 5237 FSPA* 0 0 14 1544 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:05:35.229081 0.204533 tcp 10.0.2.19 49298 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:05:35.433454 0.228197 tcp 10.0.2.19 49299 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:05:35.662764 0.685339 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:36.348682 0.400396 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:05:36.749549 0.335782 udp 10.0.2.19 1701 <-> 59.96.161.63 16748 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:07:48.492291 3.000104 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 08:07:55.498399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:08:03.499751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:08:19.502952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:08:51.508932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:14:55.516801 2.999416 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 08:15:02.522556 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:15:10.524110 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:15:26.526515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:15:58.533329 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:22:02.539357 3.001324 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 08:22:09.546660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:22:17.547390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:22:33.550965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:23:05.556590 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:29:09.564255 3.000473 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 08:29:16.570355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:29:24.571443 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:29:40.574650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:30:12.580624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:35:30.488355 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 08:35:30.488586 4.308536 tcp 10.0.2.19 49300 -> 90.156.118.144 5237 FSPA* 0 0 14 1687 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:35:40.442074 0.000000 udp 10.0.2.19 1701 -> 218.90.187.38 5021 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:35:57.491624 0.201119 tcp 10.0.2.19 49301 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:35:57.693147 0.233553 tcp 10.0.2.19 49302 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:35:57.927730 0.000000 udp 10.0.2.19 1701 -> 1.4.129.61 15547 INT 0 1 101 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:36:14.072738 0.201000 tcp 10.0.2.19 49303 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:36:14.274127 0.232581 tcp 10.0.2.19 49304 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:36:14.507701 0.000000 udp 10.0.2.19 1701 -> 190.235.27.151 22233 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:36:16.586520 3.001960 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 08:36:23.593921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:36:31.057312 0.202125 tcp 10.0.2.19 49305 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:36:31.259699 0.234924 tcp 10.0.2.19 49306 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:36:31.495694 0.000000 udp 10.0.2.19 1701 -> 200.119.190.39 7773 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:36:31.595956 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:36:47.069848 0.199275 tcp 10.0.2.19 49307 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:36:47.269505 0.232846 tcp 10.0.2.19 49308 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:36:47.503319 0.247499 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:47.598383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:36:47.751362 0.143538 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:47.895484 0.268957 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:48.165033 0.573555 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:48.739148 0.258327 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:48.998019 0.234261 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:49.232868 0.421094 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:49.654720 0.261259 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:49.916598 0.894976 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:50.812163 0.464136 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:51.276873 0.236343 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:51.513766 0.184919 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:51.699389 0.222006 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:51.922168 0.268088 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:52.190804 0.192416 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:52.383860 0.132301 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:52.516686 0.243239 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:52.760514 0.549702 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:53.310773 0.413012 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:53.724405 0.206644 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:53.931617 0.184716 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:54.116879 0.205390 udp 10.0.2.19 1701 <-> 85.107.67.138 23510 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:54.322679 0.303993 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:54.627046 0.786575 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:55.414424 0.320956 udp 10.0.2.19 1701 <-> 200.120.218.207 8825 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:55.735788 0.977901 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:56.714368 0.179346 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:56.894296 0.417457 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:57.312253 0.532181 udp 10.0.2.19 1701 <-> 180.247.233.74 14655 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:57.845007 0.445603 udp 10.0.2.19 1701 <-> 36.83.114.37 26966 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:36:58.291193 0.000000 udp 10.0.2.19 1701 -> 113.165.116.48 29634 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:37:17.253023 0.202650 tcp 10.0.2.19 49309 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:37:17.455113 0.233116 tcp 10.0.2.19 49310 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:37:17.688778 0.781079 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:18.470281 0.285449 udp 10.0.2.19 1701 <-> 68.7.103.29 2114 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:18.756096 0.528281 udp 10.0.2.19 1701 <-> 118.174.49.121 25066 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:19.284739 0.181718 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:19.466820 0.262090 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:19.604875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:37:19.729255 0.342965 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:20.072650 0.492319 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:20.565306 0.760351 udp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:21.326015 0.434462 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:21.760874 0.433017 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:22.194326 0.389877 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 08:37:22.584602 0.000000 udp 10.0.2.19 1701 -> 59.96.161.63 16748 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 08:37:40.285464 0.204403 tcp 10.0.2.19 49311 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:37:40.490048 0.232876 tcp 10.0.2.19 49312 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 08:43:23.612726 2.999324 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 08:43:30.618415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:43:38.619877 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:43:54.622413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:44:26.629242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:50:30.636009 3.000523 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 08:50:37.641954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:50:45.643781 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:51:01.646813 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:51:33.652985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:57:37.660241 3.000330 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 08:57:44.666401 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:57:52.667516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:58:08.670413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 08:58:40.676745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:04:44.682283 3.002103 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 09:04:51.689925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:04:59.691263 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:05:15.694706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:05:34.802753 0.000164 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 09:05:34.803075 1.262698 tcp 10.0.2.19 49313 -> 90.156.118.144 5237 SPA_* 0 0 9 1152 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:05:40.371620 0.007401 tcp 10.0.2.19 49313 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:05:47.700599 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:08:04.658516 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 09:08:04.658864 0.000000 udp 10.0.2.19 1701 -> 113.165.116.48 29634 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 09:08:23.058410 0.201879 tcp 10.0.2.19 49314 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:08:23.260681 0.242480 tcp 10.0.2.19 49315 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:08:23.503693 0.346705 udp 10.0.2.19 1701 <-> 59.96.161.63 16748 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:23.851022 0.298581 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:24.150289 0.146722 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:24.297563 1.078102 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:25.376273 0.278286 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:25.655141 0.233517 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:25.888991 0.249885 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:26.139316 0.420298 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:26.560269 0.172043 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:26.732851 0.253791 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:26.987250 0.238560 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:27.226631 0.184244 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:27.411568 0.284990 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:27.697200 0.125569 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:27.823388 0.254564 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:28.078661 0.193451 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:28.272697 0.272851 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:28.546475 0.221986 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:28.769180 0.331476 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:29.101273 0.193851 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:29.295718 0.425163 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:29.721558 0.200564 udp 10.0.2.19 1701 <-> 85.107.67.138 23510 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:29.922739 0.178857 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:30.102274 0.179311 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:30.281978 0.560937 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:30.843466 0.321573 udp 10.0.2.19 1701 <-> 200.120.218.207 8825 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:31.165654 0.189343 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:31.355637 0.725921 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:32.081985 0.507935 udp 10.0.2.19 1701 <-> 180.247.233.74 14655 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:32.590496 0.416706 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:33.007815 0.000000 udp 10.0.2.19 1701 -> 36.83.114.37 26966 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 09:08:51.576995 0.200779 tcp 10.0.2.19 49316 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:08:51.778351 0.232064 tcp 10.0.2.19 49317 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:08:52.011479 0.542753 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:52.554844 0.271766 udp 10.0.2.19 1701 <-> 68.7.103.29 2114 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:08:52.827276 0.000000 udp 10.0.2.19 1701 -> 118.174.49.121 25066 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 09:09:09.373033 0.201812 tcp 10.0.2.19 49318 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:09:09.575159 0.236626 tcp 10.0.2.19 49319 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:09:09.812731 0.218579 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:09:10.031940 0.187848 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:09:10.220292 0.484810 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:09:10.705731 0.342594 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:09:11.048914 1.552998 udp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:09:12.602474 0.431585 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:09:13.034647 0.422039 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:09:13.457225 0.367821 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:11:51.768772 2.999382 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 09:11:58.774417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:12:06.775976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:12:22.778299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:12:54.784989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:18:58.792544 2.999709 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 09:19:05.798161 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:19:13.799285 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:19:29.802846 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:20:01.808662 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:26:05.816200 3.000242 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 09:26:12.822108 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:26:20.823989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:26:36.826711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:27:08.832395 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:33:12.838533 3.001618 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 09:33:19.846484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:33:27.847186 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:33:43.850878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:34:15.856461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:35:40.398604 0.000180 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 09:35:40.398944 1.668413 tcp 10.0.2.19 49320 -> 90.156.118.144 5237 SPA_* 0 0 9 1198 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:35:47.942746 0.017454 tcp 10.0.2.19 49320 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:39:20.144164 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 09:39:20.144470 0.000000 udp 10.0.2.19 1701 -> 36.83.114.37 26966 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 09:39:37.080638 0.200029 tcp 10.0.2.19 49321 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:39:37.280234 0.233471 tcp 10.0.2.19 49322 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:39:37.514286 0.000000 udp 10.0.2.19 1701 -> 118.174.49.121 25066 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 09:39:55.107204 0.202360 tcp 10.0.2.19 49323 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:39:55.310056 0.244564 tcp 10.0.2.19 49324 -> 173.194.70.94 80 SRPA* 0 0 10 3496 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:39:55.555597 0.328713 udp 10.0.2.19 1701 <-> 59.96.161.63 16748 CON 0 0 2 212 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:55.884878 0.232501 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:56.117954 0.156561 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:56.275092 0.277737 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:56.553456 1.450175 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:58.004264 0.229208 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:58.233919 0.418929 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:58.653438 0.251483 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:58.905527 0.820956 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:59.727092 0.256008 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:39:59.983569 0.182736 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:00.166851 0.255316 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:00.422719 0.237693 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:00.661030 0.139176 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:00.800619 0.220250 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:01.021267 0.250973 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:01.272866 0.191518 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:01.464962 0.273770 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:01.739277 0.277703 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:02.017618 0.329084 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:02.347288 0.296628 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:02.644281 0.171530 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:02.816171 0.000000 udp 10.0.2.19 1701 -> 85.107.67.138 23510 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 09:40:18.630307 0.209705 tcp 10.0.2.19 49325 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:40:18.840444 0.239823 tcp 10.0.2.19 49326 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:40:19.081040 0.185291 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:19.266699 0.535751 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:19.803079 0.000000 udp 10.0.2.19 1701 -> 200.120.218.207 8825 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 09:40:19.863941 3.000464 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 09:40:26.869988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:40:34.871999 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:40:38.358600 0.202514 tcp 10.0.2.19 49327 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:40:38.560670 0.242560 tcp 10.0.2.19 49328 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 09:40:38.803805 0.178940 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:38.983342 1.007752 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:39.991576 0.530392 udp 10.0.2.19 1701 <-> 180.247.233.74 14655 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:40.522696 0.413611 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:40.936900 0.361764 udp 10.0.2.19 1701 <-> 68.7.103.29 2114 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:41.299265 0.505245 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:41.805134 0.177360 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:41.983039 0.509815 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:42.493458 0.230357 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:42.724385 0.343693 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:43.068642 0.950913 udp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:44.020154 0.374553 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:44.395349 0.414509 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:44.810445 0.415154 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 09:40:50.874838 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:41:22.880493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:47:26.888197 3.000387 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 09:47:33.893691 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:47:41.895257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:47:57.898498 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:48:29.904250 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:54:33.912269 3.000197 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 09:54:40.917709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:54:48.919267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:55:04.923002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 09:55:36.928610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:01:40.936000 3.000487 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 10:01:47.941818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:01:55.943263 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:02:11.946484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:02:43.952626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:05:47.947539 0.000136 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 10:05:47.947766 1.561478 tcp 10.0.2.19 49329 -> 90.156.118.144 5237 SPA_* 0 0 9 1196 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:05:54.291384 0.126081 tcp 10.0.2.19 49329 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:08:47.960253 2.999524 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 10:08:54.965788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:09:02.967253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:09:18.970371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:09:50.976313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:11:14.236194 0.000200 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 10:11:14.236615 0.000000 udp 10.0.2.19 1701 -> 85.107.67.138 23510 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:11:30.844527 0.206772 tcp 10.0.2.19 49330 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:11:31.051680 0.238378 tcp 10.0.2.19 49331 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:11:31.291061 0.000000 udp 10.0.2.19 1701 -> 200.120.218.207 8825 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:11:47.206342 0.214765 tcp 10.0.2.19 49332 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:11:47.421555 0.238632 tcp 10.0.2.19 49333 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:11:47.661132 0.000000 udp 10.0.2.19 1701 -> 59.96.161.63 16748 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:12:02.788336 0.204028 tcp 10.0.2.19 49334 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:12:02.992182 0.234271 tcp 10.0.2.19 49335 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:12:03.227467 0.271452 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:03.499503 0.162177 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:03.662293 0.238232 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:03.901106 1.601190 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:05.502937 0.237962 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:05.741503 0.425752 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:06.167875 0.000000 udp 10.0.2.19 1701 -> 123.238.65.44 4636 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:12:21.735015 0.202551 tcp 10.0.2.19 49336 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:12:21.937973 0.248811 tcp 10.0.2.19 49337 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:12:22.187741 0.589839 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:22.778195 0.264241 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:23.043000 0.178590 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:23.222219 0.126156 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:23.348921 0.139494 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:23.488827 0.249691 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:23.738928 0.278779 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:24.018126 0.226321 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:24.244865 0.260343 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:24.505597 0.205620 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:24.711622 0.170073 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:24.882130 0.409440 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:25.291895 0.324588 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:25.616953 0.302495 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:25.919864 0.553465 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:26.473751 0.174737 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:26.648860 0.213347 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:26.862569 0.704000 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:27.566916 0.000000 udp 10.0.2.19 1701 -> 180.247.233.74 14655 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:12:45.418486 0.204511 tcp 10.0.2.19 49338 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:12:45.622722 0.233707 tcp 10.0.2.19 49339 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:12:45.856992 0.837022 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:46.694453 0.408783 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:12:47.103687 0.000000 udp 10.0.2.19 1701 -> 68.7.103.29 2114 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:13:04.347005 0.205607 tcp 10.0.2.19 49340 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:13:04.552964 0.262819 tcp 10.0.2.19 49341 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:13:04.816573 0.189638 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:13:05.006725 0.501794 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:13:05.509132 0.228998 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:13:05.738728 0.344612 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:13:06.083977 0.427908 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:13:06.512291 0.748837 udp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:13:07.261846 0.398411 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:13:07.660968 0.464129 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:15:54.984389 2.999544 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 10:16:01.989768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:16:09.991327 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:16:25.994339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:16:58.000302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:23:02.008154 2.999785 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 10:23:09.013606 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:23:17.015547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:23:33.018217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:24:05.023971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:30:09.032060 2.999560 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 10:30:16.038183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:30:24.039242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:30:40.042644 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:31:12.048259 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:35:54.425155 0.000198 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 10:35:54.425521 1.559008 tcp 10.0.2.19 49342 -> 90.156.118.144 5237 SPA_* 0 0 9 1084 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:36:02.157429 0.011514 tcp 10.0.2.19 49342 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:37:16.054253 3.002165 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 10:37:23.061975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:37:31.062899 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:37:47.065968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:38:19.072206 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:43:19.424331 0.000141 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 10:43:19.424606 0.000000 udp 10.0.2.19 1701 -> 59.96.161.63 16748 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:43:36.501335 0.205384 tcp 10.0.2.19 49343 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:43:36.706420 0.243320 tcp 10.0.2.19 49344 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:43:36.950305 0.000000 udp 10.0.2.19 1701 -> 123.238.65.44 4636 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:43:55.407762 0.206740 tcp 10.0.2.19 49345 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:43:55.614989 0.286273 tcp 10.0.2.19 49346 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:43:55.902286 0.000000 udp 10.0.2.19 1701 -> 180.247.233.74 14655 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:44:14.795749 0.205412 tcp 10.0.2.19 49347 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:44:15.001675 0.243823 tcp 10.0.2.19 49348 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:44:15.246495 0.000000 udp 10.0.2.19 1701 -> 68.7.103.29 2114 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:44:23.079833 3.000079 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 10:44:30.085417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:44:32.361015 0.238403 tcp 10.0.2.19 49349 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:44:32.599988 0.260310 tcp 10.0.2.19 49350 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:44:32.861280 0.237514 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:33.099357 0.145694 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:33.245594 0.272631 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:33.518835 1.463840 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 587 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:34.983062 0.241008 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:35.224464 0.487004 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:35.712108 0.880208 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:36.592935 0.000000 udp 10.0.2.19 1701 -> 108.234.133.110 8387 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:44:38.087305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:44:51.749244 2.332666 tcp 10.0.2.19 49351 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:44:54.082672 2.686623 tcp 10.0.2.19 49352 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:44:54.090181 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:44:56.770462 1.575571 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:58.346737 1.493498 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:44:59.840784 1.654285 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:01.495737 2.011745 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:03.508074 1.370560 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:04.879196 1.384069 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:06.263871 1.403679 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:07.668217 1.511676 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:09.180526 1.481495 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:10.662697 0.479638 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:11.143050 0.327290 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:11.470959 0.299311 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:11.770890 0.552231 udp 10.0.2.19 1701 <-> 36.72.103.199 10559 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:12.323736 0.187788 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:12.512104 0.187021 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:12.699733 0.577030 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:13.277447 0.801345 udp 10.0.2.19 1701 <-> 125.24.79.246 29980 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:14.079447 0.414150 udp 10.0.2.19 1701 <-> 180.242.248.65 26145 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:14.494447 0.498213 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:14.993261 0.228716 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:15.222566 0.182252 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:15.405466 0.346587 rtcp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:15.763715 0.441167 udp 10.0.2.19 1701 <-> 222.124.64.87 28047 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:16.205427 0.000000 udp 10.0.2.19 1701 -> 101.63.65.129 2527 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 10:45:26.096022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:45:34.730086 0.204109 tcp 10.0.2.19 49353 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:45:34.933891 0.238350 tcp 10.0.2.19 49354 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 10:45:35.172797 0.384966 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:45:35.558265 0.737970 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 10:51:30.101492 3.002311 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 10:51:37.109241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:51:45.111442 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:52:01.114360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:52:33.119943 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:58:37.127930 3.000399 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 10:58:44.133827 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:58:52.135347 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:59:08.138222 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 10:59:40.143775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:05:44.151875 3.000060 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 11:05:51.157947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:05:59.159369 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:06:02.163996 0.000152 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 11:06:02.164285 1.541047 tcp 10.0.2.19 49355 -> 90.156.118.144 5237 SPA_* 0 0 7 1026 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:06:12.597589 0.018380 tcp 10.0.2.19 49355 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:06:15.161917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:06:47.167769 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:12:51.175384 3.000750 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 11:12:58.181184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:13:06.183258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:13:22.186509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:13:54.272437 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:15:50.259406 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 11:15:50.259678 0.220617 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:50.480883 0.929424 udp 10.0.2.19 1701 <-> 101.63.65.129 2527 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:51.410931 0.253269 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:51.664786 0.126711 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:51.792084 0.216613 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:52.009089 0.221881 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:52.231579 0.403646 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:52.635830 1.593427 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:54.229909 0.477333 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:54.707871 0.255014 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:54.963436 0.267681 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:55.231702 0.262941 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:55.495215 0.290157 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:55.785972 0.279815 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:56.066439 0.286701 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:56.353764 0.307210 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:56.661641 0.330712 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:56.992758 0.322519 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:57.315724 0.356043 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:57.672402 0.375471 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:58.048461 0.394228 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:58.443326 0.450939 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:15:58.894870 0.000000 udp 10.0.2.19 1701 -> 36.72.103.199 10559 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:16:17.282790 0.165665 tcp 10.0.2.19 49356 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:16:17.448762 0.204195 tcp 10.0.2.19 49357 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:16:17.653903 0.167285 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:16:17.821857 0.732475 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:16:18.554944 0.000000 udp 10.0.2.19 1701 -> 180.242.248.65 26145 INT 0 1 97 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:16:34.855289 0.166016 tcp 10.0.2.19 49358 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:16:35.021834 0.199705 tcp 10.0.2.19 49359 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:16:35.223271 0.000000 udp 10.0.2.19 1701 -> 125.24.79.246 29980 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:16:53.432076 0.167390 tcp 10.0.2.19 49360 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:16:53.599816 0.202733 tcp 10.0.2.19 49361 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:16:53.803505 0.329197 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:16:54.133289 0.475402 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:16:54.609294 0.205252 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:16:54.815121 0.170569 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:16:54.986316 0.000000 udp 10.0.2.19 1701 -> 222.124.64.87 28047 INT 0 1 103 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:17:12.529468 0.169338 tcp 10.0.2.19 49362 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:17:12.699339 0.197466 tcp 10.0.2.19 49363 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:17:12.897845 0.377379 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:17:13.275845 0.389805 udp 10.0.2.19 1701 <-> 36.82.20.14 14337 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:19:58.279684 3.000249 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 11:20:05.285194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:20:13.287509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:20:29.290393 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:21:01.296239 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:27:05.304319 2.999875 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 11:27:12.309845 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:27:20.311049 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:27:36.314265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:28:08.319828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:34:12.327863 3.000264 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 11:34:19.333902 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:34:27.335446 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:34:43.338211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:35:15.473912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:36:12.697308 0.000220 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 11:36:12.697693 1.636504 tcp 10.0.2.19 49364 -> 90.156.118.144 5237 SPA_* 0 0 9 1046 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:36:29.537832 0.012321 tcp 10.0.2.19 49364 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:41:19.480027 3.001836 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 11:41:26.487650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:41:34.489226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:41:50.492580 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:42:22.499083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:47:26.696087 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 11:47:26.696430 0.000000 udp 10.0.2.19 1701 -> 36.72.103.199 10559 INT 0 1 99 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:47:41.761748 3.755048 tcp 10.0.2.19 49365 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:47:45.517311 0.290212 tcp 10.0.2.19 49366 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:47:45.808265 0.000000 udp 10.0.2.19 1701 -> 180.242.248.65 26145 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:48:01.538047 2.352981 tcp 10.0.2.19 49367 -> 173.194.70.103 80 FSPA* 0 0 8 1710 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:48:03.891245 2.106675 tcp 10.0.2.19 49368 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:48:05.999024 0.000000 udp 10.0.2.19 1701 -> 125.24.79.246 29980 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:48:21.456666 1.375325 tcp 10.0.2.19 49369 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:48:22.831907 1.374719 tcp 10.0.2.19 49370 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:48:24.207615 0.000000 udp 10.0.2.19 1701 -> 222.124.64.87 28047 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:48:26.505898 2.999636 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 11:48:33.511955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:48:41.365085 2.211384 tcp 10.0.2.19 49371 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:48:41.512818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:48:43.576976 1.398702 tcp 10.0.2.19 49372 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:48:44.976631 0.854386 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:48:45.831368 0.904463 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:48:46.736412 0.802793 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:48:47.539799 0.000000 udp 10.0.2.19 1701 -> 101.63.65.129 2527 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:48:57.516351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:49:05.509014 2.767525 tcp 10.0.2.19 49373 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:49:08.276123 1.577726 tcp 10.0.2.19 49374 -> 173.194.70.94 80 SPA_* 0 0 5 546 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:49:16.582796 0.000672 tcp 10.0.2.19 49374 -> 173.194.70.94 80 RA_PA 0 0 2 1448 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:49:16.584062 1.279328 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:17.863800 0.884407 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:18.748554 0.767730 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:19.516643 1.991421 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:21.508425 0.000000 udp 10.0.2.19 1701 -> 79.35.154.174 7520 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:49:29.522005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:49:38.898335 0.726921 tcp 10.0.2.19 49375 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:49:39.625086 0.791987 tcp 10.0.2.19 49376 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:49:40.419247 0.576960 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:40.996796 0.566128 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:41.563570 0.509434 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:42.073574 0.488646 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:42.562834 0.587206 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:43.150918 0.716980 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:43.868459 0.762496 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:44.631562 1.235210 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:45.867355 1.494366 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:49:47.362471 0.000000 udp 10.0.2.19 1701 -> 107.217.117.139 8593 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:50:03.891587 0.000000 tcp 10.0.2.19 49367 ?> 173.194.70.103 80 RA_ 0 1 54 flow=Background 1970/01/01 11:50:05.496172 2.933684 tcp 10.0.2.19 49377 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:50:08.430347 3.228042 tcp 10.0.2.19 49378 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:50:11.659367 0.000000 udp 10.0.2.19 1701 -> 189.172.99.119 29140 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:50:28.549164 2.472061 tcp 10.0.2.19 49379 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:50:31.021776 2.729798 tcp 10.0.2.19 49380 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:50:33.752534 1.572556 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:35.325658 1.545704 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:36.871987 1.676355 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:38.548936 2.112064 udp 10.0.2.19 1701 <-> 110.138.67.41 27744 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:40.661602 1.569035 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:42.231253 1.112418 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:43.344301 0.851768 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:44.196664 0.571257 udp 10.0.2.19 1701 <-> 94.240.224.115 8696 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:44.768533 0.784774 udp 10.0.2.19 1701 <-> 210.0.130.4 9272 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 11:50:45.553896 0.000000 udp 10.0.2.19 1701 -> 36.82.20.14 14337 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 11:51:03.752135 3.646910 tcp 10.0.2.19 49381 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:51:07.399497 4.175186 tcp 10.0.2.19 49382 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 11:55:33.570423 2.999738 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 11:55:40.575535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:55:48.576928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:56:04.579809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 11:56:36.586470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:02:40.593962 2.999809 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 12:02:47.600078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:02:55.601189 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:03:11.604191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:03:43.609968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:06:29.589536 0.000177 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:06:29.589880 2.570076 tcp 10.0.2.19 49383 -> 90.156.118.144 5237 SPA_* 0 0 9 1249 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:06:41.557040 0.003759 tcp 10.0.2.19 49383 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:09:47.617900 2.999903 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 12:09:54.623407 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:10:02.624993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:10:18.628033 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:10:50.634530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:16:54.642138 2.999808 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 12:17:01.647792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:17:09.649429 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:17:25.652003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:17:57.658354 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:21:32.007017 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:21:32.007305 0.000000 udp 10.0.2.19 1701 -> 101.63.65.129 2527 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:21:50.366868 1.825096 tcp 10.0.2.19 49384 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:21:52.191631 1.932936 tcp 10.0.2.19 49385 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:21:54.125558 0.000000 udp 10.0.2.19 1701 -> 79.35.154.174 7520 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:22:10.964982 1.160097 tcp 10.0.2.19 49386 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:22:12.124983 0.716788 tcp 10.0.2.19 49387 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:22:12.842760 0.719161 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:13.562598 0.739917 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:14.303144 0.000000 udp 10.0.2.19 1701 -> 36.82.20.14 14337 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:22:33.106214 1.890438 tcp 10.0.2.19 49388 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:22:34.997199 2.197197 tcp 10.0.2.19 49389 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:22:37.194949 0.000000 udp 10.0.2.19 1701 -> 108.234.133.110 8387 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:22:54.097146 0.556185 tcp 10.0.2.19 49390 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:22:54.653757 0.652513 tcp 10.0.2.19 49391 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:22:55.307183 0.513470 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:55.821040 0.326669 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 219 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:56.148332 0.620441 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:56.769350 0.459726 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:57.229692 0.457560 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:57.687621 1.987318 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:22:59.675556 0.729808 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:00.406231 1.022454 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:01.429290 1.196492 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:02.626730 1.837490 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:04.464837 1.921698 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:06.387140 1.959236 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:08.346915 2.081577 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:10.429101 0.502791 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:10.932579 0.205690 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:11.138810 0.898164 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:12.037604 1.428330 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:13.466562 0.935331 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:14.402543 0.000000 udp 10.0.2.19 1701 -> 110.138.67.41 27744 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:23:32.672092 1.812300 tcp 10.0.2.19 49392 -> 173.194.70.103 80 SPA_* 0 0 5 547 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:23:41.193292 0.001029 tcp 10.0.2.19 49392 -> 173.194.70.103 80 FA_F* 0 0 5 1271 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:23:41.194990 1.570095 tcp 10.0.2.19 49393 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:23:42.766225 1.382477 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:44.149310 1.050327 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:45.200220 0.729642 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:23:45.930523 0.000000 udp 10.0.2.19 1701 -> 94.240.224.115 8696 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:24:01.736052 3.000069 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 12:24:02.384545 0.452179 tcp 10.0.2.19 49394 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:24:02.837073 0.478398 tcp 10.0.2.19 49395 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:24:03.316443 0.000000 udp 10.0.2.19 1701 -> 210.0.130.4 9272 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:24:08.741991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:24:16.743444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:24:18.978504 1.784193 tcp 10.0.2.19 49396 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:24:20.763180 0.235265 tcp 10.0.2.19 49397 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:24:32.746444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:25:04.752266 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:31:08.760156 2.999537 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 12:31:15.765936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:31:23.767178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:31:39.769989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:32:11.776278 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:36:41.634483 0.000153 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:36:41.634749 2.876829 tcp 10.0.2.19 49398 -> 90.156.118.144 5237 SPA_* 0 0 9 1089 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:36:52.218882 0.001529 tcp 10.0.2.19 49398 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:38:15.783287 3.000187 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 12:38:22.789857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:38:30.791108 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:38:46.793759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:39:18.800145 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:45:22.805696 3.001712 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 12:45:29.813279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:45:37.815098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:45:53.818214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:46:25.824287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:52:29.832415 2.999533 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 12:52:36.837459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:52:44.839148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:53:00.841686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:53:32.847778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:54:50.390199 0.000198 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:54:50.390573 0.223834 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:54:50.615110 0.000000 udp 10.0.2.19 1701 -> 110.138.67.41 27744 INT 0 1 111 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:55:07.649235 2.106264 tcp 10.0.2.19 49399 -> 173.194.70.103 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:55:07.825182 0.211635 tcp 10.0.2.19 49400 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:55:08.037715 0.000000 udp 10.0.2.19 1701 -> 210.0.130.4 9272 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:55:25.632438 2.086450 tcp 10.0.2.19 49401 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:55:27.719525 2.458867 tcp 10.0.2.19 49402 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:55:30.179386 0.000000 udp 10.0.2.19 1701 -> 94.240.224.115 8696 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:55:48.114441 1.792538 tcp 10.0.2.19 49403 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:55:49.907339 0.204887 tcp 10.0.2.19 49404 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:55:50.113065 0.280234 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:50.393859 0.812935 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:51.207513 0.254173 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:51.462316 0.401831 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:51.864722 0.138790 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:52.004007 0.220356 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:52.224959 0.223821 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:52.449305 1.158297 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:55:53.608193 0.000000 udp 10.0.2.19 1701 -> 107.193.222.108 3981 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:56:10.216575 0.187899 tcp 10.0.2.19 49405 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:56:10.404873 0.218356 tcp 10.0.2.19 49406 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 12:56:10.624173 0.317183 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:10.942217 0.109136 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:11.051844 0.161270 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:11.213665 0.172767 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:11.387012 0.235071 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:11.622695 0.149074 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:11.772381 0.312688 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:12.085709 0.225399 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:12.311713 0.524540 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:12.836852 0.183864 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:13.021359 0.160702 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:13.182649 0.468694 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:13.651961 0.331355 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:13.983951 0.212140 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:14.251691 0.000000 udp 10.0.2.19 1701 -> 107.193.222.108 3981 REQ 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:56:19.437541 0.235016 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 798 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:19.673270 0.259639 udp 10.0.2.19 1701 <-> 107.217.117.139 8593 CON 0 0 2 824 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:19.941569 0.254714 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 728 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:20.196903 0.295221 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 758 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:20.492811 0.221821 udp 10.0.2.19 1701 <-> 66.63.204.26 24382 CON 0 0 2 842 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:20.715317 0.232079 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 788 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:20.948085 0.155951 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 754 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:21.104708 0.403843 udp 10.0.2.19 1701 <-> 1.168.10.20 1002 CON 0 0 2 718 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:21.509064 1.241473 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 698 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:22.751195 0.203815 udp 10.0.2.19 1701 <-> 2.230.133.66 6474 CON 0 0 2 714 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:22.955644 0.110556 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 835 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:23.066871 0.165816 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 746 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:23.233402 0.173526 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:23.407615 0.237220 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 663 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:23.645511 0.204443 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 791 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:23.850651 0.222829 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:24.074334 0.321659 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 855 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:24.396682 0.197047 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 785 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:24.594496 0.160685 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 767 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:24.755843 0.479493 udp 10.0.2.19 1701 <-> 118.173.193.63 17103 CON 0 0 2 770 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:25.236026 0.177521 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:25.414469 0.212470 udp 10.0.2.19 1701 <-> 98.21.73.216 1245 CON 0 0 2 710 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:25.627613 0.333030 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 692 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:25.961606 0.000000 udp 10.0.2.19 1701 -> 95.65.37.77 28370 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:56:33.488050 0.170958 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 790 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:33.720150 0.000000 udp 10.0.2.19 1701 -> 187.57.162.209 4311 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:56:41.149242 1.471411 udp 10.0.2.19 1701 -> 113.210.133.235 10976 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:56:42.620653 0.000000 icmp 113.210.133.235 0x0303 -> 10.0.2.19 0xe02a URP 192 1 249 flow=Background 1970/01/01 12:56:46.006254 0.000151 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:56:48.009020 0.192542 udp 10.0.2.19 1701 <-> 94.64.232.130 23450 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:48.484345 0.561814 udp 10.0.2.19 1701 <-> 110.164.36.164 19839 CON 0 0 2 695 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:49.163459 0.230266 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 804 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:56:49.439371 0.000000 udp 10.0.2.19 1701 -> 79.19.109.35 5592 INT 0 1 306 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:56:55.119057 0.000000 udp 10.0.2.19 1701 -> 88.238.90.149 5363 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:03.320800 0.383472 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:57:03.748742 0.428144 udp 10.0.2.19 1701 <-> 151.245.129.225 26273 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:57:04.297038 0.290165 udp 10.0.2.19 1701 <-> 172.190.235.230 5737 CON 0 0 2 844 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:57:04.719482 0.000000 udp 10.0.2.19 1701 -> 92.226.236.123 9072 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:11.572431 0.239896 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 702 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:57:11.847881 0.000000 udp 10.0.2.19 1701 -> 88.234.126.36 10536 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:17.461319 0.000000 udp 10.0.2.19 1701 -> 87.22.24.78 3176 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:22.007619 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:57:23.159066 0.000000 udp 10.0.2.19 1701 -> 203.198.149.73 3912 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:31.722185 0.118443 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 683 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:57:31.895832 0.000000 udp 10.0.2.19 1701 -> 94.67.131.119 9148 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:40.794732 0.000000 udp 10.0.2.19 1701 -> 121.54.51.84 26569 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:45.932143 0.172546 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 807 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:57:46.151427 0.000000 udp 10.0.2.19 1701 -> 76.19.92.194 4756 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:53.622772 0.000000 udp 10.0.2.19 1701 -> 68.7.103.29 2114 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:57:58.510224 0.000177 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:58:00.602846 0.169245 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:58:01.425802 0.116515 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:58:01.586466 0.000000 udp 10.0.2.19 1701 -> 88.238.126.195 3773 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:07.353107 0.000000 udp 10.0.2.19 1701 -> 176.73.85.34 15907 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:14.062739 0.000000 udp 10.0.2.19 1701 -> 80.140.209.239 7744 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:21.884196 0.000000 udp 10.0.2.19 1701 -> 175.138.219.91 1299 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:28.052964 0.000000 udp 10.0.2.19 1701 -> 41.206.15.133 7089 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:33.009639 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:58:35.704216 0.000000 udp 10.0.2.19 1701 -> 202.143.178.97 1196 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:44.235720 0.000000 udp 10.0.2.19 1701 -> 77.28.99.184 6691 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:50.314734 0.000000 udp 10.0.2.19 1701 -> 188.169.104.2 12252 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:58:58.316400 0.000000 udp 10.0.2.19 1701 -> 151.41.99.7 10028 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:04.224983 0.234709 udp 10.0.2.19 1701 <-> 2.90.50.124 24606 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:59:04.491143 0.000000 udp 10.0.2.19 1701 -> 217.147.224.10 6273 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:09.001358 0.000136 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:59:13.428003 0.000000 udp 10.0.2.19 1701 -> 39.230.140.48 2437 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:19.306592 0.270946 udp 10.0.2.19 1701 <-> 108.74.172.39 3059 CON 0 0 2 718 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:59:19.755658 0.290021 udp 10.0.2.19 1701 <-> 41.135.135.193 29349 CON 0 0 2 827 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:59:20.098273 0.154908 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:59:20.271097 0.288477 udp 10.0.2.19 1701 <-> 122.164.65.66 25811 CON 0 0 2 656 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 12:59:20.789422 0.000000 udp 10.0.2.19 1701 -> 95.225.116.174 3484 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:27.518365 0.000000 udp 10.0.2.19 1701 -> 178.134.236.183 5333 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:33.676814 0.000000 udp 10.0.2.19 1701 -> 105.225.175.68 9866 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:36.855967 2.999840 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 12:59:42.299454 0.000000 udp 10.0.2.19 1701 -> 2.228.140.114 6788 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:43.862019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:59:47.006092 0.000180 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 12:59:48.909193 0.000000 udp 10.0.2.19 1701 -> 177.223.90.86 7304 INT 0 1 306 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 12:59:51.863106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 12:59:55.529943 0.000000 udp 10.0.2.19 1701 -> 24.235.49.244 25200 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:02.739107 0.000000 udp 10.0.2.19 1701 -> 88.102.220.160 9954 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:07.865902 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:00:11.110930 0.000000 udp 10.0.2.19 1701 -> 85.15.162.66 5776 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:17.970709 0.000000 udp 10.0.2.19 1701 -> 41.72.22.199 1973 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:22.506952 0.000113 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:00:23.968950 0.000000 udp 10.0.2.19 1701 -> 218.90.187.38 5021 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:30.027898 0.210029 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 686 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:00:30.587797 0.000000 udp 10.0.2.19 1701 -> 118.68.131.242 12490 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:37.588634 0.161252 udp 10.0.2.19 1701 <-> 41.200.82.4 11344 CON 0 0 2 736 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:00:38.216722 0.000000 udp 10.0.2.19 1701 -> 83.10.163.44 19495 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:39.872506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:00:46.421855 0.000000 udp 10.0.2.19 1701 -> 210.0.130.4 9272 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:54.042414 0.155049 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 820 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:00:54.240168 0.308692 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:00:54.702475 0.000000 udp 10.0.2.19 1701 -> 95.227.238.19 9135 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:00:59.009267 0.000155 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:01:00.562311 0.089743 udp 10.0.2.19 1701 <-> 91.137.174.85 6383 CON 0 0 2 795 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:01:00.702760 0.163716 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 688 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:01:01.016348 0.173703 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 722 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:01:01.239529 0.224536 udp 10.0.2.19 1701 <-> 37.232.21.76 17571 CON 0 0 2 770 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:01:01.513517 0.000000 udp 10.0.2.19 1701 -> 122.255.57.50 3210 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:07.111609 0.000000 udp 10.0.2.19 1701 -> 212.156.171.127 3193 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:13.610901 0.173164 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 748 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:01:14.107758 0.000000 udp 10.0.2.19 1701 -> 69.94.191.11 9179 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:20.580794 0.000000 udp 10.0.2.19 1701 -> 78.169.229.240 1049 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:28.091617 0.226005 udp 10.0.2.19 1701 -> 94.43.192.181 1076 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:28.317622 0.000000 icmp 94.43.192.181 0x0303 -> 10.0.2.19 0x3404 URP 192 1 273 flow=Background 1970/01/01 13:01:33.008094 0.000141 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:01:34.601109 0.000000 udp 10.0.2.19 1701 -> 93.67.62.148 1024 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:43.553847 0.000000 udp 10.0.2.19 1701 -> 81.112.175.202 20727 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:51.895832 0.000000 udp 10.0.2.19 1701 -> 176.74.88.48 5699 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:01:57.644033 0.233208 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 688 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:01:58.016762 0.000000 udp 10.0.2.19 1701 -> 59.90.33.81 14693 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:06.005908 0.251681 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 733 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:06.267184 0.103789 udp 10.0.2.19 1701 <-> 109.193.194.29 7057 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:06.380547 0.264639 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 657 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:06.654592 0.000000 udp 10.0.2.19 1701 -> 188.169.253.41 24119 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:11.003377 0.000156 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:02:11.774035 0.344524 udp 10.0.2.19 1701 <-> 149.3.4.183 21887 CON 0 0 2 834 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:12.127623 0.500379 udp 10.0.2.19 1701 <-> 59.92.101.126 10384 CON 0 0 2 699 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:12.638511 0.000000 udp 10.0.2.19 1701 -> 112.210.123.33 14968 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:20.717129 0.000000 udp 10.0.2.19 1701 -> 77.108.94.108 4437 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:26.925803 0.152291 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:27.236725 0.375765 udp 10.0.2.19 1701 <-> 125.224.242.149 2024 CON 0 0 2 661 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:27.663247 0.000000 udp 10.0.2.19 1701 -> 95.243.228.116 9374 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:34.717124 0.000000 udp 10.0.2.19 1701 -> 110.77.238.196 26623 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:43.129556 0.223330 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 721 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:43.489665 0.000000 udp 10.0.2.19 1701 -> 41.0.89.165 10728 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:48.005835 0.000204 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:02:50.369729 0.000000 udp 10.0.2.19 1701 -> 188.34.7.46 5098 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:02:57.630174 0.168857 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:02:57.961488 0.000000 udp 10.0.2.19 1701 -> 95.241.115.233 6603 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:02.988086 0.000000 udp 10.0.2.19 1701 -> 31.146.62.90 10312 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:09.657785 0.000000 udp 10.0.2.19 1701 -> 202.137.25.33 21641 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:16.407275 0.000000 udp 10.0.2.19 1701 -> 37.232.7.101 22456 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:22.926463 0.000000 udp 10.0.2.19 1701 -> 79.3.157.95 8673 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:27.502972 0.000151 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:03:29.215963 0.000000 udp 10.0.2.19 1701 -> 78.8.181.18 6531 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:35.194380 0.000000 udp 10.0.2.19 1701 -> 201.213.229.78 3556 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:43.225974 0.000000 udp 10.0.2.19 1701 -> 14.216.253.233 15776 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:49.134553 0.000000 udp 10.0.2.19 1701 -> 82.141.203.245 7344 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:03:54.421901 0.559075 udp 10.0.2.19 1701 <-> 36.76.237.84 20394 CON 0 0 2 814 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:03:54.991840 0.000000 udp 10.0.2.19 1701 -> 113.165.112.128 10063 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:04:03.184192 0.000000 udp 10.0.2.19 1701 -> 60.251.66.43 9245 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:04:08.001108 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:04:09.843977 0.000000 udp 10.0.2.19 1701 -> 182.19.57.90 2269 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:06:43.877345 3.001956 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 13:06:50.885098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:06:52.227912 0.000117 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:06:52.228117 1.259169 tcp 10.0.2.19 49407 -> 90.156.118.144 5237 SPA_* 0 0 9 1217 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:06:57.550499 0.064417 tcp 10.0.2.19 49407 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:06:58.887007 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:07:14.889860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:07:46.895990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:13:50.903732 3.000393 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 13:13:57.909271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:14:05.910691 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:14:21.913793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:14:53.919814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:20:57.927634 3.000224 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 13:21:04.933258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:21:12.935075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:21:28.938148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:22:00.944036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:28:04.952076 2.999696 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 13:28:11.957240 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:28:20.369113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:28:36.372304 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:29:08.378526 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:34:34.438478 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 13:34:34.438758 1.039443 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:35.478993 0.882355 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:36.361972 0.972706 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 202 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:37.335292 1.894858 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:39.230727 0.978023 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:40.209448 0.901928 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:41.111988 1.273021 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:42.385582 1.489697 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:34:43.875826 0.000000 udp 10.0.2.19 1701 -> 190.204.37.238 5689 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:35:01.330831 0.731894 tcp 10.0.2.19 49408 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:35:02.062641 0.781280 tcp 10.0.2.19 49409 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:35:02.844493 0.489885 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:03.334735 0.434620 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:03.769773 0.449413 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:04.219586 0.633477 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:04.853479 0.456177 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:05.310146 0.516620 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:05.827126 0.404515 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:06.231999 0.000000 udp 10.0.2.19 1701 -> 94.64.232.130 23450 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:35:12.384054 3.001879 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 13:35:19.391925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:35:23.308838 0.637598 tcp 10.0.2.19 49410 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:35:23.946682 0.633354 tcp 10.0.2.19 49411 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:35:24.580612 0.946094 udp 10.0.2.19 1701 <-> 110.164.36.164 19839 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:25.527121 0.442606 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:35:25.970192 0.000000 udp 10.0.2.19 1701 -> 116.203.152.56 2583 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:35:27.393701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:35:43.047877 0.797656 tcp 10.0.2.19 49412 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:35:43.396161 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:35:43.846214 0.606455 tcp 10.0.2.19 49413 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:35:44.453613 0.000000 udp 10.0.2.19 1701 -> 151.245.129.225 26273 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:36:00.823822 0.497107 tcp 10.0.2.19 49414 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:01.321213 0.602815 tcp 10.0.2.19 49415 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:01.924998 0.000000 udp 10.0.2.19 1701 -> 172.190.235.230 5737 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:36:15.402180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:36:17.388194 1.579804 tcp 10.0.2.19 49416 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:18.968405 1.717916 tcp 10.0.2.19 49417 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:20.687302 0.945104 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:21.632962 0.703184 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:22.336768 0.775752 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:23.113109 0.724425 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:23.838142 0.725348 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:24.564099 0.000000 udp 10.0.2.19 1701 -> 2.90.50.124 24606 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:36:41.932607 0.168998 tcp 10.0.2.19 49418 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:42.102111 0.208482 tcp 10.0.2.19 49419 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:42.311651 0.286848 udp 10.0.2.19 1701 <-> 122.164.65.66 25811 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:42.599114 0.147681 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:42.747449 0.000000 udp 10.0.2.19 1701 -> 41.135.135.193 29349 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:36:57.815603 0.175858 tcp 10.0.2.19 49420 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:57.843741 1.467724 tcp 10.0.2.19 49421 -> 90.156.118.144 5237 SPA_* 0 0 9 1181 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:57.991974 0.229957 tcp 10.0.2.19 49422 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:36:58.223148 0.174237 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:36:58.397968 0.000000 udp 10.0.2.19 1701 -> 41.200.82.4 11344 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:37:07.405628 0.178916 tcp 10.0.2.19 49421 -> 90.156.118.144 5237 FA_F* 0 0 6 561 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:37:17.012716 0.166757 tcp 10.0.2.19 49423 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:37:17.179185 0.256289 tcp 10.0.2.19 49424 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:37:17.436004 0.154196 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:17.590532 0.277793 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:17.868727 0.000000 udp 10.0.2.19 1701 -> 91.137.174.85 6383 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:37:36.500406 0.311719 tcp 10.0.2.19 49425 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:37:36.811903 0.230530 tcp 10.0.2.19 49426 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:37:37.042965 0.172976 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:37.216279 0.213781 udp 10.0.2.19 1701 <-> 37.232.21.76 17571 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:37.430484 0.219509 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:37.650416 0.186988 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:37.837758 0.295738 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:38.133898 0.573878 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:38.708128 0.281837 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:38.990450 0.502787 udp 10.0.2.19 1701 <-> 59.92.101.126 10384 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:39.493658 0.000000 udp 10.0.2.19 1701 -> 149.3.4.183 21887 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 13:37:58.062128 0.683654 tcp 10.0.2.19 49427 -> 173.194.70.103 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:37:58.746189 0.381222 tcp 10.0.2.19 49428 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 13:37:59.128270 0.315583 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:59.444476 0.444405 udp 10.0.2.19 1701 <-> 125.224.242.149 2024 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:37:59.889517 0.305155 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:38:00.195270 0.153928 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:38:00.349589 1.927896 udp 10.0.2.19 1701 <-> 36.76.237.84 20394 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 13:42:19.410493 2.999499 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 13:42:26.415697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:42:34.417572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:42:50.420081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:43:22.426875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:49:26.434408 2.999916 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 13:49:33.439608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:49:41.441195 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:49:57.444231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:50:29.450284 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:56:33.456577 3.001281 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 13:56:40.463777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:56:48.464976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:57:04.468515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 13:57:36.474028 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:03:40.482337 2.999441 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 14:03:47.488091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:03:55.489464 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:04:11.492405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:04:43.498432 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:07:07.586496 0.000165 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 14:07:07.586818 3.003092 tcp 10.0.2.19 49429 -> 90.156.118.144 5237 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/01 14:07:15.954475 0.003304 tcp 10.0.2.19 49429 -> 90.156.118.144 5237 PA_SA 0 0 8 1072 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:07:22.961785 0.045123 tcp 10.0.2.19 49429 -> 90.156.118.144 5237 FA_F* 0 0 5 579 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:07:23.103707 0.074099 udp 10.0.2.19 60857 <-> 8.8.8.8 53 CON 0 0 2 160 flow=From-Botnet-V2-DNS 1970/01/01 14:07:23.181242 1.255649 tcp 10.0.2.19 49430 -> 184.154.224.18 80 FSPA* 0 0 50 39127 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:07:25.114813 1.347547 tcp 10.0.2.19 49431 -> 90.156.118.144 5237 SPA_* 0 0 9 940 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:07:41.889185 0.010392 tcp 10.0.2.19 49431 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:08:11.858533 0.465681 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:08:12.324830 0.000000 udp 10.0.2.19 1701 -> 94.64.232.130 23450 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:08:16.735052 0.000187 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 14:08:30.410952 0.866960 udp 10.0.2.19 54804 <-> 8.8.8.8 53 CON 0 0 2 244 flow=From-Botnet-V2-DNS 1970/01/01 14:08:31.278813 1.723861 tcp 10.0.2.19 49432 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:08:33.004659 0.958912 udp 10.0.2.19 64286 <-> 8.8.8.8 53 CON 0 0 2 162 flow=From-Botnet-V2-DNS 1970/01/01 14:08:33.964234 1.662393 tcp 10.0.2.19 49433 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:08:35.627622 1.291818 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:08:36.920010 0.000000 udp 10.0.2.19 1701 -> 172.190.235.230 5737 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:08:54.922260 1.821685 tcp 10.0.2.19 49434 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:08:56.744460 2.409148 tcp 10.0.2.19 49435 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:08:59.154330 1.520391 udp 10.0.2.19 1701 <-> 151.245.129.225 26273 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:09:00.675370 0.000000 udp 10.0.2.19 1701 -> 2.90.50.124 24606 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:09:15.681783 1.985299 tcp 10.0.2.19 49436 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:09:17.667628 2.011300 tcp 10.0.2.19 49437 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:09:19.679896 0.000000 udp 10.0.2.19 1701 -> 41.135.135.193 29349 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:09:38.284261 1.970829 tcp 10.0.2.19 49438 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:09:40.255416 1.332574 tcp 10.0.2.19 49439 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:09:41.588955 0.000000 udp 10.0.2.19 1701 -> 41.200.82.4 11344 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:09:57.971677 1.547762 tcp 10.0.2.19 49440 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:09:59.519738 1.393590 tcp 10.0.2.19 49441 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:10:00.913881 0.000000 udp 10.0.2.19 1701 -> 91.137.174.85 6383 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:10:18.551114 4.194482 tcp 10.0.2.19 49442 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:10:20.971192 1.273002 tcp 10.0.2.19 49443 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:10:22.244764 0.000000 udp 10.0.2.19 1701 -> 149.3.4.183 21887 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:10:37.721770 2.979128 tcp 10.0.2.19 49444 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:10:40.701276 2.494722 tcp 10.0.2.19 49445 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:10:43.196976 1.214599 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:44.412182 1.255072 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:45.667853 1.618162 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:47.286703 4.620627 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:47.506366 2.999912 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 14:10:51.907895 1.094323 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:53.002832 1.122445 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:54.125837 1.195440 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:54.511417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:10:55.321851 1.297983 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:56.620467 1.326605 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:57.947697 1.672464 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:10:59.620755 0.000000 udp 10.0.2.19 1701 -> 176.73.147.65 3319 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:11:02.513418 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:11:14.653638 1.662072 tcp 10.0.2.19 49446 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:11:16.316244 1.868550 tcp 10.0.2.19 49447 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:11:18.185828 1.107040 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:18.516802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:11:19.293481 1.016414 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:20.310479 1.108490 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:21.419608 1.424307 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:22.844557 2.171059 udp 10.0.2.19 1701 <-> 110.164.36.164 19839 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:25.016202 1.971039 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:26.987845 1.147232 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:28.135684 2.034460 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:30.170619 1.346641 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:31.517900 1.331269 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:32.849777 1.843669 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:34.694038 2.129449 udp 10.0.2.19 1701 <-> 122.164.65.66 25811 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:36.824098 1.990793 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:38.815578 0.940370 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:39.756530 1.476045 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:41.233067 1.896652 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:43.130436 2.009058 udp 10.0.2.19 1701 <-> 37.232.21.76 17571 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:45.140117 1.350461 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:46.491232 1.187013 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:47.678883 1.523033 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:49.202556 1.732374 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:50.522350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:11:50.935542 1.912396 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:52.234863 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 14:11:52.848574 1.985995 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:54.834982 2.295740 udp 10.0.2.19 1701 <-> 59.92.101.126 10384 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:57.131311 1.350872 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:11:58.482791 1.573285 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:12:00.056630 2.186355 udp 10.0.2.19 1701 <-> 125.224.242.149 2024 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:12:02.243616 1.049003 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:12:03.293257 1.868669 udp 10.0.2.19 1701 <-> 36.76.237.84 20394 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:17:54.528529 3.001709 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 14:18:01.535818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:18:09.537434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:18:25.539906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:18:57.546554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:25:01.553706 2.999940 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 14:25:08.559790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:25:16.561076 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:25:32.564019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:26:04.570322 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:32:08.577669 2.999847 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 14:32:15.583628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:32:23.585003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:32:39.587829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:33:11.594274 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:37:23.006838 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 14:37:23.007211 1.586344 tcp 10.0.2.19 49448 -> 90.156.118.144 5237 SPA_* 0 0 9 1032 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:37:32.777753 0.051057 tcp 10.0.2.19 49448 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:39:15.602413 2.999298 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 14:39:22.607823 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:39:30.608751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:39:46.612127 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:40:18.617798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:42:12.973429 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 14:42:12.973725 0.166488 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:13.140768 0.358671 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:13.499996 0.333074 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:13.833729 0.369385 udp 10.0.2.19 1701 <-> 151.245.129.225 26273 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:14.203759 0.265534 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:14.469891 0.126263 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:14.596749 0.217148 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:14.814528 1.674622 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:16.489793 0.177657 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:16.668130 0.000000 udp 10.0.2.19 1701 -> 213.219.135.113 7158 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:42:33.764653 0.172364 tcp 10.0.2.19 49449 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:42:33.937598 0.240471 tcp 10.0.2.19 49450 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:42:34.179117 0.167975 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:34.347686 0.281219 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:34.629509 0.171943 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:34.802038 0.185224 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:34.987816 0.209930 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:35.198387 0.164344 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:35.363281 0.178695 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:35.542670 0.324816 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:35.868102 0.512658 udp 10.0.2.19 1701 <-> 110.164.36.164 19839 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:36.381330 0.206002 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:36.587964 0.163346 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:36.751758 0.107369 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:36.859671 0.180329 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:37.040561 0.118033 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:37.159109 0.171438 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:37.331091 0.281684 udp 10.0.2.19 1701 <-> 122.164.65.66 25811 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:37.613360 0.152341 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:37.766329 0.169099 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:37.935977 0.151179 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:38.087699 0.289174 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:38.377462 0.215198 udp 10.0.2.19 1701 <-> 37.232.21.76 17571 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:38.593076 0.177122 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:38.770785 0.166277 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:38.937632 0.172905 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:39.111098 0.268966 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:39.380737 0.276176 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:39.657509 0.000000 udp 10.0.2.19 1701 -> 79.35.154.174 7520 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 14:42:55.976288 0.173643 tcp 10.0.2.19 49451 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:42:56.150361 0.227213 tcp 10.0.2.19 49452 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 14:42:56.378131 0.478925 udp 10.0.2.19 1701 <-> 59.92.101.126 10384 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:56.857705 0.164468 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:57.022746 0.155079 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:57.178529 0.380840 udp 10.0.2.19 1701 <-> 125.224.242.149 2024 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:57.559941 0.279842 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:42:57.840402 0.508593 udp 10.0.2.19 1701 <-> 36.76.237.84 20394 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 14:46:22.625629 3.000047 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 14:46:29.631367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:46:37.632831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:46:53.635686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:47:25.642461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:53:29.647790 3.002148 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 14:53:36.655088 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:53:44.656604 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:54:00.659840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 14:54:32.666060 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:00:36.672105 3.001692 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 15:00:43.679751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:00:51.681006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:01:07.683709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:01:39.690240 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:07:32.828319 0.000120 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 15:07:32.828692 0.817036 tcp 10.0.2.19 49453 -> 90.156.118.144 5237 SPA_* 0 0 9 1172 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:07:38.726905 0.110073 tcp 10.0.2.19 49453 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:07:43.697556 3.000467 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 15:07:50.703800 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:07:58.704618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:08:14.708086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:08:46.714354 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:13:05.566569 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 15:13:05.566834 0.110442 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:05.677674 0.948853 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:06.626943 0.316213 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:06.943529 0.172508 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:07.116470 0.273903 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:07.390777 0.125686 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:07.516855 0.386773 udp 10.0.2.19 1701 <-> 151.245.129.225 26273 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:07.904001 0.320264 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:08.224649 0.221348 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:08.446532 0.181125 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:08.628052 0.000000 udp 10.0.2.19 1701 -> 90.156.118.144 2081 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:13:26.911710 0.169924 tcp 10.0.2.19 49454 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:13:27.082368 0.204046 tcp 10.0.2.19 49455 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:13:27.287341 0.175414 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:27.463388 0.233509 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:27.697482 0.175818 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:27.873912 0.198412 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:28.072715 0.218139 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:28.291474 0.162934 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:28.455017 0.149261 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:28.604868 0.208480 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:28.813975 0.326096 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:29.140607 0.474406 udp 10.0.2.19 1701 <-> 110.164.36.164 19839 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:29.615601 0.179512 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:29.795647 0.111983 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:29.908190 0.164272 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:30.072964 0.000000 udp 10.0.2.19 1701 -> 122.164.65.66 25811 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:13:45.646002 0.169257 tcp 10.0.2.19 49456 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:13:45.815491 0.216524 tcp 10.0.2.19 49457 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:13:46.032987 0.159401 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:46.192785 0.120318 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:46.313774 0.148605 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:46.462973 0.444565 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:46.907953 0.216724 udp 10.0.2.19 1701 <-> 37.232.21.76 17571 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:47.125117 0.168046 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:47.293600 0.168136 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:47.462210 0.191622 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:47.654479 0.238061 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:47.893173 0.263976 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:48.157794 0.176443 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:48.334805 0.212243 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:48.547664 0.166571 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:48.714828 0.381739 udp 10.0.2.19 1701 <-> 125.224.242.149 2024 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:13:49.097186 0.000000 udp 10.0.2.19 1701 -> 59.92.101.126 10384 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:14:04.423015 0.174283 tcp 10.0.2.19 49458 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:14:04.597612 0.228198 tcp 10.0.2.19 49459 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:14:04.826804 0.169536 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:14:04.996975 0.215916 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:14:05.213538 0.515146 udp 10.0.2.19 1701 <-> 36.76.237.84 20394 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:14:50.721778 3.000145 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 15:14:57.727572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:15:05.730764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:15:21.732289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:15:53.738242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:21:57.744032 3.001411 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 15:22:04.752103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:22:12.754398 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:22:28.756844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:23:00.761761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:29:04.769453 2.999854 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 15:29:11.775598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:29:19.776944 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:29:35.779537 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:30:07.785587 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:36:11.793162 3.000591 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 15:36:18.799428 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:36:26.800926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:36:42.803689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:37:14.810001 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:37:38.845277 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 15:37:38.845433 0.326196 tcp 10.0.2.19 49460 -> 90.156.118.144 5237 SPA_* 0 0 9 1023 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:37:45.250635 0.063307 tcp 10.0.2.19 49460 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:43:18.817190 3.000555 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 15:43:25.823332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:43:33.824495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:43:49.827764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:44:21.834126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:44:29.264303 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 15:44:29.264407 0.442950 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:44:29.707812 0.000000 udp 10.0.2.19 1701 -> 122.164.65.66 25811 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:44:45.482685 0.213295 tcp 10.0.2.19 49461 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:44:45.696520 0.222796 tcp 10.0.2.19 49462 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:44:45.919858 0.000000 udp 10.0.2.19 1701 -> 59.92.101.126 10384 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:45:01.353374 0.165427 tcp 10.0.2.19 49463 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:45:01.519343 0.303789 tcp 10.0.2.19 49464 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:45:01.823815 0.123144 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:01.947576 0.528661 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:02.476863 0.165676 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:02.643176 0.396511 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:03.040323 0.272485 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:03.313469 0.121413 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:03.435430 0.220394 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:03.656320 0.356106 udp 10.0.2.19 1701 <-> 151.245.129.225 26273 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:04.079606 0.399527 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:04.479745 0.177113 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:04.657474 0.158217 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:04.816234 0.170242 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:04.987086 0.156486 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:05.144103 0.160097 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:05.304835 0.238433 udp 10.0.2.19 1701 <-> 70.252.131.148 4092 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:05.543875 0.169454 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:05.713961 0.204638 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:05.919207 0.000000 udp 10.0.2.19 1701 -> 110.164.36.164 19839 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:45:22.463492 0.166931 tcp 10.0.2.19 49465 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:45:22.630826 0.208254 tcp 10.0.2.19 49466 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:45:22.840075 0.206784 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:23.047418 0.326803 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:23.374791 0.110364 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:23.485653 0.163947 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:23.650422 0.157426 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:23.808379 0.150686 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:23.959588 0.166156 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:24.126365 0.111874 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:24.238771 0.000000 udp 10.0.2.19 1701 -> 37.232.21.76 17571 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:45:40.348597 0.169515 tcp 10.0.2.19 49467 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:45:40.517995 0.196315 tcp 10.0.2.19 49468 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:45:40.715288 0.169453 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:40.885288 0.167686 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:41.053536 0.285513 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:41.339643 0.177814 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:41.518378 0.168632 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:41.687639 0.234012 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:41.922304 0.265233 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:42.188085 0.167818 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:42.356410 0.153262 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:45:42.510224 0.000000 udp 10.0.2.19 1701 -> 125.224.242.149 2024 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:46:00.658573 0.167764 tcp 10.0.2.19 49469 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:46:00.826197 0.207492 tcp 10.0.2.19 49470 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:46:01.034714 0.153984 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:46:01.189292 0.289716 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 15:46:01.479636 0.000000 udp 10.0.2.19 1701 -> 36.76.237.84 20394 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 15:46:20.175241 2.109819 tcp 10.0.2.19 49471 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:46:22.284581 0.215474 tcp 10.0.2.19 49472 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 15:50:25.841406 3.000061 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 15:50:32.847574 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:50:40.848568 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:50:56.851675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:51:28.857871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:57:32.865450 3.000198 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 15:57:39.871162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:57:47.873195 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:58:03.875896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 15:58:35.881430 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:04:39.889786 2.999887 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 16:04:46.895340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:04:54.896613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:05:10.899839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:05:42.906006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:07:45.322513 0.000123 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 16:07:45.322801 0.565563 tcp 10.0.2.19 49473 -> 90.156.118.144 5237 SPA_* 0 0 9 1226 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:07:52.299004 0.004465 tcp 10.0.2.19 49473 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:11:46.913627 2.999930 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 16:11:53.919233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:12:01.920430 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:12:17.923299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:12:49.929396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:16:27.833033 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 16:16:27.833326 0.000000 udp 10.0.2.19 1701 -> 110.164.36.164 19839 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:16:46.584593 0.168853 tcp 10.0.2.19 49474 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:16:46.753660 0.222650 tcp 10.0.2.19 49475 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:16:46.977338 0.000000 udp 10.0.2.19 1701 -> 37.232.21.76 17571 INT 0 1 92 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:17:04.647799 0.166772 tcp 10.0.2.19 49476 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:04.814805 0.199419 tcp 10.0.2.19 49477 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:05.014975 0.000000 udp 10.0.2.19 1701 -> 125.224.242.149 2024 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:17:22.853427 0.171069 tcp 10.0.2.19 49478 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:23.024240 0.199360 tcp 10.0.2.19 49479 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:23.224150 0.000000 udp 10.0.2.19 1701 -> 36.76.237.84 20394 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:17:38.335659 0.197991 tcp 10.0.2.19 49480 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:38.527636 0.204683 tcp 10.0.2.19 49481 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:38.732887 0.000000 udp 10.0.2.19 1701 -> 90.156.118.144 2081 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:17:55.591431 2.392403 tcp 10.0.2.19 49482 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:55.757863 0.196734 tcp 10.0.2.19 49483 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:17:55.955518 0.119264 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:17:56.075334 0.747680 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:17:56.823631 0.157978 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:17:56.982212 0.000000 udp 10.0.2.19 1701 -> 75.24.145.94 1332 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:18:14.969227 0.174068 tcp 10.0.2.19 49484 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:18:15.143657 0.195776 tcp 10.0.2.19 49485 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:18:15.340431 0.151856 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:15.492898 0.645068 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:16.138673 0.260404 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:16.399664 0.000000 udp 10.0.2.19 1701 -> 151.245.129.225 26273 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:18:34.727479 0.167441 tcp 10.0.2.19 49486 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:18:34.895279 0.202295 tcp 10.0.2.19 49487 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:18:35.098767 0.181230 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:35.280572 0.393202 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:35.674642 0.148727 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:35.823987 0.171018 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:35.995823 0.190587 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:36.186819 0.000000 udp 10.0.2.19 1701 -> 70.252.131.148 4092 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:18:52.974024 0.175057 tcp 10.0.2.19 49488 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:18:53.149494 0.204105 tcp 10.0.2.19 49489 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:18:53.354431 0.160800 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:53.515795 0.167288 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:53.683697 0.204110 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:53.888352 0.175148 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:53.937128 3.000062 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 16:18:54.064028 0.199583 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:54.264015 0.120797 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:54.385403 0.325223 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:54.711221 0.159998 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:54.871807 0.148959 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:55.021363 0.167818 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:55.189751 0.101695 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:55.291982 0.161660 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:55.454216 0.148757 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:55.603523 0.160055 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:55.764088 0.275258 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:56.039891 0.156911 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:56.197123 0.270363 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:56.468069 0.166368 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:56.635030 0.222810 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:56.858437 0.160208 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:57.019208 0.162845 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:18:57.182626 0.233951 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:19:00.942913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:19:08.944792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:19:24.947947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:19:57.083955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:26:01.091508 3.000225 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 16:26:08.097300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:26:16.099057 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:26:32.101973 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:27:04.107676 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:33:08.113816 3.001486 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 16:33:15.121341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:33:23.123169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:33:39.126106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:34:11.131842 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:37:52.370964 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 16:37:52.371162 0.593471 tcp 10.0.2.19 49490 -> 90.156.118.144 5237 SPA_* 0 0 9 1107 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:38:03.307444 0.040673 tcp 10.0.2.19 49490 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:40:15.139798 2.999891 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 16:40:22.145051 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:40:30.146810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:40:46.149842 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:41:18.155865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:47:22.163762 2.999509 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 16:47:29.169439 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:47:37.170569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:47:53.174143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:48:25.179794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:49:25.716928 0.000119 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 16:49:25.717285 1.738740 udp 10.0.2.19 1701 <-> 90.156.118.144 2081 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:49:27.456659 0.221015 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:49:27.678132 0.000000 udp 10.0.2.19 1701 -> 151.245.129.225 26273 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:49:44.457728 0.189290 tcp 10.0.2.19 49491 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:49:44.647380 0.206086 tcp 10.0.2.19 49492 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:49:44.854686 0.000000 udp 10.0.2.19 1701 -> 70.252.131.148 4092 INT 0 1 251 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:50:01.801229 0.190058 tcp 10.0.2.19 49493 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:50:01.991537 0.203157 tcp 10.0.2.19 49494 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:50:02.195660 0.107601 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:02.303794 0.166079 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:02.470648 0.000000 udp 10.0.2.19 1701 -> 79.35.154.174 7520 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:50:20.267651 0.172043 tcp 10.0.2.19 49495 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:50:20.433864 0.199966 tcp 10.0.2.19 49496 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:50:20.634848 0.139634 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:20.775048 0.253000 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:21.028564 0.338914 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:21.368084 0.173898 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:21.542519 0.195283 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:21.738470 0.315998 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:22.055070 0.165605 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:22.221272 0.169061 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:22.390902 0.155623 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:22.547078 0.000000 udp 10.0.2.19 1701 -> 82.49.114.244 1787 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:50:39.234975 0.166207 tcp 10.0.2.19 49497 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:50:39.401629 0.209718 tcp 10.0.2.19 49498 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 16:50:39.612259 0.209446 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:39.822338 0.157593 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:39.980453 0.206137 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:40.187176 0.110579 udp 10.0.2.19 1701 <-> 151.45.220.199 10876 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:40.298363 0.146880 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:40.445799 0.160049 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:40.606633 0.109142 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:40.716322 0.159105 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:40.875973 0.150373 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:41.026856 0.326394 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:41.353836 0.154848 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:41.509249 0.167324 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 203 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:41.677149 0.268755 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:41.946646 0.155839 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:42.103000 0.270190 udp 10.0.2.19 1701 <-> 189.191.37.41 8329 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:42.373778 0.178471 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:42.552703 0.151215 udp 10.0.2.19 1701 <-> 85.108.28.135 4627 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:42.704492 0.215442 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:50:42.920512 0.000000 udp 10.0.2.19 1701 -> 123.238.65.44 4636 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:50:48.710496 0.000000 udp 10.0.2.19 1701 <- 123.238.65.44 4636 RSP 0 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 16:50:48.711150 0.173783 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 16:54:29.187664 2.999648 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 16:54:36.192932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:54:44.194495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:55:00.197252 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 16:55:32.203981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:01:36.211152 3.000079 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 17:01:43.217299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:01:51.218725 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:02:07.221453 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:02:39.227907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:08:03.354143 0.000125 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 17:08:03.354351 1.228412 tcp 10.0.2.19 49499 -> 90.156.118.144 5237 SPA_* 0 0 9 1024 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:08:09.885313 0.127160 tcp 10.0.2.19 49499 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:08:43.235699 2.999623 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 17:08:50.240763 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:08:58.242807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:09:14.245288 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:09:46.251316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:15:50.259549 2.999761 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 17:15:57.264770 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:16:05.266355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:16:21.269459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:16:53.275909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:20:53.882459 0.000113 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 17:20:53.882802 0.737958 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:20:54.621409 0.170189 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:20:54.792211 0.293844 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:20:55.086642 0.000000 udp 10.0.2.19 1701 -> 90.156.118.144 2081 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:21:11.040894 0.190061 tcp 10.0.2.19 49500 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:21:11.231195 0.233312 tcp 10.0.2.19 49501 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:21:11.465470 0.173570 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:11.639630 0.120970 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:11.761132 0.253684 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:12.015417 0.128525 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:12.144515 0.174808 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:12.319888 0.533965 udp 10.0.2.19 1701 <-> 190.204.37.238 5689 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:12.854501 0.170470 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:13.025361 0.159898 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:13.185846 0.161530 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:13.347956 0.437074 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:13.785670 0.156758 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:13.943003 0.212810 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:14.156374 0.169293 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:14.326388 0.199211 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:14.526279 0.000000 udp 10.0.2.19 1701 -> 151.45.220.199 10876 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:21:30.916770 0.177817 tcp 10.0.2.19 49502 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:21:31.094294 0.199133 tcp 10.0.2.19 49503 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:21:31.294200 0.156051 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:31.450619 0.168528 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:31.619485 0.103224 udp 10.0.2.19 1701 <-> 5.53.158.246 8864 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:31.723058 0.322712 udp 10.0.2.19 1701 <-> 182.160.16.187 9292 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:32.046172 0.158059 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:32.204569 0.161602 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:32.366547 0.160719 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:32.527651 0.143608 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:32.671623 0.323252 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:32.995303 0.167345 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:33.163024 0.000000 udp 10.0.2.19 1701 -> 189.191.37.41 8329 INT 0 1 93 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:21:50.203961 0.175850 tcp 10.0.2.19 49504 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:21:50.380064 0.203598 tcp 10.0.2.19 49505 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:21:50.584193 0.215481 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:21:50.800024 0.000000 udp 10.0.2.19 1701 -> 85.108.28.135 4627 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:22:07.819716 0.165344 tcp 10.0.2.19 49506 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:22:07.985620 0.200592 tcp 10.0.2.19 49507 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:22:08.187502 0.212397 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:22:08.400489 0.222342 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:22:08.623440 0.160548 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:22:57.283328 3.000372 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 17:23:04.289312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:23:12.290883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:23:28.293703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:24:00.299859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:30:04.304884 3.001989 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 17:30:11.312875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:30:19.314895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:30:35.317477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:31:07.323495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:37:11.330760 3.000123 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 17:37:18.336625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:37:26.338790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:37:42.341407 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:38:10.011711 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 17:38:10.012016 0.708615 tcp 10.0.2.19 49508 -> 90.156.118.144 5237 SPA_* 0 0 9 1060 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:38:14.347099 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:38:15.021447 0.046354 tcp 10.0.2.19 49508 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:44:18.354774 3.000568 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 17:44:25.360531 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:44:33.362392 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:44:49.364963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:45:21.371603 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:51:25.377017 3.002294 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 17:51:32.384794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:51:40.386243 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:51:56.389127 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:52:17.330178 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 17:52:17.337428 0.000000 udp 10.0.2.19 1701 -> 90.156.118.144 2081 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:52:28.395399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:52:33.977961 0.176909 tcp 10.0.2.19 49509 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:52:34.155192 0.246344 tcp 10.0.2.19 49510 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:52:34.402696 0.000000 udp 10.0.2.19 1701 -> 151.45.220.199 10876 INT 0 1 110 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:52:51.761225 0.174971 tcp 10.0.2.19 49511 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:52:51.936743 0.206136 tcp 10.0.2.19 49512 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:52:52.143815 0.000000 udp 10.0.2.19 1701 -> 189.191.37.41 8329 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:53:10.657508 0.224639 tcp 10.0.2.19 49513 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:10.881866 0.219538 tcp 10.0.2.19 49514 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:11.101935 0.000000 udp 10.0.2.19 1701 -> 85.108.28.135 4627 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:53:27.931963 0.183769 tcp 10.0.2.19 49515 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:28.115819 0.220051 tcp 10.0.2.19 49516 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:28.336485 0.925130 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:29.262198 0.249190 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:29.262546 0.628823 tcp 10.0.2.19 49517 -> 79.35.154.174 5772 SPA_* 0 0 5 513 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:29.511781 1.628085 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:31.140518 0.208098 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:31.349260 0.145234 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:31.495043 0.867937 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:32.363711 0.277549 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:32.641703 0.275494 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:32.917802 0.185902 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:33.104288 0.161253 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:33.266230 0.000000 udp 10.0.2.19 1701 -> 190.204.37.238 5689 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:53:39.574228 4.909629 tcp 10.0.2.19 49517 -> 79.35.154.174 5772 A_PA 0 0 23 19678 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:50.191404 1.073045 tcp 10.0.2.19 49517 -> 79.35.154.174 5772 A_PA 0 0 4 2896 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:50.805479 0.190889 tcp 10.0.2.19 49518 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:50.996879 0.209309 tcp 10.0.2.19 49519 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:53:51.207166 0.203697 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:51.411451 0.208707 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:51.620648 0.203138 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:51.824409 0.157793 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:51.982762 0.317477 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:52.300828 0.158183 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:52.459584 0.190255 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:52.650510 0.148471 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:53:52.799548 0.000000 udp 10.0.2.19 1701 -> 5.53.158.246 8864 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:54:08.561724 0.171007 tcp 10.0.2.19 49520 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:08.732567 0.208181 tcp 10.0.2.19 49521 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:08.862030 0.967969 tcp 10.0.2.19 49517 -> 79.35.154.174 5772 A_PA 0 0 5 3026 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:08.941282 0.198158 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:54:09.140046 0.161296 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:54:09.301908 0.157542 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:54:09.459977 0.000000 udp 10.0.2.19 1701 -> 182.160.16.187 9292 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:54:25.576272 0.181198 tcp 10.0.2.19 49522 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:25.757680 0.258698 tcp 10.0.2.19 49523 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:26.016916 0.157671 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:54:26.175007 0.385609 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:54:26.561250 0.189454 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:54:26.751317 0.180144 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:54:26.932035 0.000000 udp 10.0.2.19 1701 -> 76.226.114.217 1684 INT 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:54:39.209997 4.619853 tcp 10.0.2.19 49517 -> 79.35.154.174 5772 A_PA 0 0 9 4106 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:42.851440 0.170942 tcp 10.0.2.19 49524 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:43.022880 0.224404 tcp 10.0.2.19 49525 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:54:43.248263 0.000000 udp 10.0.2.19 1701 -> 123.238.65.44 4636 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 17:54:44.576821 4.431345 tcp 10.0.2.19 49517 -> 79.35.154.174 5772 FA_F* 0 0 14 3988 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:55:00.656916 0.196362 tcp 10.0.2.19 49526 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:55:00.853853 0.207582 tcp 10.0.2.19 49527 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:55:01.062408 0.183420 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 17:55:01.247991 4.947891 tcp 10.0.2.19 49528 -> 95.104.30.151 6863 SPA_* 0 0 290 210351 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:55:06.350861 4.985622 tcp 10.0.2.19 49528 -> 95.104.30.151 6863 FPA_* 0 0 282 203618 flow=From-Botnet-V2-TCP-Established 1970/01/01 17:58:32.403221 2.999711 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 17:58:39.409540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:58:47.411075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:59:03.413629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 17:59:35.419364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:05:39.424825 3.001838 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 18:05:46.432979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:05:54.434643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:06:10.437178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:06:42.463618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:08:15.066826 0.000159 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 18:08:15.067158 1.614047 tcp 10.0.2.19 49529 -> 90.156.118.144 5237 SPA_* 0 0 9 1088 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:08:28.445939 0.102687 tcp 10.0.2.19 49529 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:12:46.471302 2.999398 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 18:12:53.477029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:13:01.478311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:13:17.481341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:13:49.487312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:19:53.495296 2.999591 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 18:20:00.501066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:20:08.502555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:20:24.505494 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:20:56.511047 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:25:29.424522 0.000154 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 18:25:29.431012 0.000000 udp 10.0.2.19 1701 -> 190.204.37.238 5689 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:25:45.191034 0.218201 tcp 10.0.2.19 49530 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:25:45.409498 0.306549 tcp 10.0.2.19 49531 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:25:45.717014 0.000000 udp 10.0.2.19 1701 -> 5.53.158.246 8864 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:26:00.841133 0.255533 tcp 10.0.2.19 49532 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:26:01.097175 0.268374 tcp 10.0.2.19 49533 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:26:01.366711 0.000000 udp 10.0.2.19 1701 -> 182.160.16.187 9292 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:26:19.538242 0.200733 tcp 10.0.2.19 49534 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:26:19.739343 0.235584 tcp 10.0.2.19 49535 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:26:19.975920 0.260228 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:20.236865 0.246262 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:20.483713 0.325681 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:20.809983 0.000000 udp 10.0.2.19 1701 -> 79.35.154.174 7520 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:26:38.684254 0.209356 tcp 10.0.2.19 49536 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:26:38.893872 0.215924 tcp 10.0.2.19 49537 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:26:39.110356 0.210377 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:39.321119 1.520798 udp 10.0.2.19 1701 <-> 82.49.114.244 1787 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:40.842344 0.123353 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:40.966422 0.257994 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:41.224778 0.861465 udp 10.0.2.19 1701 <-> 84.59.131.0 7605 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:42.086598 0.154389 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:42.241376 0.161598 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:42.403360 0.188836 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:42.592663 0.205311 udp 10.0.2.19 1701 <-> 78.189.93.177 24237 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:42.798375 0.175990 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:42.974740 0.343489 udp 10.0.2.19 1701 <-> 116.203.152.56 2583 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:43.318608 0.298560 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:43.617612 0.156116 udp 10.0.2.19 1701 <-> 78.182.138.111 26252 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:43.774410 0.161236 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:43.936007 0.172264 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:44.108639 0.154105 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:44.263182 0.172634 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:44.436161 0.159395 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:44.595988 0.165167 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:44.761515 0.181485 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:44.943443 0.345615 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:45.289423 0.176251 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:45.466263 0.194352 udp 10.0.2.19 1701 <-> 88.244.13.176 14502 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:26:45.661017 0.167724 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:27:00.518975 2.999590 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 18:27:07.524670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:27:15.526284 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:27:31.528934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:28:03.535137 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:34:07.542963 2.999830 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 18:34:14.549021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:34:22.549987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:34:38.552986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:35:10.559494 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:38:28.554573 0.000192 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 18:38:28.554926 1.158247 tcp 10.0.2.19 49538 -> 90.156.118.144 5237 SPA_* 0 0 9 1163 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:38:37.809445 0.006884 tcp 10.0.2.19 49538 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:41:14.566712 3.000382 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 18:41:21.572713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:41:29.573832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:41:45.577238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:42:17.583300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:48:21.591088 2.999971 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 18:48:28.596597 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:48:36.597897 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:48:52.601351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:49:24.606793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:55:28.614874 3.000117 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 18:55:35.620447 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:55:43.622049 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:55:59.624998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:56:31.631663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 18:56:56.256790 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 18:56:56.257111 0.931385 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:56:57.189225 0.221723 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:56:57.411580 0.235330 udp 10.0.2.19 1701 <-> 123.238.65.44 4636 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:56:57.647455 0.252770 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:56:57.900854 0.157809 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:56:58.059141 0.000000 udp 10.0.2.19 1701 -> 82.49.114.244 1787 INT 0 1 109 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:57:13.163403 0.176195 tcp 10.0.2.19 49539 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:57:13.339380 0.197097 tcp 10.0.2.19 49540 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:57:13.536998 0.114791 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 204 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:57:13.652178 0.260693 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:57:13.913280 0.000000 udp 10.0.2.19 1701 -> 79.129.11.65 7570 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:57:30.568446 0.190531 tcp 10.0.2.19 49541 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:57:30.759385 0.222815 tcp 10.0.2.19 49542 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:57:30.983161 0.173698 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:57:31.157463 0.000000 udp 10.0.2.19 1701 -> 84.59.131.0 7605 INT 0 1 106 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:57:48.562826 0.217365 tcp 10.0.2.19 49543 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:57:48.780623 0.262175 tcp 10.0.2.19 49544 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:57:49.043760 0.193634 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:57:49.237966 0.000000 udp 10.0.2.19 1701 -> 78.189.93.177 24237 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:58:04.847065 0.166508 tcp 10.0.2.19 49545 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:58:05.014317 0.192978 tcp 10.0.2.19 49546 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:58:05.208220 0.171755 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:05.380517 0.000000 udp 10.0.2.19 1701 -> 116.203.152.56 2583 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:58:23.844675 1.841343 tcp 10.0.2.19 49547 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:58:24.022658 0.215524 tcp 10.0.2.19 49548 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:58:24.238764 0.306390 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:24.545815 0.158669 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:24.705125 0.147665 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:24.853306 0.163950 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:25.017810 0.166515 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:25.184911 0.000000 udp 10.0.2.19 1701 -> 78.182.138.111 26252 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:58:41.430289 0.172142 tcp 10.0.2.19 49549 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:58:41.602909 0.194272 tcp 10.0.2.19 49550 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:58:41.798351 0.183697 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:41.982614 0.141180 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:42.124344 0.164724 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:42.289592 0.339463 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:42.629681 0.165907 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 18:58:42.796204 0.000000 udp 10.0.2.19 1701 -> 88.244.13.176 14502 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 18:58:59.655965 0.201604 tcp 10.0.2.19 49551 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:58:59.858138 0.226424 tcp 10.0.2.19 49552 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 18:59:00.085598 0.173956 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:02:35.746896 3.001921 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 19:02:42.754965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:02:50.755852 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:03:06.759416 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:03:38.765545 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:08:37.876541 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:08:37.876814 2.211787 tcp 10.0.2.19 49553 -> 90.156.118.144 5237 SPA_* 0 0 9 1221 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:08:55.343123 0.008009 tcp 10.0.2.19 49553 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:09:42.772971 3.000083 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 19:09:49.778436 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:09:57.779841 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:10:13.782823 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:10:45.789587 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:16:49.796461 3.000744 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 19:16:56.802961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:17:04.804350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:17:20.807395 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:17:52.812874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:23:56.820852 3.000126 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 19:24:03.826503 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:24:11.828282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:24:27.830941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:24:59.837154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:29:23.186227 0.000146 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:29:23.186527 0.000000 udp 10.0.2.19 1701 -> 82.49.114.244 1787 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:29:38.392118 1.902386 tcp 10.0.2.19 49554 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:29:38.583668 0.207828 tcp 10.0.2.19 49555 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:29:38.792444 0.000000 udp 10.0.2.19 1701 -> 84.59.131.0 7605 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:29:56.706426 1.649798 tcp 10.0.2.19 49556 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:29:56.898863 0.264236 tcp 10.0.2.19 49557 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:29:57.164041 0.189934 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:29:57.354658 0.000000 udp 10.0.2.19 1701 -> 78.189.93.177 24237 INT 0 1 114 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:30:14.701457 1.893090 tcp 10.0.2.19 49558 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:30:14.894148 0.198074 tcp 10.0.2.19 49559 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:30:15.092819 0.000000 udp 10.0.2.19 1701 -> 116.203.152.56 2583 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:30:30.374014 0.164907 tcp 10.0.2.19 49560 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:30:30.539169 0.195407 tcp 10.0.2.19 49561 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:30:30.735105 0.000000 udp 10.0.2.19 1701 -> 78.182.138.111 26252 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:30:47.799727 0.189966 tcp 10.0.2.19 49562 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:30:47.990232 0.202273 tcp 10.0.2.19 49563 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:30:48.193425 0.000000 udp 10.0.2.19 1701 -> 88.244.13.176 14502 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:31:03.845028 2.999523 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 19:31:04.844327 0.186797 tcp 10.0.2.19 49564 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:31:05.031498 0.212489 tcp 10.0.2.19 49565 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:31:05.244958 0.223469 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:05.469077 0.816868 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:06.286703 0.000000 rtcp 10.0.2.19 1701 -> 123.238.65.44 4636 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:31:10.850449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:31:18.852290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:31:22.339481 0.190795 tcp 10.0.2.19 49566 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:31:22.530752 0.198523 tcp 10.0.2.19 49567 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:31:22.730269 0.286781 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:23.017461 0.173198 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:23.191388 0.121495 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:23.192029 4.927907 tcp 10.0.2.19 49568 -> 176.73.147.65 8711 SPA_* 0 0 302 219262 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:31:23.313487 0.250123 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:23.564271 1.192909 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:24.757624 0.172785 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:24.931129 0.172244 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:25.103923 0.306163 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:25.410614 0.169213 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:25.580362 0.167467 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:25.748379 0.163562 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:25.912532 0.157474 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:26.070516 0.394587 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:26.465653 0.183409 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:26.649628 0.151959 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:26.802202 0.170631 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:26.973342 0.163058 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:27.136792 0.177337 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:27.891329 0.000000 rtcp 10.0.2.19 1701 -> 123.238.65.44 4636 REQ 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:31:28.248228 3.062635 tcp 10.0.2.19 49568 -> 176.73.147.65 8711 FPA_* 0 0 101 69593 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:31:34.855096 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:31:36.046963 0.182503 udp 10.0.2.19 1701 <-> 79.129.11.65 7570 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:36.230244 0.220408 udp 10.0.2.19 1701 <-> 76.226.114.217 1684 CON 0 0 2 796 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:36.451378 0.717068 udp 10.0.2.19 1701 <-> 79.35.154.174 7520 CON 0 0 2 737 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:37.169179 0.336380 udp 10.0.2.19 1701 <-> 75.24.145.94 1332 CON 0 0 2 791 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:37.506342 0.168968 udp 10.0.2.19 1701 <-> 176.73.147.65 3319 CON 0 0 2 708 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:37.675918 0.123121 udp 10.0.2.19 1701 <-> 213.219.135.113 7158 CON 0 0 2 718 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:37.799726 0.265522 udp 10.0.2.19 1701 <-> 190.202.83.105 28269 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:38.065969 1.058183 udp 10.0.2.19 1701 <-> 217.132.237.117 2848 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:39.124794 0.170217 udp 10.0.2.19 1701 <-> 176.73.204.12 7051 CON 0 0 2 719 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:39.295682 0.163404 udp 10.0.2.19 1701 <-> 82.211.141.181 4826 CON 0 0 2 790 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:39.459813 0.304974 udp 10.0.2.19 1701 <-> 64.136.115.72 10010 CON 0 0 2 821 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:39.765540 0.165492 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 745 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:39.931751 0.178833 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 778 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:40.111274 0.154871 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:40.266762 0.413736 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 716 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:40.681196 0.162196 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:40.844030 0.184621 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 824 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:41.029318 0.157545 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 858 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:41.187466 0.156283 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 796 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:41.344433 0.159252 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 861 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:41.504366 0.149521 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:31:41.654757 0.000000 udp 10.0.2.19 1701 -> 206.255.25.194 8226 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:31:49.686817 0.000000 udp 10.0.2.19 1701 -> 2.36.77.163 1759 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:31:57.227279 0.000000 udp 10.0.2.19 1701 -> 68.59.76.104 4960 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:03.506505 0.000000 udp 10.0.2.19 1701 -> 24.230.122.110 6900 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:06.861302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:32:08.353206 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:32:11.588354 0.000000 udp 10.0.2.19 1701 -> 50.78.204.180 2040 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:18.858352 0.000000 udp 10.0.2.19 1701 -> 72.21.76.133 6763 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:26.219424 0.000000 udp 10.0.2.19 1701 -> 96.35.134.209 8147 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:33.469660 0.126493 udp 10.0.2.19 1701 <-> 151.45.57.114 1244 CON 0 0 2 699 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:32:33.627199 0.000000 udp 10.0.2.19 1701 -> 90.156.118.144 2081 INT 0 1 308 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:40.369130 0.000000 udp 10.0.2.19 1701 -> 66.162.118.39 3185 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:45.356493 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:32:48.520868 0.000000 udp 10.0.2.19 1701 -> 74.92.13.177 4700 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:32:54.689906 0.244629 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:32:55.027134 0.000000 udp 10.0.2.19 1701 -> 75.55.197.94 7275 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:03.632971 0.000000 udp 10.0.2.19 1701 -> 176.73.85.34 15907 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:09.701709 0.000000 udp 10.0.2.19 1701 -> 81.100.38.245 8492 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:16.811827 0.000000 udp 10.0.2.19 1701 -> 202.70.36.18 6096 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:21.348181 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:33:25.063681 0.000000 udp 10.0.2.19 1701 -> 67.233.236.118 1921 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:32.574365 0.000000 udp 10.0.2.19 1701 -> 94.67.185.152 5304 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:37.682164 0.000000 udp 10.0.2.19 1701 -> 209.12.192.228 1965 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:44.731831 0.000000 udp 10.0.2.19 1701 -> 79.21.61.195 4833 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:50.680270 3.261920 udp 10.0.2.19 1701 -> 67.200.223.19 2246 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:33:53.942190 0.000000 icmp 67.200.223.19 0x0103 -> 10.0.2.19 0x43c8 URH 192 1 230 flow=Background 1970/01/01 19:33:55.357475 0.000162 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:33:58.942874 0.000000 udp 10.0.2.19 1701 -> 5.178.137.28 9570 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:05.822387 0.000000 udp 10.0.2.19 1701 -> 95.241.115.233 6603 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:11.580574 0.000000 udp 10.0.2.19 1701 -> 76.10.166.23 14326 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:20.403065 0.000000 udp 10.0.2.19 1701 -> 151.54.105.83 9865 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:27.713973 0.137860 udp 10.0.2.19 1701 -> 195.254.232.31 10758 INT 0 1 295 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:27.851833 0.000000 icmp 195.254.232.31 0x0d03 -> 10.0.2.19 0x0000 URFIL 192 1 295 flow=Background 1970/01/01 19:34:32.349884 0.000264 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:34:35.945479 0.227433 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:34:36.193315 0.173961 udp 10.0.2.19 1701 <-> 31.192.3.38 1318 CON 0 0 2 724 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:34:36.376536 0.162850 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 655 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:34:36.559939 0.000000 udp 10.0.2.19 1701 -> 87.59.245.10 16595 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:44.197897 0.000000 udp 10.0.2.19 1701 -> 188.6.107.35 8322 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:50.386322 0.218558 udp 10.0.2.19 1701 <-> 68.162.252.216 5281 CON 0 0 2 769 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:34:50.654816 0.000000 udp 10.0.2.19 1701 -> 90.49.56.170 1080 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:34:56.435535 0.504247 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 662 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:34:57.024484 0.000000 udp 10.0.2.19 1701 -> 12.236.185.221 5162 INT 0 1 299 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:04.617103 1.027003 udp 10.0.2.19 1701 -> 116.203.227.190 4887 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:05.644106 0.000000 icmp 116.203.227.190 0x0303 -> 10.0.2.19 0x1713 URP 192 1 242 flow=Background 1970/01/01 19:35:09.353107 0.000133 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:35:10.175222 0.000000 udp 10.0.2.19 1701 -> 190.204.37.238 5689 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:16.493806 0.298425 udp 10.0.2.19 1701 <-> 189.172.99.119 29140 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:16.805405 0.000000 udp 10.0.2.19 1701 -> 68.14.192.40 7540 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:22.923470 0.146316 udp 10.0.2.19 1701 <-> 188.6.55.163 1868 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:23.505943 0.000000 udp 10.0.2.19 1701 -> 2.136.52.21 20658 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:28.872752 0.246194 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 785 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:29.272461 0.304247 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 803 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:29.618606 0.173726 udp 10.0.2.19 1701 <-> 77.242.58.25 7140 CON 0 0 2 826 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:29.828204 0.170830 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:30.046333 0.158667 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 732 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:30.440590 0.000000 udp 10.0.2.19 1701 -> 70.46.210.10 5001 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:35.941596 0.183557 udp 10.0.2.19 1701 <-> 31.192.30.121 3181 CON 0 0 2 753 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:36.169497 0.670520 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 779 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:36.902219 0.180419 udp 10.0.2.19 1701 <-> 78.188.231.146 11453 CON 0 0 2 671 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:37.233486 0.000000 udp 10.0.2.19 1701 -> 109.162.143.17 9670 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:42.340877 0.930848 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:43.511424 2.262156 udp 10.0.2.19 1701 <-> 186.191.16.250 5675 CON 0 0 2 795 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:45.888283 0.000000 udp 10.0.2.19 1701 -> 79.204.79.47 7349 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:35:46.857430 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:35:53.817762 0.236240 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:54.196734 0.168877 udp 10.0.2.19 1701 <-> 176.73.143.18 4384 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:35:54.405465 0.000000 udp 10.0.2.19 1701 -> 79.39.123.148 1583 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:01.198304 0.000000 udp 10.0.2.19 1701 -> 176.106.41.197 16058 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:10.160774 0.000000 udp 10.0.2.19 1701 -> 69.129.120.2 5434 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:15.509033 0.220361 udp 10.0.2.19 1701 <-> 188.169.253.12 10407 CON 0 0 2 657 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:36:15.889726 0.176040 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 811 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:36:16.119072 0.000000 udp 10.0.2.19 1701 -> 151.65.55.186 1586 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:20.855931 0.000159 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:36:24.271610 0.000000 udp 10.0.2.19 1701 -> 46.186.13.109 3264 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:31.191459 0.219007 udp 10.0.2.19 1701 <-> 188.169.105.114 11036 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:36:31.552747 0.000000 udp 10.0.2.19 1701 -> 176.56.174.85 8408 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:39.502841 0.000000 udp 10.0.2.19 1701 -> 69.127.75.214 8208 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:46.393142 0.000000 udp 10.0.2.19 1701 -> 24.33.151.168 2815 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:52.091130 0.000000 udp 10.0.2.19 1701 -> 178.134.184.81 1661 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:36:56.857909 0.000118 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:36:59.061714 0.000000 udp 10.0.2.19 1701 -> 83.198.175.145 6766 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:05.670895 0.000000 udp 10.0.2.19 1701 -> 200.121.4.95 17496 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:13.732164 0.000000 udp 10.0.2.19 1701 -> 50.151.42.78 8049 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:18.810204 0.000000 udp 10.0.2.19 1701 -> 92.115.182.80 3205 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:24.077339 0.000000 udp 10.0.2.19 1701 -> 188.169.124.244 4231 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:29.334883 0.000000 udp 10.0.2.19 1701 -> 95.58.204.34 6773 INT 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:33.851322 0.000185 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:37:34.952751 0.124192 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 777 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:37:35.505915 0.185092 udp 10.0.2.19 1701 <-> 5.98.202.140 6693 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:37:35.794614 0.000000 udp 10.0.2.19 1701 -> 134.90.1.39 1368 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:42.754718 0.000000 udp 10.0.2.19 1701 -> 109.193.81.199 3790 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:52.077956 0.000000 udp 10.0.2.19 1701 -> 151.41.37.148 5607 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:37:57.585190 0.177628 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 820 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:37:57.906698 0.000000 udp 10.0.2.19 1701 -> 87.25.211.21 8660 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:04.285102 0.000000 udp 10.0.2.19 1701 -> 177.106.113.244 1084 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:09.142301 0.000141 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:38:11.159565 3.000349 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 19:38:13.248114 0.000000 udp 10.0.2.19 1701 -> 190.56.105.9 6183 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:18.165723 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:38:19.907760 0.000000 udp 10.0.2.19 1701 -> 88.232.178.124 1274 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:26.167154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:38:28.540473 0.000000 udp 10.0.2.19 1701 -> 82.233.38.152 4510 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:33.677438 0.000000 udp 10.0.2.19 1701 -> 99.67.62.130 8458 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:40.537334 0.165611 udp 10.0.2.19 1701 -> 94.71.251.54 1029 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:40.702945 0.000000 icmp 94.71.251.54 0x0303 -> 10.0.2.19 0x0504 URP 192 1 335 flow=Background 1970/01/01 19:38:42.169098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:38:45.143746 0.000124 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:38:47.797811 0.178428 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 725 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:38:48.107233 0.000000 udp 10.0.2.19 1701 -> 189.133.20.125 8786 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:55.418501 0.000000 udp 10.0.2.19 1701 -> 87.11.143.89 5858 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:38:55.649063 1.437497 tcp 10.0.2.19 49569 -> 90.156.118.144 5237 SPA_* 0 0 9 1070 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:39:03.320049 0.260874 udp 10.0.2.19 1701 <-> 31.146.120.125 17516 CON 0 0 2 857 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:39:03.809044 0.135542 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 778 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:39:04.217242 0.317003 udp 10.0.2.19 1701 <-> 189.135.157.40 1728 CON 0 0 2 735 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:39:04.597219 0.000000 udp 10.0.2.19 1701 -> 41.78.174.62 1092 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:39:04.633682 0.010530 tcp 10.0.2.19 49569 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 19:39:10.970947 0.000000 udp 10.0.2.19 1701 -> 92.241.67.28 6652 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:39:14.175244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:39:18.711886 0.210821 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:39:18.979333 0.000000 udp 10.0.2.19 1701 -> 24.138.17.51 3855 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:39:26.843948 0.150030 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 798 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:39:27.067116 0.231911 udp 10.0.2.19 1701 <-> 178.88.57.242 10223 CON 0 0 2 732 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:39:27.803348 0.000000 udp 10.0.2.19 1701 -> 80.15.209.174 2228 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:39:35.646291 0.000000 udp 10.0.2.19 1701 -> 66.18.54.55 2544 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:39:40.643507 0.000159 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:39:44.349161 0.156158 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 815 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:39:44.535385 0.000000 udp 10.0.2.19 1701 -> 87.206.184.151 27155 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:39:50.097036 0.000000 udp 10.0.2.19 1701 -> 108.132.224.91 6205 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:39:58.109322 0.000000 udp 10.0.2.19 1701 -> 79.15.51.149 9200 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:06.561158 0.000000 udp 10.0.2.19 1701 -> 92.47.25.69 7553 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:12.930440 0.000000 udp 10.0.2.19 1701 -> 178.89.93.133 16612 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:17.646632 0.000176 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:40:18.818563 0.125790 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:40:19.233148 0.000000 udp 10.0.2.19 1701 -> 88.250.125.77 25566 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:27.191235 0.000000 udp 10.0.2.19 1701 -> 71.242.237.42 3316 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:32.258096 0.304109 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:40:32.699169 0.000000 udp 10.0.2.19 1701 -> 92.142.9.12 3914 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:39.759028 0.361272 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:40:40.129762 0.306043 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 723 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:40:40.444759 0.000000 udp 10.0.2.19 1701 -> 202.191.232.162 6041 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:46.768983 0.000000 udp 10.0.2.19 1701 -> 172.249.112.117 1053 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:40:51.645598 0.000137 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:40:52.957301 0.000000 udp 10.0.2.19 1701 -> 108.206.0.25 2990 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:01.800313 0.000000 udp 10.0.2.19 1701 -> 177.224.10.194 3922 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:08.620221 0.131232 udp 10.0.2.19 1701 <-> 95.156.161.47 10348 CON 0 0 2 719 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 19:41:08.910822 0.000000 udp 10.0.2.19 1701 -> 8.14.69.26 5795 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:14.488847 0.000000 udp 10.0.2.19 1701 -> 70.78.76.87 3988 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:21.498727 0.261409 udp 10.0.2.19 1701 -> 105.236.104.33 8366 INT 0 1 251 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:21.760136 0.000000 icmp 105.236.104.33 0x0303 -> 10.0.2.19 0xae20 URP 192 1 251 flow=Background 1970/01/01 19:41:26.145123 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 19:41:28.128202 0.000000 udp 10.0.2.19 1701 -> 94.64.247.226 3719 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:33.165813 0.000000 udp 10.0.2.19 1701 -> 109.193.149.63 4772 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:39.645356 0.000000 udp 10.0.2.19 1701 -> 78.155.171.95 3191 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:47.135741 0.000000 udp 10.0.2.19 1701 -> 173.72.218.171 7441 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:41:53.555353 0.000000 udp 10.0.2.19 1701 -> 87.20.226.85 6615 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 19:45:18.183241 2.999978 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 19:45:25.188693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:45:33.190666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:45:49.193037 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:46:21.199395 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:52:25.207122 3.000334 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 19:52:32.213154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:52:40.214266 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:52:56.217713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:53:28.223225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:59:32.230869 3.000633 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 19:59:39.236448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 19:59:47.238466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:00:03.241062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:00:35.247276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:06:39.255228 3.000099 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 20:06:46.260771 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:06:54.262397 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:07:10.265334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:07:42.271129 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:09:04.650426 0.000118 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 20:09:04.650802 1.401197 tcp 10.0.2.19 49570 -> 90.156.118.144 5237 SPA_* 0 0 9 1099 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:09:12.568976 0.184288 tcp 10.0.2.19 49570 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:12:28.202952 0.000158 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 20:12:28.203274 0.289322 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:28.493006 0.148536 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:28.641929 0.165195 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:28.807739 0.169244 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:28.977558 0.169113 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:29.147227 0.141360 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:29.289110 0.177466 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:29.467173 0.168428 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:29.636299 0.165661 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:29.802527 0.157246 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:29.960343 0.000000 udp 10.0.2.19 1701 -> 151.45.57.114 1244 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:12:47.835230 0.165792 tcp 10.0.2.19 49571 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:12:48.001267 0.205757 tcp 10.0.2.19 49572 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:12:48.207890 0.247311 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:48.455816 0.221599 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:48.678010 0.163225 udp 10.0.2.19 1701 <-> 31.192.3.38 1318 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:48.841625 0.154207 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:12:48.996361 0.000000 udp 10.0.2.19 1701 -> 68.162.252.216 5281 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:13:06.900752 0.167118 tcp 10.0.2.19 49573 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:13:07.067706 0.212409 tcp 10.0.2.19 49574 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:13:07.281057 0.511024 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:07.792665 0.000000 udp 10.0.2.19 1701 -> 189.172.99.119 29140 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:13:26.208280 0.165679 tcp 10.0.2.19 49575 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:13:26.373795 0.206308 tcp 10.0.2.19 49576 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:13:26.581070 0.130218 udp 10.0.2.19 1701 <-> 188.6.55.163 1868 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:26.711884 0.300294 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:27.012738 0.578678 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:27.591834 0.169987 udp 10.0.2.19 1701 <-> 77.242.58.25 7140 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:27.762350 0.158627 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:27.921551 0.157643 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:28.079728 0.185423 udp 10.0.2.19 1701 <-> 31.192.30.121 3181 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:28.265736 0.235468 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:28.501758 0.173759 udp 10.0.2.19 1701 <-> 78.188.231.146 11453 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:28.675961 0.275885 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:28.952216 0.000000 udp 10.0.2.19 1701 -> 186.191.16.250 5675 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:13:44.885116 0.189876 tcp 10.0.2.19 49577 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:13:45.075286 0.212106 tcp 10.0.2.19 49578 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:13:45.288408 0.232727 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 579 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:45.521725 0.157331 udp 10.0.2.19 1701 <-> 176.73.143.18 4384 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:13:45.679592 0.000000 udp 10.0.2.19 1701 -> 188.169.253.12 10407 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:13:46.279267 2.999401 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 20:13:53.284524 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:14:01.285904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:14:02.530566 0.166883 tcp 10.0.2.19 49579 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:14:02.698348 0.204078 tcp 10.0.2.19 49580 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:14:02.903424 0.164161 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:03.068136 0.221755 udp 10.0.2.19 1701 <-> 188.169.105.114 11036 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:03.290471 0.121222 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:03.412281 0.000000 udp 10.0.2.19 1701 -> 5.98.202.140 6693 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:14:17.289438 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:14:21.316974 0.165472 tcp 10.0.2.19 49581 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:14:21.482983 0.204467 tcp 10.0.2.19 49582 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:14:21.688392 0.191465 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:21.880420 0.176223 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:22.057175 0.222061 udp 10.0.2.19 1701 <-> 31.146.120.125 17516 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:22.279836 0.134413 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:22.414775 0.310051 udp 10.0.2.19 1701 <-> 189.135.157.40 1728 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:22.725388 0.200479 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:22.926504 0.158665 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:23.085688 0.245238 udp 10.0.2.19 1701 <-> 178.88.57.242 10223 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:23.331536 0.153791 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:23.485896 0.160523 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:23.647025 0.381338 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:24.028965 0.303798 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:14:24.333352 0.000000 udp 10.0.2.19 1701 -> 190.37.198.197 8275 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:14:41.767948 0.165979 tcp 10.0.2.19 49583 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:14:41.934348 0.196940 tcp 10.0.2.19 49584 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:14:42.132268 0.000000 udp 10.0.2.19 1701 -> 95.156.161.47 10348 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:14:49.295711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:14:58.139999 0.165405 tcp 10.0.2.19 49585 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:14:58.305937 0.206574 tcp 10.0.2.19 49586 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:20:53.302410 3.000825 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 20:21:00.308360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:21:08.310106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:21:24.313308 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:21:56.318899 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:28:00.326823 3.000277 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 20:28:07.332604 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:28:15.333929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:28:31.336780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:29:03.343254 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:35:07.351359 2.999255 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 20:35:14.356812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:35:22.357808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:35:38.360810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:36:10.367307 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:39:12.759724 0.000152 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 20:39:12.760033 1.592154 tcp 10.0.2.19 49587 -> 90.156.118.144 5237 SPA_* 0 0 9 1089 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:39:20.799027 0.006642 tcp 10.0.2.19 49587 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:42:14.375317 3.000039 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 20:42:21.381001 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:42:29.381939 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:42:45.385366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:43:17.390800 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:45:20.128178 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 20:45:20.128484 0.115074 udp 10.0.2.19 1701 -> 151.45.57.114 1244 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:45:20.243558 0.000000 icmp 151.45.57.114 0x0303 -> 10.0.2.19 0xdc04 URP 192 1 160 flow=Background 1970/01/01 20:45:36.776777 0.180231 tcp 10.0.2.19 49588 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:45:36.957499 0.215325 tcp 10.0.2.19 49589 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:45:37.173844 0.205834 udp 10.0.2.19 1701 <-> 68.162.252.216 5281 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:45:37.380334 0.000000 udp 10.0.2.19 1701 -> 189.172.99.119 29140 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:45:55.240172 0.176784 tcp 10.0.2.19 49590 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:45:55.417421 0.236352 tcp 10.0.2.19 49591 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:45:55.654897 0.000000 udp 10.0.2.19 1701 -> 186.191.16.250 5675 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:46:12.174551 0.192492 tcp 10.0.2.19 49592 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:46:12.367582 0.198394 tcp 10.0.2.19 49593 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:46:12.567011 0.000000 udp 10.0.2.19 1701 -> 188.169.253.12 10407 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:46:30.129313 0.176966 tcp 10.0.2.19 49594 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:46:30.306592 0.220873 tcp 10.0.2.19 49595 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:46:30.528391 0.000000 udp 10.0.2.19 1701 -> 5.98.202.140 6693 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:46:45.642959 0.191071 tcp 10.0.2.19 49596 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:46:45.833750 0.213095 tcp 10.0.2.19 49597 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:46:46.047833 2.536286 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:46:48.584768 0.000000 udp 10.0.2.19 1701 -> 95.156.161.47 10348 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:47:03.819012 0.165734 tcp 10.0.2.19 49598 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:47:03.985123 0.211510 tcp 10.0.2.19 49599 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:47:04.197659 0.344744 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:04.542961 0.149704 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:04.693243 0.159851 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:04.853686 0.155561 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:05.009795 0.174613 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:05.184997 0.161388 udp 10.0.2.19 1701 <-> 94.240.240.106 4304 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:05.346920 0.162185 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:05.509529 0.169065 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 579 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:05.679314 0.153509 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:05.833365 0.168791 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:06.002673 0.249098 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:06.252141 0.232015 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:06.484804 0.155860 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:06.641200 0.175251 rtcp 10.0.2.19 1701 <-> 31.192.3.38 1318 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:06.816977 0.500710 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:07.318509 0.244749 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:07.563725 0.299105 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:07.863527 0.128745 udp 10.0.2.19 1701 <-> 188.6.55.163 1868 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:07.992713 0.160635 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:08.153891 0.163084 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:08.317546 0.235285 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:08.553416 0.153493 udp 10.0.2.19 1701 <-> 77.242.58.25 7140 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:08.707422 0.178466 udp 10.0.2.19 1701 <-> 78.188.231.146 11453 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:08.886555 0.170202 udp 10.0.2.19 1701 <-> 31.192.30.121 3181 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:09.057275 0.272575 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:09.330479 0.168319 udp 10.0.2.19 1701 <-> 176.73.143.18 4384 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:09.499374 0.000000 udp 10.0.2.19 1701 -> 24.255.222.240 3529 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:47:24.979100 0.192645 tcp 10.0.2.19 49600 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:47:25.172170 0.207749 tcp 10.0.2.19 49601 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:47:25.380860 0.227755 udp 10.0.2.19 1701 <-> 188.169.105.114 11036 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:25.609163 0.166427 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:25.776037 0.118461 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:25.894965 0.634592 udp 10.0.2.19 1701 <-> 31.146.120.125 17516 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:26.530377 0.132821 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:26.663761 0.000000 udp 10.0.2.19 1701 -> 78.163.112.113 11787 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:47:45.078006 0.286709 tcp 10.0.2.19 49602 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:47:45.365170 0.543378 tcp 10.0.2.19 49603 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:47:45.909473 0.580480 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:46.490571 0.191474 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:46.682661 0.479716 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:47.162980 0.154686 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:47.318320 0.469268 udp 10.0.2.19 1701 <-> 189.135.157.40 1728 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:47.788195 0.368250 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:47:48.156994 0.000000 udp 10.0.2.19 1701 -> 178.88.57.242 10223 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 20:48:04.816522 0.193208 tcp 10.0.2.19 49604 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:48:05.010306 0.198236 tcp 10.0.2.19 49605 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 20:48:05.209494 0.296146 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:48:05.506526 0.308274 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 20:49:21.396943 3.002019 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 20:49:28.404320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:49:36.406328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:49:52.409228 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:50:24.415273 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:56:28.422521 3.000005 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 20:56:35.428217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:56:43.430219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:56:59.432775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 20:57:31.439419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:03:35.446733 3.000354 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 21:03:42.452490 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:03:50.454306 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:04:06.457091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:04:38.463270 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:09:20.809689 0.000158 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 21:09:20.810228 1.410316 tcp 10.0.2.19 49606 -> 90.156.118.144 5237 SPA_* 0 0 9 1028 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:09:35.785072 0.193644 tcp 10.0.2.19 49606 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:10:42.468990 3.001964 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 21:10:49.476851 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:10:57.478311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:11:13.480961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:11:45.486779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:17:49.494486 3.000420 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 21:17:56.500775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:18:04.501637 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:18:20.504631 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:18:23.399645 0.000135 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 21:18:23.399996 0.231128 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:18:23.631677 0.165425 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:18:23.797664 0.000000 udp 10.0.2.19 1701 -> 178.88.57.242 10223 INT 0 1 114 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:18:41.197502 0.167099 tcp 10.0.2.19 49607 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:18:41.364492 0.196548 tcp 10.0.2.19 49608 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:18:41.561627 0.000000 udp 10.0.2.19 1701 -> 68.162.252.216 5281 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:18:52.511478 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:19:00.203562 2.029430 tcp 10.0.2.19 49609 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:19:00.368484 0.203756 tcp 10.0.2.19 49610 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:19:00.572834 0.396614 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:00.969831 0.261174 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:01.231371 0.000000 udp 10.0.2.19 1701 -> 94.240.240.106 4304 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:19:17.738627 0.173469 tcp 10.0.2.19 49611 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:19:17.912546 0.204351 tcp 10.0.2.19 49612 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:19:18.117961 0.173389 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:18.291891 0.155240 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:18.447687 0.167744 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:18.615937 0.149666 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:18.766403 0.161179 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:18.928158 0.148828 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:19.077552 0.224127 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:19.302285 0.164789 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:19.467713 0.155708 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:19.623991 0.254060 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:19.878497 0.155648 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:20.034649 0.265819 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:20.300884 0.169869 udp 10.0.2.19 1701 <-> 31.192.3.38 1318 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:20.471406 0.499345 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:20.971425 0.236940 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:21.209000 0.172141 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:21.381714 0.183730 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:21.566021 0.125495 udp 10.0.2.19 1701 <-> 188.6.55.163 1868 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:21.692105 0.298979 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:21.991684 0.190547 udp 10.0.2.19 1701 <-> 176.73.143.18 4384 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:22.182774 0.181968 udp 10.0.2.19 1701 <-> 31.192.30.121 3181 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:22.365287 0.164257 udp 10.0.2.19 1701 <-> 78.188.231.146 11453 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:22.530024 0.171774 udp 10.0.2.19 1701 <-> 77.242.58.25 7140 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:22.702605 0.254545 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:22.957697 0.212611 udp 10.0.2.19 1701 <-> 188.169.105.114 11036 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:23.170860 0.132134 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:23.303361 0.249498 udp 10.0.2.19 1701 <-> 31.146.120.125 17516 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:23.553240 0.118450 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:23.672269 0.149715 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:23.822592 0.176038 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:23.999188 0.152017 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:24.151816 0.125040 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:24.277454 0.160452 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:24.438360 0.000000 udp 10.0.2.19 1701 -> 189.135.157.40 1728 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:19:39.591238 0.167060 tcp 10.0.2.19 49613 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:19:39.758646 0.197571 tcp 10.0.2.19 49614 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:19:39.957173 0.206448 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:40.164197 0.329178 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:19:40.494029 0.294623 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:24:56.516837 3.001524 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 21:25:03.524748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:25:11.526141 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:25:27.528807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:25:59.535090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:32:03.542920 2.999764 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 21:32:10.548409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:32:18.549503 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:32:34.552926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:33:06.559035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:39:10.566312 3.000269 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 21:39:17.572038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:39:25.573952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:39:35.979158 0.000168 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 21:39:35.979484 0.721163 tcp 10.0.2.19 49615 -> 90.156.118.144 5237 SPA_* 0 0 9 1157 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:39:41.576985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:39:41.933072 0.011749 tcp 10.0.2.19 49615 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:40:13.583124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:46:17.590861 3.000093 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 21:46:24.595979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:46:32.597785 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:46:48.600508 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:47:20.606837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:49:48.019191 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 21:49:48.019501 0.000000 udp 10.0.2.19 1701 -> 68.162.252.216 5281 INT 0 1 110 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:50:06.780893 0.210232 tcp 10.0.2.19 49616 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:50:06.991634 0.217766 tcp 10.0.2.19 49617 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:50:07.210533 0.000000 udp 10.0.2.19 1701 -> 94.240.240.106 4304 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:50:24.553755 0.168435 tcp 10.0.2.19 49618 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:50:24.722476 0.200275 tcp 10.0.2.19 49619 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:50:24.923690 0.309795 udp 10.0.2.19 1701 <-> 189.135.157.40 1728 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:25.234313 0.000000 udp 10.0.2.19 1701 -> 24.255.222.240 3529 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:50:40.666853 0.192198 tcp 10.0.2.19 49620 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:50:40.858437 0.209922 tcp 10.0.2.19 49621 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:50:41.069305 0.180751 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:41.250610 0.400731 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:41.652017 0.271239 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:41.923825 0.167775 udp 10.0.2.19 1701 <-> 94.240.232.143 1873 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:42.092147 0.166142 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:42.258816 0.168616 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:42.428040 0.150954 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:42.579593 0.156733 udp 10.0.2.19 1701 <-> 188.121.218.120 7251 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:42.736856 0.152398 udp 10.0.2.19 1701 <-> 95.10.18.143 16838 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:42.889827 0.155320 udp 10.0.2.19 1701 <-> 46.49.36.20 9752 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:43.045706 0.155216 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:43.201493 0.218003 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:43.420106 0.238627 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:43.659357 0.259427 udp 10.0.2.19 1701 <-> 31.192.3.38 1318 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:43.919265 0.237481 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:44.157264 0.155598 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:44.313371 0.169161 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:44.483133 0.167652 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:44.651379 0.500377 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:45.152368 0.224402 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:45.377365 0.156695 udp 10.0.2.19 1701 <-> 176.73.143.18 4384 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:45.534623 0.196756 udp 10.0.2.19 1701 <-> 31.192.30.121 3181 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:45.731983 0.174362 udp 10.0.2.19 1701 <-> 78.188.231.146 11453 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:50:45.906961 0.000000 udp 10.0.2.19 1701 -> 188.6.55.163 1868 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:51:01.866907 0.166216 tcp 10.0.2.19 49622 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:51:02.033399 0.224507 tcp 10.0.2.19 49623 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:51:02.258968 0.000000 udp 10.0.2.19 1701 -> 189.231.69.224 18202 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:51:17.690660 0.175877 tcp 10.0.2.19 49624 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:51:17.866732 0.210298 tcp 10.0.2.19 49625 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:51:18.078192 0.214614 udp 10.0.2.19 1701 <-> 188.169.105.114 11036 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:18.293392 0.132406 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:18.426404 0.234210 udp 10.0.2.19 1701 <-> 31.146.120.125 17516 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:18.661183 0.140006 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:18.801776 0.249416 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:19.051854 0.000000 udp 10.0.2.19 1701 -> 77.242.58.25 7140 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 21:51:37.687511 0.168482 tcp 10.0.2.19 49626 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:51:37.856457 0.239173 tcp 10.0.2.19 49627 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 21:51:38.096582 0.130935 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:38.228050 0.141537 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:38.370206 0.146056 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:38.516874 0.173997 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:38.691436 0.152415 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:38.844415 0.202417 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:39.047340 0.315675 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:51:39.363627 0.299939 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 21:53:24.612273 3.001981 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 21:53:31.620136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:53:39.621638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:53:55.624427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 21:54:27.631038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:00:31.638618 2.999606 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 22:00:38.643962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:00:46.646140 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:01:02.648790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:01:34.654705 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:07:38.662279 3.000037 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 22:07:45.667828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:07:53.669613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:08:09.672786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:08:41.678452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:09:41.946305 0.000150 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 22:09:41.946610 4.368934 tcp 10.0.2.19 49628 -> 90.156.118.144 5237 SPA_* 0 0 10 1282 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:09:58.875822 0.045124 tcp 10.0.2.19 49628 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:14:45.684379 3.001986 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 22:14:52.691771 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:15:00.693681 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:15:16.696555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:15:48.703097 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:21:49.071570 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 22:21:49.071750 0.231441 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:21:49.303799 0.000000 udp 10.0.2.19 1701 -> 188.6.55.163 1868 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:21:52.710458 2.999571 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 22:21:59.716089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:22:05.659303 0.166010 tcp 10.0.2.19 49629 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:22:05.825886 0.204692 tcp 10.0.2.19 49630 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:22:06.031533 0.309503 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:06.341630 0.000000 udp 10.0.2.19 1701 -> 77.242.58.25 7140 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:22:07.717695 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:22:21.739322 0.167113 tcp 10.0.2.19 49631 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:22:21.906645 0.201362 tcp 10.0.2.19 49632 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:22:22.108580 0.315589 udp 10.0.2.19 1701 <-> 189.135.157.40 1728 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:22.424567 0.359576 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:22.784548 0.181277 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:22.966325 0.147267 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:23.113964 0.166952 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:23.281238 0.168007 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:23.449648 0.276026 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 568 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:23.720233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:22:23.726060 0.000000 udp 10.0.2.19 1701 -> 94.240.232.143 1873 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:22:42.038413 0.167289 tcp 10.0.2.19 49633 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:22:42.206034 0.212181 tcp 10.0.2.19 49634 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:22:42.418762 0.245662 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:42.664793 0.220354 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:22:42.885555 0.000000 udp 10.0.2.19 1701 -> 188.121.218.120 7251 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:22:55.726739 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:22:59.924758 0.166127 tcp 10.0.2.19 49635 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:00.091185 0.209321 tcp 10.0.2.19 49636 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:00.301507 0.000000 udp 10.0.2.19 1701 -> 46.49.36.20 9752 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:23:17.840597 0.166561 tcp 10.0.2.19 49637 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:18.007517 0.220990 tcp 10.0.2.19 49638 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:18.229610 0.179034 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:18.409274 0.000000 udp 10.0.2.19 1701 -> 95.10.18.143 16838 INT 0 1 98 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:23:36.786949 0.175883 tcp 10.0.2.19 49639 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:36.963226 0.197213 tcp 10.0.2.19 49640 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:37.161852 0.204550 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:37.367005 0.177943 udp 10.0.2.19 1701 <-> 31.192.3.38 1318 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:37.545548 0.238147 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:37.784254 0.151844 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:37.936613 0.150616 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:38.087843 0.233880 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:38.322329 0.497991 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:38.820935 0.000000 udp 10.0.2.19 1701 -> 176.73.143.18 4384 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:23:55.354931 0.166177 tcp 10.0.2.19 49641 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:55.521444 0.238697 tcp 10.0.2.19 49642 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:23:55.761103 0.165871 udp 10.0.2.19 1701 <-> 78.188.231.146 11453 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:55.927539 0.171342 udp 10.0.2.19 1701 <-> 31.192.30.121 3181 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:56.099415 0.133505 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:23:56.233478 0.000000 udp 10.0.2.19 1701 -> 188.169.105.114 11036 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:24:12.348494 0.165851 tcp 10.0.2.19 49643 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:24:12.514735 0.274475 tcp 10.0.2.19 49644 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:24:12.790316 0.293866 udp 10.0.2.19 1701 <-> 31.146.120.125 17516 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:13.084780 0.234781 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:13.320131 0.128968 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:13.449650 0.146377 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:13.596598 0.161995 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:13.759771 0.187997 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:13.948358 0.212008 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:14.161000 0.296701 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:14.458443 0.294349 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:14.753317 0.218251 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:24:14.972162 0.154870 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:28:59.734255 3.000526 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 22:29:06.740034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:29:14.741758 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:29:30.744628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:30:02.750486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:36:06.756510 3.001929 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 22:36:13.764801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:36:21.765747 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:36:37.768510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:37:09.774571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:39:58.928085 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 22:39:58.928275 1.087350 tcp 10.0.2.19 49645 -> 90.156.118.144 5237 SPA_* 0 0 9 1217 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:40:08.398805 0.035774 tcp 10.0.2.19 49645 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:43:13.782666 2.999496 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 22:43:20.788002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:43:28.789976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:43:44.792788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:44:16.798826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:50:20.805663 3.000672 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 22:50:27.812038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:50:35.813151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:50:51.816984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:51:23.822417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:54:23.521920 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 22:54:23.522072 0.000000 udp 10.0.2.19 1701 -> 94.240.232.143 1873 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:54:42.340339 0.201574 tcp 10.0.2.19 49646 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:54:42.542144 0.233444 tcp 10.0.2.19 49647 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:54:42.776157 0.000000 udp 10.0.2.19 1701 -> 95.10.18.143 16838 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:55:00.996433 0.190346 tcp 10.0.2.19 49648 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:01.187013 0.198611 tcp 10.0.2.19 49649 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:01.386265 0.000000 udp 10.0.2.19 1701 -> 188.121.218.120 7251 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:55:16.519168 0.165844 tcp 10.0.2.19 49650 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:16.685468 0.255804 tcp 10.0.2.19 49651 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:16.942447 0.000000 udp 10.0.2.19 1701 -> 46.49.36.20 9752 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:55:33.804676 0.165653 tcp 10.0.2.19 49652 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:33.970642 0.204169 tcp 10.0.2.19 49653 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:34.175752 0.000000 udp 10.0.2.19 1701 -> 176.73.143.18 4384 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:55:52.821954 0.202162 tcp 10.0.2.19 49654 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:53.024486 0.222885 tcp 10.0.2.19 49655 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:55:53.248382 0.000000 udp 10.0.2.19 1701 -> 188.169.105.114 11036 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:56:10.717469 0.192532 tcp 10.0.2.19 49656 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:56:10.910463 0.198722 tcp 10.0.2.19 49657 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:56:11.110377 0.248259 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:11.359266 0.305105 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:11.664975 0.000000 udp 10.0.2.19 1701 -> 189.135.157.40 1728 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:56:27.181227 0.176377 tcp 10.0.2.19 49658 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:56:27.358326 0.200533 tcp 10.0.2.19 49659 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:56:27.559856 0.176646 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:27.737111 0.149452 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:27.887132 0.364885 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:28.252621 0.188575 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:28.441656 0.166265 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:28.608558 0.319723 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:28.928913 0.503222 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:29.432734 0.217980 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:29.651253 0.163135 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:29.814879 0.000000 udp 10.0.2.19 1701 -> 31.192.3.38 1318 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:56:47.460438 0.176911 tcp 10.0.2.19 49660 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:56:47.637760 0.229346 tcp 10.0.2.19 49661 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:56:47.868027 0.201325 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:48.069918 0.148592 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:48.219218 0.153638 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:48.373412 0.233339 udp 10.0.2.19 1701 <-> 107.193.222.108 3981 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:48.607340 0.256507 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:48.864431 0.500141 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:56:49.365129 0.000000 udp 10.0.2.19 1701 -> 31.192.30.121 3181 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 22:57:07.958329 0.163902 tcp 10.0.2.19 49662 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:57:08.122529 0.196727 tcp 10.0.2.19 49663 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 22:57:08.319806 0.170401 udp 10.0.2.19 1701 <-> 78.188.231.146 11453 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:08.490564 0.131680 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:08.622657 0.659331 udp 10.0.2.19 1701 <-> 31.146.120.125 17516 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:09.282348 0.246122 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:09.528818 0.119296 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:09.648496 0.171841 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:09.820655 0.199734 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:10.020820 0.294660 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:10.315907 0.150875 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:10.467140 0.190184 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:10.657684 0.153176 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:10.811255 0.294550 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:11.106300 0.171618 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 22:57:27.830482 2.999531 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 22:57:34.835742 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:57:42.837165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:57:58.840653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 22:58:30.846259 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:04:34.852131 3.001690 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 23:04:41.859556 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:04:49.861659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:05:05.864394 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:05:37.870419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:10:08.440396 0.000157 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 23:10:08.440711 1.187384 tcp 10.0.2.19 49664 -> 90.156.118.144 5237 SPA_* 0 0 9 1239 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:10:15.291613 0.013054 tcp 10.0.2.19 49664 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:11:41.876186 3.001609 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 23:11:48.883520 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:11:56.885214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:12:12.888444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:12:44.894205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:18:49.032700 3.000013 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 23:18:56.037996 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:19:04.039375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:19:20.042780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:19:52.048437 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:25:56.056380 3.000468 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 23:26:03.062042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:26:11.063230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:26:27.066798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:26:59.072776 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:27:37.828869 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 23:27:37.829031 0.000000 udp 10.0.2.19 1701 -> 189.135.157.40 1728 INT 0 1 93 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 23:27:53.853880 0.165954 tcp 10.0.2.19 49665 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:27:54.020114 0.224062 tcp 10.0.2.19 49666 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:27:54.244700 0.000000 udp 10.0.2.19 1701 -> 31.192.3.38 1318 INT 0 1 266 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 23:28:11.928332 0.200210 tcp 10.0.2.19 49667 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:28:12.128387 0.228084 tcp 10.0.2.19 49668 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:28:12.357005 0.000000 udp 10.0.2.19 1701 -> 31.192.30.121 3181 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 23:28:28.021648 0.190376 tcp 10.0.2.19 49669 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:28:28.211938 0.219084 tcp 10.0.2.19 49670 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:28:28.431616 0.236916 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:28.668934 0.294352 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:28.963684 0.173732 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:29.137795 0.166820 udp 10.0.2.19 1701 <-> 82.211.180.182 5457 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:29.304951 0.167677 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:29.472987 0.173860 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 578 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:29.647416 0.454302 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:30.102417 0.219259 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:30.322472 1.579725 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:31.902807 0.239695 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:32.143064 0.169759 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:32.313261 0.152910 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:32.466813 0.000000 udp 10.0.2.19 1701 -> 107.193.222.108 3981 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 23:28:51.106335 0.193911 tcp 10.0.2.19 49671 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:28:51.300677 0.197691 tcp 10.0.2.19 49672 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:28:51.499276 0.163626 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:51.663479 0.164467 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:51.828516 0.505294 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:52.334431 0.223402 udp 10.0.2.19 1701 <-> 188.169.156.8 12661 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:28:52.558598 0.000000 udp 10.0.2.19 1701 -> 78.188.231.146 11453 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 23:29:10.052750 0.189406 tcp 10.0.2.19 49673 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:29:10.242577 0.206242 tcp 10.0.2.19 49674 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:29:10.449753 0.136223 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:10.586609 0.121683 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:10.708867 0.000000 udp 10.0.2.19 1701 -> 31.146.120.125 17516 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 23:29:28.219863 0.192067 tcp 10.0.2.19 49675 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:29:28.412306 0.223408 tcp 10.0.2.19 49676 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:29:28.636649 0.238787 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:28.876068 0.154423 udp 10.0.2.19 1701 <-> 88.235.44.87 19831 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:29.031060 0.194818 udp 10.0.2.19 1701 <-> 41.68.167.108 12439 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:29.226540 0.301860 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:29.528974 0.144884 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:29.674612 0.188982 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:29.864117 0.175241 udp 10.0.2.19 1701 <-> 78.190.93.78 28569 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:30.039967 0.208232 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:29:30.248805 0.297343 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/01 23:33:03.078223 3.001806 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/01 23:33:10.086218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:33:18.087278 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:33:34.090977 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:34:06.096269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:40:10.104385 2.999767 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 23:40:15.367841 0.000176 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 23:40:15.368175 0.722964 tcp 10.0.2.19 49677 -> 90.156.118.144 5237 FSPA* 0 0 14 1507 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:40:17.109852 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:40:25.111354 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:40:41.114134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:41:13.120427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:47:17.128167 2.999881 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 23:47:24.133724 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:47:32.135500 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:47:48.138043 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:48:20.144088 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:54:24.152173 3.000061 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/01 23:54:31.157765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:54:39.159090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:54:55.162738 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:55:27.168203 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/01 23:59:31.199311 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/01 23:59:31.199674 0.000000 udp 10.0.2.19 1701 -> 107.193.222.108 3981 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/01 23:59:47.376933 0.166877 tcp 10.0.2.19 49678 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:59:47.543716 0.202641 tcp 10.0.2.19 49679 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/01 23:59:47.747304 0.000000 udp 10.0.2.19 1701 -> 78.188.231.146 11453 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:00:05.791270 0.209099 tcp 10.0.2.19 49680 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:00:06.000747 0.203322 tcp 10.0.2.19 49681 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:00:06.205031 0.000000 udp 10.0.2.19 1701 -> 31.146.120.125 17516 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:00:23.947687 0.167359 tcp 10.0.2.19 49682 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:00:24.115395 0.232131 tcp 10.0.2.19 49683 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:00:24.348473 0.243100 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:24.592227 0.186189 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:24.779039 0.148264 udp 10.0.2.19 1701 <-> 83.31.89.85 11097 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:24.927898 0.203566 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:25.132022 0.000000 udp 10.0.2.19 1701 -> 82.211.180.182 5457 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:00:43.114244 0.165863 tcp 10.0.2.19 49684 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:00:43.280426 0.230193 tcp 10.0.2.19 49685 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:00:43.511155 0.312507 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:43.824076 0.219929 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:44.044411 0.342678 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:44.387710 0.184226 udp 10.0.2.19 1701 <-> 95.104.30.151 5162 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:44.572555 0.264383 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:44.837564 0.242933 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:45.081066 0.162480 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:45.244131 0.156522 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:45.401240 0.499793 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:45.901602 0.253500 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:00:46.155725 0.000000 udp 10.0.2.19 1701 -> 188.169.156.8 12661 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:01:03.824825 0.171639 tcp 10.0.2.19 49686 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:01:03.996765 0.202944 tcp 10.0.2.19 49687 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:01:04.200674 0.121619 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:04.322831 0.133238 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:04.456623 0.260523 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:04.717782 0.000000 udp 10.0.2.19 1701 -> 88.235.44.87 19831 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:01:20.398308 0.167214 tcp 10.0.2.19 49688 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:01:20.565904 0.215679 tcp 10.0.2.19 49689 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:01:20.782387 0.000000 udp 10.0.2.19 1701 -> 41.68.167.108 12439 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:01:31.186339 2.999383 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 00:01:38.154209 0.195477 tcp 10.0.2.19 49690 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:01:38.192106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:01:38.350282 0.199828 tcp 10.0.2.19 49691 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:01:38.550708 0.300404 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:38.851767 0.147849 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:39.000274 0.147589 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:39.148415 0.305433 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:39.454693 0.128891 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:01:39.584153 0.000000 udp 10.0.2.19 1701 -> 78.190.93.78 28569 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:01:46.193273 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:01:55.759582 0.166656 tcp 10.0.2.19 49692 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:01:55.926630 0.204691 tcp 10.0.2.19 49693 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:02:02.196499 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:02:34.202236 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:08:38.210638 2.999149 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 00:08:45.216130 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:08:53.217367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:09:09.220493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:09:41.227231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:10:16.107110 0.000108 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:10:16.109200 1.386973 tcp 10.0.2.19 49694 -> 90.156.118.144 5237 FSPA* 0 0 14 1707 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:15:45.234489 3.000413 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 00:15:52.240046 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:16:00.241587 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:16:16.243949 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:16:48.250696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:22:52.258152 3.000206 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 00:22:59.263722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:23:07.265464 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:23:23.268398 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:23:55.274134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:29:59.282030 2.999856 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 00:30:06.287849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:30:14.289036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:30:30.292066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:31:02.297857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:32:14.141851 0.000117 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:32:14.142134 0.000000 udp 10.0.2.19 1701 -> 82.211.180.182 5457 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:32:29.438396 0.166809 tcp 10.0.2.19 49695 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:32:29.605411 0.198521 tcp 10.0.2.19 49696 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:32:29.804717 0.000000 udp 10.0.2.19 1701 -> 188.169.156.8 12661 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:32:48.713515 0.165809 tcp 10.0.2.19 49697 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:32:48.879681 0.213569 tcp 10.0.2.19 49698 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:32:49.094194 0.000000 udp 10.0.2.19 1701 -> 41.68.167.108 12439 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:33:05.257010 0.183914 tcp 10.0.2.19 49699 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:05.441264 0.203358 tcp 10.0.2.19 49700 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:05.645690 0.000000 udp 10.0.2.19 1701 -> 88.235.44.87 19831 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:33:22.312012 0.173412 tcp 10.0.2.19 49701 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:22.485260 0.200461 tcp 10.0.2.19 49702 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:22.686834 0.000000 udp 10.0.2.19 1701 -> 78.190.93.78 28569 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:33:40.308296 0.186641 tcp 10.0.2.19 49703 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:40.495497 0.221241 tcp 10.0.2.19 49704 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:40.717693 0.000000 udp 10.0.2.19 1701 -> 24.255.222.240 3529 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:33:57.302059 0.176608 tcp 10.0.2.19 49705 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:57.479219 0.261998 tcp 10.0.2.19 49706 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:33:57.742331 0.204995 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:33:57.947879 0.180603 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:33:58.129048 0.000000 udp 10.0.2.19 1701 -> 83.31.89.85 11097 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:34:14.507007 0.180276 tcp 10.0.2.19 49707 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:34:14.687743 0.198118 tcp 10.0.2.19 49708 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:34:14.886813 0.378844 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:15.266133 0.305215 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:15.571724 0.220545 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:15.792642 0.000000 udp 10.0.2.19 1701 -> 95.104.30.151 5162 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:34:31.611155 1.936256 tcp 10.0.2.19 49709 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:34:31.797737 0.202903 tcp 10.0.2.19 49710 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:34:32.001607 0.179300 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:32.181522 0.238600 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:32.420783 0.263223 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:32.684592 0.197937 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:32.883080 0.162686 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:33.046501 0.501398 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:33.548513 0.142550 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 591 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:33.691511 0.253781 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:33.945881 0.132414 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:34.078776 0.151973 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:34.231328 0.296791 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:34.528725 0.255764 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:34.785114 0.149763 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:34.935441 0.311755 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:35.590856 0.000000 udp 10.0.2.19 1701 -> 24.255.222.240 3529 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:34:42.705304 0.000000 udp 10.0.2.19 1701 -> 83.31.89.85 11097 REQ 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:34:47.792287 0.000000 udp 10.0.2.19 1701 -> 95.104.30.151 5162 REQ 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:34:54.222112 0.194351 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 701 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:54.417150 0.188334 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 763 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:54.606277 0.305272 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 673 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:54.912474 0.342884 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:55.256193 0.232947 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:55.489834 0.245684 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 861 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:55.736046 0.294361 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:56.031049 0.179032 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 709 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:56.210717 0.163816 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:56.375247 0.176218 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 847 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:56.552171 0.527636 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 771 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:57.080540 0.121037 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 696 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:57.202444 0.142413 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 775 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:57.345603 0.162912 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 826 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:57.509244 0.304669 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 781 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:57.814894 0.387526 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 785 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:58.203097 0.358470 udp 10.0.2.19 1701 <-> 78.177.70.33 5375 CON 0 0 2 848 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:58.562375 0.309757 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 734 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:58.872823 0.127736 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 659 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:34:59.001350 0.000000 udp 10.0.2.19 1701 -> 188.49.45.200 3501 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:04.066354 0.000000 udp 10.0.2.19 1701 -> 173.2.156.79 7218 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:08.712796 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:35:09.253729 0.000000 udp 10.0.2.19 1701 -> 202.6.136.20 6746 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:17.265371 0.000000 udp 10.0.2.19 1701 -> 62.212.44.69 5956 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:23.213533 0.000000 udp 10.0.2.19 1701 -> 201.151.250.100 6703 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:28.310806 0.630707 udp 10.0.2.19 1701 <-> 188.169.27.248 16896 CON 0 0 2 776 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:35:29.099019 0.000000 udp 10.0.2.19 1701 -> 88.232.196.228 15609 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:37.073547 0.000000 udp 10.0.2.19 1701 -> 188.235.76.4 7273 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:45.265340 0.000000 udp 10.0.2.19 1701 -> 201.230.140.231 3759 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:50.211810 0.000155 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:35:50.552484 0.000000 udp 10.0.2.19 1701 -> 189.147.182.182 6554 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:35:57.392512 0.000000 udp 10.0.2.19 1701 -> 190.130.195.231 8587 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:05.203526 0.000000 udp 10.0.2.19 1701 -> 186.136.48.204 1209 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:11.973546 0.000000 udp 10.0.2.19 1701 -> 64.60.95.2 17838 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:19.534452 0.241416 udp 10.0.2.19 1701 -> 70.46.210.10 5001 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:19.775868 0.000000 icmp 70.46.210.10 0x0303 -> 10.0.2.19 0x8913 URP 192 1 240 flow=Background 1970/01/02 00:36:24.211277 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:36:25.863581 0.178413 udp 10.0.2.19 1701 <-> 78.173.238.41 22369 CON 0 0 2 826 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:36:26.073446 0.000000 udp 10.0.2.19 1701 -> 69.199.127.93 5950 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:33.183949 0.000000 udp 10.0.2.19 1701 -> 24.33.151.168 2815 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:39.443057 0.000000 udp 10.0.2.19 1701 -> 174.46.172.13 7763 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:47.144335 0.000000 udp 10.0.2.19 1701 -> 202.191.232.162 6041 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:54.094252 0.000000 udp 10.0.2.19 1701 -> 24.138.17.51 3855 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:36:58.710870 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:37:02.275702 0.000000 udp 10.0.2.19 1701 -> 39.32.142.180 10759 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:06.306180 2.999950 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 00:37:07.593791 0.000000 udp 10.0.2.19 1701 -> 83.198.175.145 6766 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:13.311982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:37:14.863798 0.000000 udp 10.0.2.19 1701 -> 85.110.178.147 2765 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:21.073431 0.000000 udp 10.0.2.19 1701 -> 109.200.171.106 27221 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:21.313445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:37:29.094784 0.000000 udp 10.0.2.19 1701 -> 178.248.150.48 7207 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:33.711213 0.000175 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:37:36.555710 0.000000 udp 10.0.2.19 1701 -> 83.37.223.51 6892 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:37.316218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:37:43.605724 0.000000 udp 10.0.2.19 1701 -> 94.71.138.33 28525 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:49.313848 0.000000 udp 10.0.2.19 1701 -> 72.214.16.151 6552 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:37:56.825447 0.000000 udp 10.0.2.19 1701 -> 200.121.4.95 17213 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:03.173562 0.000000 udp 10.0.2.19 1701 -> 59.149.98.57 2306 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:07.709653 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:38:09.182111 0.000000 udp 10.0.2.19 1701 -> 96.56.118.106 4157 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:09.322377 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:38:17.544348 0.000000 udp 10.0.2.19 1701 -> 67.52.51.102 5964 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:25.996225 0.000000 udp 10.0.2.19 1701 -> 208.2.86.27 29031 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:34.058349 0.000000 udp 10.0.2.19 1701 -> 190.232.28.15 14613 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:40.968029 0.150119 udp 10.0.2.19 1701 <-> 78.92.75.150 4736 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:38:41.355520 0.000000 udp 10.0.2.19 1701 -> 82.233.38.152 4510 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:45.714807 0.000189 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:38:46.506356 0.316564 udp 10.0.2.19 1701 <-> 187.208.123.138 8651 CON 0 0 2 833 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:38:46.941169 0.492227 udp 10.0.2.19 1701 <-> 49.49.17.72 22323 CON 0 0 2 761 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:38:47.481244 0.000000 udp 10.0.2.19 1701 -> 217.9.154.197 3207 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:38:54.136742 0.000000 udp 10.0.2.19 1701 -> 89.214.92.208 23198 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:00.125770 0.313264 udp 10.0.2.19 1701 <-> 189.135.183.152 1728 CON 0 0 2 654 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:39:00.594799 0.000000 udp 10.0.2.19 1701 -> 109.148.188.0 7741 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:06.694659 0.108142 udp 10.0.2.19 1701 <-> 109.93.140.11 27958 CON 0 0 2 724 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:39:06.951189 0.269303 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:39:07.267578 0.000000 udp 10.0.2.19 1701 -> 190.56.253.100 23899 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:14.135570 0.000000 udp 10.0.2.19 1701 -> 76.69.138.127 23240 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:22.447388 0.000000 udp 10.0.2.19 1701 -> 105.228.145.211 2200 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:27.214369 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:39:27.504580 0.000000 udp 10.0.2.19 1701 -> 66.2.156.19 17657 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:34.825789 0.278983 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:39:35.834584 0.137027 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:39:36.012652 0.176711 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:39:36.230487 0.300966 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 668 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:39:36.563316 0.000000 udp 10.0.2.19 1701 -> 88.172.186.28 4830 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:43.798033 0.000000 udp 10.0.2.19 1701 -> 196.210.231.100 3370 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:49.907422 0.000000 udp 10.0.2.19 1701 -> 186.158.193.82 3002 INT 0 1 298 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:39:58.238689 0.000000 udp 10.0.2.19 1701 -> 109.80.15.32 24073 INT 0 1 293 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:03.205911 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:40:06.420647 0.164275 udp 10.0.2.19 1701 <-> 85.75.38.248 22106 CON 0 0 2 836 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:40:06.690485 0.000000 udp 10.0.2.19 1701 -> 217.65.190.144 3466 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:13.801500 0.000000 udp 10.0.2.19 1701 -> 69.146.8.154 5329 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:17.496580 3.004387 tcp 10.0.2.19 49711 -> 90.156.118.144 5237 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 00:40:22.083307 0.000000 udp 10.0.2.19 1701 -> 109.193.149.63 4772 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:26.192303 0.003496 tcp 10.0.2.19 49711 -> 90.156.118.144 5237 PA_SA 0 0 8 1145 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:40:28.081843 0.000000 udp 10.0.2.19 1701 -> 78.155.171.95 3191 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:33.600392 0.007693 tcp 10.0.2.19 49711 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 00:40:33.859948 0.000000 udp 10.0.2.19 1701 -> 204.155.61.5 11520 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:40.459440 0.000000 udp 10.0.2.19 1701 -> 76.76.136.162 2048 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:47.669831 0.000000 udp 10.0.2.19 1701 -> 190.37.233.106 14180 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:40:55.340780 0.288604 udp 10.0.2.19 1701 <-> 196.210.104.179 28353 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:40:55.851880 0.000000 udp 10.0.2.19 1701 -> 62.97.35.111 8754 INT 0 1 311 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:02.351304 0.279559 udp 10.0.2.19 1701 -> 190.43.15.169 27914 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:02.630863 0.000000 icmp 190.43.15.169 0x0303 -> 10.0.2.19 0x0a6d URP 192 1 125 flow=Background 1970/01/02 00:41:07.278018 0.000139 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:41:11.094190 0.345493 udp 10.0.2.19 1701 <-> 177.189.51.187 8045 CON 0 0 2 723 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:41:11.498288 0.273170 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:41:12.008801 0.000000 udp 10.0.2.19 1701 -> 99.160.148.158 2608 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:17.042446 0.000000 udp 10.0.2.19 1701 -> 105.236.104.33 8366 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:24.412881 0.000000 udp 10.0.2.19 1701 -> 82.106.107.14 9499 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:32.414498 0.000000 udp 10.0.2.19 1701 -> 200.61.30.24 3803 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:40.155931 0.000000 udp 10.0.2.19 1701 -> 74.89.55.16 3222 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:44.851718 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:41:46.093771 0.000000 udp 10.0.2.19 1701 -> 87.25.211.21 8660 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:51.111631 0.000000 udp 10.0.2.19 1701 -> 198.57.81.145 7707 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:41:57.259791 0.000000 udp 10.0.2.19 1701 -> 46.49.37.241 1929 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:04.410037 0.000000 udp 10.0.2.19 1701 -> 206.108.130.250 2185 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:11.951327 0.000000 udp 10.0.2.19 1701 -> 190.233.116.80 23336 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:18.099840 0.171184 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 675 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:42:18.281282 0.111798 udp 10.0.2.19 1701 <-> 95.77.231.101 4013 CON 0 0 2 759 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:42:18.403286 0.000000 udp 10.0.2.19 1701 -> 216.58.78.249 3090 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:22.846757 0.000184 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:42:26.842923 0.000000 udp 10.0.2.19 1701 -> 173.200.130.5 4744 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:32.961513 0.122656 udp 10.0.2.19 1701 <-> 46.237.70.170 5857 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:42:33.401645 0.261237 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:42:33.740294 0.000000 udp 10.0.2.19 1701 -> 79.183.105.68 7938 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:39.581138 0.000000 udp 10.0.2.19 1701 -> 99.67.62.130 8458 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:45.599942 0.000000 udp 10.0.2.19 1701 -> 77.64.9.183 5425 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:53.721125 0.000000 udp 10.0.2.19 1701 -> 64.73.241.194 4311 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:42:58.347364 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:43:01.853061 0.000000 udp 10.0.2.19 1701 -> 95.243.180.176 9627 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:09.193981 0.238773 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 699 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:43:09.462634 0.000000 udp 10.0.2.19 1701 -> 118.97.95.18 26528 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:17.345046 0.000000 udp 10.0.2.19 1701 -> 203.59.98.143 6168 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:25.066336 0.361110 udp 10.0.2.19 1701 <-> 117.198.86.63 8552 CON 0 0 2 676 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 00:43:25.581036 0.000000 udp 10.0.2.19 1701 -> 176.73.219.254 8851 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:32.747643 0.000000 udp 10.0.2.19 1701 -> 78.162.78.229 5709 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:37.353755 0.000168 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:43:38.525725 0.000000 udp 10.0.2.19 1701 -> 213.131.39.246 6989 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:45.435876 0.000000 udp 10.0.2.19 1701 -> 186.176.133.96 5278 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:50.453173 0.000000 udp 10.0.2.19 1701 -> 186.91.137.209 8093 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:43:56.321270 0.000000 udp 10.0.2.19 1701 -> 74.137.45.123 4774 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:44:03.581725 0.000000 udp 10.0.2.19 1701 -> 36.76.158.188 12174 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:44:08.669108 0.000000 udp 10.0.2.19 1701 -> 82.226.153.179 9569 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:44:13.355969 0.000120 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 00:44:13.468369 3.001592 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 00:44:17.171633 0.000000 udp 10.0.2.19 1701 -> 118.97.122.157 5626 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:44:20.476132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:44:24.952219 0.000000 udp 10.0.2.19 1701 -> 71.252.146.27 7407 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:44:28.477501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:44:31.451449 0.000000 udp 10.0.2.19 1701 -> 190.90.122.248 10626 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 00:44:44.480571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:45:16.486375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:51:20.494204 2.999472 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 00:51:27.499622 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:51:36.793678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:51:52.796135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:52:24.802283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:58:28.809971 2.999932 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 00:58:35.815992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:58:43.817138 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:58:59.820026 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 00:59:31.826305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:05:35.834005 3.000238 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 01:05:42.839488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:05:50.841401 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:06:06.843988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:06:38.850599 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:10:34.319467 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 01:10:34.319861 1.630669 tcp 10.0.2.19 49712 -> 90.156.118.144 5237 SPA_* 0 0 9 1023 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:10:44.085896 0.201295 tcp 10.0.2.19 49712 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:12:42.857955 2.999634 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 01:12:49.863705 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:12:57.865396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:13:13.867818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:13:45.874360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:14:57.197126 0.000157 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 01:14:57.197436 0.165956 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:57.363974 0.220870 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:57.585413 0.298253 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:57.884331 0.461138 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:58.346068 0.224970 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:58.571646 0.239981 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:58.812226 0.162000 udp 10.0.2.19 1701 <-> 94.68.238.16 18670 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:58.974802 0.409607 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:59.385025 0.151939 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:59.537516 0.156158 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:14:59.694389 0.525387 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:00.220406 0.121040 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:00.342015 0.132456 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:00.475073 0.153111 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:00.628814 0.323388 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:00.952780 0.241382 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:01.194808 0.000000 udp 10.0.2.19 1701 -> 78.177.70.33 5375 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:15:17.460495 0.172781 tcp 10.0.2.19 49713 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:15:17.633531 0.219632 tcp 10.0.2.19 49714 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:15:17.854923 0.303774 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:18.159286 0.285999 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:18.445898 1.063436 udp 10.0.2.19 1701 <-> 188.169.27.248 16896 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:19.509928 0.000000 udp 10.0.2.19 1701 -> 78.173.238.41 22369 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:15:34.622620 0.166558 tcp 10.0.2.19 49715 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:15:34.788806 0.200466 tcp 10.0.2.19 49716 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:15:34.990410 0.142757 udp 10.0.2.19 1701 <-> 78.92.75.150 4736 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:35.133728 0.470318 udp 10.0.2.19 1701 <-> 49.49.17.72 22323 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:35.604653 0.343325 udp 10.0.2.19 1701 <-> 187.208.123.138 8651 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:35.948523 0.302490 udp 10.0.2.19 1701 <-> 189.135.183.152 1728 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:36.251578 0.099691 udp 10.0.2.19 1701 <-> 109.93.140.11 27958 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:36.351813 0.273061 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:36.625469 0.260139 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:36.886357 0.297025 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:37.183930 0.169538 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:37.353797 0.130758 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:15:37.485110 0.000000 udp 10.0.2.19 1701 -> 85.75.38.248 22106 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:15:53.199704 0.175966 tcp 10.0.2.19 49717 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:15:53.375951 0.203626 tcp 10.0.2.19 49718 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:15:53.580559 0.000000 udp 10.0.2.19 1701 -> 196.210.104.179 28353 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:16:12.056307 0.191151 tcp 10.0.2.19 49719 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:16:12.247993 0.205573 tcp 10.0.2.19 49720 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:16:12.454729 0.356463 udp 10.0.2.19 1701 <-> 177.189.51.187 8045 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:16:12.811795 0.264343 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:16:13.076707 0.114536 udp 10.0.2.19 1701 <-> 95.77.231.101 4013 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:16:13.191811 0.167062 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:16:13.359409 0.118991 udp 10.0.2.19 1701 <-> 46.237.70.170 5857 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:16:13.478963 0.256503 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:16:13.736098 0.238066 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:16:13.975147 0.000000 udp 10.0.2.19 1701 -> 117.198.86.63 8552 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:16:31.093844 0.179231 tcp 10.0.2.19 49721 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:16:31.273452 0.220241 tcp 10.0.2.19 49722 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:19:49.881278 3.001038 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 01:19:56.887581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:20:04.888774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:20:20.892172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:20:52.898315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:26:56.906081 2.999892 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 01:27:03.911731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:27:11.912634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:27:27.916001 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:27:59.921950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:34:03.929851 2.999919 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 01:34:10.935316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:34:18.936962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:34:34.939856 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:35:06.946339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:40:44.291805 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 01:40:44.291996 1.544525 tcp 10.0.2.19 49723 -> 90.156.118.144 5237 SPA_* 0 0 9 1108 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:40:52.771178 0.655708 tcp 10.0.2.19 49723 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:41:10.953401 3.000302 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 01:41:17.959112 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:41:25.960788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:41:41.964226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:42:13.969905 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:46:46.873194 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 01:46:46.946867 0.151652 udp 10.0.2.19 1701 -> 78.177.70.33 5375 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:46:47.098519 0.000000 icmp 78.177.70.33 0x0303 -> 10.0.2.19 0xff14 URP 192 1 126 flow=Background 1970/01/02 01:47:03.521159 0.205847 tcp 10.0.2.19 49724 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:03.727592 0.209056 tcp 10.0.2.19 49725 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:03.937214 0.000000 udp 10.0.2.19 1701 -> 78.173.238.41 22369 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:47:19.612318 0.172996 tcp 10.0.2.19 49726 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:19.785793 0.217130 tcp 10.0.2.19 49727 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:20.003856 0.000000 udp 10.0.2.19 1701 -> 85.75.38.248 22106 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:47:38.588729 0.209387 tcp 10.0.2.19 49728 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:38.797925 0.198694 tcp 10.0.2.19 49729 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:38.997668 0.000000 udp 10.0.2.19 1701 -> 196.210.104.179 28353 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:47:54.301473 0.285946 tcp 10.0.2.19 49730 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:54.587969 0.204140 tcp 10.0.2.19 49731 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:47:54.793056 0.000000 udp 10.0.2.19 1701 -> 117.198.86.63 8552 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:48:12.868370 0.168243 tcp 10.0.2.19 49732 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:48:13.037100 0.238631 tcp 10.0.2.19 49733 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:48:13.276686 0.160665 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:13.437894 0.200585 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:13.639033 0.377468 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:14.017082 0.324116 udp 10.0.2.19 1701 <-> 189.231.69.224 18202 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:14.341759 0.224807 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:14.567176 0.000000 udp 10.0.2.19 1701 -> 94.68.238.16 18670 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:48:17.975985 3.001483 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 01:48:24.983309 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:48:31.944666 0.173431 tcp 10.0.2.19 49734 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:48:32.117994 0.380988 tcp 10.0.2.19 49735 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:48:32.499519 0.203192 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:32.703165 0.666077 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:32.984491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:48:33.369604 0.235945 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:33.605940 0.132901 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:33.739198 0.228437 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:33.968033 0.179525 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:34.147911 0.121905 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:34.270467 0.513711 udp 10.0.2.19 1701 <-> 1.4.149.160 13795 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:34.784523 0.295838 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:35.080756 0.325109 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:35.406385 0.297510 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:35.704319 0.126389 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:48:35.831046 0.000000 udp 10.0.2.19 1701 -> 188.169.27.248 16896 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:48:48.988085 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:48:50.992641 0.175271 tcp 10.0.2.19 49736 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:48:51.168445 0.227357 tcp 10.0.2.19 49737 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:48:51.396754 0.000000 udp 10.0.2.19 1701 -> 78.92.75.150 4736 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:49:06.745575 0.189033 tcp 10.0.2.19 49738 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:49:06.934521 0.204834 tcp 10.0.2.19 49739 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:49:07.140296 0.490242 udp 10.0.2.19 1701 <-> 49.49.17.72 22323 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:07.631134 0.000000 udp 10.0.2.19 1701 -> 189.135.183.152 1728 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:49:20.994053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:49:26.124116 0.166056 tcp 10.0.2.19 49740 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:49:26.290663 0.218696 tcp 10.0.2.19 49741 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:49:26.510318 0.105046 udp 10.0.2.19 1701 <-> 109.93.140.11 27958 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:26.615896 0.271157 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:26.887671 0.342210 udp 10.0.2.19 1701 <-> 187.208.123.138 8651 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:27.230591 0.126033 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:27.357204 0.167954 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:27.525714 0.321722 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:27.848002 0.262071 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:28.110712 0.162928 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:28.274290 0.118902 udp 10.0.2.19 1701 <-> 46.237.70.170 5857 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:28.393749 0.000000 udp 10.0.2.19 1701 -> 95.77.231.101 4013 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:49:46.343084 0.168401 tcp 10.0.2.19 49742 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:49:46.511768 0.198529 tcp 10.0.2.19 49743 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:49:46.710847 0.273614 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:49:46.984899 0.000000 udp 10.0.2.19 1701 -> 177.189.51.187 8045 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 01:50:05.431695 0.187972 tcp 10.0.2.19 49744 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:50:05.619920 0.202469 tcp 10.0.2.19 49745 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/02 01:50:05.823390 0.326723 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:50:06.150710 0.230760 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 01:55:25.001456 2.999947 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 01:55:32.009021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:55:40.009297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:55:56.013533 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 01:56:28.017585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:02:32.026377 2.999257 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 02:02:39.031681 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:02:47.033112 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:03:03.036189 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:03:35.041917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:09:39.050331 2.999395 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 02:09:46.055512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:09:54.057062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:10:10.060048 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:10:42.145829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:10:53.462909 0.000197 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 02:10:53.463255 1.584519 tcp 10.0.2.19 49746 -> 90.156.118.144 5237 SPA_* 0 0 9 1104 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:11:02.868483 0.037135 tcp 10.0.2.19 49746 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:16:46.154175 2.999542 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 02:16:53.159538 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:17:01.161197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:17:17.163941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:17:49.170265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:20:15.901127 0.000214 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 02:20:15.901532 0.000000 udp 10.0.2.19 1701 -> 94.68.238.16 18670 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:20:32.979863 0.045731 tcp 10.0.2.19 49747 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:20:33.026034 0.078508 tcp 10.0.2.19 49748 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:20:33.105589 0.000000 udp 10.0.2.19 1701 -> 188.169.27.248 16896 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:20:51.113279 0.045935 tcp 10.0.2.19 49749 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:20:51.159529 0.072270 tcp 10.0.2.19 49750 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:20:51.232696 0.000000 udp 10.0.2.19 1701 -> 78.92.75.150 4736 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:21:09.549807 0.045815 tcp 10.0.2.19 49751 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:21:09.596124 0.073107 tcp 10.0.2.19 49752 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:21:09.670378 0.000000 udp 10.0.2.19 1701 -> 189.135.183.152 1728 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:21:25.523653 0.045084 tcp 10.0.2.19 49753 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:21:25.569180 0.075290 tcp 10.0.2.19 49754 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:21:25.645450 0.000000 udp 10.0.2.19 1701 -> 177.189.51.187 8045 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:21:42.678196 0.046219 tcp 10.0.2.19 49755 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:21:42.724831 0.076906 tcp 10.0.2.19 49756 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:21:42.802861 0.000000 udp 10.0.2.19 1701 -> 95.77.231.101 4013 INT 0 1 111 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:22:01.595503 0.045148 tcp 10.0.2.19 49757 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:01.641077 0.074828 tcp 10.0.2.19 49758 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:01.716831 0.057095 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:01.774611 0.165648 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:01.940871 0.099876 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:02.041234 0.282772 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:02.324614 0.000000 udp 10.0.2.19 1701 -> 189.231.69.224 18202 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:22:19.781505 0.046152 tcp 10.0.2.19 49759 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:19.828022 0.080448 tcp 10.0.2.19 49760 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:19.909421 0.181647 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:20.091702 0.000000 udp 10.0.2.19 1701 -> 83.235.18.68 15180 INT 0 1 95 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:22:35.503839 0.045365 tcp 10.0.2.19 49761 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:35.549667 0.079912 tcp 10.0.2.19 49762 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:35.630505 0.000000 udp 10.0.2.19 1701 -> 189.242.78.118 4510 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:22:52.498697 0.045894 tcp 10.0.2.19 49763 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:52.544984 0.076445 tcp 10.0.2.19 49764 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:22:52.622396 0.058017 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:52.680972 0.091552 udp 10.0.2.19 1701 <-> 41.104.81.106 18734 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:52.773015 0.051774 udp 10.0.2.19 1701 <-> 93.75.11.60 6760 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:52.825332 0.077499 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:22:52.903376 0.000000 udp 10.0.2.19 1701 -> 1.4.149.160 13795 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:23:11.826188 0.046786 tcp 10.0.2.19 49765 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:23:11.873345 0.074547 tcp 10.0.2.19 49766 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:23:11.948790 0.221228 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:12.170626 0.181244 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:12.352416 0.228731 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:12.581735 0.072311 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:12.654616 0.000000 udp 10.0.2.19 1701 -> 49.49.17.72 22323 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:23:29.131347 0.045444 tcp 10.0.2.19 49767 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:23:29.177191 0.080781 tcp 10.0.2.19 49768 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:23:29.259042 0.000000 udp 10.0.2.19 1701 -> 109.93.140.11 27958 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:23:47.627346 0.048135 tcp 10.0.2.19 49769 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:23:47.675624 0.071708 tcp 10.0.2.19 49770 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:23:47.747943 0.094357 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:47.842599 0.073494 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:47.916421 0.222801 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:48.139629 0.332034 udp 10.0.2.19 1701 <-> 187.208.123.138 8651 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:48.472121 0.225160 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:48.697700 0.151455 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:48.849493 0.089425 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:23:48.939325 0.000000 udp 10.0.2.19 1701 -> 46.237.70.170 5857 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:23:53.175214 3.001998 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 02:24:00.182914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:24:06.985580 0.047248 tcp 10.0.2.19 49771 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:24:07.033272 0.072885 tcp 10.0.2.19 49772 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:24:07.107063 0.214321 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:24:07.321951 0.211984 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:24:07.534867 0.149685 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:24:08.184598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:24:24.187468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:24:56.193696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:31:00.201628 3.000009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 02:31:07.206917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:31:15.208768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:31:31.212067 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:32:03.217734 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:38:07.225265 3.000645 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 02:38:14.231556 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:38:22.232419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:38:38.235718 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:39:10.241490 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:41:02.904482 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 02:41:02.904772 1.539147 tcp 10.0.2.19 49773 -> 90.156.118.144 5237 SPA_* 0 0 9 1073 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:41:10.833125 0.139277 tcp 10.0.2.19 49773 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:45:14.249697 3.000096 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 02:45:21.255148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:45:29.437352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:45:45.439715 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:46:17.446224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:52:21.453843 3.000053 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 02:52:28.459598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:52:36.460721 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:52:52.463637 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:53:24.469920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:54:15.193159 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 02:54:15.193457 0.000000 udp 10.0.2.19 1701 -> 189.231.69.224 18202 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:54:33.093584 0.045382 tcp 10.0.2.19 49774 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:54:33.139405 0.080731 tcp 10.0.2.19 49775 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:54:33.221049 0.067344 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:54:33.288999 1.024944 udp 10.0.2.19 1701 <-> 189.242.78.118 4510 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:54:34.314560 0.000000 udp 10.0.2.19 1701 -> 1.4.149.160 13795 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:54:52.888314 0.045903 tcp 10.0.2.19 49776 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:54:52.934412 0.077837 tcp 10.0.2.19 49777 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:54:53.012792 0.000000 udp 10.0.2.19 1701 -> 49.49.17.72 22323 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:55:12.007298 0.045760 tcp 10.0.2.19 49778 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:55:12.053492 0.073049 tcp 10.0.2.19 49779 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:55:12.127452 0.000000 udp 10.0.2.19 1701 -> 109.93.140.11 27958 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:55:29.712531 0.046493 tcp 10.0.2.19 49780 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:55:29.759457 0.074276 tcp 10.0.2.19 49781 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:55:29.834681 0.000000 udp 10.0.2.19 1701 -> 46.237.70.170 5857 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:55:48.489402 0.046286 tcp 10.0.2.19 49782 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:55:48.536167 0.077103 tcp 10.0.2.19 49783 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:55:48.614245 0.094709 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:55:48.709477 0.283165 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:55:48.993026 0.057540 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:55:49.050965 0.165163 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:55:49.216699 0.192899 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:55:49.410235 0.000000 udp 10.0.2.19 1701 -> 41.104.81.106 18734 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:56:07.455392 0.045342 tcp 10.0.2.19 49784 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:56:07.500990 0.077763 tcp 10.0.2.19 49785 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:56:07.579455 0.078890 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:07.658944 0.058002 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:07.717444 0.000000 udp 10.0.2.19 1701 -> 93.75.11.60 6760 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:56:23.579679 0.046518 tcp 10.0.2.19 49786 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:56:23.626590 0.073499 tcp 10.0.2.19 49787 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:56:23.701005 0.186133 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:23.887633 0.277124 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:24.165325 0.074522 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:24.240372 0.181044 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:24.421996 0.225476 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:24.648070 0.000000 udp 10.0.2.19 1701 -> 187.208.123.138 8651 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 02:56:43.128337 0.046175 tcp 10.0.2.19 49788 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:56:43.174936 0.075573 tcp 10.0.2.19 49789 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 02:56:43.251014 0.090326 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:43.341857 0.073523 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:43.415952 0.149491 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:43.566168 0.189774 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:43.756350 0.089895 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:43.846877 0.222845 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:44.070357 0.200124 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:56:44.271022 0.149506 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 02:59:28.477640 3.000111 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 02:59:35.483881 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:59:43.484810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 02:59:59.487702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:00:31.493628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:06:35.501809 2.999438 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 03:06:42.507208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:06:50.509104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:07:06.511818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:07:38.518372 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:11:11.054370 0.000143 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:11:11.054664 1.611663 tcp 10.0.2.19 49790 -> 90.156.118.144 5237 SPA_* 0 0 9 1251 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:11:22.153662 0.022479 tcp 10.0.2.19 49790 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:13:42.525480 2.999836 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 03:13:49.531404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:13:57.552827 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:14:13.556032 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:14:45.562380 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:20:49.569107 3.000111 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 03:20:56.575297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:21:04.576737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:21:20.580118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:21:52.586231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:27:14.099009 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:27:14.201712 0.000000 udp 10.0.2.19 1701 -> 41.104.81.106 18734 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:27:30.185930 0.045921 tcp 10.0.2.19 49791 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:27:30.232297 0.075596 tcp 10.0.2.19 49792 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:27:30.308855 0.000000 udp 10.0.2.19 1701 -> 93.75.11.60 6760 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:27:47.137974 0.047181 tcp 10.0.2.19 49793 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:27:47.185393 0.072301 tcp 10.0.2.19 49794 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:27:47.258329 0.000000 udp 10.0.2.19 1701 -> 187.208.123.138 8651 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:27:56.593284 3.000439 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 03:28:03.599200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:28:04.763218 0.045789 tcp 10.0.2.19 49795 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:04.809443 0.073894 tcp 10.0.2.19 49796 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:04.884282 0.000000 udp 10.0.2.19 1701 -> 83.235.18.68 15180 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:28:11.600992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:28:22.328229 0.059626 tcp 10.0.2.19 49797 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:22.388257 0.077301 tcp 10.0.2.19 49798 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:22.466590 0.000000 udp 10.0.2.19 1701 -> 189.242.78.118 4510 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:28:27.604124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:28:38.091456 0.045451 tcp 10.0.2.19 49799 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:38.137348 0.079926 tcp 10.0.2.19 49800 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:38.218459 0.093207 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:38.312261 0.337679 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:38.650673 0.179983 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:38.831231 0.000000 udp 10.0.2.19 1701 -> 108.234.133.110 8387 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:28:56.708295 0.046426 tcp 10.0.2.19 49801 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:56.755148 0.076204 tcp 10.0.2.19 49802 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:28:56.832258 0.058040 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:56.890865 0.058697 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:56.950334 0.079918 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:57.030776 0.070969 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:57.102299 0.177488 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:57.280328 0.222933 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:57.503836 0.455685 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:57.959910 0.346250 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:58.306525 0.156666 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:58.463695 0.094578 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:58.558837 0.072325 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:58.631655 0.225082 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:58.857305 0.213065 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:59.070964 0.149657 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:59.221155 0.188749 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:59.410660 0.085220 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:59.609492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:28:59.667099 0.075117 udp 10.0.2.19 1701 <-> 83.235.18.68 15180 CON 0 0 2 824 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:28:59.742843 0.000000 udp 10.0.2.19 1701 -> 189.242.78.118 4510 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:07.541133 0.166231 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 856 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:07.708286 0.359702 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 842 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.068853 0.099901 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 674 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.169449 0.177466 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 862 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.347727 0.057535 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 798 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.405895 0.062766 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 766 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.469240 0.085370 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 653 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.555211 0.064819 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 762 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.620594 0.186302 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 725 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:08.807681 0.227035 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 854 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:09.035375 0.396821 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 803 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:09.432869 0.147335 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 811 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:09.580798 0.094751 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 687 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:09.676202 0.080206 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 776 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:09.757038 0.299944 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 769 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:10.057675 0.226756 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 726 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:10.285218 0.211916 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 808 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:10.497843 0.149982 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 736 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:10.648528 0.195065 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 692 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:10.844353 0.098847 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 849 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:10.943832 0.000000 udp 10.0.2.19 1701 -> 69.250.199.8 3661 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:18.157223 0.000000 udp 10.0.2.19 1701 -> 121.217.72.166 2718 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:24.265756 0.000000 udp 10.0.2.19 1701 -> 41.103.110.113 17611 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:29.312988 0.386118 udp 10.0.2.19 1701 <-> 181.117.66.104 5675 CON 0 0 2 667 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:29.745647 0.000000 udp 10.0.2.19 1701 -> 198.2.5.106 2852 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:34.098983 0.000140 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:29:37.013786 0.167673 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 685 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:37.227765 0.000000 udp 10.0.2.19 1701 -> 177.156.122.62 7153 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:44.414323 0.000000 udp 10.0.2.19 1701 -> 188.235.76.4 7273 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:49.641865 0.000000 udp 10.0.2.19 1701 -> 189.147.182.182 6554 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:29:57.423145 0.304710 udp 10.0.2.19 1701 <-> 187.232.5.137 12298 CON 0 0 2 791 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:29:58.089118 0.000000 udp 10.0.2.19 1701 -> 166.102.225.140 7759 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:04.333000 0.169978 udp 10.0.2.19 1701 -> 70.46.210.10 5091 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:04.502978 0.000000 icmp 70.46.210.10 0x0303 -> 10.0.2.19 0xe313 URP 192 1 154 flow=Background 1970/01/02 03:30:09.099671 0.000145 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:30:10.361767 0.000000 udp 10.0.2.19 1701 -> 181.37.188.110 22122 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:19.304131 0.000000 udp 10.0.2.19 1701 -> 201.248.68.241 22025 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:24.942893 0.000000 udp 10.0.2.19 1701 -> 139.195.58.96 5959 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:33.715351 0.000000 udp 10.0.2.19 1701 -> 41.178.233.253 3546 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:41.496365 3.301822 udp 10.0.2.19 1701 -> 200.43.222.66 9974 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:44.798187 0.000000 icmp 200.43.222.66 0x0103 -> 10.0.2.19 0xc82b URH 192 1 165 flow=Background 1970/01/02 03:30:46.102862 0.000187 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:30:46.583815 0.000000 udp 10.0.2.19 1701 -> 190.113.108.237 5229 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:52.011916 0.303779 udp 10.0.2.19 1701 <-> 76.232.9.206 4792 CON 0 0 2 853 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:30:52.342916 0.375470 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:30:52.841791 0.000000 udp 10.0.2.19 1701 -> 94.71.138.33 11562 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:30:52.930962 0.000000 udp 10.0.2.2 12393 -> 10.0.2.19 1701 INT 0 1 547 flow=Background 1970/01/02 03:30:53.319412 0.381949 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 667 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:30:54.036330 0.196831 udp 10.0.2.19 1701 <-> 2.136.52.21 20658 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:30:54.268884 0.000000 udp 10.0.2.19 1701 -> 24.33.151.168 2815 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:02.236346 0.000000 udp 10.0.2.19 1701 -> 96.56.118.106 4157 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:08.916195 0.000000 udp 10.0.2.19 1701 -> 41.104.81.106 18734 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:15.115790 0.050157 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:31:15.275724 0.000000 udp 10.0.2.19 1701 -> 76.69.138.127 23240 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:20.101855 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:31:23.497157 0.000000 udp 10.0.2.19 1701 -> 58.92.142.51 2334 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:31.357864 0.000000 udp 10.0.2.19 1701 -> 109.80.15.32 24073 INT 0 1 299 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:38.119325 1.000970 udp 10.0.2.19 1701 <-> 125.167.168.6 22243 CON 0 0 2 751 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:31:39.181468 0.304092 udp 10.0.2.19 1701 <-> 221.127.137.33 4931 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:31:39.621943 0.000000 udp 10.0.2.19 1701 -> 202.191.232.162 6041 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:46.880657 0.000000 udp 10.0.2.19 1701 -> 83.198.175.145 6766 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:53.389880 0.000000 udp 10.0.2.19 1701 -> 87.7.104.86 5858 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:31:58.096313 0.000180 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:32:00.289635 0.000000 udp 10.0.2.19 1701 -> 82.106.107.14 9499 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:08.601571 0.000000 udp 10.0.2.19 1701 -> 87.25.211.21 8660 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:14.470241 0.054407 udp 10.0.2.19 1701 <-> 78.154.84.83 1134 CON 0 0 2 801 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:32:14.546723 0.000000 udp 10.0.2.19 1701 -> 62.97.35.111 8754 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:20.899061 0.273412 udp 10.0.2.19 1701 <-> 190.40.169.168 16086 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:32:21.184973 0.000000 udp 10.0.2.19 1701 -> 213.131.39.246 6989 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:28.180173 0.075899 udp 10.0.2.19 1701 -> 95.42.171.118 8372 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:28.256072 0.000000 icmp 95.42.171.118 0x0303 -> 10.0.2.19 0xb420 URP 192 1 184 flow=Background 1970/01/02 03:32:33.096582 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:32:34.027975 0.000000 udp 10.0.2.19 1701 -> 110.142.148.22 9764 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:41.810209 0.226797 udp 10.0.2.19 1701 <-> 190.222.222.140 8632 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:32:42.128155 0.000000 udp 10.0.2.19 1701 -> 186.81.12.202 2387 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:47.347354 0.000000 udp 10.0.2.19 1701 -> 112.104.67.214 2715 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:32:54.217757 0.000000 udp 10.0.2.19 1701 -> 84.0.20.96 2977 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:00.106324 0.294167 udp 10.0.2.19 1701 <-> 201.102.120.85 5220 CON 0 0 2 851 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:33:00.451137 0.326165 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:33:00.852272 0.000000 udp 10.0.2.19 1701 -> 177.227.151.150 9547 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:07.686476 0.000000 udp 10.0.2.19 1701 -> 94.138.187.77 7488 INT 0 1 251 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:12.603492 0.000171 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:33:14.096209 0.000000 udp 10.0.2.19 1701 -> 124.8.2.27 1391 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:19.533505 0.000000 udp 10.0.2.19 1701 -> 190.79.75.84 6781 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:19.728781 0.000000 udp 10.0.2.2 36525 -> 10.0.2.19 1701 INT 0 1 542 flow=Background 1970/01/02 03:33:20.019753 0.000000 udp 10.0.2.19 1701 -> 190.233.116.80 23336 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:26.013291 0.000000 udp 10.0.2.19 1701 -> 173.200.130.5 4744 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:34.355274 0.000000 udp 10.0.2.19 1701 -> 186.176.133.96 5319 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:33:34.600924 0.000000 udp 10.0.2.2 5342 -> 10.0.2.19 1701 INT 0 1 542 flow=Background 1970/01/02 03:33:34.638977 0.218605 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 03:33:35.185177 0.000000 udp 10.0.2.19 1701 -> 180.245.135.238 19484 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 03:35:03.615707 3.001496 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 03:35:10.622922 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:35:18.625008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:35:34.628115 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:36:06.633555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:41:22.178296 0.000136 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 03:41:22.178583 4.591638 tcp 10.0.2.19 49803 -> 90.156.118.144 5237 SPA_* 0 0 10 1126 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:41:33.196423 0.164265 tcp 10.0.2.19 49803 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 03:42:10.641182 3.000426 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 03:42:17.647251 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:42:25.649059 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:42:41.651439 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:43:13.657936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:49:17.665719 2.999905 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 03:49:24.671301 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:49:32.672337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:49:48.675878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:50:20.681513 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:56:24.687279 3.002131 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 03:56:31.695583 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:56:39.696598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:56:55.699932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 03:57:27.705576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:03:31.711572 3.002053 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 04:03:38.719310 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:03:43.126434 0.000116 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 04:03:43.126750 0.000000 udp 10.0.2.19 1701 -> 83.235.18.68 15180 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:03:46.720918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:04:00.544962 0.046652 tcp 10.0.2.19 49804 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:00.592068 0.079625 tcp 10.0.2.19 49805 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:00.672617 0.165961 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:00.839116 0.289153 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.128830 0.097043 udp 10.0.2.19 1701 <-> 78.163.112.113 11787 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.226379 0.285714 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.512686 0.055824 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.568988 0.059143 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.628635 0.079494 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.708695 0.086668 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.795911 0.179688 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:01.976133 0.223309 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:02.199979 0.251902 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:02.452447 0.155198 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:02.608247 0.090165 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:02.698928 0.149471 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:02.724177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:04:02.848957 0.073996 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:02.923496 0.272587 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:03.196649 0.224997 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:03.422223 0.207540 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:03.630382 0.188597 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:03.819589 0.089597 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:03.909766 0.000000 udp 10.0.2.19 1701 -> 181.117.66.104 5675 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:04:19.329311 0.044919 tcp 10.0.2.19 49806 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:19.374678 0.075583 tcp 10.0.2.19 49807 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:19.451176 0.168454 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:19.620187 0.241199 udp 10.0.2.19 1701 <-> 187.232.5.137 12298 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:19.861786 0.369069 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:20.231269 0.000000 udp 10.0.2.19 1701 -> 76.232.9.206 4792 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:04:34.730058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:04:37.695435 0.045659 tcp 10.0.2.19 49808 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:37.741363 0.075352 tcp 10.0.2.19 49809 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:37.817308 0.000000 udp 10.0.2.19 1701 -> 94.71.138.33 11562 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:04:55.901239 0.046467 tcp 10.0.2.19 49810 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:55.947893 0.073567 tcp 10.0.2.19 49811 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:04:56.021983 0.373951 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:04:56.396362 0.000000 udp 10.0.2.19 1701 -> 2.136.52.21 20658 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:05:14.758567 0.045875 tcp 10.0.2.19 49812 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:05:14.804659 0.074414 tcp 10.0.2.19 49813 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:05:14.879583 0.043373 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:05:14.923277 0.303964 udp 10.0.2.19 1701 <-> 221.127.137.33 4931 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:05:15.227616 1.214435 udp 10.0.2.19 1701 <-> 125.167.168.6 22243 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:05:16.442459 0.000000 udp 10.0.2.19 1701 -> 78.154.84.83 1134 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:05:34.547922 0.046772 tcp 10.0.2.19 49814 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:05:34.595114 0.073096 tcp 10.0.2.19 49815 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:05:34.669152 0.221530 udp 10.0.2.19 1701 <-> 190.40.169.168 16086 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:05:34.891264 0.223754 udp 10.0.2.19 1701 <-> 190.222.222.140 8632 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:05:35.115617 0.000000 udp 10.0.2.19 1701 -> 201.102.120.85 5220 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:05:52.573981 0.046435 tcp 10.0.2.19 49816 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:05:52.620786 0.080470 tcp 10.0.2.19 49817 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:05:52.702485 0.360188 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:05:53.063215 0.186013 udp 10.0.2.19 1701 <-> 190.79.75.84 6781 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:05:53.249748 0.000000 udp 10.0.2.19 1701 -> 186.176.133.96 5319 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:05:53.490907 0.000000 udp 10.0.2.2 5299 -> 10.0.2.19 1701 INT 0 1 177 flow=Background 1970/01/02 04:05:53.491487 0.214599 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:10:38.738753 2.998363 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 04:10:45.743111 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:10:53.744951 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:11:09.747352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:11:33.362054 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 04:11:33.362282 1.594547 tcp 10.0.2.19 49818 -> 90.156.118.144 5237 SPA_* 0 0 9 1223 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:11:41.754081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:11:45.345130 0.052763 tcp 10.0.2.19 49818 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:17:45.761291 2.999988 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 04:17:52.766855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:18:00.768788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:18:16.771946 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:18:48.777268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:24:52.785639 2.999271 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 04:24:59.790862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:25:07.792244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:25:23.795621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:25:55.801773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:31:59.809811 2.999328 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 04:32:06.814802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:32:14.816624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:32:30.819346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:33:02.825597 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:36:09.935315 0.000146 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 04:36:09.935627 0.000000 udp 10.0.2.19 1701 -> 181.117.66.104 5675 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:36:26.123833 0.045818 tcp 10.0.2.19 49819 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:36:26.170274 0.073359 tcp 10.0.2.19 49820 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:36:26.244546 0.000000 udp 10.0.2.19 1701 -> 76.232.9.206 4792 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:36:44.195104 0.046012 tcp 10.0.2.19 49821 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:36:44.241315 0.072023 tcp 10.0.2.19 49822 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:36:44.313860 0.000000 udp 10.0.2.19 1701 -> 94.71.138.33 11562 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:37:00.738929 0.045981 tcp 10.0.2.19 49823 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:00.785107 0.081202 tcp 10.0.2.19 49824 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:00.866833 0.000000 udp 10.0.2.19 1701 -> 2.136.52.21 20658 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:37:19.276443 0.045807 tcp 10.0.2.19 49825 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:19.322713 0.075895 tcp 10.0.2.19 49826 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:19.399178 0.000000 udp 10.0.2.19 1701 -> 78.154.84.83 1134 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:37:37.383197 0.046396 tcp 10.0.2.19 49827 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:37.430038 0.074757 tcp 10.0.2.19 49828 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:37.505718 0.292643 udp 10.0.2.19 1701 <-> 201.102.120.85 5220 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:37.798948 0.262070 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:38.061632 0.000000 udp 10.0.2.19 1701 -> 78.163.112.113 11787 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:37:55.208076 0.046660 tcp 10.0.2.19 49829 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:55.255214 0.077402 tcp 10.0.2.19 49830 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:37:55.333613 0.059478 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:55.393591 0.057182 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:55.451271 0.174929 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:55.626715 0.079651 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:55.707000 0.164866 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:55.872437 0.222511 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:56.095525 0.208703 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:56.304805 0.152126 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:56.457552 0.064014 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:56.522102 0.181377 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:56.704049 0.096833 udp 10.0.2.19 1701 <-> 77.242.59.94 5526 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:56.801464 0.226657 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:57.028770 0.277815 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:57.307184 0.071164 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:57.378951 0.149821 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:57.529449 0.196039 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:37:57.726079 0.000000 udp 10.0.2.19 1701 -> 98.80.247.223 2843 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:38:12.893761 0.046365 tcp 10.0.2.19 49831 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:38:12.940556 0.072188 tcp 10.0.2.19 49832 -> 173.194.70.94 80 SRPA* 0 0 23 15698 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:38:13.013268 0.088475 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:13.102495 0.168784 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:13.271893 0.369820 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:13.642548 0.244572 udp 10.0.2.19 1701 <-> 187.232.5.137 12298 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:13.887766 0.408599 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:14.297013 0.043233 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:14.340771 0.305983 udp 10.0.2.19 1701 <-> 221.127.137.33 4931 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:14.647362 0.961728 udp 10.0.2.19 1701 <-> 125.167.168.6 22243 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:15.609697 0.233337 udp 10.0.2.19 1701 <-> 190.40.169.168 16086 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:15.843698 0.222851 udp 10.0.2.19 1701 <-> 190.222.222.140 8632 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:16.067090 0.000000 udp 10.0.2.19 1701 -> 186.176.133.96 5319 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:38:16.376598 0.000000 udp 10.0.2.2 5407 -> 10.0.2.19 1701 INT 0 1 302 flow=Background 1970/01/02 04:38:16.377151 0.228495 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:16.606457 0.352337 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 04:38:16.959402 0.000000 udp 10.0.2.19 1701 -> 190.79.75.84 6781 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 04:38:17.175577 0.000000 udp 10.0.2.2 46765 -> 10.0.2.19 1701 INT 0 1 234 flow=Background 1970/01/02 04:39:06.833011 2.999816 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 04:39:13.838790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:39:21.840866 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:39:37.843136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:40:09.849963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:41:45.397273 0.000158 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 04:41:45.397595 1.525157 tcp 10.0.2.19 49833 -> 90.156.118.144 5237 SPA_* 0 0 9 1073 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:41:55.951353 0.010123 tcp 10.0.2.19 49833 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 04:46:13.857472 2.999984 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 04:46:20.863093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:46:28.864474 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:46:44.867929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:47:16.873475 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:53:20.881249 3.000130 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 04:53:27.886892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:53:35.888486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:53:51.891403 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 04:54:23.897391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:00:27.904824 2.999950 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 05:00:34.910528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:00:42.912774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:00:58.915216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:01:30.921257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:07:34.929269 3.000129 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 05:07:41.934644 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:07:49.936654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:08:05.939136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:08:35.582319 0.000133 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 05:08:35.582592 0.000000 udp 10.0.2.19 1701 -> 78.163.112.113 11787 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:08:37.945293 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:08:54.271155 0.045786 tcp 10.0.2.19 49834 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:08:54.317397 0.077186 tcp 10.0.2.19 49835 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:08:54.395315 0.186883 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:08:54.582783 0.294330 udp 10.0.2.19 1701 <-> 201.102.120.85 5220 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:08:54.877695 0.263516 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:08:55.141760 0.000000 udp 10.0.2.19 1701 -> 74.166.163.154 9908 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:09:11.195492 0.046653 tcp 10.0.2.19 49836 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:09:11.242629 0.078504 tcp 10.0.2.19 49837 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:09:11.322145 0.080260 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:11.402912 0.057560 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:11.461058 0.056317 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:11.517935 0.220302 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:11.738828 0.186900 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:11.926583 0.067080 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:11.994251 0.215832 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:12.210745 0.148462 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:12.359786 0.205190 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:12.565415 0.232962 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:12.798971 0.075560 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:12.875266 0.149502 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:13.025378 0.196639 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:13.222753 0.221056 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:13.444365 0.000000 udp 10.0.2.19 1701 -> 77.242.59.94 5526 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:09:30.593728 0.046300 tcp 10.0.2.19 49838 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:09:30.640480 0.077864 tcp 10.0.2.19 49839 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:09:30.718866 0.370943 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:31.090559 0.088955 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:31.180099 0.000000 udp 10.0.2.19 1701 -> 24.255.222.240 3529 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:09:47.266390 0.044882 tcp 10.0.2.19 49840 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:09:47.311506 0.075556 tcp 10.0.2.19 49841 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:09:47.387606 0.039542 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:47.427599 0.324974 udp 10.0.2.19 1701 <-> 221.127.137.33 4931 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:09:47.752998 0.000000 udp 10.0.2.19 1701 -> 187.232.5.137 12298 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:10:04.040339 0.045529 tcp 10.0.2.19 49842 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:10:04.086129 0.072963 tcp 10.0.2.19 49843 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:10:04.159671 0.387861 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:10:04.547947 0.979684 udp 10.0.2.19 1701 <-> 125.167.168.6 22243 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:10:05.528013 0.000000 udp 10.0.2.19 1701 -> 186.176.133.96 5319 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:10:24.260103 0.046006 tcp 10.0.2.19 49844 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:10:24.306551 0.075764 tcp 10.0.2.19 49845 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:10:24.383219 0.216420 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:10:24.600265 0.288040 udp 10.0.2.19 1701 <-> 190.40.169.168 16086 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:10:24.888864 0.223272 udp 10.0.2.19 1701 <-> 190.222.222.140 8632 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:10:25.112713 0.347784 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:10:25.461072 0.184766 udp 10.0.2.19 1701 <-> 190.79.75.84 6781 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:11:55.960220 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 05:11:55.960510 1.417804 tcp 10.0.2.19 49846 -> 90.156.118.144 5237 SPA_* 0 0 9 1095 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:12:06.377380 0.017247 tcp 10.0.2.19 49846 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:14:41.952894 3.000455 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 05:14:48.958561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:14:56.960013 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:15:12.963219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:15:44.969633 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:21:48.975100 3.002080 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 05:21:55.982924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:22:03.984515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:22:19.987570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:22:51.993522 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:28:56.000952 3.000316 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 05:29:03.006877 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:29:11.007866 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:29:27.011617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:29:59.017076 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:36:03.024987 2.999977 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 05:36:10.031121 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:36:18.031926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:36:34.034822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:37:06.041471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:40:48.891992 0.000135 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 05:40:48.892325 0.181496 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:40:49.074316 0.000000 udp 10.0.2.19 1701 -> 77.242.59.94 5526 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:41:07.312732 0.046646 tcp 10.0.2.19 49847 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:41:07.359831 0.079786 tcp 10.0.2.19 49848 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:41:07.440561 0.168079 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:07.609186 0.000000 udp 10.0.2.19 1701 -> 187.232.5.137 12298 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:41:23.994322 0.046936 tcp 10.0.2.19 49849 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:41:24.041683 0.077373 tcp 10.0.2.19 49850 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:41:24.120045 0.000000 udp 10.0.2.19 1701 -> 186.176.133.96 5319 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:41:43.111934 0.046489 tcp 10.0.2.19 49851 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:41:43.158872 0.083898 tcp 10.0.2.19 49852 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:41:43.243810 0.190896 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:43.435287 0.211947 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:43.647801 0.290983 udp 10.0.2.19 1701 <-> 201.102.120.85 5220 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:43.939348 0.057783 rtcp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:43.997650 0.057499 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:44.055683 0.080684 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:44.136905 0.226029 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:44.363509 0.073147 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:44.437229 0.150774 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:44.588567 0.164195 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:44.753173 0.189145 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:44.943033 0.183425 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:45.127111 0.149710 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:45.277375 0.226755 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:45.504680 0.085842 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:45.591011 0.216418 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:45.807912 0.213918 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:46.022477 0.417996 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:46.441082 0.088830 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:46.530543 0.045165 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:46.576290 0.323619 udp 10.0.2.19 1701 <-> 221.127.137.33 4931 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:46.900490 0.394092 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:47.295179 0.979108 udp 10.0.2.19 1701 <-> 125.167.168.6 22243 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:48.274661 0.229419 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:48.504658 0.344685 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:48.849969 0.000000 udp 10.0.2.19 1701 -> 190.79.75.84 6781 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:41:49.036173 0.000000 udp 10.0.2.2 33453 -> 10.0.2.19 1701 INT 0 1 167 flow=Background 1970/01/02 05:41:49.036700 0.219286 udp 10.0.2.19 1701 <-> 190.40.169.168 16086 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 05:41:49.256539 0.000000 udp 10.0.2.19 1701 -> 190.222.222.140 8632 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 05:42:05.343858 0.045279 tcp 10.0.2.19 49853 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:42:05.389534 0.075369 tcp 10.0.2.19 49854 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:42:06.393593 1.489449 tcp 10.0.2.19 49855 -> 90.156.118.144 5237 SPA_* 0 0 9 1083 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:42:17.103653 0.012888 tcp 10.0.2.19 49855 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 05:43:10.048185 3.000669 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 05:43:17.054467 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:43:25.055961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:43:41.059279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:44:13.065229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:50:17.070556 3.001921 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 05:50:24.078453 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:50:32.080058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:50:48.082849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:51:20.089429 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:57:24.096858 3.000193 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 05:57:31.103046 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:57:39.104009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:57:55.107040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 05:58:27.114742 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:04:31.122149 2.999708 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 06:04:38.126849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:04:46.128196 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:05:02.130647 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:05:34.137341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:11:38.144960 2.999709 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 06:11:45.150188 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:11:53.151706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:12:09.154866 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:12:17.106506 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 06:12:17.106745 1.333578 tcp 10.0.2.19 49856 -> 90.156.118.144 5237 SPA_* 0 0 9 1037 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:12:24.852516 0.020090 tcp 10.0.2.19 49856 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:12:30.936632 0.000000 udp 10.0.2.19 1701 -> 190.222.222.140 8632 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:12:41.161180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:12:49.667891 0.045548 tcp 10.0.2.19 49857 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:12:49.713952 0.071744 tcp 10.0.2.19 49858 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:12:49.786797 0.178361 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:12:49.965774 0.170907 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:12:50.137199 0.000000 udp 10.0.2.19 1701 -> 98.80.247.223 2843 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:13:08.993329 0.046782 tcp 10.0.2.19 49859 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:13:09.040533 0.072342 tcp 10.0.2.19 49860 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:13:09.113385 0.210160 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:09.324164 0.056081 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:09.380768 0.057965 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:09.439258 0.078101 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:09.517947 0.216230 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:09.734727 0.000000 udp 10.0.2.19 1701 -> 201.102.120.85 5220 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:13:27.869999 0.046930 tcp 10.0.2.19 49861 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:13:27.917381 0.075443 tcp 10.0.2.19 49862 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:13:27.993745 0.147345 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:28.141613 0.068647 udp 10.0.2.19 1701 <-> 79.121.50.50 8485 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:28.210803 0.179687 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:28.391046 0.149660 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:28.541234 0.188477 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:28.730319 0.000000 udp 10.0.2.19 1701 -> 108.234.133.110 8387 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:13:46.947213 0.045251 tcp 10.0.2.19 49863 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:13:46.992662 0.088173 tcp 10.0.2.19 49864 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:13:47.081332 0.071773 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:47.153482 0.225166 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:47.379031 0.392536 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:47.771977 0.087917 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:47.860243 0.043071 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:47.903653 0.216405 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:48.120384 0.208114 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:48.328820 0.408942 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 209 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:13:48.738307 0.000000 udp 10.0.2.19 1701 -> 221.127.137.33 4931 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:14:06.345042 0.045938 tcp 10.0.2.19 49865 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:14:06.391189 0.074695 tcp 10.0.2.19 49866 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:14:06.466555 1.546539 udp 10.0.2.19 1701 <-> 125.167.168.6 22243 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:14:08.013499 0.212942 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:14:08.226874 0.000000 udp 10.0.2.19 1701 -> 190.79.75.84 6781 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:14:08.414215 0.000000 udp 10.0.2.2 40621 -> 10.0.2.19 1701 INT 0 1 157 flow=Background 1970/01/02 06:14:08.414559 0.346760 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:14:08.761674 0.235041 udp 10.0.2.19 1701 <-> 190.40.169.168 16086 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:18:45.166919 3.002319 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 06:18:52.174410 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:19:00.176109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:19:16.179557 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:19:48.184692 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:25:52.192224 3.000394 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 06:25:59.198158 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:26:07.199851 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:26:23.203208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:26:55.209042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:32:59.214666 3.002152 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 06:33:06.222268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:33:14.223992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:33:30.226990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:34:02.233097 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:40:06.240492 2.999926 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 06:40:13.246698 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:40:21.248165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:40:37.250683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:41:09.257198 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:42:24.875952 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 06:42:24.876336 1.581038 tcp 10.0.2.19 49867 -> 90.156.118.144 5237 SPA_* 0 0 9 1004 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:42:42.473259 0.127595 tcp 10.0.2.19 49867 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:44:13.973129 0.000137 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 06:44:13.973431 0.186162 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:44:14.160226 0.000000 udp 10.0.2.19 1701 -> 201.102.120.85 5220 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:44:29.449938 0.045555 tcp 10.0.2.19 49868 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:44:29.495965 0.080100 tcp 10.0.2.19 49869 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:44:29.577053 0.165822 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:44:29.743440 0.000000 udp 10.0.2.19 1701 -> 221.127.137.33 4931 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:44:47.182637 0.046027 tcp 10.0.2.19 49870 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:44:47.229096 0.073618 tcp 10.0.2.19 49871 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:44:47.303625 0.176448 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:44:47.480654 0.000000 udp 10.0.2.19 1701 -> 24.255.222.240 3529 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:45:04.888176 0.044761 tcp 10.0.2.19 49872 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:45:04.933373 0.080575 tcp 10.0.2.19 49873 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:45:05.015045 0.219546 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:05.235182 0.059420 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:05.295160 0.054303 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:05.349977 0.211006 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:05.561511 0.077625 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:05.639660 0.178817 udp 10.0.2.19 1701 <-> 122.161.209.67 10390 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:05.819128 0.149507 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:05.969180 0.189032 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:06.158760 0.146914 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:06.306264 0.000000 udp 10.0.2.19 1701 -> 79.121.50.50 8485 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:45:24.665932 0.046538 tcp 10.0.2.19 49874 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:45:24.712914 0.075403 tcp 10.0.2.19 49875 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:45:24.789240 0.073529 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:24.863260 0.227105 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:25.090937 0.039491 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:25.130956 0.225591 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:25.357101 0.196576 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:25.554286 0.090470 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:25.645336 0.411714 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:26.057718 0.406674 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:26.464996 0.217276 udp 10.0.2.19 1701 <-> 190.79.75.84 6781 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:26.682893 3.169744 udp 10.0.2.19 1701 <-> 125.167.168.6 22243 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:29.853130 0.000000 udp 10.0.2.19 1701 -> 196.210.104.179 22323 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:45:46.337832 0.046143 tcp 10.0.2.19 49876 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:45:46.384410 0.073872 tcp 10.0.2.19 49877 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:45:46.459210 0.322738 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 06:45:46.782545 0.000000 udp 10.0.2.19 1701 -> 190.40.169.168 16086 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 06:46:04.363729 0.046739 tcp 10.0.2.19 49878 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:46:04.410992 0.073668 tcp 10.0.2.19 49879 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 06:47:13.264788 2.999626 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 06:47:20.270404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:47:28.271947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:47:44.274492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:48:16.280886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:54:20.287577 3.000611 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 06:54:27.294558 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:54:35.296163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:54:51.298603 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 06:55:23.305334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:01:27.312791 2.999425 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 07:01:34.318000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:01:42.319890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:01:58.322415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:02:30.328486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:08:34.336774 2.999708 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 07:08:41.342165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:08:49.343712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:09:05.346467 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:09:37.353253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:12:42.599914 0.000162 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:12:42.600241 1.517727 tcp 10.0.2.19 49880 -> 90.156.118.144 5237 SPA_* 0 0 9 1153 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:12:50.064525 0.025379 tcp 10.0.2.19 49880 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:15:41.358782 3.002009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 07:15:48.365896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:15:56.367659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:16:06.022417 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:16:06.022715 0.162879 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:06.186121 0.000000 udp 10.0.2.19 1701 -> 79.121.50.50 8485 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:16:12.370608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:16:23.970202 0.045812 tcp 10.0.2.19 49881 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:16:24.016209 0.072670 tcp 10.0.2.19 49882 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:16:24.089403 0.216965 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:24.306768 0.000000 udp 10.0.2.19 1701 -> 190.40.169.168 16086 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:16:42.084886 0.045936 tcp 10.0.2.19 49883 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:16:42.131047 0.079079 tcp 10.0.2.19 49884 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:16:42.210669 0.211972 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:42.423066 0.165855 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:42.589500 0.178159 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:42.768232 0.209579 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:42.978519 0.227767 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:43.206899 0.056451 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:43.263881 0.057645 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:43.322019 0.078482 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:43.401039 0.147212 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:43.548803 0.185518 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:16:43.734893 0.000000 udp 10.0.2.19 1701 -> 122.161.209.67 10390 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:16:44.376994 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:17:01.243288 0.046184 tcp 10.0.2.19 49885 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:17:01.289907 0.075411 tcp 10.0.2.19 49886 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:17:01.366402 0.149535 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:01.516512 0.217219 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:01.734418 0.257918 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:01.992923 0.089981 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:02.083472 0.040668 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:02.124656 0.086514 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:02.211781 0.228307 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:02.440687 0.522499 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:02.963775 0.385805 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:03.350230 0.187262 udp 10.0.2.19 1701 <-> 190.79.75.84 6781 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:17:03.538267 0.000000 udp 10.0.2.19 1701 -> 125.167.168.6 22243 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:17:21.361496 0.045267 tcp 10.0.2.19 49887 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:17:21.407024 0.078888 tcp 10.0.2.19 49888 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:17:21.486616 0.327350 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:22:48.384258 3.000344 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 07:22:55.390450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:23:03.391649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:23:19.394328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:23:51.400411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:29:55.408541 2.999652 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 07:30:02.413891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:30:10.415868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:30:26.419002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:30:58.424634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:37:02.432146 2.999809 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 07:37:09.438095 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:37:17.439780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:37:33.552382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:38:05.559187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:42:50.148441 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:42:50.148621 1.576715 tcp 10.0.2.19 49889 -> 90.156.118.144 5237 SPA_* 0 0 9 1211 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:42:58.065787 1.343568 tcp 10.0.2.19 49889 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:44:09.566611 2.999865 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 07:44:16.572313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:44:24.573643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:44:40.576970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:45:12.582464 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:47:34.076505 0.000143 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:47:34.076820 0.000000 udp 10.0.2.19 1701 -> 122.161.209.67 10390 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:47:51.535528 0.047204 tcp 10.0.2.19 49890 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:47:51.583150 0.073612 tcp 10.0.2.19 49891 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:47:51.657677 0.000000 udp 10.0.2.19 1701 -> 125.167.168.6 22243 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:48:08.137547 0.046182 tcp 10.0.2.19 49892 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:48:08.184152 0.077644 tcp 10.0.2.19 49893 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:48:08.262736 0.164764 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:08.428127 0.219545 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:08.648333 0.188437 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:08.837393 0.000000 udp 10.0.2.19 1701 -> 98.80.247.223 2843 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:48:24.480679 0.045951 tcp 10.0.2.19 49894 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:48:24.527108 0.076196 tcp 10.0.2.19 49895 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 07:48:24.604213 4.647652 udp 10.0.2.19 1701 <-> 108.196.220.248 9105 CON 0 0 4 1321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:24.824101 4.486465 udp 10.0.2.19 1701 <-> 95.104.77.164 5068 CON 0 0 4 1011 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:24.882556 4.491734 udp 10.0.2.19 1701 <-> 83.26.189.165 13897 CON 0 0 4 1222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:24.939770 4.666036 udp 10.0.2.19 1701 <-> 190.37.198.197 8275 CON 0 0 4 1299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:25.152490 4.602548 udp 10.0.2.19 1701 <-> 24.239.58.25 6925 CON 0 0 4 1113 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:25.300587 4.641458 udp 10.0.2.19 1701 <-> 200.75.115.103 1075 CON 0 0 4 1230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:25.487687 4.633492 udp 10.0.2.19 1701 <-> 74.166.163.154 9908 CON 0 0 4 1227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:25.667188 4.539807 udp 10.0.2.19 1701 <-> 85.75.9.50 10247 CON 0 0 4 1114 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:25.745210 4.614054 udp 10.0.2.19 1701 <-> 78.100.43.218 10957 CON 0 0 4 1304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:25.901031 4.674794 udp 10.0.2.19 1701 <-> 108.64.215.24 2668 CON 0 0 4 1224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:26.117755 4.509162 udp 10.0.2.19 1701 <-> 95.156.174.151 13489 CON 0 0 4 1142 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:26.162702 4.544966 udp 10.0.2.19 1701 <-> 87.6.122.34 10337 CON 0 0 4 991 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:26.234006 4.710087 udp 10.0.2.19 1701 <-> 190.152.193.223 20374 CON 0 0 4 920 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:26.460878 4.695015 udp 10.0.2.19 1701 <-> 99.64.148.78 5787 CON 0 0 4 1236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:26.669531 4.582481 udp 10.0.2.19 1701 <-> 2.40.243.93 24587 CON 0 0 4 1237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:26.760857 0.379213 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:27.140675 4.567113 udp 10.0.2.19 1701 <-> 118.68.238.0 20233 CON 0 0 4 1090 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:27.510275 4.198186 udp 10.0.2.19 1701 -> 190.79.75.84 6781 INT 0 2 439 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:48:27.699290 4.203184 udp 10.0.2.2 41645 -> 10.0.2.19 1701 INT 0 2 759 flow=Background 1970/01/02 07:48:27.699820 4.933714 udp 10.0.2.19 1701 <-> 190.172.150.49 18066 CON 0 0 4 1087 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:28.257507 0.196192 udp 10.0.2.19 1701 <-> 98.80.247.223 2843 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:28.454488 0.223838 udp 10.0.2.19 1701 <-> 196.210.104.179 22323 CON 0 0 2 806 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:28.678996 0.165347 udp 10.0.2.19 1701 <-> 24.255.222.240 3529 CON 0 0 2 710 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:28.845115 0.187063 udp 10.0.2.19 1701 <-> 108.234.133.110 8387 CON 0 0 2 741 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:31.903139 0.379903 udp 10.0.2.19 1701 <-> 119.75.180.21 6581 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:32.634585 0.057928 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 818 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:32.807769 0.000000 udp 10.0.2.19 1701 -> 72.4.69.34 5614 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:48:41.703296 0.000000 udp 10.0.2.19 1701 -> 118.97.149.245 4554 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:48:50.266362 0.000000 udp 10.0.2.19 1701 -> 60.246.172.98 9181 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:48:57.386244 0.455465 udp 10.0.2.19 1701 <-> 118.96.97.217 17994 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:48:57.967340 0.118855 udp 10.0.2.19 1701 -> 208.180.143.44 4139 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:48:58.086195 0.000000 icmp 208.180.143.44 0x0303 -> 10.0.2.19 0x2b10 URP 192 1 176 flow=Background 1970/01/02 07:49:02.152810 0.000179 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:49:05.717827 0.000000 udp 10.0.2.19 1701 -> 63.147.159.1 6211 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:49:11.416096 0.310299 udp 10.0.2.19 1701 <-> 124.105.251.166 1327 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:49:11.876531 0.000000 udp 10.0.2.19 1701 -> 219.134.33.26 19674 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:49:19.107446 0.000000 udp 10.0.2.19 1701 -> 2.133.83.119 2056 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:49:26.087318 0.000000 udp 10.0.2.19 1701 -> 58.152.23.249 7745 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:49:33.588219 0.000000 udp 10.0.2.19 1701 -> 187.162.43.171 9283 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:49:38.144136 0.000186 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:49:42.090760 0.000000 udp 10.0.2.19 1701 -> 113.160.32.93 8214 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:49:48.269087 0.057714 udp 10.0.2.19 1701 <-> 176.73.148.5 2115 CON 0 0 2 762 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:49:48.367089 0.000000 udp 10.0.2.19 1701 -> 83.25.1.180 3185 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:49:54.128006 0.102395 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:49:54.273012 0.057750 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 859 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:49:54.486022 0.253352 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 861 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:49:54.778548 0.000000 udp 10.0.2.19 1701 -> 61.114.81.227 1838 INT 0 1 296 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:00.957869 0.000000 udp 10.0.2.19 1701 -> 72.215.7.62 9191 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:09.379684 0.000000 udp 10.0.2.19 1701 -> 24.214.216.239 7072 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:14.146486 0.000167 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:50:17.841498 0.000000 udp 10.0.2.19 1701 -> 218.103.123.234 2856 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:25.893860 0.000000 udp 10.0.2.19 1701 -> 114.148.51.180 1042 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:32.262560 0.000000 udp 10.0.2.19 1701 -> 99.54.27.220 6332 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:38.962413 0.000000 udp 10.0.2.19 1701 -> 100.43.246.210 2013 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:46.973941 0.000000 udp 10.0.2.19 1701 -> 89.238.214.94 7768 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:50:51.650180 0.000166 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:50:54.704893 0.000000 udp 10.0.2.19 1701 -> 79.49.66.149 3822 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:02.105190 0.057293 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 741 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:02.242773 0.146105 udp 10.0.2.19 1701 <-> 96.125.211.49 4105 CON 0 0 2 669 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:02.445994 0.000000 udp 10.0.2.19 1701 -> 203.59.75.97 3608 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:08.464867 0.000000 udp 10.0.2.19 1701 -> 58.185.52.242 4062 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:15.474703 0.000000 udp 10.0.2.19 1701 -> 63.142.135.83 1133 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:16.590424 3.000140 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 07:51:23.595945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:51:24.067279 0.066066 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:24.548909 0.230165 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 712 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:25.042643 0.321003 udp 10.0.2.19 1701 <-> 190.172.226.250 18052 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:25.504492 0.000000 udp 10.0.2.19 1701 -> 203.83.174.86 2020 INT 0 1 314 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:28.643488 0.000163 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:51:31.597938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:51:34.471574 0.000000 udp 10.0.2.19 1701 -> 159.63.191.35 6000 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:42.664008 0.396613 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 714 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:43.148179 0.482667 udp 10.0.2.19 1701 <-> 180.248.7.167 23509 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:43.657603 0.229069 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 740 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:43.896346 0.198125 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 720 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:44.125679 0.000000 udp 10.0.2.19 1701 -> 190.207.189.134 21121 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:47.600909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:51:50.234942 0.339734 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 808 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:50.584238 0.000000 udp 10.0.2.19 1701 -> 62.80.197.50 7846 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:51:56.633785 0.342090 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 771 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:51:57.056435 0.000000 udp 10.0.2.19 1701 -> 219.74.86.94 5403 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:02.892590 0.174244 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 793 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:52:03.075614 0.000000 udp 10.0.2.19 1701 -> 14.97.134.87 8113 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:07.649184 0.000136 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:52:10.273389 0.000000 udp 10.0.2.19 1701 -> 182.64.162.117 11124 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:16.993533 0.355848 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 748 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:52:17.365329 0.000000 udp 10.0.2.19 1701 -> 101.63.1.247 7578 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:19.606529 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:52:24.303362 0.000000 udp 10.0.2.19 1701 -> 187.143.38.124 11687 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:30.922961 0.209999 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 825 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:52:31.147697 3.676994 udp 10.0.2.19 1701 <-> 139.0.116.21 6169 CON 0 0 2 803 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:52:34.838857 0.000000 udp 10.0.2.19 1701 -> 121.12.253.228 14257 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:43.151050 0.000000 udp 10.0.2.19 1701 -> 125.25.99.82 18945 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:48.147943 0.000155 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:52:48.498392 0.000000 udp 10.0.2.19 1701 -> 112.91.179.180 25383 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:52:54.236997 0.000000 udp 10.0.2.19 1701 -> 61.183.129.18 8354 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:00.074824 0.206162 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 735 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:00.544040 0.155731 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:00.733066 0.000000 udp 10.0.2.19 1701 -> 72.213.189.250 9245 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:08.698425 0.415216 udp 10.0.2.19 1701 <-> 60.48.67.41 10805 CON 0 0 2 669 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:09.178649 0.224117 udp 10.0.2.19 1701 <-> 124.253.163.131 8108 CON 0 0 2 767 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:09.482929 0.000000 udp 10.0.2.19 1701 -> 24.197.8.133 5685 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:17.770714 0.174057 rtcp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 659 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:17.974693 0.426679 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 664 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:18.539245 0.000000 udp 10.0.2.19 1701 -> 174.79.52.220 3715 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:22.647536 0.000153 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:53:25.692124 0.000000 udp 10.0.2.19 1701 -> 41.218.243.51 11935 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:32.972198 0.487591 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:33.596364 0.000000 udp 10.0.2.19 1701 -> 86.161.231.103 6570 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:40.773623 0.087545 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 654 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:41.088903 0.093860 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 835 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:41.223427 0.057638 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:41.411456 0.191452 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:41.992930 0.000000 udp 10.0.2.19 1701 -> 182.72.145.186 5719 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:48.214892 0.076221 udp 10.0.2.19 1701 <-> 94.64.205.60 20786 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:48.599756 0.203131 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 726 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:48.841184 0.000000 udp 10.0.2.19 1701 -> 2.118.193.177 7672 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:53:57.777725 0.244710 udp 10.0.2.19 1701 <-> 223.205.53.114 21990 CON 0 0 2 672 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:58.291873 0.058017 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 814 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:58.782857 0.409945 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 828 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:59.257462 0.055913 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 809 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:53:59.349819 0.000000 udp 10.0.2.19 1701 -> 122.129.124.228 2314 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:02.294358 0.000162 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:54:05.419181 0.000000 udp 10.0.2.19 1701 -> 201.235.174.22 8601 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:12.229091 1.113135 udp 10.0.2.19 1701 <-> 180.246.90.227 29860 CON 0 0 2 759 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:54:13.495115 0.000000 udp 10.0.2.19 1701 -> 89.116.204.1 5938 INT 0 1 303 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:22.293387 0.000000 udp 10.0.2.19 1701 -> 180.62.204.15 7775 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:30.234790 0.000000 udp 10.0.2.19 1701 -> 31.192.42.213 4440 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:36.473472 0.164598 udp 10.0.2.19 1701 <-> 122.170.98.24 14730 CON 0 0 2 838 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:54:36.648111 0.000000 udp 10.0.2.19 1701 -> 41.98.123.224 11448 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:41.300401 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:54:44.775661 0.000000 udp 10.0.2.19 1701 -> 180.183.131.162 7671 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:52.456375 0.000000 udp 10.0.2.19 1701 -> 203.222.80.6 2413 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:54:59.146313 0.000000 udp 10.0.2.19 1701 -> 125.27.131.77 11758 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:05.756044 0.090667 udp 10.0.2.19 1701 <-> 31.192.63.18 7743 CON 0 0 2 698 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:55:06.246766 0.169751 udp 10.0.2.19 1701 <-> 112.134.193.60 1976 CON 0 0 2 824 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:55:06.501949 0.000000 udp 10.0.2.19 1701 -> 98.193.78.226 2728 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:11.534430 0.172495 udp 10.0.2.19 1701 <-> 107.197.81.95 9155 CON 0 0 2 708 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:55:11.850880 0.000000 udp 10.0.2.19 1701 -> 122.174.132.82 28146 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:16.300336 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:55:19.795752 0.298978 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 663 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:55:20.134386 0.000000 udp 10.0.2.19 1701 -> 66.64.114.138 5624 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:25.353921 0.000000 udp 10.0.2.19 1701 -> 202.179.11.58 2454 INT 0 1 300 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:30.461284 0.000000 udp 10.0.2.19 1701 -> 124.121.10.87 16055 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:37.571840 0.000000 udp 10.0.2.19 1701 -> 108.248.253.118 2630 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:44.301477 0.000000 udp 10.0.2.19 1701 -> 212.150.209.241 7052 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:53.263874 0.000000 udp 10.0.2.19 1701 -> 98.192.94.172 6933 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:55:57.800344 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:56:00.564966 0.137468 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 839 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:56:00.838835 0.174522 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:56:01.051523 0.414964 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 655 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:56:01.595455 0.000000 udp 10.0.2.19 1701 -> 106.51.157.142 2728 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:07.634486 0.000000 udp 10.0.2.19 1701 -> 49.145.81.144 1034 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:13.463644 0.000000 udp 10.0.2.19 1701 -> 77.22.218.43 4113 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:19.752016 0.000000 udp 10.0.2.19 1701 -> 69.142.65.193 6183 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:26.672079 0.057122 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 728 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:56:26.772765 0.000000 udp 10.0.2.19 1701 -> 89.229.23.220 9161 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:34.583695 0.323789 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 767 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:56:34.916750 0.163315 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:56:35.089858 0.000000 udp 10.0.2.19 1701 -> 119.160.175.150 19031 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:39.299987 0.000135 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:56:42.675003 0.172673 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:56:42.857812 0.000000 udp 10.0.2.19 1701 -> 173.163.114.250 4318 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:48.453284 0.000000 udp 10.0.2.19 1701 -> 36.77.4.212 6577 INT 0 1 166 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:56:53.871461 0.000000 udp 10.0.2.19 1701 -> 219.91.186.20 5330 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:57:02.483728 0.000000 udp 10.0.2.19 1701 -> 180.245.191.3 1033 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:57:08.091363 0.000000 udp 10.0.2.19 1701 -> 151.56.147.241 20646 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:57:14.230390 0.191435 udp 10.0.2.19 1701 -> 122.176.246.218 8566 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:57:14.421825 0.000000 icmp 122.176.246.218 0x0303 -> 10.0.2.19 0x7621 URP 192 1 270 flow=Background 1970/01/02 07:57:18.796718 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 07:57:22.962995 0.211543 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 838 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 07:57:23.423926 0.000000 udp 10.0.2.19 1701 -> 85.105.31.39 4560 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:57:28.571432 0.000000 udp 10.0.2.19 1701 -> 119.131.229.120 1137 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 07:58:23.762892 3.001650 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 07:58:30.770212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:58:38.772041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:58:54.774850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 07:59:26.780555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:05:30.788182 3.000184 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 08:05:37.793971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:05:45.795466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:06:01.798812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:06:33.805050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:12:37.810810 3.001815 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 08:12:44.818764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:12:52.819495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:12:59.559503 0.000163 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 08:12:59.559794 1.479472 tcp 10.0.2.19 49896 -> 90.156.118.144 5237 SPA_* 0 0 9 1055 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:13:06.989569 0.029677 tcp 10.0.2.19 49896 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:13:08.822658 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:13:40.828956 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:19:44.836826 2.999773 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 08:19:51.842157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:19:59.843463 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:20:15.846971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:20:47.852488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:26:51.858542 3.001884 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 08:26:58.866244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:27:06.867441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:27:22.870744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:27:54.876582 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:27:59.314682 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 08:27:59.314897 0.054783 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:27:59.370196 0.126985 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:27:59.497796 0.304519 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:27:59.802933 0.105587 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:27:59.909063 0.000000 udp 10.0.2.19 1701 -> 96.125.211.49 4105 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 08:28:15.701245 0.045315 tcp 10.0.2.19 49897 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:28:15.747034 0.074193 tcp 10.0.2.19 49898 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:28:15.822173 0.056815 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:15.879485 0.205477 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:16.085516 0.060590 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:16.146432 0.341298 udp 10.0.2.19 1701 <-> 190.172.226.250 18052 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:16.488108 0.425629 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:16.914388 0.467693 udp 10.0.2.19 1701 <-> 180.248.7.167 23509 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:17.382699 0.193028 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:17.576227 0.224090 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:17.800903 0.340684 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:18.142382 0.343612 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:18.486650 0.173372 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:18.660606 0.361318 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:19.022574 0.201415 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:19.224533 0.000000 udp 10.0.2.19 1701 -> 139.0.116.21 6169 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 08:28:36.196985 0.044535 tcp 10.0.2.19 49899 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:28:36.241852 0.080440 tcp 10.0.2.19 49900 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:28:36.322852 0.151281 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:36.474703 0.154236 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:36.629466 0.398851 udp 10.0.2.19 1701 <-> 60.48.67.41 10805 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:37.028946 0.000000 udp 10.0.2.19 1701 -> 124.253.163.131 8108 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 08:28:53.202936 0.045941 tcp 10.0.2.19 49901 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:28:53.249304 0.074508 tcp 10.0.2.19 49902 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:28:53.324711 0.444305 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:53.769569 0.171986 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:53.942178 0.192773 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:54.135509 0.183797 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 210 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:54.319800 0.053623 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:54.373903 0.082851 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:54.457374 0.087587 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:54.545502 0.073547 udp 10.0.2.19 1701 <-> 94.64.205.60 20786 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:54.619533 0.197084 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:54.817181 0.244482 udp 10.0.2.19 1701 <-> 223.205.53.114 21990 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:55.062300 0.055862 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:55.118741 0.056215 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:55.175472 0.385479 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:28:55.561561 0.000000 udp 10.0.2.19 1701 -> 180.246.90.227 29860 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 08:29:10.968423 0.045769 tcp 10.0.2.19 49903 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:29:11.014635 0.074435 tcp 10.0.2.19 49904 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:29:11.089972 0.000000 udp 10.0.2.19 1701 -> 122.170.98.24 14730 INT 0 1 106 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 08:29:27.323167 0.045082 tcp 10.0.2.19 49905 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:29:27.368674 0.072325 tcp 10.0.2.19 49906 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:29:27.442605 0.097912 udp 10.0.2.19 1701 <-> 31.192.63.18 7743 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:27.541028 0.000000 udp 10.0.2.19 1701 -> 112.134.193.60 1976 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 08:29:43.004270 0.045226 tcp 10.0.2.19 49907 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:29:43.049917 0.080292 tcp 10.0.2.19 49908 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:29:43.131112 0.171661 udp 10.0.2.19 1701 <-> 107.197.81.95 9155 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:43.303295 0.281097 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:43.585018 0.132190 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:43.717800 0.423315 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:44.141765 0.179199 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:44.321547 0.057112 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:44.379128 0.318574 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:44.698513 0.181804 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:44.880859 0.169526 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:29:45.176971 0.222369 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 08:33:58.882596 3.001878 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 08:34:05.890518 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:34:13.891540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:34:29.894440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:35:01.900828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:41:05.908421 2.999602 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 08:41:12.913966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:41:20.915485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:41:36.918958 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:42:08.924654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:43:07.018565 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 08:43:07.018805 1.219384 tcp 10.0.2.19 49909 -> 90.156.118.144 5237 SPA_* 0 0 9 1155 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:43:17.352587 0.003701 tcp 10.0.2.19 49909 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 08:48:12.930104 3.002138 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 08:48:19.938173 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:48:27.939281 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:48:43.942905 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:49:15.948832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:55:19.956845 2.999609 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 08:55:26.961803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:55:34.963346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:55:50.966408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 08:56:22.972588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:00:11.401507 0.000118 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 09:00:11.401830 0.139647 udp 10.0.2.19 1701 <-> 96.125.211.49 4105 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:00:11.542319 0.000000 udp 10.0.2.19 1701 -> 139.0.116.21 6169 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 09:00:27.317451 0.045036 tcp 10.0.2.19 49910 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:00:27.362738 0.076311 tcp 10.0.2.19 49911 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:00:27.439582 0.000000 udp 10.0.2.19 1701 -> 124.253.163.131 8108 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 09:00:46.213785 0.131922 tcp 10.0.2.19 49912 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:00:46.346221 0.075936 tcp 10.0.2.19 49913 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:00:46.423099 0.680412 udp 10.0.2.19 1701 <-> 180.246.90.227 29860 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:00:47.104113 0.000000 udp 10.0.2.19 1701 -> 122.170.98.24 14730 INT 0 1 114 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 09:01:05.130804 0.045771 tcp 10.0.2.19 49914 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:01:05.177001 0.075312 tcp 10.0.2.19 49915 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:01:05.253250 0.000000 udp 10.0.2.19 1701 -> 112.134.193.60 1976 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 09:01:24.216876 0.045566 tcp 10.0.2.19 49916 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:01:24.262773 0.075913 tcp 10.0.2.19 49917 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:01:24.339458 0.055966 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:24.395984 0.051594 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:24.448037 0.255765 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:24.704365 0.104513 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:24.809441 0.062083 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:24.872044 0.057993 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:24.930596 0.215179 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:25.146352 0.299674 udp 10.0.2.19 1701 <-> 190.172.226.250 18052 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:25.446619 4.273309 udp 10.0.2.19 1701 <-> 180.248.7.167 23509 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:29.720510 0.233763 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:29.954879 0.223637 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:30.179077 0.426332 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:30.605969 0.339269 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:30.945753 0.340217 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:31.286561 0.173722 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:31.460796 0.352789 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:31.814157 0.199297 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:32.013992 0.227781 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:32.242599 0.155958 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:32.399072 0.411441 udp 10.0.2.19 1701 <-> 60.48.67.41 10805 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:32.811133 0.449271 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:33.260810 0.177716 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:33.439268 0.083843 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:33.523658 0.000000 udp 10.0.2.19 1701 -> 94.64.205.60 20786 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 09:01:48.763666 0.046504 tcp 10.0.2.19 49918 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:01:48.810587 0.075347 tcp 10.0.2.19 49919 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:01:48.886976 0.195186 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.082778 0.173112 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.256337 0.084284 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.341055 0.053668 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.395219 0.199322 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.595081 0.057251 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.652888 0.054181 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.707565 0.245634 udp 10.0.2.19 1701 <-> 223.205.53.114 21990 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:49.953805 0.403017 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:50.357516 0.118838 udp 10.0.2.19 1701 <-> 31.192.63.18 7743 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:50.476786 0.267203 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:50.744521 0.128988 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:50.873960 0.174558 udp 10.0.2.19 1701 <-> 107.197.81.95 9155 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:51.049057 0.175894 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:51.225508 0.055388 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:51.281289 0.348820 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:51.630675 0.408668 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:52.039787 0.226612 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:52.266929 0.143248 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:01:52.410715 0.168565 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:02:27.020390 3.000270 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 09:02:34.026552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:02:42.027471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:02:58.030362 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:03:30.037020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:09:34.044316 2.999639 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:09:41.050501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:09:49.051653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:10:05.054878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:10:37.060321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:13:17.401878 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 09:13:17.402043 1.482531 tcp 10.0.2.19 49920 -> 90.156.118.144 5237 SPA_* 0 0 9 1195 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:13:28.183692 0.031318 tcp 10.0.2.19 49920 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:16:41.068083 3.000139 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:16:48.074331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:16:56.075749 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:17:12.078900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:17:44.084767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:23:50.373625 3.001942 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:23:57.381581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:24:05.382421 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:24:21.385831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:24:53.391498 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:30:57.398290 3.001141 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:31:04.405019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:31:12.407247 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:31:28.409618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:32:00.415561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:32:09.589733 0.000148 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 09:32:09.590049 0.000000 udp 10.0.2.19 1701 -> 94.64.205.60 20786 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 09:32:26.075088 0.044573 tcp 10.0.2.19 49921 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:32:26.119903 0.092803 tcp 10.0.2.19 49922 -> 173.194.70.94 80 SRPA* 0 0 40 40722 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:32:26.213287 0.140943 udp 10.0.2.19 1701 <-> 96.125.211.49 4105 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:26.354610 0.433631 udp 10.0.2.19 1701 <-> 180.246.90.227 29860 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:26.788680 0.052217 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:26.841235 0.237879 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:27.079465 0.178360 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:27.258323 0.060424 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:27.319066 0.056258 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:27.375706 0.205050 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:27.581167 0.055965 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:27.637534 0.330730 udp 10.0.2.19 1701 <-> 190.172.226.250 18052 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:27.968698 0.482240 udp 10.0.2.19 1701 <-> 180.248.7.167 23509 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:28.451362 0.194728 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:28.646462 0.416921 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:29.063867 0.220133 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:29.284426 0.338245 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:29.623075 0.171218 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:29.794683 0.390440 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:30.185535 0.334162 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:30.520059 0.411074 udp 10.0.2.19 1701 <-> 60.48.67.41 10805 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:30.931558 0.155737 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:31.087665 0.580233 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:31.668324 0.201064 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:31.869792 0.087513 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:31.957660 0.171371 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:32.129417 0.433926 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:32.563708 0.087565 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:32.651671 0.054478 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:32.706467 0.237625 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:32.944514 0.056205 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:33.001054 0.055387 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:33.056760 0.188848 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:33.245990 0.174952 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:33.421276 0.244790 udp 10.0.2.19 1701 <-> 223.205.53.114 21990 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:33.666451 0.413965 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:34.080831 0.095403 udp 10.0.2.19 1701 <-> 31.192.63.18 7743 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:34.176638 0.289867 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:34.466876 0.129774 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:34.597064 0.057027 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:34.654459 0.312587 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:34.967474 0.170670 udp 10.0.2.19 1701 <-> 107.197.81.95 9155 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:35.138529 0.176975 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:35.315814 0.143420 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:35.459644 0.171277 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:35.631312 0.415078 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:32:36.046810 0.244520 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 09:38:04.423403 2.999854 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:38:11.428920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:38:19.430520 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:38:35.433733 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:39:07.439996 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:43:29.336615 0.000113 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 09:43:29.336988 1.552225 tcp 10.0.2.19 49923 -> 90.156.118.144 5237 SPA_* 0 0 9 1017 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:43:44.327204 0.016415 tcp 10.0.2.19 49923 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 09:45:11.445238 3.002136 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:45:18.453182 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:45:26.454881 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:45:42.457865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:46:14.463621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:52:18.471531 2.999946 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:52:25.478712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:52:33.480463 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:52:49.483401 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:53:21.507291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:59:25.515192 3.000444 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 09:59:32.521205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:59:40.522787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 09:59:56.525393 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:00:28.531617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:02:43.365754 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 10:02:43.365916 0.140567 udp 10.0.2.19 1701 <-> 96.125.211.49 4105 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:43.507038 0.481783 udp 10.0.2.19 1701 <-> 180.246.90.227 29860 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:43.989430 0.053462 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:44.043378 0.257686 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:44.301714 0.110513 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:44.412790 0.054712 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:44.468005 0.055800 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:44.524381 0.210771 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:44.735595 0.058753 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:02:44.794850 0.000000 udp 10.0.2.19 1701 -> 190.172.226.250 18052 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 10:03:01.697261 0.047259 tcp 10.0.2.19 49924 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:03:01.745017 0.077541 tcp 10.0.2.19 49925 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:03:01.823506 0.000000 udp 10.0.2.19 1701 -> 180.248.7.167 23509 INT 0 1 111 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 10:03:19.770051 0.046408 tcp 10.0.2.19 49926 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:03:19.816937 0.074665 tcp 10.0.2.19 49927 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:03:19.892525 0.191994 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:20.085097 0.340382 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:20.426037 0.448117 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:20.874753 0.222657 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:21.097982 0.325411 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:21.423991 0.172490 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:21.597024 0.370030 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:21.967673 0.396415 udp 10.0.2.19 1701 <-> 60.48.67.41 10805 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:22.364636 0.154806 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:22.520068 0.387841 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:22.908514 0.201359 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:23.110630 0.106306 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:23.217522 0.170050 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:23.388164 0.428476 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:23.817064 0.083862 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:23.901489 0.056127 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:23.958138 0.057102 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:24.015643 0.195621 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:24.211807 0.171878 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:24.384204 0.053580 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:24.438330 0.193708 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:24.632676 0.240181 udp 10.0.2.19 1701 <-> 223.205.53.114 21990 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:24.873473 0.386128 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:25.260210 0.090080 udp 10.0.2.19 1701 <-> 31.192.63.18 7743 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:25.350821 0.267433 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:25.618839 0.127808 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:25.747206 0.056509 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:25.804202 0.308396 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:26.113045 0.143360 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:26.257069 0.169693 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:26.427396 0.315136 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:26.743118 0.000000 udp 10.0.2.19 1701 -> 107.197.81.95 9155 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 10:03:44.225412 0.045992 tcp 10.0.2.19 49928 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:03:44.271860 0.082661 tcp 10.0.2.19 49929 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:03:44.355512 0.422922 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:03:44.778854 0.216286 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:06:32.539484 3.000124 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 10:06:39.544781 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:06:47.546294 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:07:03.549542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:07:35.555800 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:13:39.564036 2.999258 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 10:13:44.336642 0.000155 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 10:13:44.336976 1.505604 tcp 10.0.2.19 49930 -> 90.156.118.144 5237 SPA_* 0 0 9 1124 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:13:46.569366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:13:52.801710 0.001861 tcp 10.0.2.19 49930 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:13:54.570154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:14:11.113960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:14:43.120328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:20:47.127979 2.999974 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 10:20:54.134203 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:21:02.135279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:21:18.138156 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:21:50.144531 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:27:54.151153 3.000641 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 10:28:01.157854 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:28:09.159538 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:28:25.162723 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:28:57.168138 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:33:47.996597 0.000166 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 10:33:47.996926 0.000000 udp 10.0.2.19 1701 -> 180.248.7.167 23509 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 10:34:03.493335 0.045320 tcp 10.0.2.19 49931 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:34:03.539197 0.098275 tcp 10.0.2.19 49932 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:34:03.638499 0.000000 udp 10.0.2.19 1701 -> 190.172.226.250 18052 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 10:34:20.235505 0.045508 tcp 10.0.2.19 49933 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:34:20.281440 0.079122 tcp 10.0.2.19 49934 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:34:20.361461 0.000000 udp 10.0.2.19 1701 -> 107.197.81.95 9155 INT 0 1 109 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 10:34:36.558322 0.046953 tcp 10.0.2.19 49935 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:34:36.605709 0.073942 tcp 10.0.2.19 49936 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:34:36.680516 0.140496 udp 10.0.2.19 1701 <-> 96.125.211.49 4105 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:36.821383 0.101145 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:36.922965 0.056022 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:36.979411 0.056146 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:37.035966 0.216413 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:37.252800 0.458534 udp 10.0.2.19 1701 <-> 180.246.90.227 29860 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:37.711991 0.217831 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:37.930599 0.055133 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:37.986325 0.211596 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:38.198614 0.336988 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:38.536266 0.203568 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:38.740430 0.398030 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:39.139130 0.332909 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:39.472661 0.172479 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:39.645721 0.222267 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:39.868594 0.154922 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:40.024050 0.400394 udp 10.0.2.19 1701 <-> 60.48.67.41 10805 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:40.425090 0.349829 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:40.775526 0.087292 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:40.863307 0.170031 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:41.033899 0.221158 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:41.255644 0.252647 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:41.508923 0.055482 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:41.564926 0.054078 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:41.619549 0.196447 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:41.816443 0.171927 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:41.988929 0.055415 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:42.044898 0.186331 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:42.231792 0.433237 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:42.665598 0.085160 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:34:42.751295 0.000000 udp 10.0.2.19 1701 -> 31.192.63.18 7743 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 10:35:00.752306 0.044762 tcp 10.0.2.19 49937 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:35:00.797298 0.083237 tcp 10.0.2.19 49938 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:35:00.881571 0.276245 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:01.158232 0.386568 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:01.173505 3.002297 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 10:35:01.545164 0.244035 udp 10.0.2.19 1701 <-> 223.205.53.114 21990 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:01.789569 0.143347 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:01.933298 0.168267 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:02.101958 0.128961 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:02.231227 0.056569 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:02.288174 0.183830 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:02.472367 0.349046 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:02.821792 0.409279 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:03.231416 0.297727 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 10:35:08.181312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:35:16.183457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:35:32.186648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:36:04.192622 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:42:08.199576 3.000055 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 10:42:15.205619 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:42:23.207313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:42:39.210278 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:43:11.216337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:43:53.086948 0.000187 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 10:43:53.087294 1.349772 tcp 10.0.2.19 49939 -> 90.156.118.144 5237 SPA_* 0 0 9 1115 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:44:00.682823 0.014029 tcp 10.0.2.19 49939 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 10:49:15.223639 3.000027 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 10:49:22.230065 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:49:30.230940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:49:46.234493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:50:18.240143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:56:22.247911 3.000186 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 10:56:29.253970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:56:37.254817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:56:53.257811 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 10:57:25.264391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:03:29.272533 2.999371 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 11:03:36.277297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:03:44.279294 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:04:00.281941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:04:32.287991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:05:20.688261 0.000179 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 11:05:20.688593 0.000000 udp 10.0.2.19 1701 -> 31.192.63.18 7743 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:05:36.473002 0.045934 tcp 10.0.2.19 49940 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:05:36.519424 0.091536 tcp 10.0.2.19 49941 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:05:36.611495 0.000000 udp 10.0.2.19 1701 -> 96.125.211.49 4105 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:05:53.176876 0.045536 tcp 10.0.2.19 49942 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:05:53.222833 0.075436 tcp 10.0.2.19 49943 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:05:53.298788 0.061447 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:05:53.360760 0.685553 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:05:54.046971 0.000000 udp 10.0.2.19 1701 -> 180.246.90.227 29860 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:06:09.961061 0.046052 tcp 10.0.2.19 49944 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:06:10.007547 0.081772 tcp 10.0.2.19 49945 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:06:10.090392 0.101885 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:10.192833 0.059179 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:10.252520 0.318559 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:10.571665 0.336829 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:10.909079 0.201217 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:11.110915 0.209597 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:11.321200 0.057337 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:11.379130 0.427334 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:11.807060 0.170136 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:11.977739 0.326249 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:12.304572 0.000000 udp 10.0.2.19 1701 -> 60.48.67.41 10805 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:06:29.178005 0.060928 tcp 10.0.2.19 49946 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:06:29.239384 0.077663 tcp 10.0.2.19 49947 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:06:29.318051 0.349731 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:29.668380 0.229313 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:29.898362 0.155209 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:30.054175 0.086422 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:30.141104 0.260932 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:30.402611 0.057248 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:30.460443 0.056139 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:30.517127 0.198291 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:30.716044 0.202272 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:30.918882 0.196390 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:31.115807 0.434796 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:31.551010 0.087630 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:31.639218 0.172433 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:31.812250 0.053490 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:31.866289 0.187074 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 209 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:32.053963 0.000000 udp 10.0.2.19 1701 -> 223.205.53.114 21990 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:06:50.990564 0.045714 tcp 10.0.2.19 49948 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:06:51.036719 0.078023 tcp 10.0.2.19 49949 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:06:51.115236 0.279322 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:51.395165 0.405239 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:51.801009 0.143388 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:51.944957 0.167499 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:52.113008 0.128739 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:52.242395 0.057337 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:52.300229 0.177605 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:52.478492 0.397225 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:52.876335 0.409015 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:06:53.285911 0.213995 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:10:36.296034 2.999794 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 11:10:43.301580 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:10:51.302751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:11:07.305743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:11:39.312113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:14:00.696522 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 11:14:00.696819 1.519313 tcp 10.0.2.19 49950 -> 90.156.118.144 5237 SPA_* 0 0 9 1240 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:14:08.100709 0.049189 tcp 10.0.2.19 49950 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:17:43.319501 3.000362 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 11:17:50.325763 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:17:58.326737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:18:14.329728 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:18:46.335989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:24:50.341636 3.001666 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 11:24:57.349216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:25:05.350835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:25:21.353675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:25:53.359849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:31:57.365202 3.002487 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 11:32:04.373872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:32:12.375262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:32:28.377809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:33:00.384048 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:37:03.374236 0.000171 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 11:37:03.376168 0.000000 udp 10.0.2.19 1701 -> 96.125.211.49 4105 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:37:19.028646 0.045581 tcp 10.0.2.19 49951 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:37:19.074418 0.083914 tcp 10.0.2.19 49952 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:37:19.158863 0.000000 udp 10.0.2.19 1701 -> 180.246.90.227 29860 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:37:34.249534 0.046807 tcp 10.0.2.19 49953 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:37:34.296784 0.082467 tcp 10.0.2.19 49954 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:37:34.379949 0.000000 udp 10.0.2.19 1701 -> 60.48.67.41 10805 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:37:49.882786 0.045104 tcp 10.0.2.19 49955 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:37:49.928320 0.084233 tcp 10.0.2.19 49956 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:37:50.013450 0.241508 udp 10.0.2.19 1701 <-> 223.205.53.114 21990 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:50.255548 0.137105 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:50.393204 0.148106 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:50.541930 0.105371 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:50.647840 0.292390 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:50.940853 0.054915 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:50.996283 0.429517 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:51.426463 0.197364 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:51.624384 0.365187 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:51.990205 0.210287 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:52.201044 0.055227 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:52.256820 0.170392 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:52.427841 0.343642 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:37:52.772127 0.000000 udp 10.0.2.19 1701 -> 124.194.94.131 8722 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 11:38:10.452181 0.046621 tcp 10.0.2.19 49957 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:38:10.499244 0.076171 tcp 10.0.2.19 49958 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:38:10.576324 0.086423 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:10.663277 0.228145 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:10.892021 0.056168 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:10.948704 0.057083 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:11.006415 0.195532 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:11.202536 0.220726 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:11.423866 0.156559 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:11.581123 0.087807 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:11.669477 0.174167 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:11.844219 0.202588 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:12.047365 0.172361 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:12.220326 0.422626 udp 10.0.2.19 1701 <-> 110.138.15.81 24577 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:12.643556 0.054667 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:12.698710 0.187454 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:12.886733 0.279302 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:13.166639 0.383064 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:13.550349 0.117682 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:13.668587 0.055624 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:13.724730 0.177171 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:13.902529 0.143123 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:14.046117 0.168930 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:14.215435 0.276492 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:14.492544 0.403544 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:38:14.896758 0.410941 udp 10.0.2.19 1701 <-> 125.161.71.4 12619 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 11:39:04.391525 3.000269 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 11:39:11.397146 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:39:19.398824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:39:35.401999 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:40:07.407696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:44:08.154994 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 11:44:08.155293 1.425692 tcp 10.0.2.19 49959 -> 90.156.118.144 5237 SPA_* 0 0 9 1118 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:44:15.284818 0.158858 tcp 10.0.2.19 49959 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 11:46:11.415727 2.999876 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 11:46:18.421464 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:46:26.423272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:46:42.425721 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:47:14.431591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:53:18.440135 2.999256 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 11:53:25.445679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:53:33.447309 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:53:49.449825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 11:54:21.456165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:00:25.461454 3.002208 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 12:00:32.469452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:00:40.471145 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:00:56.473463 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:01:28.479951 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:07:32.488052 2.999796 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 12:07:39.493900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:07:47.495039 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:08:03.498143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:08:35.643899 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:08:38.729151 0.000156 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 12:08:38.729479 0.000000 udp 10.0.2.19 1701 -> 124.194.94.131 8722 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:08:54.455630 0.045194 tcp 10.0.2.19 49960 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:08:54.501306 0.078381 tcp 10.0.2.19 49961 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:08:54.580666 0.058151 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:08:54.639382 0.104431 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:08:54.744380 0.000000 udp 10.0.2.19 1701 -> 223.205.53.114 21990 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:09:11.047572 0.045456 tcp 10.0.2.19 49962 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:09:11.093405 0.080139 tcp 10.0.2.19 49963 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:09:11.174511 0.122286 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:11.297386 0.394634 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:11.692653 0.192446 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:11.885623 0.218113 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:12.104368 0.062253 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:12.167249 0.170100 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:12.337983 0.327861 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:12.666500 0.341484 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.008570 0.216761 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.225906 0.055396 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.281883 0.089023 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.371244 0.245226 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.617107 0.054603 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.672126 0.057001 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 577 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.729642 0.197166 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:13.927233 0.222868 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:14.150874 0.158051 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:14.309566 0.084457 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:14.394572 0.170056 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:14.565324 0.000000 udp 10.0.2.19 1701 -> 110.138.15.81 24577 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:09:30.845944 0.045723 tcp 10.0.2.19 49964 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:09:30.892107 0.093253 tcp 10.0.2.19 49965 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:09:30.986295 0.055184 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:31.042260 0.170920 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:31.213833 0.203134 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:31.417603 0.186383 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:31.604644 0.285103 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:31.890428 0.405852 udp 10.0.2.19 1701 <-> 118.68.135.160 18232 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:32.296862 0.128972 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:32.426484 0.056269 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:32.483295 0.171690 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:32.655580 0.267537 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:32.923766 0.196254 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:33.120592 0.143455 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:33.264644 0.413356 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:09:33.678660 0.000000 udp 10.0.2.19 1701 -> 125.161.71.4 12619 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:09:48.791507 0.175388 tcp 10.0.2.19 49966 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:09:48.967357 0.079939 tcp 10.0.2.19 49967 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:14:15.583318 0.000241 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 12:14:15.583772 1.357815 tcp 10.0.2.19 49968 -> 90.156.118.144 5237 SPA_* 0 0 9 1203 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:14:22.551064 0.014123 tcp 10.0.2.19 49968 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:14:39.711371 3.000391 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 12:14:46.717189 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:14:54.718754 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:15:10.721857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:15:42.728112 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:21:46.735542 3.000101 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 12:21:53.741290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:22:01.742865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:22:17.745924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:22:49.752147 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:28:53.759744 2.999798 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 12:29:00.765415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:29:08.767099 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:29:24.769667 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:29:56.775721 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:36:00.783918 2.999985 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 12:36:07.789124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:36:15.790945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:36:31.793958 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:37:03.800076 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:40:15.475603 0.000201 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 12:40:15.476049 0.000000 udp 10.0.2.19 1701 -> 223.205.53.114 21990 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:40:33.646599 0.046894 tcp 10.0.2.19 49969 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:40:33.694179 0.073812 tcp 10.0.2.19 49970 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:40:33.768541 0.000000 udp 10.0.2.19 1701 -> 110.138.15.81 24577 INT 0 1 100 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:40:52.539769 0.045404 tcp 10.0.2.19 49971 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:40:52.585426 0.083247 tcp 10.0.2.19 49972 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:40:52.669203 0.000000 udp 10.0.2.19 1701 -> 125.161.71.4 12619 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:41:09.905717 0.045334 tcp 10.0.2.19 49973 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:41:09.951360 0.089596 tcp 10.0.2.19 49974 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:41:10.041775 0.053839 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:10.096227 0.100789 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:10.197488 0.058461 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:10.256296 0.430914 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:10.687573 0.168868 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:10.857069 0.337871 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:11.195392 0.274897 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:11.470918 0.190764 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:11.791821 0.060911 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:11.853188 0.337531 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.191085 0.218717 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.410259 0.066842 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.477515 0.074725 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.552755 0.057484 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.610828 0.211723 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.822919 0.084305 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.907794 0.086624 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:12.994851 0.171366 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:13.166788 0.154370 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:13.321806 0.195609 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:13.518065 0.222756 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:13.741432 0.235866 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:13.977983 0.185498 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:14.163953 0.073346 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:14.237658 0.173177 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:14.411508 0.000000 udp 10.0.2.19 1701 -> 118.68.135.160 18232 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 12:41:29.623150 0.045406 tcp 10.0.2.19 49975 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:41:29.668777 0.089642 tcp 10.0.2.19 49976 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:41:29.758968 0.136813 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:29.896205 0.277908 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:30.174488 0.167860 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:30.342742 0.056030 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:30.399097 0.406783 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:30.806313 0.278922 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:31.085682 0.177980 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:41:31.264296 0.143423 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 12:43:07.807541 3.000368 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 12:43:14.813577 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:43:22.815225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:43:38.817953 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:44:10.824243 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:44:22.571722 0.000152 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 12:44:22.572030 1.240523 tcp 10.0.2.19 49977 -> 90.156.118.144 5237 FSPA* 0 0 14 1527 flow=From-Botnet-V2-TCP-Established 1970/01/02 12:50:14.831478 3.000360 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 12:50:21.837500 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:50:29.839233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:50:45.841474 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:51:17.847972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:57:21.853727 3.001891 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 12:57:28.861625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:57:36.862689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:57:52.865512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 12:58:24.871906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:04:28.879374 3.000537 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 13:04:35.885281 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:04:43.887089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:04:59.890431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:05:31.897013 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:11:35.905035 2.998264 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 13:11:42.909084 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:11:44.131753 0.000176 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 13:11:44.132099 0.000000 udp 10.0.2.19 1701 -> 118.68.135.160 18232 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 13:11:50.910445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:12:02.001723 0.045981 tcp 10.0.2.19 49978 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 13:12:02.048190 0.076987 tcp 10.0.2.19 49979 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 13:12:02.126158 0.102963 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:02.229736 0.437705 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:02.668161 0.167952 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:02.836688 0.055192 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:02.892471 0.105011 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:02.998560 0.193518 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:03.192724 0.059361 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:03.252613 0.333767 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:03.587000 0.321616 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:03.909251 0.341375 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:04.251231 0.056069 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:04.307841 0.057687 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:04.366292 0.203549 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:04.570710 0.056433 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:04.627721 0.206952 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:04.835326 0.169964 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:05.005832 0.155551 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:05.161978 0.200850 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:05.363423 0.220715 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:05.584740 0.084705 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:05.669945 0.085827 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:05.756363 0.173157 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:05.930124 0.201464 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:06.132214 0.186676 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:06.319502 0.056281 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:06.376255 0.130065 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:06.506908 0.312584 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:06.820109 0.167695 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:06.914076 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:12:06.988385 0.057359 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:07.046326 0.410612 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:07.457622 0.143247 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:07.601381 0.188682 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:07.790768 0.174468 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:12:38.919858 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:14:23.811319 0.000170 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 13:14:23.811647 1.082783 tcp 10.0.2.19 49980 -> 90.156.118.144 5237 SPA_* 0 0 9 1237 flow=From-Botnet-V2-TCP-Established 1970/01/02 13:14:33.912700 0.056792 tcp 10.0.2.19 49980 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 13:18:42.925596 3.001603 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 13:18:49.933409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:18:57.934541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:19:13.937807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:19:45.943527 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:25:49.949067 3.002642 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 13:25:56.957616 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:26:04.958945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:26:20.961506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:26:52.967510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:32:56.976018 2.999610 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 13:33:03.981176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:33:11.982348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:33:27.985632 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:33:59.992077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:40:03.999455 2.999723 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 13:40:11.005035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:40:19.006351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:40:35.009318 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:41:07.015598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:42:13.872127 0.000119 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 13:42:13.872372 0.167830 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:14.040587 0.055979 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:14.096944 0.440507 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:14.537915 0.055192 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 577 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:14.593465 0.104183 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:14.698260 0.199919 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:14.698692 2.998794 tcp 10.0.2.19 49981 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 13:42:14.898614 0.059267 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:14.958303 0.347216 udp 10.0.2.19 1701 <-> 118.161.192.162 1042 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:15.305991 0.057016 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:15.363378 0.059598 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:15.423339 0.205198 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:15.628881 0.055704 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:15.684981 0.150917 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:15.836279 0.218606 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:16.055238 0.341684 udp 10.0.2.19 1701 <-> 1.162.239.239 7313 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:16.397277 0.175155 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:16.572854 0.154465 rtcp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:16.727737 0.197698 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:16.925872 0.217011 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:17.143279 0.087033 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:17.230658 0.084324 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:17.315347 0.187200 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:17.502984 0.053452 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:17.556842 0.129642 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:17.686875 0.398824 udp 10.0.2.19 1701 <-> 101.63.216.247 5361 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:18.086247 0.172000 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:18.258592 0.199643 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:18.458663 0.171507 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:18.630541 0.055573 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:18.686486 0.384436 udp 10.0.2.19 1701 <-> 117.223.129.15 6839 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:19.071350 0.143516 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:19.215236 0.290177 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:19.505808 0.181396 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 13:42:23.695441 0.000000 tcp 10.0.2.19 49981 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 13:44:33.973567 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 13:44:33.973866 3.231755 tcp 10.0.2.19 49982 -> 90.156.118.144 5237 FSPA* 0 0 14 1731 flow=From-Botnet-V2-TCP-Established 1970/01/02 13:47:11.020993 3.002265 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 13:47:18.028767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:47:26.030336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:47:42.033839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:48:14.039758 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:54:18.047595 2.999980 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 13:54:25.053287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:54:33.054230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:54:49.057233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 13:55:21.063635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:01:25.070832 3.000575 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:01:32.077081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:01:40.078712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:01:56.081370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:02:28.087423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:08:32.095566 2.999324 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:08:39.101296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:08:47.102217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:09:03.105282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:09:35.181940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:12:48.961117 0.000170 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 14:12:48.961480 0.389021 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:12:49.351191 0.053745 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:12:49.405657 0.105476 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:12:49.406437 2.998885 tcp 10.0.2.19 49983 -> 213.123.181.44 9065 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 14:12:49.511711 0.168609 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:12:49.680876 0.056750 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:12:49.738420 0.193290 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:12:49.932288 0.403132 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:12:50.336052 0.000000 udp 10.0.2.19 1701 -> 118.161.192.162 1042 INT 0 1 111 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:12:58.403889 0.000000 tcp 10.0.2.19 49983 -> 213.123.181.44 9065 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 14:13:06.286772 0.019581 udp 10.0.2.19 64593 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/02 14:13:06.307062 0.019363 udp 10.0.2.19 50746 <-> 8.8.8.8 53 CON 0 0 2 180 flow=From-Botnet-V2-DNS 1970/01/02 14:13:08.571560 0.046705 tcp 10.0.2.19 49984 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:13:08.618884 0.075797 tcp 10.0.2.19 49985 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:13:08.695607 0.053906 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:08.750136 0.057578 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:08.808219 0.204629 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:09.013429 0.055989 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:09.069927 0.138961 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:09.209530 0.264914 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:09.475083 0.000000 udp 10.0.2.19 1701 -> 1.162.239.239 7313 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:13:26.567073 0.045806 tcp 10.0.2.19 49986 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:13:26.613259 0.079062 tcp 10.0.2.19 49987 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:13:26.693204 0.167753 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:26.861633 0.156314 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.018550 0.083449 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.102570 0.083334 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.186438 0.187623 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.374648 0.053726 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.428934 0.129392 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.558936 0.190808 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.750252 0.221858 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:27.972757 0.000000 udp 10.0.2.19 1701 -> 101.63.216.247 5361 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:13:45.082888 0.045467 tcp 10.0.2.19 49988 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:13:45.128906 0.088154 tcp 10.0.2.19 49989 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:13:45.217967 0.171848 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:45.390487 0.202428 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:45.593487 0.168091 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:45.762247 0.055478 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:45.818308 0.209362 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:46.028275 0.175183 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:13:46.203988 0.000000 udp 10.0.2.19 1701 -> 117.223.129.15 6839 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:14:04.530884 0.045919 tcp 10.0.2.19 49990 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:14:04.577247 0.078405 tcp 10.0.2.19 49991 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:14:04.656604 0.143567 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:14:37.236054 1.402128 tcp 10.0.2.19 49992 -> 90.156.118.144 5237 SPA_* 0 0 7 1110 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:14:44.280839 0.041728 tcp 10.0.2.19 49992 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:15:39.187020 3.002434 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 14:15:46.194717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:15:54.196545 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:16:10.199658 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:16:42.206222 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:22:46.213185 2.999914 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:22:53.219249 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:23:01.220802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:23:17.223196 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:23:49.229388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:29:53.237211 2.999708 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:30:00.243016 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:30:08.245057 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:30:24.247791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:30:56.253466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:37:00.261482 2.999598 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:37:07.266594 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:37:15.268270 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:37:31.271452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:38:03.277225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:44:07.285123 3.000103 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:44:14.290771 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:44:19.959257 0.000184 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 14:44:19.959607 0.351053 udp 10.0.2.19 1701 -> 118.161.192.162 1042 INT 0 1 98 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:44:20.310660 0.000000 icmp 118.161.192.162 0x0303 -> 10.0.2.19 0x1204 URP 192 1 126 flow=Background 1970/01/02 14:44:22.292105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:44:37.268451 0.046590 tcp 10.0.2.19 49993 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:44:37.315539 0.073687 tcp 10.0.2.19 49994 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:44:37.390347 0.000000 udp 10.0.2.19 1701 -> 1.162.239.239 7313 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:44:38.295089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:44:44.324281 1.216808 tcp 10.0.2.19 49995 -> 90.156.118.144 5237 SPA_* 0 0 9 1081 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:44:50.972820 0.011108 tcp 10.0.2.19 49995 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:44:54.521085 0.046347 tcp 10.0.2.19 49996 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:44:54.567879 0.079357 tcp 10.0.2.19 49997 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:44:54.648000 0.000000 udp 10.0.2.19 1701 -> 101.63.216.247 5361 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:45:10.301244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:45:13.296551 0.045234 tcp 10.0.2.19 49998 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:45:13.342313 0.075243 tcp 10.0.2.19 49999 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:45:13.418133 0.000000 udp 10.0.2.19 1701 -> 117.223.129.15 6839 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:45:28.688988 0.045369 tcp 10.0.2.19 50000 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:45:28.734548 0.071851 tcp 10.0.2.19 50001 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:45:28.806966 0.057333 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:28.864711 0.169183 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:28.865036 2.997022 tcp 10.0.2.19 50002 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 14:45:29.034301 0.101153 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:29.135794 0.054069 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:29.190201 0.444275 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:29.634891 0.061663 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:29.696940 0.197282 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:29.894636 0.057090 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:29.952057 0.053968 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:30.006327 0.289340 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:30.296095 0.056253 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:30.352701 0.000000 udp 10.0.2.19 1701 -> 105.236.59.147 12489 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 14:45:37.871115 0.000000 tcp 10.0.2.19 50002 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 14:45:48.618637 0.046392 tcp 10.0.2.19 50003 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:45:48.665498 0.080847 tcp 10.0.2.19 50004 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 14:45:48.747201 0.159826 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:48.907726 0.173060 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.081427 0.057162 udp 10.0.2.19 1701 <-> 176.73.103.182 3401 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.139172 0.134235 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.274010 0.200552 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.475092 0.083777 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.559437 0.085679 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.645709 0.159528 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.805853 0.186725 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:49.993185 0.226849 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:50.220570 0.060870 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:50.282053 0.228039 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:50.510621 0.172487 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:50.683769 0.168110 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:50.852504 0.185498 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:51.038602 0.177765 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:45:51.217034 0.143359 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 14:51:14.309356 2.999866 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:51:21.314959 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:51:29.316164 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:51:45.319232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:52:17.325901 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:58:21.333011 3.000389 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 14:58:28.339208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:58:36.340208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:58:52.343843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 14:59:24.349462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:05:28.357029 2.999762 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 15:05:35.363068 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:05:43.364568 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:05:59.367039 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:06:31.373450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:12:35.381070 2.999672 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 15:12:42.386850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:12:50.388355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:13:06.391585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:13:38.397464 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:14:50.992526 0.000202 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 15:14:50.992887 1.556276 tcp 10.0.2.19 50005 -> 90.156.118.144 5237 SPA_* 0 0 9 1041 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:15:01.651210 0.062993 tcp 10.0.2.19 50005 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:15:51.529431 0.213131 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:51.743134 0.055907 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:51.799668 0.069168 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:51.800297 2.993228 tcp 10.0.2.19 50006 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 15:15:51.869466 0.449131 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:52.319093 0.062119 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:52.381779 0.193267 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:52.575708 0.118733 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:52.695101 0.168232 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:52.863951 0.054599 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:52.919151 0.057601 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:52.977322 0.054114 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:53.031975 0.320123 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:53.352727 0.156301 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:53.509618 0.175437 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:15:53.685588 0.000000 udp 10.0.2.19 1701 -> 176.73.103.182 3401 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 15:15:56.405739 0.000166 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 15:16:00.792506 0.000000 tcp 10.0.2.19 50006 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 15:16:10.530378 0.045989 tcp 10.0.2.19 50007 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:16:10.576797 0.075318 tcp 10.0.2.19 50008 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:16:10.653062 0.199733 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:10.853408 0.196997 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:11.050977 0.088412 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 577 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:11.139924 0.083005 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:11.223461 0.154988 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:11.379138 0.186317 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:11.566220 0.220077 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:11.786890 0.056689 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:11.844110 0.206142 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:12.050943 0.172637 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:12.224172 0.175505 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:12.400211 0.143685 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:12.544535 0.187460 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:16:12.732605 0.194039 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:19:42.405286 3.000011 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 15:19:49.410341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:19:57.412096 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:20:13.415682 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:20:45.421017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:26:49.429262 3.000175 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 15:26:56.435031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:27:04.436448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:27:20.439317 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:27:52.445480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:33:56.453391 2.999700 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 15:34:03.458585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:34:11.460026 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:34:27.463368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:34:59.469045 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:41:03.476738 3.000361 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 15:41:10.482532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:41:18.483798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:41:34.487501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:42:06.493142 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:45:01.716076 0.000163 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 15:45:01.716404 1.566497 tcp 10.0.2.19 50009 -> 90.156.118.144 5237 SPA_* 0 0 9 1196 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:45:13.986096 0.143508 tcp 10.0.2.19 50009 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:46:36.461857 0.000186 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 15:46:36.462195 0.000000 udp 10.0.2.19 1701 -> 176.73.103.182 3401 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 15:46:54.061522 0.045946 tcp 10.0.2.19 50010 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:46:54.107898 0.076474 tcp 10.0.2.19 50011 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 15:46:54.184887 0.052892 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:54.238623 0.224763 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:54.239198 2.992209 tcp 10.0.2.19 50012 -> 213.123.181.44 9065 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 15:46:54.463996 0.067610 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:54.532230 0.059966 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:54.592751 0.202863 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:54.796239 0.145436 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:54.942342 0.169156 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:55.112162 0.054619 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:55.167119 0.391313 udp 10.0.2.19 1701 <-> 42.119.49.245 11005 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:55.559129 0.276044 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:55.835728 0.160959 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:55.997253 0.168769 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.166546 0.057905 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.224993 0.055892 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.281426 0.129967 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.412029 0.187436 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.600050 0.083638 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.684209 0.079374 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 205 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.764169 0.155386 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:56.920092 0.187129 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:57.107874 0.226429 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:57.334856 0.058808 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:57.394422 0.167410 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:57.562583 0.143405 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:57.706783 0.299029 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:58.006626 0.204832 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:58.211984 0.173385 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:46:58.386000 0.176262 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 15:47:03.240106 0.000000 tcp 10.0.2.19 50012 -> 213.123.181.44 9065 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 15:48:10.501442 2.999591 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 15:48:17.506980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:48:25.508103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:48:41.510862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:49:13.516960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:55:17.525257 2.999366 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 15:55:24.530792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:55:32.532397 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:55:48.535292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 15:56:20.541273 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:02:24.547636 3.001217 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:02:31.554833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:02:39.555912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:02:55.558809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:03:27.564898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:09:31.571948 3.001159 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:09:38.578994 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:09:46.580042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:10:02.583040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:10:34.588936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:15:14.131358 0.000136 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 16:15:14.131649 1.644665 tcp 10.0.2.19 50013 -> 90.156.118.144 5237 SPA_* 0 0 9 1097 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:15:21.789702 0.013233 tcp 10.0.2.19 50013 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:16:38.596760 2.999993 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:16:45.602369 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:16:53.603927 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:17:09.606789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:17:18.800571 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 16:17:18.800853 0.092741 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:18.894343 0.055114 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:18.894971 2.999893 tcp 10.0.2.19 50014 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 16:17:18.950045 0.198335 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:19.148979 0.059199 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:19.208758 0.233941 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:19.443317 0.101456 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:19.545345 0.167445 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:19.713417 0.054616 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:19.768615 0.000000 udp 10.0.2.19 1701 -> 42.119.49.245 11005 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 16:17:27.893116 0.000000 tcp 10.0.2.19 50014 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 16:17:37.361805 0.046046 tcp 10.0.2.19 50015 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:17:37.408304 0.079405 tcp 10.0.2.19 50016 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:17:37.488691 0.253993 udp 10.0.2.19 1701 <-> 65.131.159.92 8666 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:37.743328 0.161480 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:37.905473 0.175586 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.081686 0.058646 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.140930 0.055842 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.197368 0.135024 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.333010 0.200279 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.533940 0.087601 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.622253 0.082650 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.705503 0.158610 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:38.864754 0.186887 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:39.052273 0.218772 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:39.271708 0.056714 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:39.328784 0.169545 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 570 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:39.498774 0.143515 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:39.642809 0.172395 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:39.815855 0.175409 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:39.991913 0.297160 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:40.289728 0.200798 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:17:41.612920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:23:45.618215 3.002582 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:23:52.626426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:24:00.627853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:24:16.630731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:24:48.637080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:30:52.645273 2.999711 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:30:59.650828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:31:07.652162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:31:23.655236 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:31:55.661116 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:37:59.668435 2.999802 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:38:06.674214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:38:14.676144 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:38:30.679196 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:39:02.685178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:45:06.692180 3.000623 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:45:13.698460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:45:21.699752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:45:21.810466 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 16:45:21.810645 1.572698 tcp 10.0.2.19 50017 -> 90.156.118.144 5237 SPA_* 0 0 9 1170 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:45:32.131280 0.001469 tcp 10.0.2.19 50017 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:45:37.702613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:46:09.708825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:47:47.049292 0.000227 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 16:47:47.049754 0.000000 udp 10.0.2.19 1701 -> 42.119.49.245 11005 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 16:48:05.629940 0.047030 tcp 10.0.2.19 50018 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:48:05.677438 0.075621 tcp 10.0.2.19 50019 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:48:05.754047 0.056983 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:05.811679 0.053451 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:05.812253 3.008149 tcp 10.0.2.19 50020 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 16:48:05.865689 0.060648 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:05.928030 0.121013 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:06.049640 0.169694 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:06.219948 0.054505 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:06.274973 0.247909 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:06.523539 0.196758 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:06.720866 0.000000 udp 10.0.2.19 1701 -> 65.131.159.92 8666 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 16:48:14.818565 0.000000 tcp 10.0.2.19 50020 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 16:48:25.035847 0.046219 tcp 10.0.2.19 50021 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:48:25.082705 0.077601 tcp 10.0.2.19 50022 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 16:48:25.161223 0.164632 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:25.326534 0.175014 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:25.502230 0.056939 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:25.559686 0.055051 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:25.615273 0.136370 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:25.752245 0.197495 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:25.950387 0.093878 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:26.044869 0.084844 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:26.130327 0.155631 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:26.286558 0.189365 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:26.476521 0.223032 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:26.700146 0.056746 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:26.757419 0.168471 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:26.927296 0.143434 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:27.071115 0.172589 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:27.244072 0.271006 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:27.515502 0.213755 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:48:27.729653 0.271136 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 16:52:13.716440 3.000241 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 16:52:20.722405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:52:28.723876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:52:44.726627 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:53:16.732576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:59:20.740254 2.999953 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 16:59:27.745969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:59:35.747924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 16:59:51.750472 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:00:23.756995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:06:27.765610 2.998778 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 17:06:34.769888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:06:42.772107 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:06:58.774560 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:07:30.781256 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:13:34.786813 3.001442 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 17:13:41.794501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:13:49.795620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:14:05.798798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:14:37.804596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:15:32.133460 0.000153 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 17:15:32.133794 1.356633 tcp 10.0.2.19 50023 -> 90.156.118.144 5237 SPA_* 0 0 9 1252 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:15:59.223305 0.219523 tcp 10.0.2.19 50023 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:18:44.790480 0.000163 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 17:18:44.790834 0.162768 udp 10.0.2.19 1701 -> 65.131.159.92 8666 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 17:18:44.953602 0.000000 icmp 65.131.129.2 0x0003 -> 10.0.2.19 0x4183 URN 192 1 223 flow=Background 1970/01/02 17:19:03.792154 0.046206 tcp 10.0.2.19 50024 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:19:03.838779 0.074902 tcp 10.0.2.19 50025 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:19:03.914772 0.056236 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:03.971663 0.000000 udp 10.0.2.19 1701 -> 213.123.181.44 4921 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 17:19:03.972291 2.999156 tcp 10.0.2.19 50026 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 17:19:12.980647 0.000000 tcp 10.0.2.19 50026 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 17:19:22.656444 0.046107 tcp 10.0.2.19 50027 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:19:22.703005 0.076339 tcp 10.0.2.19 50028 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:19:22.779873 0.055604 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:22.836061 0.054559 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:22.891169 0.232859 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:23.124615 0.203963 udp 10.0.2.19 1701 <-> 201.171.27.14 27410 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:23.329127 0.168663 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:23.498391 0.100934 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:23.599888 0.178149 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:23.778678 0.168384 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:23.947684 0.055907 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.004100 0.057662 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.062332 0.135624 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.198512 0.190645 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.389736 0.084163 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.474557 0.086847 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.562026 0.169042 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.731653 0.185601 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:24.917902 0.216153 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:25.134751 0.055390 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:25.190639 0.173055 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:25.364242 0.201260 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:25.565886 0.174791 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:25.741064 0.000000 udp 10.0.2.19 1701 -> 75.13.87.74 9898 INT 0 1 113 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 17:19:44.546972 0.045055 tcp 10.0.2.19 50029 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:19:44.592252 0.074974 tcp 10.0.2.19 50030 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:19:44.667753 0.143402 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:19:44.811585 0.289865 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:20:41.813078 2.998978 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 17:20:48.818572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:20:56.819993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:21:12.822350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:21:44.828798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:27:48.835851 3.000585 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 17:27:55.842420 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:28:03.843514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:28:19.847004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:28:51.852997 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:34:55.860119 3.000036 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 17:35:02.865967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:35:10.867703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:35:26.871025 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:35:58.876313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:42:02.884231 3.000261 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 17:42:09.889855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:42:17.891599 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:42:33.894883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:43:05.900979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:45:59.451072 0.000143 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 17:45:59.451414 1.073938 tcp 10.0.2.19 50031 -> 90.156.118.144 5237 SPA_* 0 0 9 1005 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:46:09.143149 0.063457 tcp 10.0.2.19 50031 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:49:09.908134 3.000112 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 17:49:16.913794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:49:24.915820 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:49:40.920356 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:50:01.939202 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 17:50:01.939535 0.000000 udp 10.0.2.19 1701 -> 213.123.181.44 4921 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 17:50:12.926491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:50:18.727707 0.045543 tcp 10.0.2.19 50032 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:50:18.773662 0.085479 tcp 10.0.2.19 50033 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:50:18.860086 0.169801 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:19.030614 0.055586 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:19.086809 0.058876 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:19.087398 3.000421 tcp 10.0.2.19 50034 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 17:50:19.146321 0.060066 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:19.206928 0.168073 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:19.375602 0.100854 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:19.477027 0.578750 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:20.056381 0.000000 udp 10.0.2.19 1701 -> 201.171.27.14 27410 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 17:50:28.086026 0.000000 tcp 10.0.2.19 50034 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 17:50:36.270006 0.047759 tcp 10.0.2.19 50035 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:50:36.318354 0.077764 tcp 10.0.2.19 50036 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 17:50:36.397180 0.211745 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:36.609522 0.057872 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:36.667773 0.056202 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:36.724377 0.129731 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:36.854616 0.195701 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:37.050917 0.088826 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:37.140252 0.082553 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:37.223375 0.156661 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:37.380599 0.194931 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:37.576140 0.199041 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:37.775782 0.201870 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:37.978475 0.198763 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:38.177829 0.220386 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:38.398806 0.069536 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:38.468914 0.188671 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:38.658266 0.190654 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:50:38.849486 0.208753 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 17:56:16.933649 2.998495 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 17:56:23.937920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:56:31.939308 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:56:47.942413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 17:57:19.948426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:03:23.956251 3.000370 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 18:03:30.961748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:03:38.963778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:03:54.966150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:04:26.972838 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:10:30.980550 2.999444 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 18:10:37.986151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:10:45.987071 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:11:01.990246 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:11:33.996253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:16:09.212477 0.000155 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:16:09.212738 1.537093 tcp 10.0.2.19 50037 -> 90.156.118.144 5237 SPA_* 0 0 9 1243 flow=From-Botnet-V2-TCP-Established 1970/01/02 18:16:19.825064 0.015260 tcp 10.0.2.19 50037 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 18:17:38.002343 3.001431 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 18:17:45.009635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:17:53.011383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:18:09.014632 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:18:41.020614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:21:03.025248 0.000215 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:21:03.025659 0.000000 udp 10.0.2.19 1701 -> 201.171.27.14 27410 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:21:19.132494 0.046407 tcp 10.0.2.19 50038 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 18:21:19.179347 0.076306 tcp 10.0.2.19 50039 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 18:21:19.256748 4.130056 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 4 1040 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:19.311863 3.488445 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 4 1152 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:19.367829 3.602652 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 4 1276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:19.537630 3.536183 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 4 1143 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:19.670460 3.461625 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 4 1317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:19.671051 3.001591 tcp 10.0.2.19 50040 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 18:21:19.727160 3.576052 udp 10.0.2.19 1701 <-> 75.13.87.74 9898 CON 0 0 4 1009 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:19.899773 3.701793 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 4 1116 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.136747 3.519942 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 4 1240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.191429 3.594503 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 4 1075 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.320410 3.697859 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 4 1152 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.548308 3.528423 udp 10.0.2.19 1701 <-> 82.211.180.109 5805 CON 0 0 4 1255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.606408 3.670806 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 4 1018 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.801681 3.563673 udp 10.0.2.19 1701 <-> 79.131.35.49 24285 CON 0 0 4 1154 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.885272 3.570585 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 4 1137 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:20.968775 3.642453 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 4 1192 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:21.125184 3.679007 udp 10.0.2.19 1701 <-> 122.174.187.66 25400 CON 0 0 4 1144 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:21.312137 3.661016 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 4 1234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:21.483375 3.709086 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 4 1127 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:21.706750 3.544093 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 4 1075 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:21.763954 4.468068 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 4 1165 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:21.939522 3.455594 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 4 1125 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:22.083225 3.521658 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 4 1308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:22.286282 3.498512 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 4 1066 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:22.468791 3.588493 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 4 968 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:26.232782 0.053445 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 741 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:21:26.339810 0.000000 udp 10.0.2.19 1701 -> 188.49.45.200 3501 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:21:28.671303 0.000000 tcp 10.0.2.19 50040 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 18:21:32.877787 0.000000 udp 10.0.2.19 1701 -> 217.36.121.227 1413 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:21:39.847978 0.000000 udp 10.0.2.19 1701 -> 89.96.180.226 5859 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:21:45.155470 0.000000 udp 10.0.2.19 1701 -> 92.192.26.126 9292 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:21:50.833799 0.036186 udp 10.0.2.19 1701 -> 178.2.30.15 1607 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:21:50.869985 0.000000 icmp 178.2.30.15 0x0d03 -> 10.0.2.19 0x0000 URFIL 192 1 257 flow=Background 1970/01/02 18:21:55.409540 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:21:57.963902 0.000000 udp 10.0.2.19 1701 -> 71.51.90.119 7599 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:03.421837 0.000000 udp 10.0.2.19 1701 -> 79.223.188.71 4587 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:11.172418 0.000000 udp 10.0.2.19 1701 -> 68.45.73.57 5878 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:17.392028 0.000000 udp 10.0.2.19 1701 -> 108.18.101.127 9603 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:24.641847 0.000000 udp 10.0.2.19 1701 -> 74.132.172.233 8041 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:29.409004 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:22:31.171666 0.054926 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 818 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:22:31.373539 0.000000 udp 10.0.2.19 1701 -> 68.107.159.117 1853 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:38.071268 0.364362 udp 10.0.2.19 1701 <-> 42.61.221.194 4286 CON 0 0 2 729 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:22:38.487176 0.000000 udp 10.0.2.19 1701 -> 184.42.7.227 3911 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:46.693614 0.000000 udp 10.0.2.19 1701 -> 173.8.70.38 2641 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:52.362224 0.000000 udp 10.0.2.19 1701 -> 213.57.245.155 3096 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:22:58.310340 0.053499 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:22:58.412762 0.160640 udp 10.0.2.19 1701 <-> 50.140.64.3 8336 CON 0 0 2 827 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:22:58.934274 0.000000 udp 10.0.2.19 1701 -> 108.246.198.185 7577 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:03.407999 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:23:04.228719 0.241533 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 761 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:23:04.607312 0.000000 udp 10.0.2.19 1701 -> 67.131.102.142 8653 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:13.342280 0.000000 udp 10.0.2.19 1701 -> 216.110.95.186 1846 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:21.864930 0.000000 udp 10.0.2.19 1701 -> 80.168.128.138 4245 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:28.463737 0.133849 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:23:28.753216 0.000000 udp 10.0.2.19 1701 -> 80.32.136.96 9924 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:34.732728 0.000000 udp 10.0.2.19 1701 -> 142.59.178.147 3988 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:39.409091 0.000120 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:23:41.543128 0.000000 udp 10.0.2.19 1701 -> 98.110.19.20 8685 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:46.950301 0.255671 udp 10.0.2.19 1701 <-> 59.161.19.18 4008 CON 0 0 2 793 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:23:47.345031 0.000000 udp 10.0.2.19 1701 -> 175.139.190.82 6512 INT 0 1 246 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:53.289658 0.000000 udp 10.0.2.19 1701 -> 88.229.13.232 6245 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:23:59.047849 0.000000 udp 10.0.2.19 1701 -> 80.250.18.93 4084 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:06.598576 0.000000 udp 10.0.2.19 1701 -> 64.105.6.90 8139 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:13.728584 0.000000 udp 10.0.2.19 1701 -> 64.212.161.30 2194 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:18.405394 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:24:22.081107 0.000000 udp 10.0.2.19 1701 -> 69.111.78.121 9566 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:27.288331 0.000000 udp 10.0.2.19 1701 -> 199.193.80.102 3565 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:35.179869 0.000000 udp 10.0.2.19 1701 -> 63.88.76.155 9570 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:44.122797 0.067938 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 773 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:24:44.231062 0.452693 udp 10.0.2.19 1701 <-> 36.74.200.86 18100 CON 0 0 2 840 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:24:45.028269 2.999625 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 18:24:45.043014 0.042222 udp 10.0.2.19 1701 <-> 93.183.130.8 2700 CON 0 0 2 861 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:24:45.222389 0.162004 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 713 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:24:45.638218 0.000000 udp 10.0.2.19 1701 -> 67.220.133.254 1765 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:50.992246 0.000000 udp 10.0.2.19 1701 -> 201.184.128.160 19367 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:24:52.034041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:24:55.909560 0.000216 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:24:56.580502 0.540023 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 775 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:24:57.255861 0.000000 udp 10.0.2.19 1701 -> 190.207.189.134 21121 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:00.035234 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:25:06.244715 0.000000 udp 10.0.2.19 1701 -> 95.15.22.31 6304 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:11.462110 0.000000 udp 10.0.2.19 1701 -> 95.15.173.122 10001 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:16.038457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:25:18.702760 0.465637 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 860 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:25:19.306621 0.000000 udp 10.0.2.19 1701 -> 78.168.104.77 15202 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:27.945399 0.178711 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:25:28.256647 0.124697 udp 10.0.2.19 1701 -> 24.187.205.230 9522 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:28.381344 0.000000 icmp 24.187.205.230 0x0303 -> 10.0.2.19 0x3225 URP 192 1 228 flow=Background 1970/01/02 18:25:32.902857 0.000140 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:25:35.085927 0.201851 udp 10.0.2.19 1701 <-> 92.54.229.42 13870 CON 0 0 2 821 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:25:35.502641 0.000000 udp 10.0.2.19 1701 -> 78.174.70.176 21494 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:40.894779 0.094782 udp 10.0.2.19 1701 <-> 79.131.97.55 22322 CON 0 0 2 792 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:25:41.086515 0.000000 udp 10.0.2.19 1701 -> 94.68.58.134 8883 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:46.542321 0.076716 udp 10.0.2.19 1701 <-> 94.71.97.115 28398 CON 0 0 2 851 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:25:46.763807 0.000000 udp 10.0.2.19 1701 -> 212.76.103.170 7285 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:25:48.044546 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:25:52.160205 0.059711 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:25:52.357060 0.000000 udp 10.0.2.19 1701 -> 151.32.95.225 4924 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:01.103700 0.085407 udp 10.0.2.19 1701 <-> 41.108.40.143 21005 CON 0 0 2 664 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:26:01.240571 0.000000 udp 10.0.2.19 1701 -> 83.204.139.14 8949 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:08.323840 0.320893 udp 10.0.2.19 1701 <-> 186.61.86.78 27560 CON 0 0 2 737 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:26:08.654232 0.313491 udp 10.0.2.19 1701 <-> 200.25.212.195 29021 CON 0 0 2 826 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:26:09.023811 0.333748 udp 10.0.2.19 1701 -> 61.83.99.123 10112 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:09.357559 0.000000 icmp 61.83.99.123 0x0303 -> 10.0.2.19 0x8027 URP 192 1 284 flow=Background 1970/01/02 18:26:12.900276 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:26:16.605316 0.000000 udp 10.0.2.19 1701 -> 178.134.148.46 22106 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:23.405379 0.000000 udp 10.0.2.19 1701 -> 204.76.196.114 4902 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:30.695737 0.000000 udp 10.0.2.19 1701 -> 78.134.25.43 9608 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:37.104931 0.000000 udp 10.0.2.19 1701 -> 201.240.108.7 11192 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:45.637411 0.000000 udp 10.0.2.19 1701 -> 195.252.47.213 4860 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:26:50.403640 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:26:54.149658 0.243259 udp 10.0.2.19 1701 <-> 189.134.36.148 8025 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:26:54.656785 0.000000 udp 10.0.2.19 1701 -> 41.222.233.238 2777 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:00.368427 0.000000 udp 10.0.2.19 1701 -> 82.89.170.4 5629 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:06.276741 0.000000 udp 10.0.2.19 1701 -> 187.143.72.15 16016 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:13.898297 0.098147 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 659 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:27:14.147796 0.174316 udp 10.0.2.19 1701 <-> 31.146.121.78 21114 CON 0 0 2 823 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:27:14.844420 0.055842 udp 10.0.2.19 1701 <-> 176.73.190.199 1554 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:27:14.945059 0.000000 udp 10.0.2.19 1701 -> 123.237.127.103 7332 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:22.139567 0.000000 udp 10.0.2.19 1701 -> 111.118.248.126 1303 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:26.906901 0.000226 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:27:28.299080 0.000000 udp 10.0.2.19 1701 -> 79.59.53.144 2776 INT 0 1 259 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:34.346984 0.000000 udp 10.0.2.19 1701 -> 84.62.100.247 8235 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:39.355024 0.053848 udp 10.0.2.19 1701 <-> 78.139.188.50 5541 CON 0 0 2 780 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:27:39.543547 0.000000 udp 10.0.2.19 1701 -> 62.178.136.244 5975 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:48.327519 0.000000 udp 10.0.2.19 1701 -> 207.86.132.170 9070 INT 0 1 306 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:27:54.145651 0.000000 udp 10.0.2.19 1701 -> 151.95.174.120 2672 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:01.006276 0.345443 udp 10.0.2.19 1701 <-> 178.88.132.202 6924 CON 0 0 2 695 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:28:01.509455 0.000000 udp 10.0.2.19 1701 -> 108.248.253.118 2630 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:05.902399 0.000150 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:28:09.277868 0.000000 udp 10.0.2.19 1701 -> 89.38.247.71 5411 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:17.839578 0.000000 udp 10.0.2.19 1701 -> 78.54.0.76 4016 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:25.801671 0.000000 udp 10.0.2.19 1701 -> 24.14.232.12 5768 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:31.018972 0.000000 udp 10.0.2.19 1701 -> 94.240.235.201 7184 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:39.060343 0.000000 udp 10.0.2.19 1701 -> 99.152.133.137 4486 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:43.907344 0.000127 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:28:46.090510 0.000000 udp 10.0.2.19 1701 -> 88.229.208.221 4078 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:28:54.612590 0.000000 udp 10.0.2.19 1701 -> 190.152.36.73 3182 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:02.517416 0.000000 udp 10.0.2.19 1701 -> 82.57.12.144 29584 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:11.446808 0.000000 udp 10.0.2.19 1701 -> 119.160.175.150 19031 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:20.259596 0.000000 udp 10.0.2.19 1701 -> 190.110.162.193 9650 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:24.906415 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:29:26.228677 0.000000 udp 10.0.2.19 1701 -> 178.236.50.134 2729 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:33.889092 0.000000 udp 10.0.2.19 1701 -> 85.101.27.15 12696 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:41.971004 0.000000 udp 10.0.2.19 1701 -> 180.151.117.97 5574 INT 0 1 246 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:50.322830 0.000000 udp 10.0.2.19 1701 -> 98.193.78.226 2728 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:29:56.101338 0.000000 udp 10.0.2.19 1701 -> 89.65.185.173 7468 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:00.907763 0.000108 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:30:02.450541 0.501426 udp 10.0.2.19 1701 <-> 180.73.4.190 7557 CON 0 0 2 716 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:30:02.999145 0.089585 udp 10.0.2.19 1701 <-> 85.72.219.144 19132 CON 0 0 2 739 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:30:03.123589 0.000000 udp 10.0.2.19 1701 -> 188.195.133.216 8214 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:11.442774 0.000000 udp 10.0.2.19 1701 -> 84.228.253.216 1667 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:16.970794 0.460522 udp 10.0.2.19 1701 <-> 180.254.84.17 24967 CON 0 0 2 751 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:30:17.441830 0.000000 udp 10.0.2.19 1701 -> 87.22.180.9 4978 INT 0 1 314 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:26.214503 0.000000 udp 10.0.2.19 1701 -> 79.218.94.160 7095 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:31.241644 0.129576 udp 10.0.2.19 1701 <-> 5.140.158.40 1196 CON 0 0 2 777 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:30:31.414344 0.000000 udp 10.0.2.19 1701 -> 208.29.231.98 8440 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:35.908286 0.000185 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:30:39.874226 0.123343 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:30:40.140548 0.000000 udp 10.0.2.19 1701 -> 112.210.35.208 1026 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:47.865506 0.000000 udp 10.0.2.19 1701 -> 93.70.165.37 6592 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:30:54.735607 0.000000 udp 10.0.2.19 1701 -> 75.185.232.67 3148 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:31:02.466595 0.070341 udp 10.0.2.19 1701 <-> 78.189.109.9 25218 CON 0 0 2 800 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:31:02.576350 0.000000 udp 10.0.2.19 1701 -> 93.180.20.214 9821 INT 0 1 313 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 18:31:09.166634 0.121725 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 797 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 18:31:13.902747 0.000145 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:31:52.049704 3.001995 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 18:31:59.057526 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:32:07.059179 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:32:23.062328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:32:55.068209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:38:59.076175 2.999578 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 18:39:06.081544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:39:14.083341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:39:30.086536 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:40:02.092611 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:46:06.099553 3.000501 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 18:46:13.105480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:46:19.846751 0.000168 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 18:46:19.847091 1.452987 tcp 10.0.2.19 50041 -> 90.156.118.144 5237 SPA_* 0 0 9 1126 flow=From-Botnet-V2-TCP-Established 1970/01/02 18:46:21.107147 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:46:29.749116 0.012397 tcp 10.0.2.19 50041 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 18:46:37.109904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:47:09.115950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:53:13.121731 3.001993 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 18:53:20.129831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:53:28.131207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:53:44.134592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 18:54:16.140363 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:00:20.148104 3.000218 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 19:00:27.153315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:00:35.155143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:00:51.157896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:01:23.234169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:01:23.254817 0.000151 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 19:01:23.255156 0.055919 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:23.311655 0.056128 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:23.368340 0.528192 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:23.897207 0.169897 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:24.067662 0.104039 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:24.172358 0.056083 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:24.173115 3.006768 tcp 10.0.2.19 50042 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:01:24.228956 0.053878 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:24.283420 0.206140 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:24.490399 0.162523 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:24.653525 0.000000 udp 10.0.2.19 1701 -> 122.174.187.66 25400 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:01:33.178765 0.000000 tcp 10.0.2.19 50042 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:01:43.275869 0.045748 tcp 10.0.2.19 50043 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:01:43.321896 0.074249 tcp 10.0.2.19 50044 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:01:43.396686 0.196076 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:43.593095 0.223224 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:43.816738 0.170940 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:43.988031 0.202451 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:44.190920 0.250562 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:44.441949 0.188374 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:44.630758 0.054848 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 576 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:44.685915 0.054575 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:44.740788 0.370638 udp 10.0.2.19 1701 <-> 42.61.221.194 4286 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:45.111832 0.161009 udp 10.0.2.19 1701 <-> 50.140.64.3 8336 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:45.273281 0.055042 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:45.273631 3.006568 tcp 10.0.2.19 50045 -> 50.140.64.3 7288 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:01:45.328721 0.242716 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:45.571872 0.134340 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:45.706615 0.223488 udp 10.0.2.19 1701 <-> 59.161.19.18 4008 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:45.930493 0.435840 udp 10.0.2.19 1701 <-> 36.74.200.86 18100 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:46.366731 0.065721 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:46.432853 0.055353 udp 10.0.2.19 1701 <-> 93.183.130.8 2700 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:46.488554 0.158887 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:46.647815 0.432457 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:47.080633 0.461871 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:47.542920 0.057705 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:01:47.600986 0.000000 udp 10.0.2.19 1701 -> 92.54.229.42 13870 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:01:54.279045 0.000000 tcp 10.0.2.19 50045 -> 50.140.64.3 7288 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:02:02.613297 0.045652 tcp 10.0.2.19 50046 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:02.659400 0.080565 tcp 10.0.2.19 50047 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:02.740654 0.091708 udp 10.0.2.19 1701 <-> 79.131.97.55 22322 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:02.832978 0.073837 udp 10.0.2.19 1701 <-> 94.71.97.115 28398 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:02.907407 0.059335 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:02.967361 0.085835 udp 10.0.2.19 1701 <-> 41.108.40.143 21005 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:03.053722 0.342982 udp 10.0.2.19 1701 <-> 186.61.86.78 27560 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:03.397351 0.244475 udp 10.0.2.19 1701 <-> 200.25.212.195 29021 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:03.642491 0.000000 udp 10.0.2.19 1701 -> 189.134.36.148 8025 INT 0 1 103 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:02:22.171727 0.047350 tcp 10.0.2.19 50048 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:22.219439 0.076703 tcp 10.0.2.19 50049 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:22.297076 0.056205 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:22.353818 0.697996 udp 10.0.2.19 1701 <-> 31.146.121.78 21114 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:23.052451 0.054860 udp 10.0.2.19 1701 <-> 78.139.188.50 5541 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:23.107853 0.000000 udp 10.0.2.19 1701 -> 178.88.132.202 6924 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:02:41.829829 0.045196 tcp 10.0.2.19 50050 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:41.875519 0.075897 tcp 10.0.2.19 50051 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:41.952083 0.000000 udp 10.0.2.19 1701 -> 180.73.4.190 7557 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:02:59.444636 0.045918 tcp 10.0.2.19 50052 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:59.491066 0.074683 tcp 10.0.2.19 50053 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:02:59.566811 0.083699 udp 10.0.2.19 1701 <-> 85.72.219.144 19132 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:02:59.651077 0.477959 udp 10.0.2.19 1701 <-> 180.254.84.17 24967 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:03:00.129627 0.134072 udp 10.0.2.19 1701 <-> 5.140.158.40 1196 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:03:00.264350 0.118536 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:03:00.383455 0.000000 udp 10.0.2.19 1701 -> 78.189.109.9 25218 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:03:15.687040 0.045475 tcp 10.0.2.19 50054 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:03:15.732727 0.074782 tcp 10.0.2.19 50055 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:03:15.808063 0.109481 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:07:27.242377 2.999695 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 19:07:34.247390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:07:42.249301 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:07:58.252409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:08:30.257941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:14:34.265966 2.999655 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 19:14:41.271768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:14:49.272954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:15:05.276011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:15:37.282297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:16:29.787965 0.000152 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 19:16:29.788301 1.125650 tcp 10.0.2.19 50056 -> 90.156.118.144 5237 SPA_* 0 0 9 1182 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:16:35.745762 0.127502 tcp 10.0.2.19 50056 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:21:41.289097 3.000625 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 19:21:48.295919 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:21:56.297093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:22:12.300023 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:22:44.306589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:28:48.313938 2.999944 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 19:28:55.319559 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:29:03.321191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:29:19.324409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:29:51.329844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:33:18.278594 0.000110 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 19:33:18.278773 0.000000 udp 10.0.2.19 1701 -> 122.174.187.66 25400 INT 0 1 97 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:33:33.985593 0.046999 tcp 10.0.2.19 50057 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:33:34.033040 0.075345 tcp 10.0.2.19 50058 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:33:34.109393 0.000000 udp 10.0.2.19 1701 -> 92.54.229.42 13870 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:33:50.375990 0.045915 tcp 10.0.2.19 50059 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:33:50.422551 0.074863 tcp 10.0.2.19 50060 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:33:50.498283 0.000000 udp 10.0.2.19 1701 -> 189.134.36.148 8025 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:34:06.539340 0.046565 tcp 10.0.2.19 50061 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:06.586527 0.075660 tcp 10.0.2.19 50062 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:06.663088 0.000000 udp 10.0.2.19 1701 -> 178.88.132.202 6924 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:34:22.081427 0.047219 tcp 10.0.2.19 50063 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:22.129076 0.076146 tcp 10.0.2.19 50064 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:22.205946 0.000000 udp 10.0.2.19 1701 -> 180.73.4.190 7557 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:34:38.435145 0.046183 tcp 10.0.2.19 50065 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:38.481824 0.072694 tcp 10.0.2.19 50066 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:38.555478 0.000000 udp 10.0.2.19 1701 -> 78.189.109.9 25218 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:34:54.929146 0.046153 tcp 10.0.2.19 50067 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:54.975784 0.074134 tcp 10.0.2.19 50068 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:34:55.050885 0.057587 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:55.109042 0.063529 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:55.173117 0.167853 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:55.341542 0.241086 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:55.583278 0.100958 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:55.684921 0.168767 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:55.685563 2.996493 tcp 10.0.2.19 50069 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:34:55.854353 0.163341 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.018336 0.058131 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.076967 0.055640 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.133164 0.197101 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.330862 0.219516 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.551003 0.054081 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.605661 0.054929 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.661153 0.202743 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:56.864567 0.172481 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:57.037652 0.215945 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:57.254305 0.171445 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:34:57.426392 0.000000 udp 10.0.2.19 1701 -> 24.151.56.116 5170 INT 0 1 97 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:35:04.690535 0.000000 tcp 10.0.2.19 50069 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:35:14.246970 0.046113 tcp 10.0.2.19 50070 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:35:14.293540 0.072830 tcp 10.0.2.19 50071 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:35:14.366918 0.000000 udp 10.0.2.19 1701 -> 42.61.221.194 4286 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:35:32.603577 0.045532 tcp 10.0.2.19 50072 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:35:32.649329 0.077553 tcp 10.0.2.19 50073 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:35:32.727911 0.159240 udp 10.0.2.19 1701 <-> 50.140.64.3 8336 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:32.887895 0.237199 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:32.888480 2.997263 tcp 10.0.2.19 50074 -> 50.140.64.3 7288 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:35:33.125739 0.054776 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:33.181064 0.044649 udp 10.0.2.19 1701 <-> 93.183.130.8 2700 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:33.226509 0.065471 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 559 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:33.292535 0.000000 udp 10.0.2.19 1701 -> 36.74.200.86 18100 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:35:41.883914 0.000000 tcp 10.0.2.19 50074 -> 50.140.64.3 7288 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 19:35:49.067018 0.045882 tcp 10.0.2.19 50075 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:35:49.113312 0.076958 tcp 10.0.2.19 50076 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:35:49.191195 0.524367 udp 10.0.2.19 1701 <-> 59.161.19.18 4008 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:49.716216 0.160713 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:49.877609 0.390239 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:50.268490 0.470395 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:35:50.739515 0.000000 udp 10.0.2.19 1701 -> 81.130.197.245 6570 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:35:55.337641 3.000074 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 19:36:02.343759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:36:07.333516 0.046156 tcp 10.0.2.19 50077 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:36:07.380166 0.074895 tcp 10.0.2.19 50078 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:36:07.456025 0.091387 udp 10.0.2.19 1701 <-> 79.131.97.55 22322 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:07.547934 0.000000 udp 10.0.2.19 1701 -> 41.108.40.143 21005 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 19:36:10.345359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:36:24.937995 0.046302 tcp 10.0.2.19 50079 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:36:24.984753 0.076248 tcp 10.0.2.19 50080 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:36:25.061965 0.075177 udp 10.0.2.19 1701 <-> 94.71.97.115 28398 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:25.137571 0.060063 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:25.198267 0.234677 udp 10.0.2.19 1701 <-> 200.25.212.195 29021 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:25.433604 0.339808 udp 10.0.2.19 1701 <-> 186.61.86.78 27560 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:25.774247 0.055510 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:25.830413 0.065380 udp 10.0.2.19 1701 <-> 78.139.188.50 5541 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:25.896377 0.176922 udp 10.0.2.19 1701 <-> 31.146.121.78 21114 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:26.073821 0.087396 udp 10.0.2.19 1701 <-> 85.72.219.144 19132 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:26.161810 0.131641 udp 10.0.2.19 1701 <-> 5.140.158.40 1196 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:26.294177 0.471294 udp 10.0.2.19 1701 <-> 180.254.84.17 24967 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:26.347868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:36:26.766200 0.118458 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:26.885222 0.107465 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 19:36:58.353793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:43:02.359655 3.002641 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 19:43:09.367507 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:43:17.369316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:43:33.371991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:44:05.377838 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:46:35.874813 0.000190 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 19:46:35.875190 4.486554 tcp 10.0.2.19 50081 -> 90.156.118.144 5237 FSPA* 0 0 14 1649 flow=From-Botnet-V2-TCP-Established 1970/01/02 19:50:09.385773 3.000119 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 19:50:16.391348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:50:24.392981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:50:40.395912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:51:12.402183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:57:16.410246 2.999167 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 19:57:23.415614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:57:31.417289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:57:47.419678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 19:58:19.426367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:04:23.433704 3.000006 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 20:04:30.439673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:04:38.440840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:04:54.443883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:05:26.449909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:06:36.160310 0.000133 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 20:06:36.160604 0.000000 udp 10.0.2.19 1701 -> 24.151.56.116 5170 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:06:52.936725 0.045987 tcp 10.0.2.19 50082 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:06:52.982957 0.072908 tcp 10.0.2.19 50083 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:06:53.056379 0.000000 udp 10.0.2.19 1701 -> 42.61.221.194 4286 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:07:08.669199 0.045791 tcp 10.0.2.19 50084 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:07:08.715389 0.078532 tcp 10.0.2.19 50085 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:07:08.795040 0.000000 udp 10.0.2.19 1701 -> 36.74.200.86 18100 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:07:25.553545 0.046340 tcp 10.0.2.19 50086 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:07:25.600337 0.076701 tcp 10.0.2.19 50087 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:07:25.677949 0.058097 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:25.736606 0.000000 udp 10.0.2.19 1701 -> 41.108.40.143 21005 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:07:43.139316 0.046371 tcp 10.0.2.19 50088 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:07:43.186378 0.082780 tcp 10.0.2.19 50089 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:07:43.270304 0.170925 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:43.441836 0.238319 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:43.680761 0.105071 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:43.786663 0.205276 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:43.787266 2.994775 tcp 10.0.2.19 50090 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 20:07:43.992508 0.057651 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:44.050729 0.216020 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:44.267340 0.055735 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:44.323604 0.054922 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:44.379067 0.195645 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:44.575274 0.169912 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:44.745741 0.241337 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:44.987652 0.057698 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:45.045914 0.056480 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:45.102919 0.175423 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:45.279019 0.210428 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:45.490294 0.202322 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:45.693270 0.168123 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:07:45.862191 0.000000 udp 10.0.2.19 1701 -> 37.32.176.169 22009 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:07:52.790156 0.000000 tcp 10.0.2.19 50090 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 20:08:01.855941 0.046169 tcp 10.0.2.19 50091 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:01.902597 0.078512 tcp 10.0.2.19 50092 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:01.982035 0.256659 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:02.239289 0.159512 udp 10.0.2.19 1701 <-> 50.140.64.3 8336 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:02.399353 0.049098 udp 10.0.2.19 1701 <-> 93.183.130.8 2700 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:02.448969 0.055496 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:02.505018 0.605699 udp 10.0.2.19 1701 <-> 59.161.19.18 4008 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:03.111363 0.000000 udp 10.0.2.19 1701 -> 79.127.101.197 1438 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:08:21.974670 0.045574 tcp 10.0.2.19 50093 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:22.020666 0.076273 tcp 10.0.2.19 50094 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:22.097488 0.421139 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:22.519278 0.159921 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:22.679910 0.107130 udp 10.0.2.19 1701 <-> 79.131.97.55 22322 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:22.680513 2.997177 tcp 10.0.2.19 50095 -> 108.233.136.124 3712 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 20:08:22.787636 0.110987 udp 10.0.2.19 1701 <-> 94.71.97.115 28398 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:22.899206 0.059928 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:22.959685 0.000000 udp 10.0.2.19 1701 -> 200.25.212.195 29021 INT 0 1 114 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:08:31.676402 0.000000 tcp 10.0.2.19 50095 -> 108.233.136.124 3712 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 20:08:40.822001 0.046225 tcp 10.0.2.19 50096 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:40.868649 0.074569 tcp 10.0.2.19 50097 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:40.944113 0.317546 udp 10.0.2.19 1701 <-> 186.61.86.78 27560 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:41.262373 0.080904 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:41.343806 0.087912 udp 10.0.2.19 1701 <-> 85.72.219.144 19132 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:41.432226 0.142425 udp 10.0.2.19 1701 <-> 5.140.158.40 1196 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:41.575209 0.000000 udp 10.0.2.19 1701 -> 180.254.84.17 24967 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:08:57.345307 0.046162 tcp 10.0.2.19 50098 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:57.391894 0.075588 tcp 10.0.2.19 50099 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:08:57.468457 0.053371 udp 10.0.2.19 1701 <-> 78.139.188.50 5541 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:57.522397 0.260670 udp 10.0.2.19 1701 <-> 31.146.121.78 21114 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:57.783687 0.120630 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:08:57.904929 0.142914 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:11:30.457746 3.000095 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 20:11:37.463426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:11:45.464962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:12:01.467591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:12:33.474135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:16:40.369225 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 20:16:40.369610 3.362984 tcp 10.0.2.19 50100 -> 90.156.118.144 5237 FSPA* 0 0 14 1647 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:18:37.481414 2.999953 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 20:18:44.487230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:18:52.488635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:19:08.492055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:19:40.498423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:25:44.505586 3.000297 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 20:25:51.511725 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:25:59.512540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:26:15.516185 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:26:47.522215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:32:51.530146 2.999093 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 20:32:58.535777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:33:06.536600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:33:22.539791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:33:54.545642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:39:11.882758 0.000190 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 20:39:11.883141 0.063039 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:11.946711 0.450824 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:12.398206 0.000000 udp 10.0.2.19 1701 -> 200.25.212.195 29021 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:39:27.459048 0.046173 tcp 10.0.2.19 50101 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:39:27.505673 0.079119 tcp 10.0.2.19 50102 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:39:27.585348 0.000000 udp 10.0.2.19 1701 -> 180.254.84.17 24967 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:39:43.790082 0.045774 tcp 10.0.2.19 50103 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:39:43.836369 0.076575 tcp 10.0.2.19 50104 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:39:43.913920 0.058100 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:43.972591 0.058168 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:44.031349 0.104893 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:44.136923 0.169482 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:44.137584 2.994895 tcp 10.0.2.19 50105 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 20:39:44.306955 0.055066 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:44.362664 0.223352 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:44.586665 0.055693 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:44.642913 0.205954 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:44.849534 0.166919 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:45.017064 0.060480 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:45.078107 0.191122 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:45.269944 0.200076 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:45.470713 0.172403 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:45.643723 0.137594 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:45.781708 0.057673 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:45.839927 0.271819 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:46.112407 0.055504 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:46.168481 0.167768 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:46.336847 0.271461 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:46.608960 0.055523 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:46.665056 0.051893 udp 10.0.2.19 1701 <-> 93.183.130.8 2700 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:46.717472 0.160535 udp 10.0.2.19 1701 <-> 50.140.64.3 8336 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:46.878745 0.215613 udp 10.0.2.19 1701 <-> 59.161.19.18 4008 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:47.094963 0.160857 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:47.256487 0.440990 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:39:47.698328 0.000000 udp 10.0.2.19 1701 -> 79.131.97.55 22322 INT 0 1 100 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:39:53.131363 0.000000 tcp 10.0.2.19 50105 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 20:39:58.553581 2.999837 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 20:40:02.938880 0.061071 tcp 10.0.2.19 50106 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:03.000409 0.074713 tcp 10.0.2.19 50107 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:03.076094 0.090496 udp 10.0.2.19 1701 <-> 94.71.97.115 28398 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:40:03.167149 0.059310 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:40:03.226997 0.000000 udp 10.0.2.19 1701 -> 5.140.158.40 1196 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:40:05.559378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:40:13.560779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:40:20.502872 0.046487 tcp 10.0.2.19 50108 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:20.549858 0.073211 tcp 10.0.2.19 50109 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:20.623702 0.000000 udp 10.0.2.19 1701 -> 186.61.86.78 27560 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:40:29.563440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:40:36.886242 0.046252 tcp 10.0.2.19 50110 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:36.932872 0.074558 tcp 10.0.2.19 50111 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:37.008323 0.056666 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:40:37.065551 0.000000 udp 10.0.2.19 1701 -> 85.72.219.144 19132 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:40:52.527991 0.045239 tcp 10.0.2.19 50112 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:52.573438 0.074296 tcp 10.0.2.19 50113 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:40:52.648322 0.000000 udp 10.0.2.19 1701 -> 78.139.188.50 5541 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 20:41:01.570261 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:41:08.752257 0.045451 tcp 10.0.2.19 50114 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:41:08.797944 0.075014 tcp 10.0.2.19 50115 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:41:08.873894 0.138310 udp 10.0.2.19 1701 <-> 31.146.121.78 21114 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:41:09.012740 0.118862 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:41:09.132193 0.116733 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 20:46:43.732097 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 20:46:43.732383 1.549200 tcp 10.0.2.19 50116 -> 90.156.118.144 5237 SPA_* 0 0 9 1235 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:46:50.863378 0.007424 tcp 10.0.2.19 50116 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 20:47:05.577141 3.000298 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 20:47:12.582891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:47:20.584583 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:47:36.588244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:48:08.593571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:54:12.601426 3.000164 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 20:54:19.607748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:54:27.608829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:54:43.611448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 20:55:15.617914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:01:19.625888 2.999133 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:01:26.630783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:01:34.633104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:01:50.635819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:02:22.641864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:08:26.647593 3.001869 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:08:33.655154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:08:41.657020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:08:57.659385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:09:29.665654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:11:16.650391 0.000174 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 21:11:16.650738 0.000000 udp 10.0.2.19 1701 -> 79.131.97.55 22322 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:11:33.195763 0.045056 tcp 10.0.2.19 50117 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:11:33.241081 0.085500 tcp 10.0.2.19 50118 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:11:33.327103 0.000000 udp 10.0.2.19 1701 -> 186.61.86.78 27560 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:11:50.630365 0.045671 tcp 10.0.2.19 50119 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:11:50.676491 0.079626 tcp 10.0.2.19 50120 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:11:50.757069 0.000000 udp 10.0.2.19 1701 -> 85.72.219.144 19132 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:12:05.822248 0.262540 tcp 10.0.2.19 50121 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:06.085187 0.082605 tcp 10.0.2.19 50122 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:06.168804 0.000000 udp 10.0.2.19 1701 -> 5.140.158.40 1196 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:12:23.187242 0.045684 tcp 10.0.2.19 50123 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:23.233451 0.077855 tcp 10.0.2.19 50124 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:23.312306 0.000000 udp 10.0.2.19 1701 -> 78.139.188.50 5541 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:12:41.473911 0.047050 tcp 10.0.2.19 50125 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:41.521454 0.077560 tcp 10.0.2.19 50126 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:41.599938 0.065296 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:41.665822 0.000000 udp 10.0.2.19 1701 -> 79.127.101.197 1438 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:12:56.675736 0.045888 tcp 10.0.2.19 50127 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:56.722327 0.071431 tcp 10.0.2.19 50128 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:12:56.794916 0.221466 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.016962 0.056604 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.074085 0.106913 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.181699 0.055360 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.182332 3.006065 tcp 10.0.2.19 50129 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 21:12:57.237602 0.079105 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.317275 0.070149 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.388005 0.170035 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.558578 0.190077 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.749242 0.139038 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.888913 0.055891 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:57.945345 0.190145 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:58.136093 0.056922 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:58.193513 0.169213 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:58.363270 0.207445 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:58.571360 0.201443 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:58.773407 0.260078 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:59.034150 0.168388 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:59.203123 0.056035 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:59.259816 0.278478 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:59.538878 0.040673 udp 10.0.2.19 1701 <-> 93.183.130.8 2700 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:59.580097 0.054030 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:59.634664 0.160977 udp 10.0.2.19 1701 <-> 50.140.64.3 8336 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:12:59.796257 0.428433 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:13:00.225221 0.167370 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:13:00.393183 0.000000 udp 10.0.2.19 1701 -> 59.161.19.18 4008 INT 0 1 117 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:13:06.186594 0.000000 tcp 10.0.2.19 50129 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 21:13:17.324871 0.047683 tcp 10.0.2.19 50130 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:13:17.373119 0.077485 tcp 10.0.2.19 50131 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:13:17.451557 0.073644 udp 10.0.2.19 1701 <-> 94.71.97.115 28398 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:13:17.525771 0.058007 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:13:17.584342 0.056742 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:13:17.641610 0.106254 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:13:17.748405 0.149309 rtcp 10.0.2.19 1701 <-> 31.146.121.78 21114 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:13:17.898354 0.120361 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:15:33.771854 3.001457 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 21:15:40.779056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:15:48.781021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:16:04.783775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:16:36.789605 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:16:50.970736 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 21:16:50.970909 1.525977 tcp 10.0.2.19 50132 -> 90.156.118.144 5237 SPA_* 0 0 9 1014 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:16:58.236584 0.008986 tcp 10.0.2.19 50132 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:22:40.797846 2.999837 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:22:47.803106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:22:55.804946 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:23:11.807548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:23:45.996762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:29:50.004911 2.999883 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:29:57.010751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:30:05.011458 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:30:21.014749 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:30:53.020850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:36:57.026613 3.001594 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:37:04.034057 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:37:12.035900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:37:28.038459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:38:00.045100 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:43:29.078478 0.000135 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 21:43:29.078775 0.685173 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:29.764605 0.000000 udp 10.0.2.19 1701 -> 59.161.19.18 4008 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:43:45.155895 0.046575 tcp 10.0.2.19 50133 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:43:45.202906 0.105373 tcp 10.0.2.19 50134 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:43:45.309349 0.063584 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:45.373472 0.054611 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:45.428674 0.137364 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:45.566705 0.056191 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:45.567299 2.998348 tcp 10.0.2.19 50135 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 21:43:45.623450 0.056624 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:45.680644 0.057070 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:45.738321 0.168878 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:45.907806 0.220175 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:46.128599 0.197550 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:46.326813 0.189131 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:46.516517 0.055028 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:46.572167 0.168454 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:43:46.741244 0.000000 udp 10.0.2.19 1701 -> 105.236.59.147 12489 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:43:54.564728 0.000000 tcp 10.0.2.19 50135 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 21:44:04.051981 3.000783 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:44:05.482620 0.045572 tcp 10.0.2.19 50136 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:44:05.528676 0.082946 tcp 10.0.2.19 50137 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:44:05.612545 0.203492 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:05.816641 0.140424 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:05.957586 0.055907 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.014034 0.055589 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.070408 0.225792 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.296813 0.052465 udp 10.0.2.19 1701 <-> 93.183.130.8 2700 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.349831 0.052535 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.402930 0.234005 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.637634 0.169347 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.638338 2.997622 tcp 10.0.2.19 50138 -> 65.131.138.134 8321 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 21:44:06.807615 0.159853 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:06.968015 0.481328 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:07.449908 0.000000 udp 10.0.2.19 1701 -> 50.140.64.3 8336 INT 0 1 114 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:44:11.058540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:44:15.634569 0.000000 tcp 10.0.2.19 50138 -> 65.131.138.134 8321 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/02 21:44:19.060063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:44:23.247728 0.045886 tcp 10.0.2.19 50139 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:44:23.293996 0.074297 tcp 10.0.2.19 50140 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:44:23.368937 0.054940 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:23.424455 0.126353 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:23.551219 0.112979 udp 10.0.2.19 1701 <-> 94.71.97.115 28398 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:23.664813 0.058591 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:44:23.723907 0.000000 udp 10.0.2.19 1701 -> 31.146.121.78 21114 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 21:44:35.063006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:44:40.151487 0.045771 tcp 10.0.2.19 50141 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:44:40.197721 0.076667 tcp 10.0.2.19 50142 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:44:40.274917 0.119300 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 21:45:07.068488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:46:59.340447 0.000160 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 21:46:59.340786 1.909290 tcp 10.0.2.19 50143 -> 90.156.118.144 5237 FSPA* 0 0 14 1680 flow=From-Botnet-V2-TCP-Established 1970/01/02 21:51:11.074415 3.001784 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:51:18.082506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:51:26.083363 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:51:42.086412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:52:14.092655 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:58:18.100681 2.999447 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 21:58:25.106225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:58:33.107888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:58:49.110361 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 21:59:21.116627 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:05:25.123184 3.001243 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 22:05:32.130094 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:05:40.131509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:05:56.134530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:06:28.142042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:12:32.149122 2.999462 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 22:12:39.154301 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:12:47.155890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:13:03.158732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:13:35.164653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:15:10.031858 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 22:15:10.032216 0.211222 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:15:10.244051 0.000000 udp 10.0.2.19 1701 -> 50.140.64.3 8336 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:15:28.502629 0.046269 tcp 10.0.2.19 50144 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:15:28.549352 0.078850 tcp 10.0.2.19 50145 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:15:28.629206 0.000000 udp 10.0.2.19 1701 -> 31.146.121.78 21114 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:15:45.403936 0.045665 tcp 10.0.2.19 50146 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:15:45.449992 0.079318 tcp 10.0.2.19 50147 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:15:45.530306 0.478484 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:15:46.009341 0.064566 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:15:46.074510 0.072753 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:15:46.147810 0.000000 udp 10.0.2.19 1701 -> 188.129.191.210 9746 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:16:02.197517 0.045090 tcp 10.0.2.19 50148 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:02.242865 0.075173 tcp 10.0.2.19 50149 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:02.318595 0.056695 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:02.375686 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 259 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:16:17.500133 0.046040 tcp 10.0.2.19 50150 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:17.546638 0.074783 tcp 10.0.2.19 50151 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:17.622427 0.064185 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:17.687108 0.219758 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:17.907493 0.171737 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:18.079797 0.168587 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:18.249047 0.177961 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:18.427458 0.195780 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:18.623783 0.055108 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:18.679563 0.203017 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:18.680209 3.313681 tcp 10.0.2.19 50152 -> 46.49.74.62 5181 FSPA* 0 0 566 415920 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:18.883178 0.055910 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:18.939573 0.184535 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:19.124610 0.000000 udp 10.0.2.19 1701 -> 93.183.130.8 2700 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:16:34.264575 0.045365 tcp 10.0.2.19 50153 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:34.310403 0.089500 tcp 10.0.2.19 50154 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:34.400864 0.054795 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:34.456225 0.266459 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:34.723279 0.175206 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:34.899105 0.132913 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:35.032581 0.056216 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:35.089330 0.510793 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:35.600700 0.159941 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:35.761236 0.059288 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:35.821070 0.103764 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:35.925422 0.057258 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:16:35.983168 0.000000 udp 10.0.2.19 1701 -> 94.71.97.115 28398 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:16:52.470593 0.045622 tcp 10.0.2.19 50155 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:52.516687 0.082462 tcp 10.0.2.19 50156 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:16:52.600112 0.119013 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:17:01.251507 1.970894 tcp 10.0.2.19 50157 -> 90.156.118.144 5237 FSPA* 0 0 14 1571 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:19:39.172298 3.000128 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 22:19:46.177843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:19:54.179319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:20:10.182713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:20:42.188932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:26:46.195136 3.000923 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 22:26:53.201675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:27:01.203657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:27:17.206769 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:27:49.212411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:33:53.219347 3.000749 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 22:34:00.226030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:34:08.227756 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:34:24.230914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:34:56.236769 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:41:00.244963 2.999060 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 22:41:07.249932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:41:15.251099 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:41:31.254812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:42:03.260197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:47:03.222145 0.000139 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 22:47:03.222379 0.581941 tcp 10.0.2.19 50158 -> 90.156.118.144 5237 FSPA* 0 0 14 1586 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:47:18.694211 0.101818 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:47:18.796399 0.000000 udp 10.0.2.19 1701 -> 188.129.191.210 9746 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:47:36.393792 0.046449 tcp 10.0.2.19 50159 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:47:36.440616 0.075543 tcp 10.0.2.19 50160 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:47:36.516678 0.000000 udp 10.0.2.19 1701 -> 93.183.130.8 2700 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:47:54.508209 0.045205 tcp 10.0.2.19 50161 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:47:54.553916 0.072510 tcp 10.0.2.19 50162 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:47:54.627934 0.000000 udp 10.0.2.19 1701 -> 94.71.97.115 28398 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:48:07.268067 2.999906 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 22:48:12.453360 0.046723 tcp 10.0.2.19 50163 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:48:12.500455 0.073289 tcp 10.0.2.19 50164 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:48:12.574852 0.230715 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 205 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:12.806212 0.058660 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:12.865485 0.059616 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:12.925696 0.461920 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:13.388287 0.055862 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:13.444719 0.064675 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:13.509911 0.187150 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:13.697635 0.190070 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:13.888338 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 94 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 22:48:14.273745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:48:22.275397 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:48:32.282178 0.045694 tcp 10.0.2.19 50165 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:48:32.328307 0.074137 tcp 10.0.2.19 50166 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 22:48:32.403350 0.207830 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:32.611850 0.236797 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:32.849286 0.169591 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:33.019436 0.222021 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:33.242019 0.110064 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:33.352650 0.199410 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:33.552629 0.274725 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:33.828029 0.054029 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:33.882590 0.054299 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:33.937478 0.452168 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:34.390516 0.160083 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:34.551227 0.058225 udp 10.0.2.19 1701 <-> 46.160.95.162 3201 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:34.610196 0.136818 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:34.747595 0.167591 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:34.915776 0.055551 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:34.971884 0.116533 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:35.088934 0.117563 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 218 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 22:48:38.278431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:49:10.284565 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:55:14.289809 3.002365 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 22:55:21.297832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:55:29.299216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:55:45.302192 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 22:56:17.308121 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:02:21.316219 2.999948 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 23:02:28.321891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:02:36.323506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:02:52.326231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:03:24.332360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:09:28.338471 3.001634 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 23:09:35.346037 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:09:43.347034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:09:59.350582 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:10:31.356840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:16:35.364240 2.999689 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 23:16:42.369917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:16:50.370980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:17:03.811399 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 23:17:03.811578 0.476653 tcp 10.0.2.19 50167 -> 90.156.118.144 5237 FSPA* 0 0 14 1529 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:17:06.374191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:17:38.380513 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:18:43.434624 0.000163 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 23:18:43.434969 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 23:19:01.474625 0.045745 tcp 10.0.2.19 50168 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:19:01.520807 0.071095 tcp 10.0.2.19 50169 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:19:01.592878 0.100815 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:01.694303 0.211479 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:01.906573 0.058167 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:01.965280 0.055668 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:02.021510 0.063315 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:02.085407 0.172523 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:02.258607 0.628159 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:02.887433 0.062721 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:02.950542 0.193335 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:03.144506 0.169705 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:03.314830 0.221048 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:03.536494 0.169478 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:03.706712 0.245756 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:03.953130 0.055723 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:04.009385 0.200971 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:04.210939 0.238273 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:04.449733 0.054050 udp 10.0.2.19 1701 <-> 5.20.80.35 6606 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:04.504336 0.058049 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:04.562950 0.355962 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:04.919413 0.160243 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:05.080212 0.000000 udp 10.0.2.19 1701 -> 46.160.95.162 3201 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 23:19:20.830403 0.045105 tcp 10.0.2.19 50170 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:19:20.875980 0.074494 tcp 10.0.2.19 50171 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:19:20.951435 0.138071 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:21.090120 0.120854 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:21.211406 0.120095 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:21.332121 0.170348 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:19:21.503285 0.053612 udp 10.0.2.19 1701 <-> 94.137.169.235 5549 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:23:42.388435 2.999654 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 23:23:49.394230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:23:57.395516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:24:13.398122 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:24:45.404525 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:30:49.411735 3.000088 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 23:30:56.417334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:31:04.418859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:31:20.422707 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:31:52.428729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:37:56.435768 3.000074 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 23:38:03.441697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:38:11.443450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:38:27.445903 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:38:59.452119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:45:03.458484 3.001175 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 23:45:10.465885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:45:18.466941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:45:34.470004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:46:06.476470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:47:04.289663 0.000148 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 23:47:04.289988 1.147746 tcp 10.0.2.19 50172 -> 90.156.118.144 5237 FSPA* 0 0 14 1525 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:49:36.888928 0.000180 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/02 23:49:36.889274 0.000000 udp 10.0.2.19 1701 -> 46.160.95.162 3201 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 23:49:55.218526 0.289654 tcp 10.0.2.19 50173 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:49:55.508733 0.074157 tcp 10.0.2.19 50174 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:49:55.583888 0.104350 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:55.688841 0.055457 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:55.744840 0.063069 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:55.808410 0.188263 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:55.997350 0.210386 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:56.208322 0.055206 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:56.264028 0.059412 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:56.324027 0.449857 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:56.774591 0.216659 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:56.991880 0.170092 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:57.162513 0.168401 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 210 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:57.331549 0.198164 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:57.530341 0.198646 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:57.729578 0.271507 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:49:58.001585 0.000000 udp 10.0.2.19 1701 -> 5.20.80.35 6606 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 23:50:16.978844 0.046068 tcp 10.0.2.19 50175 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:50:17.025377 0.071165 tcp 10.0.2.19 50176 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:50:17.097403 0.054130 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:50:17.152088 0.055979 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:50:17.208624 0.187871 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:50:17.397117 0.161720 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:50:17.559402 0.410587 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:50:17.970497 0.118816 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:50:18.089690 0.000000 udp 10.0.2.19 1701 -> 99.177.116.230 8435 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 23:50:33.682766 0.045487 tcp 10.0.2.19 50177 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:50:33.728659 0.073719 tcp 10.0.2.19 50178 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:50:33.803327 0.000000 udp 10.0.2.19 1701 -> 94.137.169.235 5549 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/02 23:50:52.399665 0.046953 tcp 10.0.2.19 50179 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:50:52.447101 0.074410 tcp 10.0.2.19 50180 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/02 23:50:52.522558 0.133713 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:50:52.656844 0.123700 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/02 23:52:10.483607 2.999993 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/02 23:52:17.489908 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:52:25.491068 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:52:41.494463 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:53:13.499943 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:59:17.506926 3.000588 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/02 23:59:24.513498 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:59:32.515451 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/02 23:59:48.517906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:00:20.524144 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:06:24.532014 3.000020 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 00:06:31.537786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:06:39.538965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:06:55.541835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:07:27.547787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:13:31.556145 2.999864 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 00:13:38.561733 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:13:46.563342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:14:02.565849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:14:34.571819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:17:05.439659 0.000201 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:17:05.440014 2.670971 tcp 10.0.2.19 50181 -> 90.156.118.144 5237 FSPA* 0 0 14 1708 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:20:38.577717 3.002300 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 00:20:45.585651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:20:53.586627 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:21:09.589998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:21:21.878646 0.000216 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:21:21.879049 0.000000 udp 10.0.2.19 1701 -> 5.20.80.35 6606 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:21:39.338117 0.045984 tcp 10.0.2.19 50182 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:21:39.384603 0.073041 tcp 10.0.2.19 50183 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:21:39.458543 0.000000 udp 10.0.2.19 1701 -> 99.177.116.230 8435 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:21:41.595963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:21:54.787387 0.046103 tcp 10.0.2.19 50184 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:21:54.833959 0.074986 tcp 10.0.2.19 50185 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:21:54.909878 0.000000 udp 10.0.2.19 1701 -> 94.137.169.235 5549 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:22:10.449553 0.045187 tcp 10.0.2.19 50186 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:22:10.495185 0.073148 tcp 10.0.2.19 50187 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:22:10.569280 0.064118 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:10.633925 0.055639 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:10.690315 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:22:27.193999 0.046919 tcp 10.0.2.19 50188 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:22:27.241277 0.074835 tcp 10.0.2.19 50189 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:22:27.316995 4.258934 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 4 1105 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:27.769393 3.345543 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 4 1289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:27.825289 3.968177 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 4 1118 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:28.036304 3.930847 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 4 1073 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:28.213949 3.818974 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 4 971 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:28.273169 3.967922 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 4 1319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:28.476627 3.947848 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 4 1094 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:28.648101 3.944980 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 4 1009 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:28.818988 3.980060 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 4 1140 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:29.021774 4.001705 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 4 1213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:29.249222 4.001621 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 4 1080 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:29.468076 3.943877 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 4 935 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:29.627860 4.813893 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 3 757 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:29.865190 3.604499 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 4 1179 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:29.930243 3.596785 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 4 1213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:29.986868 4.067581 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 4 1121 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:30.425542 3.752844 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 4 1332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:30.545998 3.772402 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 4 1036 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:30.684922 3.756399 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 4 1077 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:30.836922 0.104911 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:30.942287 0.055800 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 799 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:30.998508 0.067281 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 754 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:34.679600 0.000000 udp 10.0.2.19 1701 <- 108.238.101.170 3001 RSP 0 0 1 543 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:22:34.680075 0.000000 udp 10.0.2.19 1701 -> 67.184.50.84 3509 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:22:40.180268 0.000000 udp 10.0.2.19 1701 -> 69.244.46.205 8868 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:22:46.139959 0.000000 udp 10.0.2.19 1701 -> 70.60.118.20 5711 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:22:54.010014 3.916027 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 784 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:58.021915 0.057995 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 754 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:22:58.136468 0.165900 udp 10.0.2.19 1701 -> 174.141.117.232 3271 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:22:58.302368 0.000000 icmp 174.141.117.232 0x0303 -> 10.0.2.19 0xc70c URP 192 1 193 flow=Background 1970/01/03 00:23:02.622197 0.610296 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:23:04.446908 0.000000 udp 10.0.2.19 1701 -> 95.42.16.38 6973 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:12.126752 0.000000 udp 10.0.2.19 1701 -> 69.198.227.169 9247 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:19.496628 0.174805 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 769 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:23:19.844011 0.000000 udp 10.0.2.19 1701 -> 38.118.129.170 3353 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:25.084805 0.000000 udp 10.0.2.19 1701 -> 72.4.69.34 5614 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:32.265272 0.383461 udp 10.0.2.19 1701 -> 69.111.78.121 9566 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:32.648733 0.000000 icmp 69.111.78.121 0x0303 -> 10.0.2.19 0x5e25 URP 192 1 201 flow=Background 1970/01/03 00:23:37.002110 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:23:39.054991 0.000000 udp 10.0.2.19 1701 -> 71.21.13.138 2128 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:45.574616 0.000000 udp 10.0.2.19 1701 -> 68.107.159.117 1853 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:53.065165 0.000000 udp 10.0.2.19 1701 -> 42.61.221.194 4286 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:23:58.653110 0.000000 udp 10.0.2.19 1701 -> 216.8.177.82 4485 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:04.130829 0.000000 udp 10.0.2.19 1701 -> 213.57.245.155 3096 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:11.051055 0.000000 udp 10.0.2.19 1701 -> 174.79.52.220 3715 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:16.007830 0.000205 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:24:17.500495 0.000000 udp 10.0.2.19 1701 -> 201.184.128.160 19367 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:25.291821 0.000000 udp 10.0.2.19 1701 -> 186.147.133.194 5141 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:33.433660 0.311673 udp 10.0.2.19 1701 <-> 190.254.224.17 16573 CON 0 0 2 723 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:24:33.795241 0.000000 udp 10.0.2.19 1701 -> 175.139.190.82 6512 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:42.516321 0.000000 udp 10.0.2.19 1701 -> 76.111.224.156 7760 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:49.536113 0.134729 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 822 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:24:49.685663 0.151553 udp 10.0.2.19 1701 -> 74.114.234.198 9474 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:24:49.837216 0.000000 icmp 74.114.234.198 0x0303 -> 10.0.2.19 0x0225 URP 192 1 175 flow=Background 1970/01/03 00:24:54.503130 0.000159 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:24:57.697710 0.000000 udp 10.0.2.19 1701 -> 64.212.161.30 2194 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:06.522566 0.000000 udp 10.0.2.19 1701 -> 79.223.188.71 4587 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:13.350487 0.000000 udp 10.0.2.19 1701 -> 71.254.149.10 9589 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:20.640986 0.408733 udp 10.0.2.19 1701 <-> 49.49.4.205 14100 CON 0 0 2 760 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:25:21.199641 0.448175 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 796 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:25:21.740484 0.117026 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:25:22.000256 0.000000 udp 10.0.2.19 1701 -> 190.235.220.87 5159 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:28.962829 0.000000 udp 10.0.2.19 1701 -> 190.207.189.134 21121 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:33.549419 0.000223 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:25:36.393884 0.000000 udp 10.0.2.19 1701 -> 66.0.1.161 1043 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:44.605400 0.000000 udp 10.0.2.19 1701 -> 181.67.85.122 1057 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:50.514309 0.000000 udp 10.0.2.19 1701 -> 208.180.242.247 2799 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:25:56.332736 0.479413 udp 10.0.2.19 1701 <-> 49.144.13.22 18326 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:25:56.843963 0.000000 udp 10.0.2.19 1701 -> 24.157.42.42 4877 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:02.551490 0.089896 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 737 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:03.093553 0.000000 udp 10.0.2.19 1701 -> 188.169.180.241 10446 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:07.558705 0.000172 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:26:08.470389 0.000000 udp 10.0.2.19 1701 -> 81.138.18.221 7451 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:16.701627 0.000000 udp 10.0.2.19 1701 -> 190.1.245.238 19333 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:22.710296 0.213194 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 839 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:22.967338 0.263570 udp 10.0.2.19 1701 <-> 41.72.123.111 20126 CON 0 0 2 849 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:23.730303 0.064887 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 791 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:23.910843 0.000000 udp 10.0.2.19 1701 -> 100.1.75.230 5965 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:29.971077 0.000000 udp 10.0.2.19 1701 -> 198.2.54.18 16882 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:36.760649 0.274009 udp 10.0.2.19 1701 <-> 190.222.31.42 24715 CON 0 0 2 817 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:37.082451 0.176375 udp 10.0.2.19 1701 <-> 142.197.151.54 5554 CON 0 0 2 786 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:37.270629 0.000000 udp 10.0.2.19 1701 -> 151.95.174.120 2672 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:41.557405 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:26:42.759214 0.000000 udp 10.0.2.19 1701 -> 108.248.253.118 2630 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:49.137971 0.180311 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 689 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:49.327953 0.000000 udp 10.0.2.19 1701 -> 209.112.181.236 5627 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:26:56.829566 0.077638 udp 10.0.2.19 1701 <-> 41.98.90.21 25401 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:56.916816 0.174956 udp 10.0.2.19 1701 <-> 85.164.5.210 22806 CON 0 0 2 743 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:26:57.111660 0.000000 udp 10.0.2.19 1701 -> 108.57.194.72 8025 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:03.570788 0.263999 udp 10.0.2.19 1701 <-> 122.168.30.58 23479 CON 0 0 2 784 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:27:03.931054 0.055983 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 669 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:27:04.234853 0.000000 udp 10.0.2.19 1701 -> 203.202.249.140 4467 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:09.808400 0.000000 udp 10.0.2.19 1701 -> 78.168.104.77 10584 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:17.959576 0.000000 udp 10.0.2.19 1701 -> 99.177.116.230 8435 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:22.556047 0.000150 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:27:24.589568 0.000000 udp 10.0.2.19 1701 -> 88.248.138.228 5642 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:31.008471 0.000000 udp 10.0.2.19 1701 -> 2.40.53.113 8768 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:38.379308 0.000000 udp 10.0.2.19 1701 -> 5.42.193.223 4422 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:46.034426 2.999556 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 00:27:47.202309 0.000000 udp 10.0.2.19 1701 -> 181.165.120.249 8761 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:27:53.039794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:27:55.643869 0.000000 udp 10.0.2.19 1701 -> 98.193.78.226 2728 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:00.551346 0.000140 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:28:01.041491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:28:03.535595 0.308948 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 664 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:28:03.981713 0.000000 udp 10.0.2.19 1701 -> 201.94.186.233 3065 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:11.937080 0.000000 udp 10.0.2.19 1701 -> 77.92.237.39 12183 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:17.044226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:28:20.489518 0.000000 udp 10.0.2.19 1701 -> 197.207.108.171 20289 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:25.497316 0.000000 udp 10.0.2.19 1701 -> 82.57.12.144 14483 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:32.467111 0.000000 udp 10.0.2.19 1701 -> 190.135.63.226 28616 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:37.053148 0.000161 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:28:40.158146 0.000000 udp 10.0.2.19 1701 -> 12.175.148.194 8863 INT 0 1 246 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:46.897932 0.000000 udp 10.0.2.19 1701 -> 186.23.159.40 7675 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:28:49.050303 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:28:54.668861 0.000000 udp 10.0.2.19 1701 -> 119.160.175.150 19031 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:29:01.047731 0.000000 udp 10.0.2.19 1701 -> 75.151.196.165 7603 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:29:07.136706 0.000000 udp 10.0.2.19 1701 -> 82.124.162.47 2508 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:29:12.053304 0.000215 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:29:12.524704 0.000000 udp 10.0.2.19 1701 -> 190.146.132.216 8430 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:34:53.056181 3.002158 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 00:35:00.064150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:35:08.065466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:35:24.068913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:35:56.074691 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:42:00.081935 3.000667 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 00:42:07.087969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:42:15.089855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:42:31.092276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:43:03.098306 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:47:08.542529 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:47:08.542814 0.481187 tcp 10.0.2.19 50190 -> 90.156.118.144 5237 FSPA* 0 0 14 1715 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:49:07.106889 2.999815 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 00:49:14.112255 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:49:22.113528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:49:38.116812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:50:10.122840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:56:14.130372 2.999772 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 00:56:21.135806 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:56:29.137592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:56:45.140110 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:57:17.146574 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 00:59:21.285114 0.000123 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 00:59:21.285449 0.453689 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:21.739522 0.203632 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:21.943494 0.100562 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.044622 0.055437 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.100550 0.063524 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.164565 0.054552 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.219696 0.189945 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.410280 0.057562 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.468436 0.200838 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.669900 0.171486 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:22.841952 0.168355 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:23.010701 0.196180 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:23.207431 0.160057 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:23.367942 0.055011 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:23.423436 0.055896 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:23.479893 0.218682 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:23.699220 0.258485 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:23.958182 0.212484 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:24.171292 2.808385 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:26.980296 0.119145 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:27.100016 0.139007 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:27.239626 0.109896 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:27.350117 0.054265 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:27.404772 0.270723 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:27.676143 0.172577 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:27.849348 0.334236 udp 10.0.2.19 1701 <-> 190.254.224.17 16573 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:28.183897 0.137681 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:28.322129 0.109036 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:28.431765 0.448269 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 00:59:28.880581 0.000000 udp 10.0.2.19 1701 -> 49.49.4.205 14100 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 00:59:47.707281 0.045543 tcp 10.0.2.19 50191 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:59:47.753308 0.072557 tcp 10.0.2.19 50192 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 00:59:47.826841 0.000000 udp 10.0.2.19 1701 -> 49.144.13.22 18326 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:00:03.917124 0.045421 tcp 10.0.2.19 50193 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:00:03.962788 0.074715 tcp 10.0.2.19 50194 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:00:04.038088 0.084802 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:04.123234 0.213137 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:04.336793 0.061373 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:04.398504 0.258925 udp 10.0.2.19 1701 <-> 41.72.123.111 20126 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:04.657814 0.184863 udp 10.0.2.19 1701 <-> 142.197.151.54 5554 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:04.843075 0.214605 udp 10.0.2.19 1701 <-> 190.222.31.42 24715 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:05.058137 0.179838 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:05.238367 0.000000 udp 10.0.2.19 1701 -> 85.164.5.210 22806 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:00:24.006315 0.044955 tcp 10.0.2.19 50195 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:00:24.051530 0.072529 tcp 10.0.2.19 50196 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:00:24.124974 0.082689 udp 10.0.2.19 1701 <-> 41.98.90.21 25401 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:24.208266 0.000000 udp 10.0.2.19 1701 -> 122.168.30.58 23479 INT 0 1 108 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:00:43.094560 0.045664 tcp 10.0.2.19 50197 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:00:43.140574 0.075610 tcp 10.0.2.19 50198 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:00:43.217094 0.055457 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:00:43.273180 0.303161 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:03:21.154518 2.999673 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 01:03:28.159657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:03:36.161323 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:03:52.164865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:04:24.170355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:10:28.176670 3.001086 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 01:10:35.183960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:10:43.185221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:10:59.188260 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:11:31.194365 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:17:09.030623 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 01:17:09.030875 4.435908 tcp 10.0.2.19 50199 -> 90.156.118.144 5237 FSPA* 0 0 14 1723 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:17:35.200409 3.001561 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 01:17:42.207833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:17:50.209467 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:18:06.212031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:18:38.218834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:24:42.226532 2.999790 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 01:24:49.231436 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:24:57.233300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:25:13.236673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:25:45.242247 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:31:01.968571 0.000205 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 01:31:01.968968 0.000000 udp 10.0.2.19 1701 -> 49.49.4.205 14100 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:31:17.935168 0.045184 tcp 10.0.2.19 50200 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:31:17.980914 0.075943 tcp 10.0.2.19 50201 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:31:18.057891 0.000000 udp 10.0.2.19 1701 -> 49.144.13.22 18326 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:31:36.478899 0.045987 tcp 10.0.2.19 50202 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:31:36.525091 0.071692 tcp 10.0.2.19 50203 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:31:36.597373 0.000000 udp 10.0.2.19 1701 -> 85.164.5.210 22806 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:31:49.250095 2.999924 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 01:31:53.514178 0.045415 tcp 10.0.2.19 50204 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:31:53.560156 0.073677 tcp 10.0.2.19 50205 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:31:53.634856 0.000000 udp 10.0.2.19 1701 -> 122.168.30.58 23479 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:31:56.255848 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:32:04.256909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:32:09.817990 0.046249 tcp 10.0.2.19 50206 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:32:09.864638 0.072715 tcp 10.0.2.19 50207 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:32:09.938289 0.455803 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:10.394728 0.054313 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:10.449570 0.173237 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:10.623438 0.000000 udp 10.0.2.19 1701 -> 81.130.197.245 6570 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 01:32:20.260023 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:32:28.284287 0.046308 tcp 10.0.2.19 50208 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:32:28.331032 0.077709 tcp 10.0.2.19 50209 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:32:28.409678 0.200803 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:28.611081 0.173746 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:28.785468 0.101171 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:28.887259 0.209816 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.097671 0.054696 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.152917 0.067723 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.221185 0.277591 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.499358 0.055397 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.555283 0.168560 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.724369 0.160872 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.885836 0.055032 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:29.941397 0.219018 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:30.160967 0.266942 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:30.428592 0.205279 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:30.634684 0.175892 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:30.810982 0.119739 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:30.931098 3.048992 udp 10.0.2.19 1701 <-> 172.190.23.202 7888 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:33.980677 0.054024 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:34.035207 0.107243 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:34.143012 0.143265 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:34.286725 0.267193 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:34.554419 0.446080 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:35.001205 0.107703 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:35.109192 0.134836 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:35.244539 0.346691 udp 10.0.2.19 1701 <-> 190.254.224.17 16573 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:35.591628 0.182778 udp 10.0.2.19 1701 <-> 142.197.151.54 5554 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:35.774816 0.263577 udp 10.0.2.19 1701 <-> 41.72.123.111 20126 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:36.038872 0.087003 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:36.126462 0.064021 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:36.191035 0.213448 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:36.404872 0.176588 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:36.582043 0.509881 udp 10.0.2.19 1701 <-> 190.222.31.42 24715 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:37.092539 0.071022 udp 10.0.2.19 1701 <-> 41.98.90.21 25401 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:37.164139 0.055752 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:37.220286 0.297860 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 01:32:52.266219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:38:56.273743 3.000519 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 01:39:03.279830 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:39:11.281627 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:39:27.284356 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:39:59.290766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:46:03.295900 3.002339 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 01:46:10.303708 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:46:18.305109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:46:34.308590 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:47:06.314679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:47:13.465076 0.000152 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 01:47:13.465387 4.991099 tcp 10.0.2.19 50210 -> 90.156.118.144 5237 FSPA* 0 0 14 1693 flow=From-Botnet-V2-TCP-Established 1970/01/03 01:53:10.320739 3.001056 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 01:53:17.327626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:53:25.329094 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:53:41.332140 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 01:54:13.337913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:00:17.345993 2.999960 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 02:00:24.351422 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:00:32.353116 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:00:48.356144 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:01:20.362321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:03:04.752796 0.000164 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 02:03:04.753115 0.063576 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:04.817214 0.054660 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:04.872468 0.569007 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:05.442193 0.174053 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:05.616786 0.182045 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:05.799437 0.201589 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.001670 0.218527 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.220855 0.212504 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.434037 0.056307 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.490831 0.064180 udp 10.0.2.19 1701 <-> 37.32.176.169 22009 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.555615 0.193468 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.749702 0.055679 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.805961 0.168786 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:06.975414 0.159697 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:07.135711 0.263766 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:07.400102 0.285379 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:07.686004 0.173707 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:07.860217 0.053869 udp 10.0.2.19 1701 <-> 5.178.190.233 7819 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:07.914502 0.221520 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:08.136615 0.120355 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:08.257578 0.106809 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:08.364942 0.136449 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:08.502032 0.285602 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:08.788300 0.000000 udp 10.0.2.19 1701 -> 172.190.23.202 7888 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:03:27.670421 0.045757 tcp 10.0.2.19 50211 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:03:27.716632 0.074724 tcp 10.0.2.19 50212 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:03:27.792287 0.056945 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:27.849560 0.422780 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:28.272742 0.112295 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:28.385334 0.134518 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:28.520175 0.459998 udp 10.0.2.19 1701 <-> 190.254.224.17 16573 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:28.980841 0.181605 udp 10.0.2.19 1701 <-> 142.197.151.54 5554 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:29.163086 0.259386 udp 10.0.2.19 1701 <-> 41.72.123.111 20126 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:29.423083 0.080693 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:29.504411 0.061495 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:29.566636 0.000000 udp 10.0.2.19 1701 -> 189.223.50.157 6134 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:03:44.902380 0.046276 tcp 10.0.2.19 50213 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:03:44.949135 0.077155 tcp 10.0.2.19 50214 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:03:45.027204 0.191499 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:45.219267 0.055602 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:45.275379 0.301741 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:45.577670 1.656213 udp 10.0.2.19 1701 <-> 190.222.31.42 24715 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:03:47.234537 0.080286 udp 10.0.2.19 1701 <-> 41.98.90.21 25401 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:07:24.369946 2.999554 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 02:07:31.375308 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:07:39.376785 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:07:55.380446 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:08:27.386204 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:14:31.393812 2.999938 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 02:14:38.399334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:14:46.401361 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:15:02.404078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:15:34.410003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:17:18.459988 0.000109 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 02:17:18.460198 1.555520 tcp 10.0.2.19 50215 -> 90.156.118.144 5237 FSPA* 0 0 14 1633 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:21:38.418000 2.999665 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 02:21:45.423908 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:21:53.424720 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:22:09.428052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:22:41.434385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:28:45.439597 3.002216 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 02:28:52.447585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:29:00.448653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:29:16.451924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:29:48.458228 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:33:49.094729 0.000201 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 02:33:49.095015 0.000000 udp 10.0.2.19 1701 -> 172.190.23.202 7888 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:34:06.964393 0.047884 tcp 10.0.2.19 50216 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:34:07.012679 0.112209 tcp 10.0.2.19 50217 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:34:07.125859 0.204916 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:07.331365 0.065917 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:07.397837 0.058787 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:07.457020 0.224944 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:07.682529 0.459419 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:08.142583 0.100672 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:08.243694 0.211199 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:08.455402 0.054665 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:08.510692 0.000000 udp 10.0.2.19 1701 -> 37.32.176.169 22009 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:34:25.368252 0.046428 tcp 10.0.2.19 50218 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:34:25.415108 0.071739 tcp 10.0.2.19 50219 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:34:25.487768 0.194505 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:25.682847 0.171095 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:25.854584 0.197693 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:26.052846 0.055901 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:26.109284 0.174222 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 583 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:26.284066 0.271851 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:26.556541 0.160929 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:26.718116 0.170885 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:26.889595 0.261206 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:27.151402 0.104035 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:27.256042 0.136544 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:27.393009 0.287461 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:28.645450 0.000000 udp 10.0.2.19 1701 -> 5.178.190.233 7819 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:34:44.065606 0.046427 tcp 10.0.2.19 50220 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:34:44.112446 0.074126 tcp 10.0.2.19 50221 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:34:44.187475 0.120900 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:44.308994 0.221035 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:34:44.530749 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 109 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:35:00.288462 0.045910 tcp 10.0.2.19 50222 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:35:00.334762 0.072901 tcp 10.0.2.19 50223 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:35:00.408617 0.135646 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:00.544860 0.441954 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:00.987516 0.123350 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:01.111434 0.000000 udp 10.0.2.19 1701 -> 41.72.123.111 20126 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:35:17.453367 0.046879 tcp 10.0.2.19 50224 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:35:17.500675 0.073699 tcp 10.0.2.19 50225 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:35:17.575417 0.085365 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:17.661422 0.066158 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:17.728097 0.200253 udp 10.0.2.19 1701 <-> 142.197.151.54 5554 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:17.928983 0.000000 udp 10.0.2.19 1701 -> 190.254.224.17 16573 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 02:35:33.204561 0.045317 tcp 10.0.2.19 50226 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:35:33.250383 0.071868 tcp 10.0.2.19 50227 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:35:33.322800 0.322254 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:33.645476 0.185069 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:33.831200 0.055591 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:33.887222 2.161466 udp 10.0.2.19 1701 <-> 190.222.31.42 24715 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:36.049158 0.077507 udp 10.0.2.19 1701 <-> 41.98.90.21 25401 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 02:35:52.465751 3.000076 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 02:35:59.471474 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:36:07.472732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:36:25.208095 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:36:57.214944 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:43:01.222229 3.000205 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 02:43:08.227798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:43:16.229765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:43:32.232914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:44:04.238232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:47:20.881887 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 02:47:20.882196 1.559298 tcp 10.0.2.19 50228 -> 90.156.118.144 5237 SPA_* 0 0 9 1083 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:47:28.024831 0.068811 tcp 10.0.2.19 50228 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/03 02:50:08.245974 3.000282 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 02:50:15.251606 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:50:23.253632 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:50:39.256151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:51:11.262567 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:57:15.269253 3.000810 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 02:57:22.276108 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:57:30.277217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:57:46.280053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 02:58:18.286265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:04:22.294477 2.999200 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 03:04:29.300147 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:04:37.301482 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:04:53.304101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:05:25.310556 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:05:42.064948 0.000209 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 03:05:42.065343 0.000000 udp 10.0.2.19 1701 -> 37.32.176.169 22009 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:06:00.423163 0.045307 tcp 10.0.2.19 50229 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:00.468783 0.077223 tcp 10.0.2.19 50230 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:00.546795 0.000000 udp 10.0.2.19 1701 -> 5.178.190.233 7819 INT 0 1 94 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:06:17.116860 0.046750 tcp 10.0.2.19 50231 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:17.164051 0.072031 tcp 10.0.2.19 50232 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:17.237036 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:06:32.699894 0.046843 tcp 10.0.2.19 50233 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:32.747224 0.074002 tcp 10.0.2.19 50234 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:32.822168 0.000000 udp 10.0.2.19 1701 -> 41.72.123.111 20126 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:06:50.154431 0.046078 tcp 10.0.2.19 50235 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:50.200927 0.074171 tcp 10.0.2.19 50236 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:06:50.276044 0.000000 udp 10.0.2.19 1701 -> 190.254.224.17 16573 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:07:06.457723 0.045904 tcp 10.0.2.19 50237 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:07:06.504058 0.078600 tcp 10.0.2.19 50238 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:07:06.583614 0.055852 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:06.639980 0.215581 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:06.856177 0.056105 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:06.912867 0.187871 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:07.101370 0.101160 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:07.203124 0.054432 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:07.258352 0.209294 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:07.468186 0.465160 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:07.933945 0.192861 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:08.127396 0.175959 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:08.303890 0.169446 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:08.473801 0.173241 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:08.647565 0.204932 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:08.852880 0.339960 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:09.193278 0.161336 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:09.355231 0.157626 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:09.513496 0.116234 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:09.630464 0.217189 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:09.848314 0.217882 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:10.066825 3.726778 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:13.794353 0.224873 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:14.019850 0.119535 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:14.139944 0.134590 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:14.275107 0.106219 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:14.381909 0.713822 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:15.096372 0.088028 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:15.184951 0.062924 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:15.248117 0.193942 udp 10.0.2.19 1701 <-> 142.197.151.54 5554 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:15.442739 0.056731 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:15.499994 0.356099 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:15.856667 0.216511 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:07:16.073767 0.000000 udp 10.0.2.19 1701 -> 190.222.31.42 24715 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:07:34.128050 0.046330 tcp 10.0.2.19 50239 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:07:34.174857 0.070513 tcp 10.0.2.19 50240 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:07:34.245895 0.110783 udp 10.0.2.19 1701 <-> 41.98.90.21 25401 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:11:29.318310 2.999497 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 03:11:36.324074 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:11:44.325620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:12:00.328449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:12:32.334140 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:17:28.100221 0.000182 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 03:17:28.100543 4.376843 tcp 10.0.2.19 50241 -> 90.156.118.144 5237 SPA_* 0 0 10 1281 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:17:42.253496 0.001698 tcp 10.0.2.19 50241 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:18:36.342181 2.999439 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 03:18:43.347811 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:18:51.349258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:19:07.352431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:19:39.358340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:25:43.364321 3.001864 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 03:25:50.371555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:25:58.372910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:26:14.375946 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:26:46.382735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:32:50.389789 2.999741 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 03:32:57.396090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:33:05.397279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:33:21.400436 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:33:53.406361 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:37:41.374713 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 03:37:41.375066 0.000000 udp 10.0.2.19 1701 -> 190.222.31.42 24715 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:37:58.183018 0.046637 tcp 10.0.2.19 50242 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:37:58.230166 0.073921 tcp 10.0.2.19 50243 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:37:58.305059 0.059383 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:37:58.364999 0.187507 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:37:58.553049 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:38:15.485234 0.046183 tcp 10.0.2.19 50244 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:38:15.531790 0.071167 tcp 10.0.2.19 50245 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:38:15.603901 0.054378 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 200 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:15.658825 0.240489 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:15.899698 0.000000 udp 10.0.2.19 1701 -> 189.223.50.157 6134 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:38:32.149247 0.047162 tcp 10.0.2.19 50246 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:38:32.196790 0.073031 tcp 10.0.2.19 50247 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:38:32.270852 0.058076 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:32.329497 0.639136 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:32.969274 0.168665 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:33.138760 0.173427 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:33.312772 0.178607 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 208 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:33.491821 0.192350 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:33.684876 0.159735 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:33.845331 0.096044 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:33.941939 0.120388 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:34.062900 0.309016 udp 10.0.2.19 1701 <-> 65.131.138.134 8666 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:34.372562 0.201570 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:34.574726 0.317959 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:34.893330 0.258505 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:35.152439 0.134482 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:35.287568 0.103179 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:35.391319 0.263938 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:35.655837 0.224469 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:35.880919 0.128760 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 584 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:36.010408 0.088635 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:36.099537 0.069493 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:36.169586 0.000000 udp 10.0.2.19 1701 -> 142.197.151.54 5554 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 03:38:51.956693 0.044929 tcp 10.0.2.19 50248 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:38:52.001955 0.072633 tcp 10.0.2.19 50249 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:38:52.075505 0.056286 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:52.132357 0.435773 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:52.568787 0.238036 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:52.807455 0.363357 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:38:53.171419 0.072741 udp 10.0.2.19 1701 <-> 41.98.90.21 25401 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 03:39:57.414215 2.999685 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 03:40:04.419712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:40:12.421252 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:40:28.424045 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:41:00.431233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:47:04.438725 2.999664 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 03:47:11.443378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:47:19.445336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:47:35.448275 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:47:42.257982 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 03:47:42.258219 2.328834 tcp 10.0.2.19 50250 -> 90.156.118.144 5237 FSPA* 0 0 14 1527 flow=From-Botnet-V2-TCP-Established 1970/01/03 03:48:07.453891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:54:11.461906 3.000248 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 03:54:18.467561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:54:26.469285 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:54:42.472117 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 03:55:14.478201 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:01:18.484250 3.001897 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 04:01:25.491578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:01:33.493265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:01:49.496000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:02:21.502462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:08:25.509347 3.000837 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 04:08:32.515275 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:08:40.516959 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:08:56.519781 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:09:15.718622 0.000169 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 04:09:15.718961 0.100382 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:15.819919 0.212000 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:16.032536 0.000000 udp 10.0.2.19 1701 -> 142.197.151.54 5554 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:09:28.526236 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:09:31.204545 0.648756 tcp 10.0.2.19 50251 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:09:31.853573 0.071561 tcp 10.0.2.19 50252 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:09:31.925692 0.183809 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:32.109931 0.056763 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:32.167017 0.056772 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:32.224163 0.211620 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:32.436432 0.054446 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:32.491351 0.501433 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:32.993380 0.169686 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:33.163453 0.198990 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:33.363184 0.173003 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:33.536790 0.171634 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:33.708996 0.123512 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:33.833093 0.000000 udp 10.0.2.19 1701 -> 65.131.138.134 8666 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:09:49.638849 0.046074 tcp 10.0.2.19 50253 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:09:49.685380 0.074045 tcp 10.0.2.19 50254 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:09:49.760402 0.202341 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:49.963121 0.071891 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:50.035527 0.161281 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:50.197311 0.134725 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:50.332618 0.103495 udp 10.0.2.19 1701 <-> 41.143.194.227 6233 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:50.436642 0.271208 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:50.708494 0.139730 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:50.848662 0.276743 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:51.126006 0.086513 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:51.212958 0.070551 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:09:51.284125 0.000000 udp 10.0.2.19 1701 -> 107.199.61.254 8239 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:10:10.267019 0.045631 tcp 10.0.2.19 50255 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:10:10.312909 0.074707 tcp 10.0.2.19 50256 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:10:10.388367 0.118486 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:10:10.507458 0.056117 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:10:10.564169 0.502729 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:10:11.067472 0.000000 udp 10.0.2.19 1701 -> 41.98.90.21 25401 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:10:28.264323 0.047110 tcp 10.0.2.19 50257 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:10:28.311889 0.073119 tcp 10.0.2.19 50258 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:10:28.385973 0.225283 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:10:28.611815 0.417480 udp 10.0.2.19 1701 <-> 112.205.87.147 5149 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:15:32.834671 2.999190 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 04:15:39.839952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:15:47.841037 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:16:03.844499 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:16:35.850476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:17:44.880851 0.000127 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 04:17:44.881132 0.864674 tcp 10.0.2.19 50259 -> 90.156.118.144 5237 SPA_* 0 0 9 1079 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:17:50.694087 0.046105 tcp 10.0.2.19 50259 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:22:39.858228 3.000145 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 04:22:46.863772 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:22:54.865042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:23:10.868036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:23:42.874381 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:29:46.882554 2.999601 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 04:29:53.887600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:30:01.889243 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:30:17.892374 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:30:49.897958 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:36:53.906373 2.999458 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 04:37:00.911647 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:37:08.913090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:37:24.916501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:37:56.922671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:40:47.127391 0.000187 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 04:40:47.127738 0.000000 udp 10.0.2.19 1701 -> 65.131.138.134 8666 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:41:04.804670 0.047320 tcp 10.0.2.19 50260 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:04.852233 0.071045 tcp 10.0.2.19 50261 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:04.923836 0.217021 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:05.141302 0.000000 udp 10.0.2.19 1701 -> 41.98.90.21 25401 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:41:22.970076 0.045904 tcp 10.0.2.19 50262 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:23.016192 0.075752 tcp 10.0.2.19 50263 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:23.092467 0.099581 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:23.192487 0.209539 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:23.402506 0.230744 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:23.633651 0.060054 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:23.694117 0.368691 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.063201 0.057752 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.121288 0.055745 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.177335 0.186463 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.364184 0.105234 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.469793 0.168929 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.639082 0.171828 udp 10.0.2.19 1701 <-> 99.16.108.58 7037 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.811270 0.171940 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:24.983602 0.195779 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:25.179815 0.055753 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:25.235909 0.203316 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:25.439615 0.318591 udp 10.0.2.19 1701 <-> 75.212.179.130 7682 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:25.758600 0.139356 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:25.898389 0.159782 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:26.058612 0.134763 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:26.193785 0.000000 udp 10.0.2.19 1701 -> 41.143.194.227 6233 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:41:41.416267 0.045831 tcp 10.0.2.19 50264 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:41.462403 0.074953 tcp 10.0.2.19 50265 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:41.539601 0.086759 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:41.626896 0.287719 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:41.915244 0.064081 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:41.979863 0.055732 udp 10.0.2.19 1701 <-> 89.167.93.138 15519 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:42.036128 0.120401 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:42.157063 0.000000 udp 10.0.2.19 1701 -> 36.74.200.86 21244 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:41:58.612089 0.046513 tcp 10.0.2.19 50266 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:58.659058 0.073199 tcp 10.0.2.19 50267 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:41:58.733171 0.211850 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 04:41:58.945619 0.000000 udp 10.0.2.19 1701 -> 112.205.87.147 5149 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 04:42:15.015317 0.046039 tcp 10.0.2.19 50268 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:42:15.061557 0.072519 tcp 10.0.2.19 50269 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:44:00.930236 2.999945 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 04:44:07.935480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:44:15.937426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:44:31.939919 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:45:03.946301 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:47:50.746619 0.000195 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 04:47:50.746978 0.877861 tcp 10.0.2.19 50270 -> 90.156.118.144 5237 FSPA* 0 0 14 1756 flow=From-Botnet-V2-TCP-Established 1970/01/03 04:51:07.953768 3.000697 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 04:51:14.960150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:51:22.961092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:51:38.963973 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:52:10.970339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:58:14.977019 3.000903 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 04:58:21.984207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:58:29.985055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:58:45.988123 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 04:59:17.994215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:05:22.000233 3.001620 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 05:05:29.007645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:05:37.009415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:05:53.011923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:06:25.018413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:12:24.044239 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:12:24.044547 0.000000 udp 10.0.2.19 1701 -> 41.143.194.227 6233 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:12:29.566453 3.000657 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 05:12:36.572161 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:12:42.114840 0.045171 tcp 10.0.2.19 50271 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:12:42.160486 0.077171 tcp 10.0.2.19 50272 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:12:42.238859 0.600176 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:12:42.839672 0.000000 udp 10.0.2.19 1701 -> 112.205.87.147 5149 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:12:44.574225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:13:00.577022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:13:01.570700 0.046461 tcp 10.0.2.19 50273 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:01.617588 0.077764 tcp 10.0.2.19 50274 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:01.696290 0.216615 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:01.913557 0.124122 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:02.038413 0.203968 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:02.242913 0.220990 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:02.464559 0.184045 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:02.649165 0.000000 udp 10.0.2.19 1701 -> 81.130.197.245 6570 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:13:18.414834 0.045894 tcp 10.0.2.19 50275 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:18.461139 0.074408 tcp 10.0.2.19 50276 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:18.536483 0.171454 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:18.708484 0.056722 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:18.765741 0.365161 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:19.131465 0.119870 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:19.251896 0.054447 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:19.306872 0.201790 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:19.509210 0.056519 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 577 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:19.566300 0.166327 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:19.733178 0.000000 udp 10.0.2.19 1701 -> 99.16.108.58 7037 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:13:32.582615 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:13:36.160423 0.046125 tcp 10.0.2.19 50277 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:36.207034 0.072395 tcp 10.0.2.19 50278 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:36.280259 0.208147 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:36.489000 0.158841 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:36.648395 0.136748 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:36.785676 0.000000 udp 10.0.2.19 1701 -> 75.212.179.130 7682 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:13:53.685369 0.045437 tcp 10.0.2.19 50279 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:53.731276 0.073046 tcp 10.0.2.19 50280 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:13:53.805273 0.134779 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:53.940634 0.085365 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:54.026536 0.119077 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:54.146187 0.268409 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:13:54.415231 0.000000 udp 10.0.2.19 1701 -> 89.167.93.138 15519 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:14:11.680985 0.045643 tcp 10.0.2.19 50281 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:14:11.727074 0.072848 tcp 10.0.2.19 50282 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:14:11.800882 0.062532 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:14:11.863835 0.224879 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:17:51.876314 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:17:51.876625 1.436417 tcp 10.0.2.19 50283 -> 90.156.118.144 5237 SPA_* 0 0 9 1078 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:17:59.247317 0.171341 tcp 10.0.2.19 50283 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:19:36.590591 2.999817 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 05:19:43.596331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:19:51.598292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:20:07.600611 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:20:39.606835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:26:43.615314 2.999269 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 05:26:50.620172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:26:58.622034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:27:14.624826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:27:46.630738 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:33:50.639199 2.999671 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 05:33:57.644378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:34:05.645807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:34:21.648469 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:34:53.654434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:40:57.662516 3.000288 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 05:41:04.668621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:41:12.669564 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:41:28.672857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:42:00.678847 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:44:41.620838 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:44:41.621141 0.074114 udp 10.0.2.19 1701 <-> 81.130.197.245 6570 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:44:41.695832 0.000000 udp 10.0.2.19 1701 -> 99.16.108.58 7037 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:44:58.238935 0.045567 tcp 10.0.2.19 50284 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:44:58.284939 0.071441 tcp 10.0.2.19 50285 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:44:58.357408 0.000000 udp 10.0.2.19 1701 -> 75.212.179.130 7682 INT 0 1 103 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:45:16.931997 0.046193 tcp 10.0.2.19 50286 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:45:16.978411 0.072710 tcp 10.0.2.19 50287 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:45:17.051687 0.000000 udp 10.0.2.19 1701 -> 89.167.93.138 15519 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:45:32.295354 0.045974 tcp 10.0.2.19 50288 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:45:32.341740 0.074943 tcp 10.0.2.19 50289 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:45:32.417660 0.440135 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:32.858470 0.171808 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:33.030949 0.208401 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:33.239882 0.104703 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:33.345163 0.217185 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:33.562950 0.206564 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:33.770249 0.170936 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:33.941612 0.060468 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:34.002602 0.075272 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:34.078508 0.171131 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:34.250298 0.201512 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:34.452424 0.055557 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:34.508585 0.118742 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:34.628099 0.371817 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:35.000505 0.195509 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:35.196656 0.137721 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:35.335001 0.159340 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:35.494925 0.116977 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:35.612480 0.189481 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:35.802529 0.085375 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:35.888438 0.133796 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:36.022829 0.065112 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:36.088493 0.201529 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:36.437879 0.000000 udp 10.0.2.19 1701 -> 81.130.197.245 6570 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:45:41.646559 0.174573 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 862 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:41.821876 0.212562 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 791 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:42.035174 0.106210 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:42.142264 0.215333 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 666 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:42.358511 0.211314 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 659 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:42.570618 0.451617 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.022914 0.169825 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 733 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.193403 0.051158 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 683 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.245222 0.056992 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 685 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.302871 0.169129 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.472630 0.209579 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.682932 0.056078 udp 10.0.2.19 1701 <-> 188.129.221.110 2414 CON 0 0 2 811 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.739649 0.123801 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 754 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:43.864124 0.398480 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 838 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:44.263308 0.203268 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 759 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:44.467322 0.153325 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 808 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:44.621404 0.161424 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 786 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:44.783611 0.123629 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 767 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:44.907925 0.298361 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 751 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:45.207008 0.141586 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 787 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:45.349293 0.055549 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 672 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:45.405509 0.210780 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 854 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:45.616977 0.092586 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 768 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:45.710412 0.000000 udp 10.0.2.19 1701 -> 67.184.50.84 3509 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:45:51.971379 0.000000 udp 10.0.2.19 1701 -> 175.139.190.82 6512 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:45:57.659245 0.235519 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 734 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:45:58.053062 0.000000 udp 10.0.2.19 1701 -> 186.15.18.13 9514 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:05.901496 0.000000 udp 10.0.2.19 1701 -> 60.50.25.51 8727 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:10.477639 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:46:14.574401 0.000000 udp 10.0.2.19 1701 -> 69.198.227.169 9247 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:19.580846 0.000000 udp 10.0.2.19 1701 -> 173.183.4.18 1630 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:27.392614 0.000000 udp 10.0.2.19 1701 -> 72.4.69.34 5614 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:35.323533 0.000000 udp 10.0.2.19 1701 -> 69.111.78.121 9566 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:41.462625 0.000000 udp 10.0.2.19 1701 -> 68.107.159.117 1853 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:45.968800 0.000119 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:46:50.275795 0.000000 udp 10.0.2.19 1701 -> 118.100.136.55 9384 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:46:56.224116 0.000000 udp 10.0.2.19 1701 -> 92.51.105.117 7836 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:03.234259 0.398759 udp 10.0.2.19 1701 <-> 42.119.49.245 16218 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:47:03.670888 0.000000 udp 10.0.2.19 1701 -> 134.90.252.19 3455 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:12.116861 0.000000 udp 10.0.2.19 1701 -> 190.235.220.87 5159 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:17.875022 0.000000 udp 10.0.2.19 1701 -> 70.168.116.205 6631 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:22.471253 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:47:24.864978 0.000000 udp 10.0.2.19 1701 -> 4.26.210.154 6950 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:32.155715 0.000000 udp 10.0.2.19 1701 -> 151.239.247.143 10634 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:37.253053 0.232621 udp 10.0.2.19 1701 <-> 186.93.105.248 7628 CON 0 0 2 858 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:47:38.101397 0.393784 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 668 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:47:39.549309 0.000000 udp 10.0.2.19 1701 -> 190.207.189.134 21121 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:46.475974 0.332116 udp 10.0.2.19 1701 <-> 190.172.226.250 25979 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:47:47.119867 0.000000 udp 10.0.2.19 1701 -> 182.160.108.250 5700 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:52.384523 1.562554 udp 10.0.2.19 1701 <-> 139.0.116.21 6169 CON 0 0 2 735 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:47:53.980646 0.453502 udp 10.0.2.19 1701 <-> 124.120.59.74 11427 CON 0 0 2 832 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:47:54.497074 0.312139 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:47:55.393077 0.000000 udp 10.0.2.19 1701 -> 83.14.79.162 4727 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:47:56.970620 0.000173 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:47:59.425121 0.480005 tcp 10.0.2.19 50290 -> 90.156.118.144 5237 FSPA* 0 0 14 1533 flow=From-Botnet-V2-TCP-Established 1970/01/03 05:48:00.466577 0.335269 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:48:00.898997 0.000000 udp 10.0.2.19 1701 -> 66.178.14.172 7310 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:04.686255 2.999934 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 05:48:06.554689 0.000000 udp 10.0.2.19 1701 -> 139.192.36.17 6123 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:11.692552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:48:12.803691 0.337384 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 828 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:48:13.271996 0.176087 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 693 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:48:13.491805 0.000000 udp 10.0.2.19 1701 -> 75.133.71.34 3492 INT 0 1 246 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:19.693329 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:48:20.604948 0.000000 udp 10.0.2.19 1701 -> 202.174.204.17 1757 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:27.095009 0.000000 udp 10.0.2.19 1701 -> 24.144.127.243 9374 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:33.363602 0.182614 udp 10.0.2.19 1701 -> 78.110.72.32 2151 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:33.546216 0.000000 icmp 78.110.72.32 0x0303 -> 10.0.2.19 0x6708 URP 192 1 196 flow=Background 1970/01/03 05:48:35.696512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:48:37.969806 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:48:38.501097 0.226309 udp 10.0.2.19 1701 <-> 186.14.232.123 7253 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:48:38.772062 0.133888 udp 10.0.2.19 1701 <-> 2.134.161.217 28779 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:48:39.078978 0.130956 udp 10.0.2.19 1701 <-> 197.6.58.68 7265 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:48:39.351573 0.000000 udp 10.0.2.19 1701 -> 68.35.23.156 1265 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:44.489554 0.000000 udp 10.0.2.19 1701 -> 70.28.110.98 4735 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:50.097995 0.352519 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 680 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:48:50.528552 0.000000 udp 10.0.2.19 1701 -> 2.118.193.177 7672 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:48:59.451387 0.000000 udp 10.0.2.19 1701 -> 58.22.131.210 2418 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:49:04.578193 0.000000 udp 10.0.2.19 1701 -> 119.160.175.150 19031 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:49:07.702870 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:49:13.090908 0.076068 udp 10.0.2.19 1701 <-> 94.66.213.97 24196 CON 0 0 2 735 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:49:13.206983 0.000000 udp 10.0.2.19 1701 -> 65.96.223.144 8690 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:49:17.977390 0.000154 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:49:21.702910 0.000000 udp 10.0.2.19 1701 -> 211.192.25.85 16596 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:49:30.686283 0.000000 udp 10.0.2.19 1701 -> 190.229.235.110 11000 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:49:39.428385 0.000000 udp 10.0.2.19 1701 -> 113.70.30.112 16963 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:49:46.128205 1.541464 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:49:47.842589 0.000000 udp 10.0.2.19 1701 -> 219.75.78.121 4344 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:49:52.477245 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:49:55.872110 0.000000 udp 10.0.2.19 1701 -> 98.193.78.226 2728 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:03.132912 0.128069 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 668 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:50:03.295313 0.000000 udp 10.0.2.19 1701 -> 81.214.75.217 9506 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:10.052739 0.000000 udp 10.0.2.19 1701 -> 190.239.221.251 1030 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:15.540484 0.000000 udp 10.0.2.19 1701 -> 46.196.211.1 4190 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:23.752031 0.315780 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 851 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:50:25.419546 0.000000 udp 10.0.2.19 1701 -> 189.196.26.93 6969 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:28.468726 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:50:31.913844 0.000000 udp 10.0.2.19 1701 -> 99.60.238.159 15414 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:38.453841 0.000000 udp 10.0.2.19 1701 -> 97.64.183.67 20938 INT 0 1 314 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:43.670808 0.000000 udp 10.0.2.19 1701 -> 64.121.241.83 7155 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:50.039984 0.181190 udp 10.0.2.19 1701 <-> 107.192.22.25 1932 CON 0 0 2 800 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:50:50.381487 0.000000 udp 10.0.2.19 1701 -> 122.169.72.34 8568 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:50:57.611191 0.000000 udp 10.0.2.19 1701 -> 110.77.199.6 2489 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:02.477904 0.000281 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:51:03.779922 0.436246 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 853 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:51:05.730196 0.000000 udp 10.0.2.19 1701 -> 180.254.41.178 24580 INT 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:14.134425 0.000000 udp 10.0.2.19 1701 -> 65.41.36.227 27038 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:21.835783 0.000000 udp 10.0.2.19 1701 -> 89.167.93.138 15519 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:28.535504 0.455609 udp 10.0.2.19 1701 <-> 180.246.67.95 17275 CON 0 0 2 827 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:51:29.035498 0.000000 udp 10.0.2.19 1701 -> 123.24.109.17 11153 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:35.925768 0.000000 udp 10.0.2.19 1701 -> 74.59.217.28 5605 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:40.512498 0.000093 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:51:40.983124 0.000000 udp 10.0.2.19 1701 -> 84.241.35.42 1459 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:49.845750 0.125039 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:51:50.024509 0.068282 udp 10.0.2.19 1701 <-> 88.250.88.135 10427 CON 0 0 2 691 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:51:50.153019 0.401967 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 694 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:51:50.574081 0.000000 udp 10.0.2.19 1701 -> 180.148.67.70 29860 INT 0 1 314 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:51:55.744646 0.244163 udp 10.0.2.19 1701 <-> 187.206.142.232 21298 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:51:56.035850 0.458021 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 833 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:51:56.762137 0.000000 udp 10.0.2.19 1701 -> 85.210.102.66 29180 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:52:02.624122 0.000000 udp 10.0.2.19 1701 -> 36.73.63.207 27208 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:52:08.743318 0.082312 udp 10.0.2.19 1701 <-> 196.203.197.47 24417 CON 0 0 2 696 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:52:08.877985 0.000000 udp 10.0.2.19 1701 -> 171.6.101.55 17313 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:52:16.163921 0.000000 udp 10.0.2.19 1701 -> 58.8.143.248 8521 INT 0 1 313 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:52:21.010401 0.000108 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 05:52:23.825292 0.000000 udp 10.0.2.19 1701 -> 171.227.73.248 9314 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:52:30.083946 0.400018 udp 10.0.2.19 1701 <-> 125.161.126.4 17793 CON 0 0 2 823 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:52:30.622225 0.078183 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:52:30.742457 0.151031 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 05:52:31.029873 0.000000 udp 10.0.2.19 1701 -> 71.46.106.185 5365 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 05:55:11.748480 3.002421 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 05:55:18.755962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:55:26.757424 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:55:42.760476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 05:56:14.766921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:02:18.774595 2.999856 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 06:02:25.780470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:02:33.781534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:02:49.784660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:03:21.790697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:09:25.798592 3.000259 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 06:09:32.804502 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:09:40.805680 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:09:56.808864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:10:28.814553 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:16:33.011069 3.001678 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 06:16:40.018692 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:16:48.020120 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:17:04.022975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:17:36.028705 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:18:00.033922 0.000287 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 06:18:00.034387 0.450169 tcp 10.0.2.19 50291 -> 90.156.118.144 5237 FSPA* 0 0 15 1640 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:23:04.361136 0.000093 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 06:23:04.361302 0.173140 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:04.535078 0.221333 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:04.757040 0.105672 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:04.863298 0.220598 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:05.084508 0.213426 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:05.298531 0.486427 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:05.785570 0.170797 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:05.956964 0.057463 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:06.014901 0.070574 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:06.086004 0.168888 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:06.255502 0.199289 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:06.455330 0.000000 udp 10.0.2.19 1701 -> 188.129.221.110 2414 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:23:22.822426 0.044951 tcp 10.0.2.19 50292 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:23:22.867947 0.073173 tcp 10.0.2.19 50293 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:23:22.942240 0.160041 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:23.102917 0.108714 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:23.212210 0.367494 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:23.580351 0.206798 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:23.787816 0.131947 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:23.920594 0.065962 udp 10.0.2.19 1701 <-> 81.134.124.242 3205 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:23.987116 0.183520 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:24.171200 0.084760 udp 10.0.2.19 1701 <-> 94.69.172.54 22421 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:24.256575 0.120674 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:24.377862 0.194756 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:24.573263 0.136427 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:24.710346 0.260535 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:24.971501 0.395231 udp 10.0.2.19 1701 <-> 42.119.49.245 16218 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:25.367185 0.000000 udp 10.0.2.19 1701 -> 186.93.105.248 7628 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:23:40.036689 2.999671 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 06:23:41.656494 0.046588 tcp 10.0.2.19 50294 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:23:41.703518 0.071247 tcp 10.0.2.19 50295 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:23:41.776069 0.386051 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:42.162724 0.324133 udp 10.0.2.19 1701 <-> 190.172.226.250 25979 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:42.487452 3.020752 udp 10.0.2.19 1701 <-> 139.0.116.21 6169 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:45.508815 0.303927 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:23:45.813378 0.000000 udp 10.0.2.19 1701 -> 124.120.59.74 11427 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:23:47.042563 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:23:55.043959 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:24:02.356360 0.045153 tcp 10.0.2.19 50296 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:24:02.401935 0.073444 tcp 10.0.2.19 50297 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:24:02.476314 0.329022 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:02.805867 0.173059 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:02.979589 0.336384 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:03.316618 0.000000 udp 10.0.2.19 1701 -> 186.14.232.123 7253 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:24:11.046684 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:24:18.449763 0.045952 tcp 10.0.2.19 50298 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:24:18.496138 0.073051 tcp 10.0.2.19 50299 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:24:18.570162 0.138332 udp 10.0.2.19 1701 <-> 2.134.161.217 28779 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:18.709087 0.172756 udp 10.0.2.19 1701 <-> 197.6.58.68 7265 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:18.882416 0.338140 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:19.221186 3.101505 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:22.323111 0.124014 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:22.447702 0.333721 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:22.782165 0.417029 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:23.199652 0.441231 udp 10.0.2.19 1701 <-> 180.246.67.95 17275 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:23.641560 0.113869 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:23.755968 0.390084 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:24.146723 0.444074 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:24.591369 0.197210 udp 10.0.2.19 1701 <-> 187.206.142.232 21298 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:24.789133 0.395973 udp 10.0.2.19 1701 <-> 125.161.126.4 17793 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:25.185702 0.068846 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:25.255120 0.130470 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:24:43.053197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:30:47.058881 3.001346 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 06:30:54.066491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:31:02.067535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:31:18.070669 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:31:50.077023 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:37:54.084069 3.000971 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 06:38:01.090226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:38:09.092070 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:38:25.275342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:38:57.281369 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:45:01.288589 3.000148 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 06:45:08.294397 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:45:16.296135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:45:32.298778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:46:04.305063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:48:00.592608 0.000199 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 06:48:00.592976 0.037067 tcp 10.0.2.19 50300 -> 90.156.118.144 5237 SPA_* 0 0 9 1069 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:48:16.433198 0.005567 tcp 10.0.2.19 50300 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:52:08.312655 2.999696 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 06:52:15.318735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:52:23.320154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:52:39.322861 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:53:12.330925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:54:31.013628 0.000173 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 06:54:31.014150 0.000000 udp 10.0.2.19 1701 -> 188.129.221.110 2414 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:54:48.072513 0.045312 tcp 10.0.2.19 50301 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:54:48.118524 0.076147 tcp 10.0.2.19 50302 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:54:48.195666 0.000000 udp 10.0.2.19 1701 -> 186.93.105.248 7628 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:55:05.934790 0.045787 tcp 10.0.2.19 50303 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:55:05.980797 0.071294 tcp 10.0.2.19 50304 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:55:06.052603 0.000000 udp 10.0.2.19 1701 -> 124.120.59.74 11427 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:55:23.991414 0.045514 tcp 10.0.2.19 50305 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:55:24.037284 0.070610 tcp 10.0.2.19 50306 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:55:24.108826 0.000000 udp 10.0.2.19 1701 -> 186.14.232.123 7253 INT 0 1 108 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:55:41.827993 0.046538 tcp 10.0.2.19 50307 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:55:41.875029 0.078324 tcp 10.0.2.19 50308 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:55:41.954395 0.126603 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:42.081583 0.205752 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:42.287949 0.174062 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:42.462595 0.682620 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:43.145838 0.240695 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:43.387108 0.216294 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:43.603970 0.168659 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:43.773178 0.201284 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:43.974950 0.167436 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:44.143004 0.066713 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:44.210063 0.056912 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:44.267583 0.159136 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:44.427356 0.121455 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:44.549395 0.368736 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:44.918801 0.198262 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:55:45.117699 0.000000 udp 10.0.2.19 1701 -> 81.134.124.242 3205 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:56:02.237121 0.045461 tcp 10.0.2.19 50309 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:56:02.283074 0.073070 tcp 10.0.2.19 50310 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:56:02.357083 0.204707 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:02.562418 0.132652 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:02.695711 0.000000 udp 10.0.2.19 1701 -> 94.69.172.54 22421 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:56:18.230478 0.045202 tcp 10.0.2.19 50311 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:56:18.276104 0.074583 tcp 10.0.2.19 50312 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:56:18.351635 0.137723 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:18.489977 0.120474 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:18.611055 0.174482 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:18.786153 0.415275 udp 10.0.2.19 1701 <-> 42.119.49.245 16218 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:19.202061 0.221791 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:19.424630 0.389966 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:19.815172 0.306004 udp 10.0.2.19 1701 <-> 190.172.226.250 25979 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:20.121801 0.550072 udp 10.0.2.19 1701 <-> 139.0.116.21 6169 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:20.672495 0.305930 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:20.979115 0.338457 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:21.318266 0.170507 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:21.489363 0.345983 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:21.836086 0.141915 udp 10.0.2.19 1701 <-> 2.134.161.217 28779 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:21.978528 0.346809 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:22.326013 0.143607 udp 10.0.2.19 1701 <-> 197.6.58.68 7265 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:22.470326 0.128946 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:22.599834 0.312436 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:22.912901 0.226846 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:23.140326 0.434852 udp 10.0.2.19 1701 <-> 180.246.67.95 17275 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:23.575836 0.109165 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:23.685638 0.401677 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:24.087959 0.457352 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:24.545895 0.000000 udp 10.0.2.19 1701 -> 187.206.142.232 21298 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 06:56:41.283452 0.078255 tcp 10.0.2.19 50313 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:56:41.362323 0.077257 tcp 10.0.2.19 50314 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 06:56:41.440130 0.400100 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:41.840643 0.156725 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:41.997759 0.467824 udp 10.0.2.19 1701 <-> 125.161.126.4 17793 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:56:42.466856 0.073562 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 06:59:20.341467 3.002153 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 06:59:27.350256 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:59:35.351537 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 06:59:51.354213 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:00:23.359988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:06:30.511967 3.000446 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 07:06:37.517928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:06:45.519326 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:07:01.523226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:07:33.528835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:14:02.542618 3.000200 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 07:14:09.548003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:14:17.549822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:14:33.552907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:15:05.738732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:18:17.074966 0.000146 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 07:18:17.075280 0.038050 tcp 10.0.2.19 50315 -> 90.156.118.144 5237 SPA_* 0 0 9 1145 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:18:47.112256 0.045609 tcp 10.0.2.19 50316 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:18:47.156074 0.383553 tcp 10.0.2.19 50315 -> 90.156.118.144 5237 FA_FA 0 0 4 216 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:18:47.158484 0.079103 tcp 10.0.2.19 50317 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:18:47.539997 2.992433 tcp 10.0.2.19 50318 -> 31.192.3.38 2479 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:18:56.540659 0.000000 tcp 10.0.2.19 50318 -> 31.192.3.38 2479 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:19:02.541914 0.046356 tcp 10.0.2.19 50319 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:19:02.588673 0.073508 tcp 10.0.2.19 50320 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:19:02.815869 2.998254 tcp 10.0.2.19 50321 -> 151.45.9.200 2349 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:19:11.812255 0.000000 tcp 10.0.2.19 50321 -> 151.45.9.200 2349 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:19:17.813902 0.045814 tcp 10.0.2.19 50322 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:19:17.860100 0.079259 tcp 10.0.2.19 50323 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:19:18.258755 2.997368 tcp 10.0.2.19 50324 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:19:27.254718 0.000000 tcp 10.0.2.19 50324 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:19:33.255410 0.045049 tcp 10.0.2.19 50325 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:19:33.300966 0.075573 tcp 10.0.2.19 50326 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:19:33.638588 0.036903 tcp 10.0.2.19 50327 -> 90.156.118.144 5237 SPA_* 0 0 7 1037 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:20:03.677482 0.249846 tcp 10.0.2.19 50327 -> 90.156.118.144 5237 FA_FA 0 0 4 216 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:20:03.678063 2.993258 tcp 10.0.2.19 50328 -> 31.192.3.38 2479 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:20:12.679795 0.000000 tcp 10.0.2.19 50328 -> 31.192.3.38 2479 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:20:18.679099 2.993785 tcp 10.0.2.19 50329 -> 151.45.9.200 2349 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:20:27.671427 0.000000 tcp 10.0.2.19 50329 -> 151.45.9.200 2349 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:20:33.680124 2.994177 tcp 10.0.2.19 50330 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:20:38.337358 0.000117 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 07:20:42.673053 0.000000 tcp 10.0.2.19 50330 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:21:09.747023 2.999642 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 07:21:16.752267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:21:24.754352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:21:40.756528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:22:12.762993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:25:48.684224 0.000223 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 07:25:48.684639 3.002592 tcp 10.0.2.19 50331 -> 151.45.9.200 2349 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:25:57.686316 0.000000 tcp 10.0.2.19 50331 -> 151.45.9.200 2349 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:26:03.689656 0.045177 tcp 10.0.2.19 50332 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:03.735365 0.077004 tcp 10.0.2.19 50333 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:04.517362 3.002632 tcp 10.0.2.19 50334 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:26:13.518955 0.000000 tcp 10.0.2.19 50334 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:26:19.519460 0.045866 tcp 10.0.2.19 50335 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:19.565711 0.424973 tcp 10.0.2.19 50336 -> 173.194.70.94 80 SRPA* 0 0 10 3656 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:21.590256 0.038274 tcp 10.0.2.19 50337 -> 90.156.118.144 5237 SPA_* 0 0 9 1168 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:48.850028 0.000000 udp 10.0.2.19 1701 -> 94.69.172.54 22421 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:26:51.625439 0.044845 tcp 10.0.2.19 50338 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:51.659686 0.104152 tcp 10.0.2.19 50337 -> 90.156.118.144 5237 FA_FA 0 0 4 216 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:51.670536 0.071168 tcp 10.0.2.19 50339 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:26:51.764050 3.004203 tcp 10.0.2.19 50340 -> 31.192.3.38 2479 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:27:00.767080 0.000000 tcp 10.0.2.19 50340 -> 31.192.3.38 2479 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:27:06.686548 0.044830 tcp 10.0.2.19 50341 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:06.731565 0.076808 tcp 10.0.2.19 50342 -> 173.194.70.94 80 SRPA* 0 0 25 15806 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:06.765842 0.045159 tcp 10.0.2.19 50343 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:06.808766 0.000000 udp 10.0.2.19 1701 -> 81.134.124.242 3205 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:27:06.811199 0.073943 tcp 10.0.2.19 50344 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:06.903112 2.996714 tcp 10.0.2.19 50345 -> 151.45.9.200 2349 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:27:15.898850 0.000000 tcp 10.0.2.19 50345 -> 151.45.9.200 2349 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:27:21.897134 2.994096 tcp 10.0.2.19 50346 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:27:25.064603 0.045144 tcp 10.0.2.19 50347 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:25.110154 0.073967 tcp 10.0.2.19 50348 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:25.185048 0.000000 udp 10.0.2.19 1701 -> 187.206.142.232 21298 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:27:30.900258 0.000000 tcp 10.0.2.19 50346 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:27:36.898986 0.038291 tcp 10.0.2.19 50349 -> 90.156.118.144 5237 SPA_* 0 0 9 1168 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:41.717360 0.046574 tcp 10.0.2.19 50350 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:41.764143 0.075055 tcp 10.0.2.19 50351 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:27:41.839713 0.173970 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:42.014031 0.211925 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:42.226902 0.154843 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:42.382567 0.201934 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:42.585128 0.439944 udp 10.0.2.19 1701 <-> 36.74.200.86 21244 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:43.025502 0.205987 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:43.232082 0.221369 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:43.454210 0.174124 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:43.628968 0.159502 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:43.789060 0.058744 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:43.848216 0.372232 udp 10.0.2.19 1701 <-> 79.127.101.197 1438 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:44.221090 0.196058 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:44.417785 0.063772 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:44.482366 0.170658 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:44.653646 0.119239 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:44.773435 0.134323 udp 10.0.2.19 1701 <-> 24.151.56.116 5170 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:44.908331 0.251536 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:45.160558 0.138614 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:45.299793 0.119771 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:45.420109 0.263124 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:45.683862 0.393712 udp 10.0.2.19 1701 <-> 42.119.49.245 16218 CON 0 0 2 573 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:46.078461 0.174669 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:46.253829 0.399363 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:46.653753 0.476866 udp 10.0.2.19 1701 <-> 190.172.226.250 25979 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:27:47.131057 0.000000 udp 10.0.2.19 1701 -> 139.0.116.21 6169 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:28:04.901575 0.045593 tcp 10.0.2.19 50352 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:28:04.947594 0.073610 tcp 10.0.2.19 50353 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:28:05.022188 0.297439 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:05.320287 0.342087 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:05.662726 0.179953 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:05.843138 0.000000 udp 10.0.2.19 1701 -> 2.134.161.217 28779 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:28:06.931677 0.036440 tcp 10.0.2.19 50349 -> 90.156.118.144 5237 FA_FA 0 0 4 216 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:28:06.932227 3.003966 tcp 10.0.2.19 50354 -> 31.192.3.38 2479 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:28:15.935296 0.000000 tcp 10.0.2.19 50354 -> 31.192.3.38 2479 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:28:16.950618 3.000240 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 07:28:21.605698 0.046429 tcp 10.0.2.19 50355 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:28:21.652573 0.078527 tcp 10.0.2.19 50356 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:28:21.732242 0.349552 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:22.082418 0.136281 udp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:22.219200 0.323970 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:22.543788 0.345838 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:22.890146 0.133773 udp 10.0.2.19 1701 <-> 197.6.58.68 7265 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:23.024536 0.114378 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:23.139443 0.223250 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:23.363344 0.439721 udp 10.0.2.19 1701 <-> 180.246.67.95 17275 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:23.803705 0.411349 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:23.956142 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:28:24.215632 0.444278 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:24.660536 0.444888 udp 10.0.2.19 1701 <-> 125.161.126.4 17793 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:25.106356 0.069520 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:25.176415 0.385046 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:25.562150 0.140260 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:28:31.958289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:28:47.960931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:29:19.966980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:33:21.936095 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 07:33:21.936282 3.002598 tcp 10.0.2.19 50357 -> 151.45.9.200 2349 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:33:30.937625 0.000000 tcp 10.0.2.19 50357 -> 151.45.9.200 2349 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 07:33:36.940889 0.045705 tcp 10.0.2.19 50358 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:33:36.987166 0.071673 tcp 10.0.2.19 50359 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:33:37.119597 0.663922 tcp 10.0.2.19 50360 -> 82.211.141.181 5977 FSPA* 0 0 14 1673 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:35:23.974801 2.999900 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 07:35:30.980106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:35:38.981828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:35:54.985298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:36:26.991103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:42:30.996674 3.001657 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 07:42:38.004072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:42:46.006385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:43:02.009184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:43:34.015107 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:49:38.022317 2.999990 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 07:49:45.029461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:49:53.031153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:50:09.033926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:50:41.038842 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:56:45.046907 2.999836 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 07:56:52.052002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:57:00.053730 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:57:16.057226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:57:48.062642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 07:58:27.279876 0.000170 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 07:58:27.280235 0.000000 udp 10.0.2.19 1701 -> 139.0.116.21 6169 INT 0 1 100 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:58:45.069933 0.046451 tcp 10.0.2.19 50361 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:58:45.116841 0.074797 tcp 10.0.2.19 50362 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:58:45.193354 0.000000 udp 10.0.2.19 1701 -> 2.134.161.217 28779 INT 0 1 259 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:59:00.289074 0.045628 tcp 10.0.2.19 50363 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:00.335175 0.075870 tcp 10.0.2.19 50364 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:00.411987 0.125620 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 6 2338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:00.528985 0.243358 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 6 2070 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:00.824821 0.180170 rtp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 6 2370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:01.040331 0.270210 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 6 1916 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:01.279714 0.234531 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 6 2242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:01.507146 0.162711 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 6 2115 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:01.869567 0.168178 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 6 2426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:02.155393 0.078957 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 6 2099 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:02.440112 0.243304 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 6 2265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:02.656766 0.000000 udp 10.0.2.19 1701 -> 36.74.200.86 21244 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:59:20.888610 0.045528 tcp 10.0.2.19 50365 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:20.934511 0.075828 tcp 10.0.2.19 50366 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:21.011294 0.147735 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 6 2487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:21.136608 0.060514 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 6 2183 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:21.240807 0.217806 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 6 2456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:21.433799 0.000000 udp 10.0.2.19 1701 -> 79.127.101.197 1438 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:59:37.642207 0.045699 tcp 10.0.2.19 50367 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:37.688315 0.072826 tcp 10.0.2.19 50368 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:37.762324 0.179340 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 6 2393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:37.939169 0.143776 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 6 2503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:38.160565 0.240948 rtp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 6 2286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:38.655830 0.000000 udp 10.0.2.19 1701 -> 24.151.56.116 5170 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 07:59:56.980476 0.055629 tcp 10.0.2.19 50369 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:57.036477 0.074417 tcp 10.0.2.19 50370 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 07:59:57.111714 0.252324 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 6 2214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:57.355726 0.172887 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 6 2368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:58.279834 0.187389 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 6 2320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:58.770380 0.424367 udp 10.0.2.19 1701 <-> 42.119.49.245 16218 CON 0 0 6 2230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 07:59:59.166836 0.421052 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 6 2051 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:00.091552 0.335620 udp 10.0.2.19 1701 <-> 190.172.226.250 25979 CON 0 0 6 2287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:00.399191 0.230485 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 6 2406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:00.654498 0.355210 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 6 2157 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:01.007337 0.332672 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 6 2262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:01.317544 0.332279 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 6 2251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:01.627185 0.355041 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 6 2330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:01.993698 0.131120 rtp 10.0.2.19 1701 <-> 46.180.116.48 1243 CON 0 0 6 2013 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:02.126279 0.361127 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 6 2102 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:02.464562 0.000000 udp 10.0.2.19 1701 -> 197.6.58.68 7265 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 08:00:17.719012 0.045052 tcp 10.0.2.19 50371 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:00:17.764319 0.071733 tcp 10.0.2.19 50372 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:00:17.836589 0.184163 rtp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 6 2328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:17.950348 2.810307 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 6 2428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:20.724595 0.473739 udp 10.0.2.19 1701 <-> 180.246.67.95 17275 CON 0 0 6 2311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:21.160288 0.468681 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 6 2206 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:21.592229 0.470995 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 6 2380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:22.046865 0.441633 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 6 2518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:22.451097 0.194801 rtp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 6 2202 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:22.648724 0.445223 udp 10.0.2.19 1701 <-> 125.161.126.4 17793 CON 0 0 6 2352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:00:23.063104 0.117765 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 6 2214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:03:37.786445 0.000210 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 08:03:37.786823 0.528306 tcp 10.0.2.19 50373 -> 82.211.141.181 5977 FSPA* 0 0 14 1531 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:03:52.069641 3.000749 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 08:03:59.076570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:04:07.077610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:04:23.080517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:04:55.087221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:10:59.094390 3.000186 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 08:11:06.100404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:11:14.102125 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:11:30.104547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:12:02.110670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:18:06.118821 2.999995 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 08:18:13.124134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:18:21.125477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:18:37.129023 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:19:09.134824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:25:13.143362 2.999164 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 08:25:20.148160 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:25:28.149851 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:25:44.153092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:26:16.159215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:30:33.058779 0.000133 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 08:30:33.059139 0.000000 udp 10.0.2.19 1701 -> 36.74.200.86 21244 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 08:30:49.236888 0.045796 tcp 10.0.2.19 50374 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:30:49.283131 0.072855 tcp 10.0.2.19 50375 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:30:49.356956 0.000000 udp 10.0.2.19 1701 -> 79.127.101.197 1438 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 08:31:05.376766 0.046278 tcp 10.0.2.19 50376 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:05.423458 0.075546 tcp 10.0.2.19 50377 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:05.499954 0.000000 udp 10.0.2.19 1701 -> 24.151.56.116 5170 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 08:31:21.900473 0.046450 tcp 10.0.2.19 50378 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:21.947332 0.073414 tcp 10.0.2.19 50379 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:22.021673 0.000000 udp 10.0.2.19 1701 -> 197.6.58.68 7265 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 08:31:39.935659 0.044346 tcp 10.0.2.19 50380 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:39.980240 0.080491 tcp 10.0.2.19 50381 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:40.061277 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 08:31:56.620608 0.046511 tcp 10.0.2.19 50382 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:56.667461 0.074674 tcp 10.0.2.19 50383 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:31:56.743086 0.209553 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:56.953271 0.201762 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:57.155650 0.174251 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:57.330610 0.217733 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:57.548987 0.160323 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:57.709746 0.203273 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:57.913645 0.061256 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:57.975532 0.155972 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:58.132090 0.194610 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:58.327294 0.106976 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:58.434888 0.257700 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:58.693099 0.170396 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:58.864091 0.274373 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:59.139050 0.120314 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:59.259928 0.248684 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:59.509217 0.177560 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:59.687403 0.185463 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:31:59.873477 0.451510 udp 10.0.2.19 1701 <-> 42.119.49.245 16218 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:00.325578 0.177076 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:00.503273 0.390317 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:00.894238 0.390653 udp 10.0.2.19 1701 <-> 190.172.226.250 25979 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:01.285582 0.342433 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:01.628438 0.305284 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:01.934384 0.314661 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:02.249371 0.336944 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:02.586887 0.000000 udp 10.0.2.19 1701 -> 46.180.116.48 1243 INT 0 1 93 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 08:32:18.672224 0.046584 tcp 10.0.2.19 50384 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:32:18.719253 0.074475 tcp 10.0.2.19 50385 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:32:18.794681 0.350625 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:19.145921 0.115094 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:19.261558 2.870308 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:20.187429 2.998687 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 08:32:22.132468 0.471469 udp 10.0.2.19 1701 <-> 180.246.67.95 17275 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:22.604548 0.414033 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:23.019086 0.456583 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:23.476273 0.176732 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:23.653633 0.445060 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:24.099068 0.396579 udp 10.0.2.19 1701 <-> 125.161.126.4 17793 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:24.496089 0.069634 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 08:32:27.192359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:32:35.193904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:32:51.196408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:33:23.202571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:33:38.334595 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 08:33:38.334849 0.587445 tcp 10.0.2.19 50386 -> 82.211.141.181 5977 FSPA* 0 0 14 1657 flow=From-Botnet-V2-TCP-Established 1970/01/03 08:39:27.210309 3.000531 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 08:39:34.216485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:39:42.217514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:39:58.220353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:40:30.227066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:46:34.234423 2.999910 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 08:46:41.239923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:46:49.241353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:47:05.244855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:47:37.251299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:53:41.258967 2.999556 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 08:53:48.264187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:53:56.265835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:54:12.268906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 08:54:44.274714 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:00:48.282365 2.999836 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 09:00:55.288515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:01:03.289375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:01:19.292534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:01:51.299049 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:02:37.345315 0.000167 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 09:02:37.345634 0.100988 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:37.447208 0.000000 udp 10.0.2.19 1701 -> 46.180.116.48 1243 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:02:53.081082 0.045966 tcp 10.0.2.19 50387 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:02:53.127570 0.075096 tcp 10.0.2.19 50388 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:02:53.203258 0.215769 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:53.419643 0.226816 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:53.647048 0.161614 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:53.809200 0.211129 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:54.020878 0.199065 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:54.220358 0.155109 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 204 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:54.375922 0.194216 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:54.570582 0.233480 udp 10.0.2.19 1701 <-> 105.236.59.147 12489 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:54.804489 0.062397 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:54.867498 0.056075 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:54.924177 0.120129 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:55.044719 0.120908 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:55.166234 0.245857 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:55.412516 0.183974 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:55.597083 0.169195 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:55.766823 0.216562 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:55.983964 0.191781 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:02:56.176370 0.000000 udp 10.0.2.19 1701 -> 42.119.49.245 16218 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:03:14.480161 0.046564 tcp 10.0.2.19 50389 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:03:14.526957 0.073644 tcp 10.0.2.19 50390 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:03:14.601561 0.323986 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:14.926311 0.389774 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:15.316713 0.466443 udp 10.0.2.19 1701 <-> 190.172.226.250 25979 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:15.783760 0.337559 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:16.121920 0.316291 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:16.438822 0.278209 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:16.717684 0.337822 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:17.056074 0.345144 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:17.401824 0.110148 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:17.512536 0.232379 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:17.745463 0.000000 udp 10.0.2.19 1701 -> 180.246.67.95 17275 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:03:34.960105 0.046908 tcp 10.0.2.19 50391 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:03:35.007391 0.075125 tcp 10.0.2.19 50392 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:03:35.083446 0.148289 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:35.232363 0.399730 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:35.632739 0.390650 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:36.024025 0.071075 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:36.095655 0.457142 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:36.553318 0.475864 udp 10.0.2.19 1701 <-> 125.161.126.4 17793 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:03:38.924007 3.003671 tcp 10.0.2.19 50393 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:03:47.926254 0.000000 tcp 10.0.2.19 50393 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:03:53.927700 0.045939 tcp 10.0.2.19 50394 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:03:53.974329 0.078508 tcp 10.0.2.19 50395 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:03:54.153788 3.005679 tcp 10.0.2.19 50396 -> 90.156.118.144 5237 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:03.157931 0.000000 tcp 10.0.2.19 50396 -> 90.156.118.144 5237 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:09.148890 0.046885 tcp 10.0.2.19 50397 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:09.196185 0.073681 tcp 10.0.2.19 50398 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:09.426780 2.995145 tcp 10.0.2.19 50399 -> 31.192.3.38 2479 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:18.429781 0.000000 tcp 10.0.2.19 50399 -> 31.192.3.38 2479 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:24.421304 0.045919 tcp 10.0.2.19 50400 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:24.467656 0.076653 tcp 10.0.2.19 50401 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:24.584133 2.989193 tcp 10.0.2.19 50402 -> 190.60.50.180 4059 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:33.571908 0.000000 tcp 10.0.2.19 50402 -> 190.60.50.180 4059 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:39.582784 0.046592 tcp 10.0.2.19 50403 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:39.629812 0.076638 tcp 10.0.2.19 50404 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:39.923616 1.609046 tcp 10.0.2.19 50405 -> 77.50.112.98 27555 FSPA* 0 0 14 1803 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:41.355863 0.045625 tcp 10.0.2.19 50406 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:41.401931 0.073929 tcp 10.0.2.19 50407 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:41.532908 3.004530 tcp 10.0.2.19 50408 -> 46.48.220.55 23394 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:50.536478 0.000000 tcp 10.0.2.19 50408 -> 46.48.220.55 23394 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:04:56.537138 0.918704 tcp 10.0.2.19 50409 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:57.456259 0.072977 tcp 10.0.2.19 50410 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:04:57.581157 3.009448 tcp 10.0.2.19 50411 -> 176.62.240.159 19094 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:05:06.589680 0.000000 tcp 10.0.2.19 50411 -> 176.62.240.159 19094 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:05:12.579085 0.046520 tcp 10.0.2.19 50412 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:05:12.625870 0.077122 tcp 10.0.2.19 50413 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:05:12.917023 2.985946 tcp 10.0.2.19 50414 -> 31.192.42.213 2390 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:05:21.911136 0.000000 tcp 10.0.2.19 50414 -> 31.192.42.213 2390 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:05:27.912623 0.046884 tcp 10.0.2.19 50415 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:05:27.959897 0.077845 tcp 10.0.2.19 50416 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:05:28.075278 2.998918 tcp 10.0.2.19 50417 -> 190.255.3.74 5982 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:05:37.072840 0.000000 tcp 10.0.2.19 50417 -> 190.255.3.74 5982 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 09:05:43.073840 0.045734 tcp 10.0.2.19 50418 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:05:43.120007 0.080404 tcp 10.0.2.19 50419 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:05:43.353119 0.677509 tcp 10.0.2.19 50420 -> 85.67.124.167 6761 FSPA* 0 0 15 1785 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:07:55.746832 2.999867 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 09:08:02.752399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:08:10.754005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:08:26.756860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:08:58.763427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:15:02.770804 3.000579 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 09:15:09.776485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:15:17.778197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:15:33.781284 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:16:05.787525 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:22:09.793480 3.001001 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 09:22:16.800732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:22:24.802273 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:22:40.804778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:23:12.810833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:29:16.818510 3.000277 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 09:29:23.824360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:29:31.825693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:29:47.829403 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:30:19.835264 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:33:43.949249 0.000177 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 09:33:43.949622 0.000000 udp 10.0.2.19 1701 -> 42.119.49.245 16218 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:34:01.948933 0.046123 tcp 10.0.2.19 50421 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:01.995508 0.077424 tcp 10.0.2.19 50422 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:02.073890 0.000000 udp 10.0.2.19 1701 -> 180.246.67.95 17275 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:34:20.693628 0.045864 tcp 10.0.2.19 50423 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:20.739997 0.073577 tcp 10.0.2.19 50424 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:20.814153 0.100371 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:20.915098 0.254175 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:21.169924 0.175048 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:21.345580 0.166794 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:21.513128 0.188434 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:21.702329 0.195524 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:21.898803 0.000000 udp 10.0.2.19 1701 -> 105.236.59.147 12489 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:34:38.719859 0.045604 tcp 10.0.2.19 50425 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:38.765858 0.073175 tcp 10.0.2.19 50426 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:38.839904 0.061920 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:38.902590 0.233105 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:39.136335 0.212781 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:39.349750 0.238000 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:39.588462 0.206218 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:39.795272 0.125722 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:39.921594 0.118439 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:40.040594 0.186673 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:40.227823 0.070078 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:40.298485 0.269505 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:40.568636 0.173185 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:40.742481 0.388334 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:41.131449 0.142762 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:41.274725 0.000000 udp 10.0.2.19 1701 -> 190.172.226.250 25979 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:34:58.708716 0.045775 tcp 10.0.2.19 50427 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:58.754917 0.089904 tcp 10.0.2.19 50428 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:34:58.845718 0.208653 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:59.054831 0.342393 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:59.397842 0.350927 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:59.749367 0.110688 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:34:59.860480 0.255106 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:00.116059 0.399181 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:00.515835 0.374419 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:00.890900 0.420065 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:01.311625 0.126807 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:01.438892 0.456113 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:01.895382 0.387417 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:02.283304 0.068778 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 09:35:02.352702 0.000000 udp 10.0.2.19 1701 -> 125.161.126.4 17793 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 09:35:18.176503 0.061453 tcp 10.0.2.19 50429 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:35:18.238358 0.075355 tcp 10.0.2.19 50430 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:35:44.032003 0.504842 tcp 10.0.2.19 50431 -> 85.67.124.167 6761 FSPA* 0 0 15 1795 flow=From-Botnet-V2-TCP-Established 1970/01/03 09:36:23.840850 3.002274 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 09:36:30.848591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:36:38.849754 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:36:54.853188 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:37:26.859177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:43:30.866553 3.000409 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 09:43:37.872297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:43:45.873995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:44:01.876686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:44:33.883470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:50:37.891749 2.999146 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 09:50:44.896697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:50:52.898124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:51:08.901373 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:51:40.907276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:57:44.914731 2.999824 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 09:57:51.920592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:57:59.921938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:58:15.925269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 09:58:47.930751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:04:51.936480 3.002523 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 10:04:58.944701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:05:06.945969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:05:22.949248 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:05:27.876871 0.000191 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 10:05:27.877223 0.000000 udp 10.0.2.19 1701 -> 105.236.59.147 12489 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 10:05:44.540272 0.701389 tcp 10.0.2.19 50432 -> 85.67.124.167 6761 FSPA* 0 0 15 1625 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:05:46.095837 0.046475 tcp 10.0.2.19 50433 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:05:46.142591 0.082682 tcp 10.0.2.19 50434 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:05:46.225810 0.000000 udp 10.0.2.19 1701 -> 190.172.226.250 25979 INT 0 1 108 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 10:05:54.954624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:06:03.929747 0.060601 tcp 10.0.2.19 50435 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:06:03.990880 0.074134 tcp 10.0.2.19 50436 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:06:04.065980 0.000000 udp 10.0.2.19 1701 -> 125.161.126.4 17793 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 10:06:20.763888 0.045524 tcp 10.0.2.19 50437 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:06:20.809843 0.078160 tcp 10.0.2.19 50438 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:06:20.888956 0.194890 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:21.084528 0.194037 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 208 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:21.279111 0.159626 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:21.439430 0.173203 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:21.613302 0.249716 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:21.863743 0.101339 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:21.965680 0.058949 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:22.025189 0.205755 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:22.231550 0.240905 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:22.473040 0.207335 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:22.681025 0.175384 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:22.856930 0.060923 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:22.918555 0.341992 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:23.261131 0.104766 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:23.366461 0.174433 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:23.541459 0.241040 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:23.783123 0.123944 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:23.907611 0.162152 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:24.070630 0.386634 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:24.457940 0.318599 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:24.777161 0.115466 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:24.893218 0.210057 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:25.103828 0.371601 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:25.476080 0.438571 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:25.915259 0.346229 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:26.262141 0.366183 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:26.628838 0.138031 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:26.767454 0.400950 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:27.169047 0.419969 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:27.589627 0.385932 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:06:27.976181 0.073748 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:11:58.961966 3.000530 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 10:12:05.968493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:12:13.970187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:12:29.972972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:13:01.979054 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:19:05.986388 3.000387 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 10:19:12.992399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:19:20.994103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:19:36.996807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:20:09.003484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:26:13.010490 3.000322 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 10:26:20.016119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:26:28.017900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:26:44.020998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:27:16.026848 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:33:20.034284 3.000344 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 10:33:27.040150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:33:35.041519 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:33:51.044704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:34:23.180757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:35:45.319849 0.000117 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 10:35:45.320232 0.685619 tcp 10.0.2.19 50439 -> 85.67.124.167 6761 FSPA* 0 0 15 1750 flow=From-Botnet-V2-TCP-Established 1970/01/03 10:36:33.779019 0.158681 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:33.938228 0.170989 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:34.109668 0.243576 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:34.353659 0.185286 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:34.539327 0.200872 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:34.740588 0.100724 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:34.841666 0.061668 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:34.903749 0.207833 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:35.111925 0.234414 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:35.346782 0.213589 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:35.560783 0.176850 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:35.738021 0.058003 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:35.796304 0.274890 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:36.071629 0.106183 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:36.178288 0.174657 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:36.353380 0.223046 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:36.576859 0.119072 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:36.696333 0.322657 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:37.019407 0.110909 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:37.130715 0.163830 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:37.294974 0.433430 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:37.728819 0.260172 udp 10.0.2.19 1701 <-> 190.205.151.134 17413 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:37.989426 0.208281 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:38.198130 0.328722 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:38.527248 0.346227 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:38.545846 0.000126 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 10:36:38.873901 0.372196 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:39.246527 0.145606 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:39.392536 0.462639 udp 10.0.2.19 1701 <-> 1.0.223.238 22800 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:39.855581 0.442805 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:40.298821 0.427980 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:36:40.727224 0.075896 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 10:40:27.188130 3.000452 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 10:40:34.194117 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:40:42.196130 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:40:58.198718 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:41:30.205163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:47:34.211278 3.001020 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 10:47:41.218353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:47:49.219557 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:48:05.223072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:48:37.229335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:54:41.236835 3.000060 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 10:54:48.242005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:54:56.243941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:55:12.246570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 10:55:44.252829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:01:48.260472 3.000114 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 11:01:55.266024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:02:03.268026 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:02:19.271074 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:02:51.276717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:05:46.008909 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 11:05:46.009080 0.658670 tcp 10.0.2.19 50440 -> 85.67.124.167 6761 FSPA* 0 0 14 1616 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:07:10.369650 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 11:07:10.370003 0.219836 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:10.590639 0.189784 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:10.780899 0.196647 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:10.978292 0.101364 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:11.080330 0.194638 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:11.275558 0.172865 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:11.448895 0.059010 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 218 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:11.508578 0.199271 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:11.708434 0.234374 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:11.943384 0.212244 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:12.156201 0.179260 udp 10.0.2.19 1701 <-> 184.91.3.102 5239 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:12.335987 0.056705 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:12.393160 0.323817 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:12.717683 0.110029 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:12.828191 0.209344 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:13.038153 0.190898 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:13.229759 0.119593 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:13.349826 0.158805 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:13.509133 0.386846 udp 10.0.2.19 1701 <-> 175.141.121.62 12662 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:13.896521 0.303515 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:14.200693 0.116737 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:14.318402 0.000000 udp 10.0.2.19 1701 -> 190.205.151.134 17413 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:07:31.404606 0.045848 tcp 10.0.2.19 50441 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:07:31.450978 0.088118 tcp 10.0.2.19 50442 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:07:31.540148 0.208753 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:31.749519 0.331341 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:32.081455 0.375813 udp 10.0.2.19 1701 <-> 124.194.94.131 8722 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:32.457930 0.000000 udp 10.0.2.19 1701 -> 1.0.223.238 22800 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:07:49.277370 0.046424 tcp 10.0.2.19 50443 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:07:49.324240 0.078262 tcp 10.0.2.19 50444 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:07:49.403463 0.373068 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:49.777144 0.145771 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:49.923501 0.071620 rtcp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:49.995611 0.464543 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:07:50.460761 0.439301 udp 10.0.2.19 1701 <-> 118.174.83.232 10000 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:08:55.284573 3.000406 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 11:09:02.290510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:09:10.291824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:09:26.294933 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:09:58.300591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:16:02.306727 3.001730 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 11:16:09.314541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:16:17.315736 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:16:33.319038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:17:05.324859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:23:09.331372 3.000995 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 11:23:16.779036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:23:24.780702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:23:40.783251 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:24:12.789434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:30:16.797237 0.996588 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/03 11:30:22.160412 4.006105 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/03 11:30:34.167435 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:30:50.171163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:31:23.288153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:35:48.620065 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 11:35:48.620331 0.559403 tcp 10.0.2.19 50445 -> 85.67.124.167 6761 FSPA* 0 0 14 1751 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:37:30.300194 3.000160 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 11:37:37.305777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:37:45.307787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:38:01.310642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:38:22.421380 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 11:38:22.421574 0.000000 udp 10.0.2.19 1701 -> 190.205.151.134 17413 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:38:33.316663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:38:38.538358 0.046409 tcp 10.0.2.19 50446 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:38:38.584962 0.078633 tcp 10.0.2.19 50447 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:38:38.664284 0.000000 udp 10.0.2.19 1701 -> 1.0.223.238 22800 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:38:57.653763 0.046543 tcp 10.0.2.19 50448 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:38:57.700859 0.074706 tcp 10.0.2.19 50449 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:38:57.776375 0.214472 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:57.991232 0.155508 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:58.147335 0.160479 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:58.308194 0.172725 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:58.481380 0.061235 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:58.543006 0.170767 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:58.714538 0.144537 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:58.859677 0.195661 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:59.055664 0.058560 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:59.115925 0.218047 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:59.334589 0.108556 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:59.443694 0.214494 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:59.658666 0.198957 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:38:59.858201 0.000000 udp 10.0.2.19 1701 -> 184.91.3.102 5239 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:39:17.883035 0.046929 tcp 10.0.2.19 50450 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:39:17.930357 0.073887 tcp 10.0.2.19 50451 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:39:18.004757 0.212397 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:18.217793 0.119181 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:18.337635 0.221496 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:18.559802 0.157861 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:18.718462 0.313486 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:19.032701 0.000000 udp 10.0.2.19 1701 -> 175.141.121.62 12662 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:39:35.547121 0.047534 tcp 10.0.2.19 50452 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:39:35.594894 0.076878 tcp 10.0.2.19 50453 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:39:35.672344 0.115419 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:35.788122 0.205869 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:35.994343 0.328247 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:36.322982 0.000000 udp 10.0.2.19 1701 -> 124.194.94.131 8722 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:39:51.911667 0.044959 tcp 10.0.2.19 50454 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:39:51.956926 0.115056 tcp 10.0.2.19 50455 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:39:52.072597 0.337212 udp 10.0.2.19 1701 <-> 112.210.98.167 17585 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:52.410603 0.440274 udp 10.0.2.19 1701 <-> 124.122.65.82 10637 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:52.851507 0.166926 udp 10.0.2.19 1701 <-> 173.238.124.155 5225 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:53.018909 0.069067 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 11:39:53.088487 0.000000 udp 10.0.2.19 1701 -> 118.174.83.232 10000 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 11:40:08.396332 0.254921 tcp 10.0.2.19 50456 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:40:08.651619 0.077174 tcp 10.0.2.19 50457 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 11:44:37.423260 3.000958 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 11:44:44.429952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:44:52.431828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:45:08.434857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:45:40.441080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:51:44.447479 3.001080 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 11:51:51.454149 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:51:59.455328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:52:15.459009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:52:47.705081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:58:51.712694 3.000087 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 11:58:58.718768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:59:06.719985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:59:22.722832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 11:59:54.729404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:05:49.399181 0.000143 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:05:49.399496 0.997245 tcp 10.0.2.19 50458 -> 85.67.124.167 6761 FSPA* 0 0 15 1666 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:05:58.734879 3.003095 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 12:06:05.742572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:06:13.744056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:06:29.747452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:07:01.752962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:10:36.361794 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:10:36.361957 0.000000 udp 10.0.2.19 1701 -> 184.91.3.102 5239 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:10:53.811574 0.045020 tcp 10.0.2.19 50459 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:10:53.856944 0.073800 tcp 10.0.2.19 50460 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:10:53.931390 0.000000 udp 10.0.2.19 1701 -> 175.141.121.62 12662 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:11:09.961955 2.129412 tcp 10.0.2.19 50461 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:11:12.091585 0.081062 tcp 10.0.2.19 50462 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:11:12.173200 0.000000 udp 10.0.2.19 1701 -> 124.194.94.131 8722 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:11:31.022863 0.047789 tcp 10.0.2.19 50463 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:11:31.071076 0.075925 tcp 10.0.2.19 50464 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:11:31.147969 0.000000 udp 10.0.2.19 1701 -> 118.174.83.232 10000 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:11:48.487506 0.711076 tcp 10.0.2.19 50465 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:11:49.199035 0.074711 tcp 10.0.2.19 50466 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:11:49.274766 0.159333 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:49.434688 0.154807 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:49.590114 0.220516 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:49.811202 0.192882 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:50.004728 0.055970 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:50.061253 0.314491 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:50.376366 0.104901 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:50.481878 0.210191 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:50.692527 0.199107 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:50.892196 0.105444 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:50.998351 0.170837 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:51.169779 0.172891 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:51.343243 0.054523 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:51.398330 0.120631 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:51.519550 0.225411 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:51.745541 0.191798 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:51.938014 0.317660 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:52.256137 0.162635 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:52.419426 0.331451 udp 10.0.2.19 1701 <-> 118.161.198.97 1042 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:52.751475 0.209900 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:52.961886 0.115865 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:11:53.078437 0.000000 udp 10.0.2.19 1701 -> 112.210.98.167 17585 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:12:10.658392 0.045133 tcp 10.0.2.19 50467 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:12:10.703905 0.073715 tcp 10.0.2.19 50468 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:12:10.778324 0.000000 udp 10.0.2.19 1701 -> 173.238.124.155 5225 INT 0 1 99 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:12:27.624024 0.045383 tcp 10.0.2.19 50469 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:12:27.669928 0.076765 tcp 10.0.2.19 50470 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:12:27.747655 0.000000 udp 10.0.2.19 1701 -> 124.122.65.82 10637 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:12:46.691050 0.045971 tcp 10.0.2.19 50471 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:12:46.737478 0.088068 tcp 10.0.2.19 50472 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:12:46.826074 0.070828 udp 10.0.2.19 1701 <-> 2.86.133.67 6612 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:13:07.112403 3.000426 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 12:13:14.118283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:13:22.119839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:13:38.123183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:14:18.009371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:20:16.238537 3.001017 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 12:20:23.245060 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:20:31.246695 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:20:47.249683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:21:19.255711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:27:23.263465 2.999791 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 12:27:30.269535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:27:38.271063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:27:54.273760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:28:26.280184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:34:44.287837 3.000055 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 12:34:51.293223 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:34:59.294980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:35:15.298352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:35:47.303910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:35:53.844115 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:35:53.844425 0.551249 tcp 10.0.2.19 50473 -> 85.67.124.167 6761 FSPA* 0 0 15 1759 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:41:51.311593 3.000453 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 12:41:58.317554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:42:06.318715 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:42:22.321700 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:42:54.327745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:43:16.049028 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:43:16.049199 0.000000 udp 10.0.2.19 1701 -> 112.210.98.167 17585 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:43:34.600853 0.045615 tcp 10.0.2.19 50474 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:43:34.646977 0.077369 tcp 10.0.2.19 50475 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:43:34.725385 0.000000 udp 10.0.2.19 1701 -> 124.122.65.82 10637 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:43:50.500136 0.046552 tcp 10.0.2.19 50476 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:43:50.547060 0.074289 tcp 10.0.2.19 50477 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:43:50.622348 0.000000 udp 10.0.2.19 1701 -> 173.238.124.155 5225 INT 0 1 90 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:44:06.103009 0.046430 tcp 10.0.2.19 50478 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:44:06.149923 0.079238 tcp 10.0.2.19 50479 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:44:06.230049 0.202203 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:06.432669 0.220314 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:06.653423 0.155787 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:06.809609 0.159698 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:06.969693 0.055675 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:07.025782 0.200051 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:07.226318 0.212448 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:07.439207 0.218022 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:07.657673 0.115776 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:07.773837 0.165057 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:07.939322 0.170199 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:08.110405 0.172604 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:08.283640 0.168793 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:08.453061 0.119586 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:08.573100 0.059891 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:08.633419 0.185923 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:08.820019 0.113485 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:08.934067 0.000000 udp 10.0.2.19 1701 -> 118.161.198.97 1042 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:44:26.162349 0.046385 tcp 10.0.2.19 50480 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:44:26.209180 0.077877 tcp 10.0.2.19 50481 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:44:26.287979 0.184942 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:26.473589 0.329921 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:26.804159 0.210984 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:27.015812 0.000000 udp 10.0.2.19 1701 -> 2.86.133.67 6612 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:44:44.729125 0.054639 tcp 10.0.2.19 50482 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:44:44.784216 0.079818 tcp 10.0.2.19 50483 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 12:44:45.435755 0.000000 udp 10.0.2.19 1701 -> 118.161.198.97 1042 REQ 0 1 311 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:44:51.837036 0.000000 udp 10.0.2.19 1701 -> 2.86.133.67 6612 REQ 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:44:57.625198 0.218746 udp 10.0.2.19 1701 <-> 107.199.61.254 8239 CON 0 0 2 684 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:57.844652 0.206176 udp 10.0.2.19 1701 <-> 187.250.72.187 25259 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:58.051634 0.057222 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 675 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:58.109573 0.207602 udp 10.0.2.19 1701 <-> 190.78.213.135 3924 CON 0 0 2 766 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:58.318154 0.216617 udp 10.0.2.19 1701 <-> 189.223.50.157 6134 CON 0 0 2 821 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:58.535577 0.250090 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 839 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:58.786639 0.160255 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:58.947565 0.155163 udp 10.0.2.19 1701 <-> 71.63.188.231 2516 CON 0 0 2 716 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:59.103471 0.109476 udp 10.0.2.19 1701 <-> 95.9.226.247 24104 CON 0 0 2 841 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:59.213798 0.166696 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 692 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:59.381208 0.124295 udp 10.0.2.19 1701 <-> 193.92.180.233 16365 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:59.506468 0.052147 udp 10.0.2.19 1701 <-> 86.149.223.80 4329 CON 0 0 2 691 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:59.559322 0.169594 udp 10.0.2.19 1701 <-> 99.177.116.230 8435 CON 0 0 2 832 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:59.729644 0.146682 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 695 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:44:59.877156 0.179174 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:00.057061 0.199566 udp 10.0.2.19 1701 <-> 108.238.101.170 3001 CON 0 0 2 809 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:00.257355 0.126612 udp 10.0.2.19 1701 <-> 46.185.202.38 15730 CON 0 0 2 673 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:00.384704 0.153529 udp 10.0.2.19 1701 <-> 46.36.128.79 7651 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:00.539011 0.215826 udp 10.0.2.19 1701 <-> 187.233.152.26 11337 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:00.755635 0.331523 udp 10.0.2.19 1701 <-> 186.55.74.216 9109 CON 0 0 2 695 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:01.088067 0.000000 udp 10.0.2.19 1701 -> 189.152.71.4 8292 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:45:09.352690 0.000000 udp 10.0.2.19 1701 -> 77.9.241.203 5532 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:45:17.394239 0.055187 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 710 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:17.488843 0.071986 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 707 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:17.599047 0.091373 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:17.745887 0.059772 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 665 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:17.840350 0.000000 udp 10.0.2.19 1701 -> 122.180.9.190 3481 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:45:22.160765 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:45:24.384200 4.997663 udp 10.0.2.19 1701 <-> 14.97.99.162 4294 CON 0 0 2 804 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:29.454635 0.055716 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 804 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:29.609406 0.055222 udp 10.0.2.19 1701 <-> 176.73.239.118 6517 CON 0 0 2 703 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:29.759215 0.050446 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 694 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:45:29.894149 0.000000 udp 10.0.2.19 1701 -> 217.86.152.248 3838 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:45:38.864331 0.000000 udp 10.0.2.19 1701 -> 93.46.196.170 1232 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:45:45.604484 0.000000 udp 10.0.2.19 1701 -> 74.95.5.153 2062 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:45:52.584174 0.000000 udp 10.0.2.19 1701 -> 68.45.73.57 5878 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:45:57.161023 0.000110 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:45:59.925276 0.000000 udp 10.0.2.19 1701 -> 85.96.88.23 3253 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:08.016930 0.000000 udp 10.0.2.19 1701 -> 89.32.225.38 6792 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:15.026669 0.000000 udp 10.0.2.19 1701 -> 72.4.69.34 5614 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:23.638897 0.186232 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 824 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:46:23.949836 0.000000 udp 10.0.2.19 1701 -> 112.205.157.47 1043 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:31.810657 0.065111 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 678 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:46:32.009884 0.211029 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 788 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:46:32.263618 0.178542 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 785 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:46:32.592401 0.000000 udp 10.0.2.19 1701 -> 82.60.83.242 8940 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:36.657140 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:46:37.889208 0.710275 udp 10.0.2.19 1701 <-> 41.96.31.105 27376 CON 0 0 2 805 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:46:38.720147 0.000000 udp 10.0.2.19 1701 -> 89.109.54.54 7719 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:47.643340 0.000000 udp 10.0.2.19 1701 -> 176.73.242.27 4163 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:52.721207 0.000000 udp 10.0.2.19 1701 -> 93.20.208.20 14242 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:46:59.280322 0.000000 udp 10.0.2.19 1701 -> 64.199.189.5 11735 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:06.250448 0.089066 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 806 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:47:06.568070 0.000000 udp 10.0.2.19 1701 -> 212.156.246.70 9194 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:11.156756 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:47:11.597904 0.532337 udp 10.0.2.19 1701 <-> 117.199.106.53 11311 CON 0 0 2 754 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:47:12.304725 0.172240 udp 10.0.2.19 1701 <-> 80.183.69.117 7588 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:47:12.892307 0.000000 udp 10.0.2.19 1701 -> 180.14.83.159 8234 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:19.699956 0.000000 udp 10.0.2.19 1701 -> 88.251.230.161 2906 INT 0 1 295 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:28.402371 0.080839 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 838 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:47:28.743201 0.000000 udp 10.0.2.19 1701 -> 83.29.55.105 6168 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:34.791291 0.040668 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 834 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:47:34.923146 0.201068 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 712 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:47:35.249222 0.000000 udp 10.0.2.19 1701 -> 151.77.23.90 24704 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:40.959961 0.000000 udp 10.0.2.19 1701 -> 79.15.146.190 1805 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:45.686547 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:47:46.107979 0.155010 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 777 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:47:46.415186 0.000000 udp 10.0.2.19 1701 -> 46.44.21.6 4958 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:47:53.318087 0.000000 udp 10.0.2.19 1701 -> 24.28.186.79 2302 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:00.929039 0.000000 udp 10.0.2.19 1701 -> 31.167.175.79 9750 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:09.561106 0.330255 udp 10.0.2.19 1701 <-> 122.3.142.198 22710 CON 0 0 2 703 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:48:10.133530 0.448184 udp 10.0.2.19 1701 <-> 180.242.182.216 15206 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:48:10.676184 0.000000 udp 10.0.2.19 1701 -> 66.64.171.254 3071 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:18.564120 0.000000 udp 10.0.2.19 1701 -> 178.22.196.69 7465 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:23.190333 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:48:26.455489 0.000000 udp 10.0.2.19 1701 -> 49.0.121.12 20477 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:34.988011 0.000000 udp 10.0.2.19 1701 -> 85.75.181.208 5205 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:42.869416 0.000000 udp 10.0.2.19 1701 -> 178.48.10.93 8116 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:49.318603 0.000000 udp 10.0.2.19 1701 -> 93.195.252.29 6078 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:55.888074 0.065353 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 701 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:48:56.118341 1.493451 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 763 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:48:57.684202 0.000000 udp 10.0.2.19 1701 -> 79.5.179.11 9800 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:48:58.363519 3.002450 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 12:49:00.694750 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:49:04.189830 0.000000 udp 10.0.2.19 1701 -> 188.3.9.124 4358 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:49:05.371046 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:49:10.278731 0.000000 udp 10.0.2.19 1701 -> 90.147.34.12 2040 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:49:13.373013 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:49:19.061241 0.000000 udp 10.0.2.19 1701 -> 175.139.250.191 1893 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:49:27.653522 0.000000 udp 10.0.2.19 1701 -> 95.224.186.241 5582 INT 0 1 166 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:49:29.376304 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:49:33.962645 0.000000 udp 10.0.2.19 1701 -> 27.7.36.130 1135 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:49:38.688950 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:49:42.084128 0.187259 udp 10.0.2.19 1701 <-> 114.143.80.185 18343 CON 0 0 2 661 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:49:42.304559 0.277093 udp 10.0.2.19 1701 <-> 122.160.114.142 16383 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:49:42.657244 0.433220 udp 10.0.2.19 1701 <-> 36.69.218.77 16776 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:49:43.146980 0.184073 udp 10.0.2.19 1701 <-> 62.212.59.249 21795 CON 0 0 2 711 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:49:43.364345 0.117367 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 733 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:49:43.499587 0.000000 udp 10.0.2.19 1701 -> 109.64.144.26 8601 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:49:48.573536 0.000000 udp 10.0.2.19 1701 -> 105.236.64.158 2056 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:49:54.581971 0.000000 udp 10.0.2.19 1701 -> 41.89.101.100 9754 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:01.381530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:50:01.571990 0.267144 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 672 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:01.855487 0.136109 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:02.099081 0.179616 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 696 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:02.287531 0.000000 udp 10.0.2.19 1701 -> 219.92.21.212 4201 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:07.550618 0.455317 udp 10.0.2.19 1701 <-> 113.53.3.159 27404 CON 0 0 2 771 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:08.023947 0.203897 udp 10.0.2.19 1701 <-> 122.170.10.62 19526 CON 0 0 2 797 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:08.296210 0.000000 udp 10.0.2.19 1701 -> 94.21.195.190 11657 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:12.688274 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:50:13.579285 0.000000 udp 10.0.2.19 1701 -> 197.87.88.73 10896 INT 0 1 314 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:21.551243 0.000000 udp 10.0.2.19 1701 -> 5.98.103.145 8115 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:26.899019 0.248064 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:27.242483 0.000000 udp 10.0.2.19 1701 -> 190.149.104.193 2848 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:33.558173 0.000000 udp 10.0.2.19 1701 -> 217.133.70.14 6027 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:41.329555 0.057574 udp 10.0.2.19 1701 <-> 80.241.253.218 2917 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:41.536037 0.085924 udp 10.0.2.19 1701 <-> 85.97.73.133 22126 CON 0 0 2 783 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:41.661534 0.185359 udp 10.0.2.19 1701 <-> 120.63.10.102 10675 CON 0 0 2 786 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:41.885409 0.128541 udp 10.0.2.19 1701 <-> 188.169.119.104 23159 CON 0 0 2 825 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:42.058878 1.972039 udp 10.0.2.19 1701 <-> 88.240.31.91 15876 CON 0 0 2 807 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:44.279913 0.000000 udp 10.0.2.19 1701 -> 190.223.54.21 4971 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:50:46.686932 0.000201 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:50:52.896207 0.058079 udp 10.0.2.19 1701 <-> 94.240.245.133 7534 CON 0 0 2 706 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:52.982547 0.074184 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 782 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:50:53.090622 0.000000 udp 10.0.2.19 1701 -> 85.73.228.35 10567 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:00.016162 0.192793 udp 10.0.2.19 1701 <-> 41.234.97.81 11537 CON 0 0 2 799 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:51:00.237798 0.923852 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 707 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:51:01.405802 0.000000 udp 10.0.2.19 1701 -> 108.185.46.132 2704 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:09.309609 0.189013 udp 10.0.2.19 1701 <-> 122.162.184.60 10452 CON 0 0 2 826 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:51:09.537685 0.000000 udp 10.0.2.19 1701 -> 80.179.199.81 20802 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:14.717765 0.000000 udp 10.0.2.19 1701 -> 2.132.152.76 9679 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:23.009512 0.147202 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:51:23.194453 0.295284 udp 10.0.2.19 1701 <-> 188.136.223.205 12232 CON 0 0 2 734 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:51:23.565506 0.078032 udp 10.0.2.19 1701 -> 88.250.36.53 5691 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:23.643538 0.000000 icmp 88.250.36.53 0x0303 -> 10.0.2.19 0x3b16 URP 192 1 305 flow=Background 1970/01/03 12:51:27.686145 0.000072 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:51:28.987989 0.088020 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 838 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:51:29.114761 0.000000 udp 10.0.2.19 1701 -> 178.88.182.105 9622 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:37.450325 0.000000 udp 10.0.2.19 1701 -> 190.118.30.94 7244 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:44.790605 0.176689 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 658 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 12:51:45.004975 0.000000 udp 10.0.2.19 1701 -> 93.93.155.18 8246 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:50.999765 0.000000 udp 10.0.2.19 1701 -> 109.234.117.98 7573 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:58.159906 0.246724 udp 10.0.2.19 1701 -> 202.29.213.222 6956 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:51:58.406630 0.000000 icmp 202.29.218.110 0x0303 -> 10.0.2.19 0x2c1b URP 192 1 222 flow=Background 1970/01/03 12:52:02.686142 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 12:52:03.607963 0.000000 udp 10.0.2.19 1701 -> 79.51.77.103 3506 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 12:56:05.387324 3.002200 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 12:56:12.395789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:56:20.396827 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:56:36.399534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 12:57:08.405644 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:03:12.413975 2.999766 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 13:03:19.419065 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:03:27.421073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:03:43.424077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:04:15.429955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:05:54.432995 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 13:05:54.433431 0.660568 tcp 10.0.2.19 50484 -> 85.67.124.167 6761 FSPA* 0 0 15 1767 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:10:19.435437 3.001746 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 13:10:26.443154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:10:34.444886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:10:50.738437 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:11:22.744150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:17:26.749830 3.322497 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 13:17:34.078352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:17:42.079883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:17:58.082210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:18:30.088809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:22:22.242945 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 13:22:22.243142 0.058623 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:22.302203 0.277780 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:22.580492 0.101488 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:22.682386 0.179640 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:22.862449 0.065396 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:22.928368 0.058136 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:22.986901 0.054831 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.042431 0.217879 udp 10.0.2.19 1701 <-> 14.97.99.162 4294 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.260943 0.056436 udp 10.0.2.19 1701 <-> 176.73.239.118 6517 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.317930 0.055296 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.373750 0.050097 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.424164 0.183308 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.608096 0.070696 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.679402 0.182750 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.862596 0.071862 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:23.934997 0.091023 udp 10.0.2.19 1701 <-> 41.96.31.105 27376 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:24.026538 0.076895 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:24.103955 0.545333 udp 10.0.2.19 1701 <-> 117.199.106.53 11311 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:24.650238 0.152277 udp 10.0.2.19 1701 <-> 80.183.69.117 7588 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:24.803116 0.075319 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:24.878967 0.197004 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:25.076441 0.040218 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:25.117193 0.148092 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:25.265870 0.000000 udp 10.0.2.19 1701 -> 180.242.182.216 15206 INT 0 1 114 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 13:22:43.846815 0.046789 tcp 10.0.2.19 50485 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:22:43.894161 0.076016 tcp 10.0.2.19 50486 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:22:43.970716 0.297818 udp 10.0.2.19 1701 <-> 122.3.142.198 22710 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:44.268960 0.073986 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:44.343338 0.107380 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:44.451080 0.190652 udp 10.0.2.19 1701 <-> 114.143.80.185 18343 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:44.642201 0.222696 udp 10.0.2.19 1701 <-> 122.160.114.142 16383 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:44.865636 0.079855 udp 10.0.2.19 1701 <-> 62.212.59.249 21795 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:44.946104 0.104820 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:22:45.051318 0.000000 udp 10.0.2.19 1701 -> 36.69.218.77 16776 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 13:23:00.929430 0.045857 tcp 10.0.2.19 50487 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:23:00.975506 0.074654 tcp 10.0.2.19 50488 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:23:01.050756 0.134379 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:01.185531 0.142453 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:01.328373 0.179092 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:01.508077 0.460935 udp 10.0.2.19 1701 <-> 113.53.3.159 27404 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:01.969407 0.196249 udp 10.0.2.19 1701 <-> 122.170.10.62 19526 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:02.166089 0.228118 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 203 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:02.394564 0.069693 udp 10.0.2.19 1701 <-> 85.97.73.133 22126 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:02.464665 0.000000 udp 10.0.2.19 1701 -> 120.63.10.102 10675 INT 0 1 166 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 13:23:17.563400 0.045791 tcp 10.0.2.19 50489 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:23:17.609438 0.080704 tcp 10.0.2.19 50490 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:23:17.690742 0.120030 udp 10.0.2.19 1701 <-> 188.169.119.104 23159 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:17.811543 0.760036 udp 10.0.2.19 1701 <-> 88.240.31.91 15876 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:18.572247 0.053407 udp 10.0.2.19 1701 <-> 94.240.245.133 7534 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:18.626057 0.071798 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:18.698247 0.159244 udp 10.0.2.19 1701 <-> 41.234.97.81 11537 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:18.857811 0.921602 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:19.780046 0.184498 udp 10.0.2.19 1701 <-> 122.162.184.60 10452 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:19.965214 0.278785 udp 10.0.2.19 1701 <-> 188.136.223.205 12232 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:20.244664 0.078751 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:23:20.324009 0.172831 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:24:34.094299 3.002164 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 13:24:41.101876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:24:49.103893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:25:05.106735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:25:37.112214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:31:41.120093 2.999881 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 13:31:48.125665 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:31:56.127890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:32:25.384055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:32:56.955054 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:36:05.684684 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 13:36:05.684918 0.810759 tcp 10.0.2.19 50491 -> 85.67.124.167 6761 FSPA* 0 0 15 1706 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:38:56.022373 2.953371 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 13:39:02.926728 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:39:10.818759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:39:26.598277 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:39:58.172843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:45:57.299653 3.001310 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 13:46:04.430703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:46:12.428333 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:46:28.431951 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:47:06.102018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:53:06.538973 2.999224 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 13:53:13.543910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:53:21.545706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:53:25.401817 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 13:53:25.402248 0.441461 udp 10.0.2.19 1701 <-> 180.242.182.216 15206 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:53:25.844325 0.000000 udp 10.0.2.19 1701 -> 36.69.218.77 16776 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 13:53:37.548857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:53:50.463090 0.046173 tcp 10.0.2.19 50492 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:53:50.509689 0.076088 tcp 10.0.2.19 50493 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:53:50.586620 0.000000 udp 10.0.2.19 1701 -> 120.63.10.102 10675 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 13:54:05.976369 0.046102 tcp 10.0.2.19 50494 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:54:06.022904 0.081059 tcp 10.0.2.19 50495 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:54:06.105095 0.100494 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:06.206310 0.307525 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:06.514664 0.056083 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:06.571438 0.087065 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:06.659089 0.284921 udp 10.0.2.19 1701 <-> 14.97.99.162 4294 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:06.944684 0.058246 udp 10.0.2.19 1701 <-> 176.73.239.118 6517 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.003565 0.053455 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.057428 0.049910 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.107851 0.185529 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.294199 0.078588 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.373168 0.177000 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.550856 0.055529 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.606712 0.053120 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.660436 0.063519 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.724623 0.090339 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.815694 0.088247 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.904300 0.066755 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:07.971559 0.000000 udp 10.0.2.19 1701 -> 117.199.106.53 11311 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 13:54:16.084912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 13:54:25.006772 0.045970 tcp 10.0.2.19 50496 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:54:25.053248 0.080262 tcp 10.0.2.19 50497 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:54:25.134183 0.081417 udp 10.0.2.19 1701 <-> 41.96.31.105 27376 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:25.216262 0.097294 udp 10.0.2.19 1701 <-> 80.183.69.117 7588 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:25.314192 0.040420 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:25.355074 0.191976 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:25.547417 0.353966 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:25.902117 0.226093 udp 10.0.2.19 1701 <-> 122.160.114.142 16383 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:26.128920 0.285031 udp 10.0.2.19 1701 <-> 122.3.142.198 22710 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:26.414670 1.681371 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:28.096739 0.270269 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:28.367514 0.183521 udp 10.0.2.19 1701 <-> 114.143.80.185 18343 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:28.551417 0.548140 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:29.100036 0.105158 udp 10.0.2.19 1701 <-> 62.212.59.249 21795 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:29.205651 0.120713 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:29.327059 0.178236 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:29.506292 0.177351 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:29.684562 0.229873 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:29.915155 0.000000 udp 10.0.2.19 1701 -> 85.97.73.133 22126 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 13:54:47.202692 0.046898 tcp 10.0.2.19 50498 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:54:47.250259 0.090826 tcp 10.0.2.19 50499 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 13:54:47.342220 0.744576 udp 10.0.2.19 1701 <-> 113.53.3.159 27404 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:48.087446 0.198407 udp 10.0.2.19 1701 <-> 122.170.10.62 19526 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:48.286616 0.122022 udp 10.0.2.19 1701 <-> 188.169.119.104 23159 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:48.409271 0.071693 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:48.481448 0.231133 udp 10.0.2.19 1701 <-> 41.234.97.81 11537 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:48.713172 0.073066 udp 10.0.2.19 1701 <-> 88.240.31.91 15876 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:48.786790 0.057576 udp 10.0.2.19 1701 <-> 94.240.245.133 7534 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:48.844892 0.916471 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:49.762333 0.081335 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:49.844244 0.303386 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:50.148360 0.184169 udp 10.0.2.19 1701 <-> 122.162.184.60 10452 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 13:54:50.333218 0.280324 udp 10.0.2.19 1701 <-> 188.136.223.205 12232 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:00:15.664481 3.000714 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 14:00:22.671099 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:00:30.672729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:00:46.675265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:01:18.681720 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:06:02.590717 0.000171 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 14:06:02.591071 0.814411 tcp 10.0.2.19 50500 -> 85.67.124.167 6761 FSPA* 0 0 14 1571 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:07:22.687116 3.002503 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 14:07:29.695426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:07:37.697009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:07:53.699926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:08:25.705579 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:14:34.718300 3.002493 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 14:14:41.726505 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:14:50.048080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:15:06.051086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:15:38.057137 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:21:42.063871 3.001207 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 14:21:49.070834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:21:57.072307 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:22:13.075453 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:22:45.081367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:25:08.618308 0.000232 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 14:25:08.618735 0.256386 udp 10.0.2.19 1701 -> 117.199.106.53 11311 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:25:08.875121 0.000000 icmp 117.199.106.53 0x0303 -> 10.0.2.19 0x2f2c URP 192 1 236 flow=Background 1970/01/03 14:25:24.715840 0.045187 tcp 10.0.2.19 50501 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:25:24.761500 0.077638 tcp 10.0.2.19 50502 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:25:24.840066 0.000000 udp 10.0.2.19 1701 -> 85.97.73.133 22126 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:25:41.957510 0.047731 tcp 10.0.2.19 50503 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:25:42.005750 0.076783 tcp 10.0.2.19 50504 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:25:42.083497 0.470971 udp 10.0.2.19 1701 <-> 180.242.182.216 15206 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:42.554963 0.083805 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:42.639289 0.230172 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:42.870119 0.108200 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:42.978934 0.056839 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.036361 0.056056 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.092963 0.049731 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.143215 0.183445 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.327282 0.058860 udp 10.0.2.19 1701 <-> 176.73.239.118 6517 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.386726 0.177648 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.564953 0.053041 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.618625 0.229181 udp 10.0.2.19 1701 <-> 14.97.99.162 4294 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.848395 0.060735 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:43.909717 0.111142 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.021453 0.080992 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.103012 0.076412 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.180031 0.049264 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.229816 0.067144 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.297530 0.040309 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.338509 0.079027 udp 10.0.2.19 1701 <-> 41.96.31.105 27376 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.418226 0.392250 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:44.811078 0.201760 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:45.013402 0.109497 udp 10.0.2.19 1701 <-> 80.183.69.117 7588 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:45.123482 0.244377 udp 10.0.2.19 1701 <-> 122.160.114.142 16383 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:25:45.368466 0.000000 udp 10.0.2.19 1701 -> 122.3.142.198 22710 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:26:03.017700 0.046077 tcp 10.0.2.19 50505 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:26:03.064063 0.079284 tcp 10.0.2.19 50506 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:26:03.144125 0.129316 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:03.274309 0.164924 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:03.439604 0.127530 udp 10.0.2.19 1701 <-> 62.212.59.249 21795 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:03.567771 0.186648 udp 10.0.2.19 1701 <-> 114.143.80.185 18343 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:03.754807 0.141362 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:03.896587 0.178997 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:04.076277 0.125082 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:04.201904 0.100428 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:04.302927 0.245963 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:04.549552 0.437188 udp 10.0.2.19 1701 <-> 113.53.3.159 27404 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:04.987320 0.000000 udp 10.0.2.19 1701 -> 122.170.10.62 19526 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:26:22.746846 0.272593 tcp 10.0.2.19 50507 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:26:23.019964 0.080719 tcp 10.0.2.19 50508 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:26:23.101224 0.121300 udp 10.0.2.19 1701 <-> 188.169.119.104 23159 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:23.223204 0.067757 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:23.291530 0.054855 udp 10.0.2.19 1701 <-> 94.240.245.133 7534 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:23.346824 0.937477 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:24.284739 0.081049 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:24.366320 0.158612 udp 10.0.2.19 1701 <-> 41.234.97.81 11537 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:24.525495 0.080522 udp 10.0.2.19 1701 <-> 88.240.31.91 15876 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:24.606484 0.287852 udp 10.0.2.19 1701 <-> 188.136.223.205 12232 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:24.894939 0.172886 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:26:25.068444 0.184756 udp 10.0.2.19 1701 <-> 122.162.184.60 10452 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:28:59.093298 2.999680 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 14:29:06.099278 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:29:14.100315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:29:30.103965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:30:02.109912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:36:03.570150 0.000140 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 14:36:03.570465 0.609876 tcp 10.0.2.19 50509 -> 85.67.124.167 6761 FSPA* 0 0 14 1701 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:36:06.118648 2.998778 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 14:36:13.123033 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:36:21.124460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:36:37.127655 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:37:09.133757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:43:13.141867 2.999411 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 14:43:20.146901 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:43:28.148582 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:43:44.151717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:44:16.157857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:50:20.164956 3.000550 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 14:50:27.171289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:50:35.172067 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:50:51.175575 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:51:23.181362 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:56:41.299131 0.000110 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 14:56:41.299483 0.000000 udp 10.0.2.19 1701 -> 122.3.142.198 22710 INT 0 1 99 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:56:58.298095 0.046509 tcp 10.0.2.19 50510 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:56:58.345089 0.078719 tcp 10.0.2.19 50511 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:56:58.424888 0.000000 udp 10.0.2.19 1701 -> 122.170.10.62 19526 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:57:14.579215 0.045251 tcp 10.0.2.19 50512 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:57:14.624964 0.079319 tcp 10.0.2.19 50513 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:57:14.705234 0.056560 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:14.762483 0.294392 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:15.057537 0.085944 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:15.144135 0.451990 udp 10.0.2.19 1701 <-> 180.242.182.216 15206 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:15.596795 0.100353 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:15.697706 0.184066 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:15.882429 0.000000 udp 10.0.2.19 1701 -> 176.73.239.118 6517 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:57:27.189436 2.999418 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 14:57:34.195194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:57:34.756922 0.045547 tcp 10.0.2.19 50514 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:57:34.802941 0.144117 tcp 10.0.2.19 50515 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:57:34.947853 0.176984 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:35.125478 0.055980 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:35.182024 0.000000 udp 10.0.2.19 1701 -> 14.97.99.162 4294 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:57:42.196407 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:57:50.340655 0.046486 tcp 10.0.2.19 50516 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:57:50.387617 0.076166 tcp 10.0.2.19 50517 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:57:50.464744 0.064254 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:50.529620 0.048806 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:50.578959 0.093685 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:50.673232 0.074835 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:50.748597 0.053958 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:50.803099 0.056587 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:50.860238 0.076398 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:50.937047 0.454849 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:57:51.392519 0.000000 udp 10.0.2.19 1701 -> 190.72.22.249 3956 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:57:58.199575 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:58:08.605616 0.045784 tcp 10.0.2.19 50518 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:58:08.651693 0.078298 tcp 10.0.2.19 50519 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:58:08.730575 0.118217 udp 10.0.2.19 1701 <-> 80.183.69.117 7588 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:08.849173 0.205975 udp 10.0.2.19 1701 <-> 122.160.114.142 16383 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:09.055545 0.070258 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:09.126120 0.000000 udp 10.0.2.19 1701 -> 41.96.31.105 27376 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:58:24.930504 0.045845 tcp 10.0.2.19 50520 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:58:24.976822 0.085236 tcp 10.0.2.19 50521 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:58:25.063044 0.040058 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:25.103531 0.107822 udp 10.0.2.19 1701 <-> 62.212.59.249 21795 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:25.212011 0.084045 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:25.296693 0.060249 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:25.357480 0.177827 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:25.535902 0.186326 udp 10.0.2.19 1701 <-> 114.143.80.185 18343 CON 0 0 2 591 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:25.722842 0.102600 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:25.825781 0.226549 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:26.052940 0.124550 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:26.178024 0.140993 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:26.319792 0.470059 udp 10.0.2.19 1701 <-> 113.53.3.159 27404 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:26.790448 0.122679 udp 10.0.2.19 1701 <-> 188.169.119.104 23159 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:26.913753 0.067339 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:26.981647 0.053138 udp 10.0.2.19 1701 <-> 94.240.245.133 7534 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:27.035328 0.175254 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:27.210968 0.095819 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:27.307396 0.136319 udp 10.0.2.19 1701 <-> 41.234.97.81 11537 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:27.444347 0.000000 udp 10.0.2.19 1701 -> 88.240.31.91 15876 INT 0 1 113 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:58:30.205196 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 14:58:45.590440 0.046245 tcp 10.0.2.19 50522 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:58:45.637122 0.077330 tcp 10.0.2.19 50523 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:58:45.715268 0.277835 udp 10.0.2.19 1701 <-> 188.136.223.205 12232 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:45.993778 0.173140 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 14:58:46.167553 0.000000 udp 10.0.2.19 1701 -> 122.162.184.60 10452 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 14:59:03.585811 0.048503 tcp 10.0.2.19 50524 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 14:59:03.634801 0.078038 tcp 10.0.2.19 50525 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:04:34.211358 3.001890 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 15:04:41.218843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:04:49.220695 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:05:05.223551 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:05:37.229600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:06:04.189297 0.000145 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 15:06:04.189598 0.856128 tcp 10.0.2.19 50526 -> 85.67.124.167 6761 FSPA* 0 0 15 1663 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:11:41.235418 3.001396 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 15:11:48.243035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:11:56.244121 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:12:12.247200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:12:44.253077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:18:48.261715 2.999661 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 15:18:55.266500 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:19:03.268581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:19:19.271671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:19:51.277752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:25:55.285306 3.000122 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 15:26:02.291219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:26:10.292470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:26:26.294992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:26:58.301263 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:29:28.958575 0.000158 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 15:29:28.958899 0.000000 udp 10.0.2.19 1701 -> 176.73.239.118 6517 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:29:44.715479 0.046166 tcp 10.0.2.19 50527 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:29:44.762117 0.076677 tcp 10.0.2.19 50528 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:29:44.840435 0.000000 udp 10.0.2.19 1701 -> 14.97.99.162 4294 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:30:01.346529 0.553524 tcp 10.0.2.19 50529 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:01.900264 0.073674 tcp 10.0.2.19 50530 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:01.974871 0.000000 udp 10.0.2.19 1701 -> 41.96.31.105 27376 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:30:17.239606 0.045375 tcp 10.0.2.19 50531 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:17.285295 0.085354 tcp 10.0.2.19 50532 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:17.371683 0.195926 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:17.568303 0.000000 udp 10.0.2.19 1701 -> 88.240.31.91 15876 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:30:33.783388 0.046099 tcp 10.0.2.19 50533 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:33.829970 0.076150 tcp 10.0.2.19 50534 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:33.907090 0.000000 udp 10.0.2.19 1701 -> 122.162.184.60 10452 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:30:49.085717 0.045518 tcp 10.0.2.19 50535 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:49.131773 0.076061 tcp 10.0.2.19 50536 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:30:49.208834 0.431997 udp 10.0.2.19 1701 <-> 180.242.182.216 15206 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:49.641209 0.084545 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:49.726594 0.056721 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:49.783842 0.329629 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:51.238363 0.103801 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:51.342507 0.184274 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:51.527320 0.176439 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:51.704312 0.055916 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:51.760607 0.066151 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:51.827324 0.052446 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:51.880135 0.146811 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:52.027586 0.054320 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:52.082452 0.072172 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:52.155189 0.075227 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:52.230964 0.055243 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:52.286713 0.099143 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:52.386346 0.066467 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:30:52.453391 0.000000 udp 10.0.2.19 1701 -> 80.183.69.117 7588 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:31:10.987170 0.045512 tcp 10.0.2.19 50537 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:31:11.033221 0.077298 tcp 10.0.2.19 50538 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:31:11.111211 0.221312 udp 10.0.2.19 1701 <-> 122.160.114.142 16383 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:11.333122 0.179496 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:11.513180 0.083522 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:11.597245 0.000000 udp 10.0.2.19 1701 -> 62.212.59.249 21795 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:31:30.014149 0.046306 tcp 10.0.2.19 50539 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:31:30.060858 0.076857 tcp 10.0.2.19 50540 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:31:30.138827 0.040442 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:30.179620 0.059841 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:30.240078 0.239889 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:30.480449 0.117461 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:30.598618 0.140395 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:30.739598 0.105937 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:30.845957 0.183028 udp 10.0.2.19 1701 <-> 114.143.80.185 18343 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:31.029617 0.070800 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:31.100774 0.000000 udp 10.0.2.19 1701 -> 94.240.245.133 7534 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:31:46.417901 0.045442 tcp 10.0.2.19 50541 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:31:46.463699 0.073504 tcp 10.0.2.19 50542 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:31:46.537935 0.146841 udp 10.0.2.19 1701 <-> 188.169.119.104 23159 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:46.685230 0.081252 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:46.766787 3.159932 udp 10.0.2.19 1701 <-> 41.234.97.81 11537 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:31:49.927328 0.000000 udp 10.0.2.19 1701 -> 113.53.3.159 27404 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:32:07.506848 0.045662 tcp 10.0.2.19 50543 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:32:07.552759 0.076024 tcp 10.0.2.19 50544 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:32:07.629312 0.603792 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:32:08.233559 0.000000 udp 10.0.2.19 1701 -> 188.136.223.205 12232 INT 0 1 101 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 15:32:25.984134 0.046086 tcp 10.0.2.19 50545 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:32:26.030487 0.079425 tcp 10.0.2.19 50546 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:32:26.110578 0.172696 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 15:33:02.549889 2.999661 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 15:33:09.555160 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:33:17.557011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:33:33.559322 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:34:05.565585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:36:05.287902 0.000146 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 15:36:05.288231 1.042192 tcp 10.0.2.19 50547 -> 85.67.124.167 6761 FSPA* 0 0 15 1718 flow=From-Botnet-V2-TCP-Established 1970/01/03 15:40:09.573352 3.000294 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 15:40:16.579516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:40:24.580492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:40:40.583904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:41:12.589965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:47:16.597964 2.999771 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 15:47:23.603078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:47:31.604734 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:47:47.607229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:48:19.613500 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:54:23.621312 3.000120 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 15:54:30.627078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:54:38.628589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:54:54.631451 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 15:55:26.637511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:01:30.644953 3.000714 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 16:01:37.651114 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:01:45.652370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:02:01.655833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:02:33.661902 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:02:53.950942 0.000152 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 16:02:53.951277 0.000000 udp 10.0.2.19 1701 -> 80.183.69.117 7588 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:03:12.690898 0.046311 tcp 10.0.2.19 50548 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:03:12.737427 0.085250 tcp 10.0.2.19 50549 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:03:12.823235 0.000000 udp 10.0.2.19 1701 -> 62.212.59.249 21795 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:03:30.225249 0.047368 tcp 10.0.2.19 50550 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:03:30.273082 0.080020 tcp 10.0.2.19 50551 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:03:30.354268 0.000000 udp 10.0.2.19 1701 -> 94.240.245.133 7534 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:03:46.148099 0.046247 tcp 10.0.2.19 50552 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:03:46.194653 0.086588 tcp 10.0.2.19 50553 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:03:46.282439 0.000000 udp 10.0.2.19 1701 -> 113.53.3.159 27404 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:04:02.140672 0.047137 tcp 10.0.2.19 50554 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:02.188291 0.080123 tcp 10.0.2.19 50555 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:02.269987 0.000000 udp 10.0.2.19 1701 -> 188.136.223.205 12232 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:04:21.188666 0.047030 tcp 10.0.2.19 50556 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:21.236272 0.077660 tcp 10.0.2.19 50557 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:21.314910 0.192549 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:21.508147 0.000000 udp 10.0.2.19 1701 -> 180.242.182.216 15206 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:04:38.201573 0.046368 tcp 10.0.2.19 50558 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:38.248401 0.077441 tcp 10.0.2.19 50559 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:38.327037 0.084198 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:38.411960 0.063895 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:38.476489 0.067292 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:38.544337 0.055026 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:38.600024 0.177259 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 581 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:38.778034 0.104658 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:38.883357 0.184165 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:39.068209 0.311948 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:39.380692 0.052175 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:39.433412 0.069777 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:39.503813 0.000000 udp 10.0.2.19 1701 -> 188.129.191.210 9746 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:04:57.610902 0.047603 tcp 10.0.2.19 50560 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:57.659051 0.079198 tcp 10.0.2.19 50561 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:04:57.739030 0.055442 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:57.794970 0.143830 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:57.939369 0.075620 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:58.015558 0.082870 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:58.099016 0.072457 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:58.172044 0.178105 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:58.350821 0.084847 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:04:58.436207 0.000000 udp 10.0.2.19 1701 -> 122.160.114.142 16383 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:05:14.265285 0.046318 tcp 10.0.2.19 50562 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:05:14.312037 0.080696 tcp 10.0.2.19 50563 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:05:14.393684 0.117563 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:14.511886 0.140926 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:14.653483 0.097867 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:14.751942 0.040191 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:14.792666 0.235304 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:15.028599 0.058022 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:15.087232 0.068089 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:15.155754 0.000000 udp 10.0.2.19 1701 -> 114.143.80.185 18343 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:05:32.020334 0.046545 tcp 10.0.2.19 50564 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:05:32.067324 0.077452 tcp 10.0.2.19 50565 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:05:32.145687 0.121448 udp 10.0.2.19 1701 <-> 188.169.119.104 23159 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:32.267763 0.081986 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:32.350616 0.000000 udp 10.0.2.19 1701 -> 41.234.97.81 11537 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:05:50.376952 0.046603 tcp 10.0.2.19 50566 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:05:50.424074 0.077249 tcp 10.0.2.19 50567 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:05:50.502246 0.945642 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:05:51.448475 0.172969 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:06:06.337966 1.288927 tcp 10.0.2.19 50568 -> 85.67.124.167 6761 FSPA* 0 0 14 1679 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:08:37.669377 2.999716 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 16:08:44.674814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:08:52.676737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:09:08.679171 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:09:40.685515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:15:44.693599 2.999787 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 16:15:51.699197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:15:59.700107 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:16:15.703265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:16:47.709916 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:22:51.716723 3.000228 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 16:22:58.723072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:23:06.724521 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:23:22.727131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:23:54.733101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:29:58.741112 2.999946 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 16:30:05.746628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:30:13.748491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:30:29.751041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:31:01.757405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:36:07.627873 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 16:36:07.628083 0.980402 tcp 10.0.2.19 50569 -> 85.67.124.167 6761 FSPA* 0 0 15 1699 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:36:12.915057 0.000000 udp 10.0.2.19 1701 -> 180.242.182.216 15206 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:36:28.820368 0.067239 tcp 10.0.2.19 50570 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:36:28.888287 0.079488 tcp 10.0.2.19 50571 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:36:28.968796 0.000000 udp 10.0.2.19 1701 -> 188.129.191.210 9746 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:36:44.292521 0.046645 tcp 10.0.2.19 50572 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:36:44.339681 0.075825 tcp 10.0.2.19 50573 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:36:44.416670 0.000000 udp 10.0.2.19 1701 -> 122.160.114.142 16383 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:37:01.086404 0.047012 tcp 10.0.2.19 50574 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:01.133966 0.076350 tcp 10.0.2.19 50575 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:01.211380 0.000000 udp 10.0.2.19 1701 -> 114.143.80.185 18343 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:37:05.765571 2.999183 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 16:37:12.770783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:37:17.289754 0.046058 tcp 10.0.2.19 50576 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:17.336264 0.073266 tcp 10.0.2.19 50577 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:17.410694 0.000000 udp 10.0.2.19 1701 -> 41.234.97.81 11537 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:37:20.772088 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:37:34.623681 0.044656 tcp 10.0.2.19 50578 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:34.668557 0.071494 tcp 10.0.2.19 50579 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:34.740602 0.206597 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:34.947564 0.000000 udp 10.0.2.19 1701 -> 99.118.5.189 8348 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:37:36.774942 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:37:52.720982 0.045972 tcp 10.0.2.19 50580 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:52.767344 0.081623 tcp 10.0.2.19 50581 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:37:52.850006 0.100611 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:52.951183 0.095584 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:53.047374 0.063865 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:53.111772 0.063123 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:53.175517 0.055911 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:53.231989 4.132881 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:57.365546 0.257183 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:57.623347 0.050843 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:57.674733 0.185356 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:57.860713 0.056413 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:57.917702 0.176583 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.094925 0.084396 udp 10.0.2.19 1701 <-> 41.97.86.66 26128 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.179810 0.076951 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.257318 0.079445 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.337287 0.149055 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.487036 0.082589 udp 10.0.2.19 1701 <-> 88.249.160.108 1711 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.570410 0.040184 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.611163 0.163274 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.775018 0.140415 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:58.916022 0.104280 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:59.020889 0.061123 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:59.082429 0.280619 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:59.363677 0.068230 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:37:59.432426 0.000000 udp 10.0.2.19 1701 -> 188.169.119.104 23159 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 16:38:08.781198 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:38:17.125450 0.045830 tcp 10.0.2.19 50582 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:38:17.171759 0.080249 tcp 10.0.2.19 50583 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 16:38:17.252929 0.081474 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:38:17.335032 0.952696 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:38:18.288359 0.173176 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 16:44:12.788533 3.240758 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 16:44:20.035456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:44:28.036307 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:44:44.039452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:45:16.045650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:51:20.053157 2.999854 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 16:51:27.058932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:51:35.060868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:51:51.063606 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:52:23.069718 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:58:27.077742 2.999366 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 16:58:34.083531 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:58:42.084189 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:58:58.087744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 16:59:30.093466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:05:34.100885 3.000488 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 17:05:41.106747 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:05:49.108533 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:06:05.111635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:06:08.736895 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 17:06:08.737136 0.561324 tcp 10.0.2.19 50584 -> 85.67.124.167 6761 FSPA* 0 0 15 1788 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:06:37.117735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:08:30.500849 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 17:08:30.501068 0.177928 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:30.679416 0.000000 udp 10.0.2.19 1701 -> 188.169.119.104 23159 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:08:48.281264 0.046620 tcp 10.0.2.19 50585 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:08:48.328385 0.083353 tcp 10.0.2.19 50586 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:08:48.412288 0.241713 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:48.654419 0.064895 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:48.719893 0.055052 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:48.775312 0.056169 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:48.831973 0.100897 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:48.933500 0.087156 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:49.021231 0.217510 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:08:49.239259 0.000000 udp 10.0.2.19 1701 -> 212.231.214.106 3015 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:09:06.845149 0.045851 tcp 10.0.2.19 50587 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:09:06.891218 0.078980 tcp 10.0.2.19 50588 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:09:06.970747 0.184159 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:07.155578 0.051763 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:07.207969 0.055688 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:07.264156 0.000000 udp 10.0.2.19 1701 -> 41.97.86.66 26128 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:09:23.328606 0.046376 tcp 10.0.2.19 50589 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:09:23.375437 0.081617 tcp 10.0.2.19 50590 -> 173.194.70.94 80 SRPA* 0 0 25 15806 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:09:23.457605 0.075830 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:23.533950 0.072307 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:23.606857 0.148300 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:23.755706 0.000000 udp 10.0.2.19 1701 -> 88.249.160.108 1711 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:09:38.771344 0.046339 tcp 10.0.2.19 50591 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:09:38.818342 0.081914 tcp 10.0.2.19 50592 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:09:38.901231 0.040387 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:38.942200 0.120802 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.063453 0.178223 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.242290 0.233325 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.476238 0.077583 udp 10.0.2.19 1701 <-> 85.75.76.136 17720 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.554433 0.142363 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.697446 0.099236 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.797283 0.060732 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.858443 0.083430 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:39.942495 0.934972 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:09:40.878101 0.173486 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:12:41.123349 3.001866 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 17:12:48.131056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:12:56.132218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:13:12.135104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:13:44.141219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:19:48.148794 3.000108 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 17:19:55.155257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:20:03.156768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:20:19.159588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:20:51.165956 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:26:55.173323 2.999470 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 17:27:02.178910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:27:10.180431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:27:26.183359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:27:58.189326 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:34:02.197274 2.999656 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 17:34:09.203339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:34:17.204160 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:34:33.207833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:35:05.213150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:36:09.306618 0.000137 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 17:36:09.306930 0.749769 tcp 10.0.2.19 50593 -> 85.67.124.167 6761 FSPA* 0 0 14 1621 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:40:10.532973 0.000163 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 17:40:10.533646 0.000000 udp 10.0.2.19 1701 -> 212.231.214.106 3015 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:40:27.291740 0.047219 tcp 10.0.2.19 50594 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:40:27.339329 0.075961 tcp 10.0.2.19 50595 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:40:27.415841 0.000000 udp 10.0.2.19 1701 -> 88.249.160.108 1711 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:40:44.493805 0.046657 tcp 10.0.2.19 50596 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:40:44.541018 0.077485 tcp 10.0.2.19 50597 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:40:44.619458 0.000000 udp 10.0.2.19 1701 -> 41.97.86.66 26128 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:41:00.206197 0.046418 tcp 10.0.2.19 50598 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:41:00.253162 0.074895 tcp 10.0.2.19 50599 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:41:00.328582 0.174929 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:00.504128 0.068817 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:00.573348 0.101518 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:00.675294 0.084026 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:00.759759 0.297418 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:01.057828 0.063292 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:01.121667 0.072655 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:01.194910 0.243869 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:01.439487 0.185036 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:01.624961 0.000000 udp 10.0.2.19 1701 -> 213.123.181.44 4921 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:41:09.220932 3.000492 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 17:41:16.226529 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:41:20.405199 0.046637 tcp 10.0.2.19 50600 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:41:20.452282 0.078079 tcp 10.0.2.19 50601 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:41:20.531313 0.050510 udp 10.0.2.19 1701 <-> 81.152.83.86 1377 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:20.582400 0.145869 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 204 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:20.728883 0.075254 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:20.804705 0.149440 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:20.954782 0.182118 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:21.137539 0.264312 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:21.402573 0.000000 udp 10.0.2.19 1701 -> 85.75.76.136 17720 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 17:41:24.228533 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:41:39.272903 0.046232 tcp 10.0.2.19 50602 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:41:39.319686 0.077944 tcp 10.0.2.19 50603 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 17:41:39.398615 0.040910 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:39.440229 0.122267 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:39.563106 0.142323 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:39.706219 0.110884 udp 10.0.2.19 1701 <-> 83.235.22.116 14655 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:39.817623 0.283780 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:40.102190 0.078808 udp 10.0.2.19 1701 <-> 82.55.62.226 17316 CON 0 0 2 208 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:40.181559 0.916286 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:41:40.231392 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:41:41.098806 0.172996 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 17:42:12.237434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:48:16.244775 2.999910 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 17:48:23.250961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:48:31.252000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:48:47.255403 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:49:19.261456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:55:23.269269 2.999493 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 17:55:30.274788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:55:38.275924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:55:54.279026 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 17:56:26.285645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:02:30.291289 3.001416 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 18:02:37.298981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:02:45.300227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:03:01.303168 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:03:33.309305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:06:10.065180 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:06:10.065347 1.179145 tcp 10.0.2.19 50604 -> 85.67.124.167 6761 FSPA* 0 0 15 1650 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:09:37.314791 3.002334 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 18:09:44.322409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:09:52.324142 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:10:08.327144 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:10:40.333380 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:12:05.435570 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:12:05.435782 0.000000 udp 10.0.2.19 1701 -> 213.123.181.44 4921 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:12:20.489973 0.044793 tcp 10.0.2.19 50605 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:12:20.535014 0.080812 tcp 10.0.2.19 50606 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:12:20.616358 0.000000 udp 10.0.2.19 1701 -> 85.75.76.136 17720 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:12:36.461201 0.045264 tcp 10.0.2.19 50607 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:12:36.506708 0.078493 tcp 10.0.2.19 50608 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:12:36.585720 0.175815 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:36.761903 0.056038 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:36.818226 0.310636 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:37.129223 0.062419 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:37.191924 0.054902 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:37.247196 3.689926 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:40.937508 0.082762 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:41.020575 0.100331 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:41.121226 0.183967 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:41.305521 0.000000 udp 10.0.2.19 1701 -> 81.152.83.86 1377 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:12:56.840771 0.046697 tcp 10.0.2.19 50609 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:12:56.887716 1.076525 tcp 10.0.2.19 50610 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:12:57.964773 0.143983 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.109137 0.179058 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.288574 0.143238 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.432236 0.082831 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.515446 0.070415 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.586236 0.040449 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.627028 0.121966 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.749339 0.059618 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:12:58.809289 0.000000 udp 10.0.2.19 1701 -> 82.55.62.226 17316 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:13:17.490506 0.045276 tcp 10.0.2.19 50611 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:13:17.535986 0.089114 tcp 10.0.2.19 50612 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:13:17.625606 0.220672 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:13:17.846646 0.000000 udp 10.0.2.19 1701 -> 83.235.22.116 14655 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:13:35.626479 0.045741 tcp 10.0.2.19 50613 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:13:35.672422 0.076348 tcp 10.0.2.19 50614 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:13:35.749279 0.943486 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:13:36.693181 0.175491 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:13:36.936418 0.000000 udp 10.0.2.19 1701 -> 81.152.83.86 1377 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:13:45.559709 0.000000 udp 10.0.2.19 1701 -> 83.235.22.116 14655 REQ 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:13:54.252403 0.000000 udp 10.0.2.19 1701 -> 82.55.62.226 17316 REQ 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:00.501019 0.065645 udp 10.0.2.19 1701 <-> 217.36.121.227 1413 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:00.567116 0.057147 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:00.624656 0.057658 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:00.682707 0.175797 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 702 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:00.858965 0.240899 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 792 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:01.100292 0.184092 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 798 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:01.284772 0.102433 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 655 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:01.387616 0.091800 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 817 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:01.479848 3.264755 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 797 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:04.745091 0.081840 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 774 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:04.827377 0.070881 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:04.898687 0.040694 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 800 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:04.939807 0.153223 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 663 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:05.093454 0.175221 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:05.269086 0.147672 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 803 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:05.417176 0.132905 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 811 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:05.550490 0.105780 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 702 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:05.656719 0.147510 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:05.804664 0.177769 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 857 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:05.982884 0.937467 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:14:06.920892 0.000000 udp 10.0.2.19 1701 -> 88.250.244.160 3230 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:09.363502 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:14:12.047970 0.000000 udp 10.0.2.19 1701 -> 189.152.71.4 8292 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:19.268143 0.000000 udp 10.0.2.19 1701 -> 77.9.241.203 5532 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:27.439870 0.000000 udp 10.0.2.19 1701 -> 95.225.178.218 1380 INT 0 1 259 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:34.589778 0.000000 udp 10.0.2.19 1701 -> 85.75.181.162 2060 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:41.950855 0.000000 udp 10.0.2.19 1701 -> 216.110.95.186 1846 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:46.897961 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:14:48.449829 0.000000 udp 10.0.2.19 1701 -> 92.192.108.64 9292 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:14:55.420300 0.000000 udp 10.0.2.19 1701 -> 8.18.2.254 1792 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:02.981271 0.000000 udp 10.0.2.19 1701 -> 94.216.50.15 1607 INT 0 1 299 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:09.050036 0.000000 udp 10.0.2.19 1701 -> 186.15.18.13 9514 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:16.741160 0.786195 udp 10.0.2.19 1701 <-> 14.96.182.207 4294 CON 0 0 2 708 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:15:17.544734 0.000000 udp 10.0.2.19 1701 -> 122.164.39.9 1827 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:21.397450 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:15:23.360415 0.000000 udp 10.0.2.19 1701 -> 71.64.104.6 4393 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:30.680899 0.000000 udp 10.0.2.19 1701 -> 184.80.29.170 3894 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:39.092858 0.000000 udp 10.0.2.19 1701 -> 69.198.227.169 9247 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:47.374946 0.000000 udp 10.0.2.19 1701 -> 216.232.104.54 5863 INT 0 1 311 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:54.234524 0.000000 udp 10.0.2.19 1701 -> 72.4.69.34 5614 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:15:58.901338 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:16:03.217706 0.055212 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:16:03.306178 0.000000 udp 10.0.2.19 1701 -> 107.3.239.73 4519 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:09.906862 0.000000 udp 10.0.2.19 1701 -> 108.185.46.132 2704 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:17.047272 0.000000 udp 10.0.2.19 1701 -> 67.80.99.25 28906 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:22.334684 0.000000 udp 10.0.2.19 1701 -> 112.205.157.47 1047 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:29.976523 0.000000 udp 10.0.2.19 1701 -> 176.73.242.27 4163 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:34.892764 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:16:36.955726 0.000000 udp 10.0.2.19 1701 -> 180.14.83.159 8234 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:42.223969 0.000000 udp 10.0.2.19 1701 -> 200.59.60.84 9354 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:44.369330 3.001584 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 18:16:50.064990 3.742890 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:16:51.696844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:16:53.837270 0.000000 udp 10.0.2.19 1701 -> 203.194.115.207 9481 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:16:59.698790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:17:01.541655 0.000000 udp 10.0.2.19 1701 -> 173.57.22.60 6439 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:09.853291 0.000000 udp 10.0.2.19 1701 -> 88.251.230.161 2906 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:14.550139 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:17:15.701935 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:17:17.414461 0.000000 udp 10.0.2.19 1701 -> 46.44.21.6 4958 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:24.193923 0.000000 udp 10.0.2.19 1701 -> 120.150.27.251 4628 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:29.321326 0.000000 udp 10.0.2.19 1701 -> 79.5.179.11 9800 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:36.421465 0.347526 udp 10.0.2.19 1701 <-> 139.194.211.145 9285 CON 0 0 2 741 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:17:36.811835 0.000000 udp 10.0.2.19 1701 -> 174.141.117.232 3271 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:42.810632 0.000000 udp 10.0.2.19 1701 -> 41.95.39.221 9646 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:47.707383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:17:50.131219 0.000000 udp 10.0.2.19 1701 -> 159.205.108.153 9491 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:17:55.047949 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:17:56.069891 0.000000 udp 10.0.2.19 1701 -> 203.99.102.58 9102 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:02.289150 0.000000 udp 10.0.2.19 1701 -> 85.73.228.35 10567 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:09.679203 0.000000 udp 10.0.2.19 1701 -> 5.98.103.145 8115 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:15.427445 0.000000 udp 10.0.2.19 1701 -> 2.228.163.130 23357 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:24.520469 0.000000 udp 10.0.2.19 1701 -> 80.241.253.218 2917 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:29.427434 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:18:30.850298 0.166884 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 804 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:18:31.145590 0.147437 udp 10.0.2.19 1701 <-> 92.47.19.247 1126 CON 0 0 2 817 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:18:31.565650 0.222868 udp 10.0.2.19 1701 <-> 186.92.135.248 2741 CON 0 0 2 758 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:18:31.826865 0.200290 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:18:32.048420 0.000000 udp 10.0.2.19 1701 -> 190.213.192.176 3724 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:38.190187 0.000000 udp 10.0.2.19 1701 -> 70.62.133.135 7833 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:44.849671 0.000000 udp 10.0.2.19 1701 -> 171.101.74.193 4248 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:50.728661 0.000000 udp 10.0.2.19 1701 -> 88.207.56.41 5053 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:18:58.880115 0.000000 udp 10.0.2.19 1701 -> 207.114.249.34 2530 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:03.426287 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:19:06.831624 0.041723 udp 10.0.2.19 1701 <-> 217.246.62.65 6857 CON 0 0 2 829 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:19:07.077664 0.000000 udp 10.0.2.19 1701 -> 79.15.230.112 2466 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:13.561245 0.000000 udp 10.0.2.19 1701 -> 216.230.228.174 3571 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:19.409382 0.000000 udp 10.0.2.19 1701 -> 63.172.252.79 1743 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:25.017359 0.286268 udp 10.0.2.19 1701 <-> 190.246.2.43 8211 CON 0 0 2 699 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:19:25.333257 0.310878 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 675 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:19:25.728604 0.000000 udp 10.0.2.19 1701 -> 12.236.182.34 11504 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:34.060797 0.000000 udp 10.0.2.19 1701 -> 151.26.149.126 8292 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:38.927834 0.000053 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:19:40.620262 0.420944 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:19:41.682088 0.000000 udp 10.0.2.19 1701 -> 88.231.72.9 29826 INT 0 1 293 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:47.529927 0.053401 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:19:47.609935 0.000000 udp 10.0.2.19 1701 -> 12.185.247.82 8581 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:19:56.102729 0.000000 udp 10.0.2.19 1701 -> 184.74.14.220 4115 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:01.309650 0.000000 udp 10.0.2.19 1701 -> 81.154.145.47 1436 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:09.902066 0.082026 udp 10.0.2.19 1701 <-> 78.166.143.39 28610 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:20:10.462696 0.164096 udp 10.0.2.19 1701 <-> 50.36.42.42 6860 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:20:10.677181 0.000000 udp 10.0.2.19 1701 -> 60.164.178.50 3057 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:14.428838 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:20:16.020715 0.000000 udp 10.0.2.19 1701 -> 174.30.193.92 5884 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:22.860587 0.120729 udp 10.0.2.19 1701 <-> 188.94.158.164 8384 CON 0 0 2 776 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:20:23.012875 0.000000 udp 10.0.2.19 1701 -> 68.191.82.82 1923 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:30.852942 0.000000 udp 10.0.2.19 1701 -> 95.6.39.216 25789 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:39.264409 0.000000 udp 10.0.2.19 1701 -> 109.114.75.50 7534 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:44.862858 0.000000 udp 10.0.2.19 1701 -> 94.64.46.62 10310 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:20:49.428650 0.000143 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:20:51.932970 0.000000 udp 10.0.2.19 1701 -> 82.107.16.215 1949 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:00.845581 0.347935 udp 10.0.2.19 1701 <-> 151.74.131.196 19105 CON 0 0 2 702 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:01.243532 0.000000 udp 10.0.2.19 1701 -> 212.131.201.146 28431 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:08.736852 0.000000 udp 10.0.2.19 1701 -> 94.121.9.254 29617 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:15.987304 0.315718 udp 10.0.2.19 1701 <-> 190.51.236.113 19077 CON 0 0 2 800 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:16.315114 0.156074 udp 10.0.2.19 1701 <-> 188.169.80.149 16788 CON 0 0 2 708 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:16.514174 0.453581 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 711 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:16.976957 0.000000 udp 10.0.2.19 1701 -> 190.235.48.40 19351 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:22.246139 0.098094 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 795 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:22.352809 0.052275 udp 10.0.2.19 1701 -> 94.142.200.139 9818 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:22.405084 0.000000 icmp 94.142.200.134 0x0303 -> 10.0.2.19 0x5a26 URP 192 1 123 flow=Background 1970/01/03 18:21:26.922423 0.000043 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:21:28.165100 0.000000 udp 10.0.2.19 1701 -> 202.163.69.33 3828 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:33.883215 0.083935 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:34.034586 0.000000 udp 10.0.2.19 1701 -> 173.172.120.192 7717 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:39.681275 0.184051 udp 10.0.2.19 1701 <-> 186.14.194.158 8944 CON 0 0 2 777 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:39.928963 0.000000 udp 10.0.2.19 1701 -> 188.85.7.250 7492 INT 0 1 300 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:46.871905 0.179381 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 661 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:47.109383 0.000000 udp 10.0.2.19 1701 -> 79.12.109.89 10019 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:21:52.128963 0.052343 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 781 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:52.207270 0.031356 udp 10.0.2.19 1701 <-> 94.21.216.25 1807 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:52.289673 0.061590 udp 10.0.2.19 1701 <-> 31.11.249.52 21538 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:21:52.506224 0.000000 udp 10.0.2.19 1701 -> 69.123.48.21 9990 INT 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:00.170864 0.106386 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 831 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:00.310479 0.045098 udp 10.0.2.19 1701 -> 81.62.235.234 1089 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:00.355577 0.000000 icmp 81.62.235.234 0x0303 -> 10.0.2.19 0x4104 URP 192 1 138 flow=Background 1970/01/03 18:22:04.927755 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:22:06.710431 0.170274 udp 10.0.2.19 1701 <-> 59.180.153.115 10466 CON 0 0 2 746 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:06.898003 0.335768 udp 10.0.2.19 1701 <-> 49.49.97.102 11369 CON 0 0 2 733 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:07.324776 0.104486 udp 10.0.2.19 1701 <-> 217.55.57.160 23412 CON 0 0 2 820 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:07.514357 0.000000 udp 10.0.2.19 1701 -> 200.31.161.18 9809 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:14.521074 0.000000 udp 10.0.2.19 1701 -> 58.186.151.112 29121 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:23.444437 0.081839 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 793 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:23.756836 0.000000 udp 10.0.2.19 1701 -> 62.1.55.130 10237 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:32.267292 0.000000 udp 10.0.2.19 1701 -> 213.123.173.32 2146 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:39.036433 0.000000 udp 10.0.2.19 1701 -> 69.114.0.197 9920 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:43.923887 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:22:47.238866 0.000000 udp 10.0.2.19 1701 -> 78.182.152.207 19822 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:22:52.295476 0.056964 udp 10.0.2.19 1701 <-> 95.104.76.202 6491 CON 0 0 2 818 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:52.421204 0.061398 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:52.725516 0.517299 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:22:53.261203 0.000000 udp 10.0.2.19 1701 -> 66.150.226.65 3900 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:23:01.558921 0.000000 udp 10.0.2.19 1701 -> 220.246.41.152 5834 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:23:09.310238 0.000000 udp 10.0.2.19 1701 -> 108.67.44.82 4384 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:23:16.420632 0.000000 udp 10.0.2.19 1701 -> 24.234.138.82 7240 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:23:20.926964 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:23:23.470765 0.000000 udp 10.0.2.19 1701 -> 67.77.39.185 5629 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:23:32.272985 0.234746 udp 10.0.2.19 1701 <-> 41.221.67.129 9536 CON 0 0 2 668 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:23:32.516797 0.000000 udp 10.0.2.19 1701 -> 76.235.176.96 4739 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:23:52.094037 3.001909 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 18:23:59.101771 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:24:07.103188 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:24:23.106155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:24:55.112283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:30:59.118054 3.001448 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 18:31:06.125882 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:31:14.126876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:31:30.130243 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:32:02.136219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:36:11.805807 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:36:11.805918 1.285997 tcp 10.0.2.19 50615 -> 85.67.124.167 6761 FSPA* 0 0 15 1605 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:38:06.141740 3.002551 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 18:38:13.149969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:38:21.151403 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:38:37.154241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:39:09.159788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:45:13.166313 3.001090 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 18:45:20.173507 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:45:28.175211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:45:44.178116 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:46:16.184441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:52:20.189773 3.001660 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 18:52:27.197115 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:52:35.199157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:52:51.202175 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:53:23.207987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:53:42.526452 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 18:53:42.526632 0.056329 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:53:42.583254 0.000000 udp 10.0.2.19 1701 -> 217.36.121.227 1413 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:54:00.154171 0.045020 tcp 10.0.2.19 50616 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:54:00.199401 0.076291 tcp 10.0.2.19 50617 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:54:00.276234 0.176828 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:00.453470 0.328539 udp 10.0.2.19 1701 <-> 65.131.151.100 8666 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:00.782427 0.186756 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:00.969587 0.101167 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:01.071170 0.102972 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:01.174505 0.055175 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:01.229988 2.180604 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:03.410955 0.076250 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:03.487484 0.074878 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:03.562651 0.040543 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:03.603463 0.247229 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:03.851037 0.177002 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:04.028375 0.153860 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:04.182575 0.165295 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:04.348186 0.139221 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:04.487748 0.172971 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:04.661107 0.241340 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:04.902831 0.938831 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:05.842283 0.261640 udp 10.0.2.19 1701 <-> 14.96.182.207 4294 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:06.104332 0.070295 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:06.174996 4.838632 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:11.014277 0.000000 udp 10.0.2.19 1701 -> 139.194.211.145 9285 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:54:28.533390 0.046099 tcp 10.0.2.19 50618 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:54:28.579713 0.076550 tcp 10.0.2.19 50619 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:54:28.656793 0.044725 udp 10.0.2.19 1701 <-> 217.246.62.65 6857 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:28.701795 0.061170 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:28.763266 0.055018 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:28.818624 0.000000 udp 10.0.2.19 1701 -> 78.166.143.39 28610 INT 0 1 100 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:54:45.718401 0.044996 tcp 10.0.2.19 50620 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:54:45.763618 0.079342 tcp 10.0.2.19 50621 -> 173.194.70.94 80 SRPA* 0 0 23 15698 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:54:45.843498 0.852253 udp 10.0.2.19 1701 <-> 50.36.42.42 6860 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:46.696145 0.120605 udp 10.0.2.19 1701 <-> 188.94.158.164 8384 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:46.817139 0.097036 udp 10.0.2.19 1701 <-> 151.74.131.196 19105 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:46.914546 0.188832 udp 10.0.2.19 1701 <-> 188.169.80.149 16788 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:47.103787 0.290671 udp 10.0.2.19 1701 <-> 190.51.236.113 19077 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:47.394859 0.476320 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:47.871578 0.097131 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:47.969057 0.094718 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:48.064132 1.259571 udp 10.0.2.19 1701 <-> 186.14.194.158 8944 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:49.324034 0.177061 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:49.501433 0.061084 udp 10.0.2.19 1701 <-> 31.11.249.52 21538 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:49.562857 0.058551 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:49.621706 0.031174 udp 10.0.2.19 1701 <-> 94.21.216.25 1807 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:49.653186 0.103083 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:54:49.756678 0.000000 udp 10.0.2.19 1701 -> 217.55.57.160 23412 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:55:06.147629 0.046590 tcp 10.0.2.19 50622 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:55:06.194463 0.077236 tcp 10.0.2.19 50623 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:55:06.272251 0.290517 udp 10.0.2.19 1701 <-> 49.49.97.102 11369 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:55:06.563145 0.000000 udp 10.0.2.19 1701 -> 59.180.153.115 10466 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 18:55:23.051758 0.045317 tcp 10.0.2.19 50624 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:55:23.097305 0.073919 tcp 10.0.2.19 50625 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 18:55:23.171851 0.076410 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:55:23.248590 0.056720 udp 10.0.2.19 1701 <-> 95.104.76.202 6491 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:55:23.305615 0.076022 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:55:23.381972 0.363115 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:55:23.745479 0.477179 udp 10.0.2.19 1701 <-> 41.221.67.129 9536 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 18:59:27.213912 3.001659 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 18:59:34.221794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:59:42.222944 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 18:59:58.226017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:00:30.231675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:06:13.095699 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 19:06:13.095801 0.558524 tcp 10.0.2.19 50626 -> 85.67.124.167 6761 FSPA* 0 0 15 1617 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:06:34.237617 3.002265 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 19:06:41.245387 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:06:49.247271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:07:05.249879 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:07:37.255775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:13:41.261257 3.002407 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 19:13:48.269321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:13:56.270938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:14:12.274380 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:14:44.279684 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:20:48.285919 3.001838 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 19:20:55.292992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:21:03.295007 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:21:19.297800 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:21:51.303635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:25:46.271693 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 19:25:46.271982 0.000000 udp 10.0.2.19 1701 -> 217.36.121.227 1413 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:26:01.906602 0.045003 tcp 10.0.2.19 50627 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:01.951873 0.075168 tcp 10.0.2.19 50628 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:02.027598 0.000000 udp 10.0.2.19 1701 -> 139.194.211.145 9285 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:26:19.110418 0.046273 tcp 10.0.2.19 50629 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:19.156944 0.075822 tcp 10.0.2.19 50630 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:19.233732 0.079744 udp 10.0.2.19 1701 <-> 78.166.143.39 28610 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:26:19.313883 0.000000 udp 10.0.2.19 1701 -> 217.55.57.160 23412 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:26:35.313873 0.045307 tcp 10.0.2.19 50631 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:35.359378 0.073679 tcp 10.0.2.19 50632 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:35.433606 0.000000 udp 10.0.2.19 1701 -> 59.180.153.115 10466 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:26:52.859207 0.045419 tcp 10.0.2.19 50633 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:52.904855 0.076728 tcp 10.0.2.19 50634 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:26:52.982118 0.054994 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:26:53.037486 0.176358 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:26:53.214250 0.000000 udp 10.0.2.19 1701 -> 65.131.151.100 8666 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:27:11.935917 0.045102 tcp 10.0.2.19 50635 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:27:11.981253 0.078240 tcp 10.0.2.19 50636 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:27:12.060004 0.055875 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:12.116252 0.085675 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:12.202447 0.099973 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:12.302764 0.184975 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:12.488148 0.000000 udp 10.0.2.19 1701 -> 31.192.33.235 9139 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:27:31.164225 0.045703 tcp 10.0.2.19 50637 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:27:31.210387 0.075633 tcp 10.0.2.19 50638 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:27:31.286539 0.075187 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:31.362148 0.540971 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:31.903533 0.040272 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:31.944116 0.174292 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:32.118814 0.141699 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:32.260924 0.222787 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:32.484085 0.142348 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:32.626813 0.189157 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:32.816400 0.146278 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:32.963013 0.307179 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:33.270574 0.000000 udp 10.0.2.19 1701 -> 14.96.182.207 4294 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:27:50.912311 0.045510 tcp 10.0.2.19 50639 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:27:50.958116 0.076659 tcp 10.0.2.19 50640 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:27:51.035292 0.931238 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:51.966888 0.053432 udp 10.0.2.19 1701 <-> 188.129.191.210 9746 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.020595 0.069815 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.090679 0.040987 udp 10.0.2.19 1701 <-> 217.246.62.65 6857 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.131941 0.052081 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.184279 0.054764 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.239322 0.158065 udp 10.0.2.19 1701 <-> 50.36.42.42 6860 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.397722 0.287018 udp 10.0.2.19 1701 <-> 190.51.236.113 19077 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.685159 0.180830 udp 10.0.2.19 1701 <-> 188.169.80.149 16788 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:27:52.866359 0.000000 udp 10.0.2.19 1701 -> 151.74.131.196 19105 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:27:55.309735 3.001810 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 19:28:02.317311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:28:08.567441 0.045388 tcp 10.0.2.19 50641 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:28:08.613078 0.077623 tcp 10.0.2.19 50642 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:28:08.691233 0.000000 udp 10.0.2.19 1701 -> 188.94.158.164 8384 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:28:10.318719 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:28:24.410520 0.045380 tcp 10.0.2.19 50643 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:28:24.456220 0.078462 tcp 10.0.2.19 50644 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:28:24.535227 0.459940 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:24.995565 0.093355 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:25.089306 0.101927 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:25.191553 0.045227 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:25.237071 0.031175 udp 10.0.2.19 1701 <-> 94.21.216.25 1807 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:25.268562 0.103558 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:25.372457 0.060736 udp 10.0.2.19 1701 <-> 31.11.249.52 21538 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:25.433577 0.175148 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:25.626261 2.880370 udp 10.0.2.19 1701 <-> 186.14.194.158 8944 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:26.321539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:28:28.507009 0.000000 udp 10.0.2.19 1701 -> 49.49.97.102 11369 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:28:44.769338 0.045379 tcp 10.0.2.19 50645 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:28:44.814922 0.093605 tcp 10.0.2.19 50646 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:28:44.909086 0.060617 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:44.970083 0.366244 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:45.336694 0.079075 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:45.416107 0.056954 udp 10.0.2.19 1701 <-> 95.104.76.202 6491 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:45.473345 0.231160 udp 10.0.2.19 1701 <-> 41.221.67.129 9536 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:28:58.327547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:35:02.333714 3.001633 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 19:35:09.341258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:35:17.342775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:35:33.345857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:36:05.903155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:36:13.924662 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 19:36:13.924832 0.681061 tcp 10.0.2.19 50647 -> 85.67.124.167 6761 FSPA* 0 0 15 1637 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:42:09.908322 3.001697 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 19:42:16.916136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:42:24.917461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:42:40.920559 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:43:12.926223 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:49:16.932246 3.002228 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 19:49:23.940248 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:49:31.941405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:49:47.944319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:50:19.950548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:56:23.956186 3.001662 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 19:56:30.963689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:56:38.965895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:56:54.968424 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:57:29.107937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 19:59:16.492633 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 19:59:16.492819 0.000000 udp 10.0.2.19 1701 -> 65.131.151.100 8666 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:59:34.901128 0.045395 tcp 10.0.2.19 50648 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:59:34.946789 0.076836 tcp 10.0.2.19 50649 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:59:35.024157 0.075119 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 19:59:35.099635 0.000000 udp 10.0.2.19 1701 -> 14.96.182.207 4294 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 19:59:53.787260 0.044985 tcp 10.0.2.19 50650 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:59:53.832479 0.076652 tcp 10.0.2.19 50651 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 19:59:53.909653 0.000000 udp 10.0.2.19 1701 -> 151.74.131.196 19105 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:00:12.824445 0.045853 tcp 10.0.2.19 50652 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:00:12.870585 0.077662 tcp 10.0.2.19 50653 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:00:12.948780 0.000000 udp 10.0.2.19 1701 -> 188.94.158.164 8384 INT 0 1 95 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:00:30.379158 0.045663 tcp 10.0.2.19 50654 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:00:30.425082 0.081202 tcp 10.0.2.19 50655 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:00:30.506842 0.333491 udp 10.0.2.19 1701 <-> 49.49.97.102 11369 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:30.840714 0.076743 udp 10.0.2.19 1701 <-> 78.166.143.39 28610 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:30.917752 0.178476 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:31.096608 0.055076 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:31.152053 0.101324 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:31.253714 0.185745 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:31.439861 0.055018 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:31.495257 0.088020 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:31.495598 2.998748 tcp 10.0.2.19 50656 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 20:00:31.583668 0.397451 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:31.981506 0.174131 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:32.156038 0.181960 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:32.338503 0.143043 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:32.481921 3.538601 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:36.020922 0.229086 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:36.250532 0.041385 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:36.292242 0.149189 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:36.441795 0.230605 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:36.672753 0.179606 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:36.852727 0.000000 udp 10.0.2.19 1701 -> 188.129.191.210 9746 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:00:40.492351 0.000000 tcp 10.0.2.19 50656 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 20:00:52.281256 0.045095 tcp 10.0.2.19 50657 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:00:52.326582 0.081739 tcp 10.0.2.19 50658 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:00:52.408870 0.067240 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:00:52.476423 0.000000 udp 10.0.2.19 1701 -> 50.36.42.42 6860 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:01:10.607154 0.046133 tcp 10.0.2.19 50659 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:01:10.653482 0.074882 tcp 10.0.2.19 50660 -> 173.194.70.94 80 SRPA* 0 0 23 15698 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:01:10.729043 0.286114 udp 10.0.2.19 1701 <-> 190.51.236.113 19077 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:11.015500 0.048901 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:11.064773 0.045986 udp 10.0.2.19 1701 <-> 217.246.62.65 6857 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:11.111055 0.928950 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:12.040413 0.067311 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:12.108107 0.000000 udp 10.0.2.19 1701 -> 188.169.80.149 16788 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:01:29.264833 0.046060 tcp 10.0.2.19 50661 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:01:29.311125 0.077251 tcp 10.0.2.19 50662 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:01:29.388905 0.087116 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:29.476319 0.098465 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:29.575176 0.056597 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:29.632058 0.031536 udp 10.0.2.19 1701 <-> 94.21.216.25 1807 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:29.663873 0.105267 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:29.769433 0.000000 udp 10.0.2.19 1701 -> 31.11.249.52 21538 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:01:45.757903 0.048790 tcp 10.0.2.19 50663 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:01:45.807005 0.076651 tcp 10.0.2.19 50664 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:01:45.884186 0.996624 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:46.881169 0.462473 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:47.344043 0.538303 udp 10.0.2.19 1701 <-> 186.14.194.158 8944 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:47.882800 0.077314 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:47.960418 0.057289 udp 10.0.2.19 1701 <-> 95.104.76.202 6491 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:48.018051 0.236283 udp 10.0.2.19 1701 <-> 41.221.67.129 9536 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:48.254800 0.060669 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:01:48.315854 0.361391 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:03:33.112824 3.002737 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 20:03:40.121150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:03:48.122600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:04:04.125826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:04:36.131400 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:06:15.664621 0.000135 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 20:06:15.664864 0.697571 tcp 10.0.2.19 50665 -> 85.67.124.167 6761 FSPA* 0 0 14 1534 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:10:40.137036 3.002370 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 20:10:47.145016 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:10:55.146337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:11:11.149772 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:11:43.155875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:17:47.161293 3.001836 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 20:17:54.168963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:18:02.170494 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:18:18.173096 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:18:50.179727 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:24:54.185424 3.001345 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 20:25:01.192998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:25:09.194246 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:25:25.197369 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:25:57.203487 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:32:01.208677 3.002324 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 20:32:08.216894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:32:16.218005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:32:16.759831 0.000054 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 20:32:16.760008 0.000000 udp 10.0.2.19 1701 -> 50.36.42.42 6860 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:32:32.221432 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:32:32.254219 0.045977 tcp 10.0.2.19 50666 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:32:32.300443 0.093609 tcp 10.0.2.19 50667 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:32:32.394600 0.000000 udp 10.0.2.19 1701 -> 188.129.191.210 9746 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:32:50.919651 0.045931 tcp 10.0.2.19 50668 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:32:50.965789 0.075206 tcp 10.0.2.19 50669 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:32:51.041546 0.000000 udp 10.0.2.19 1701 -> 188.169.80.149 16788 INT 0 1 87 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:33:04.227650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:33:07.734064 0.046345 tcp 10.0.2.19 50670 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:33:07.780672 0.083338 tcp 10.0.2.19 50671 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:33:07.864566 0.000000 udp 10.0.2.19 1701 -> 31.11.249.52 21538 INT 0 1 106 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:33:26.591619 0.045750 tcp 10.0.2.19 50672 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:33:26.637628 0.082876 tcp 10.0.2.19 50673 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:33:26.721042 0.070385 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:26.791785 0.101266 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:26.893440 0.184566 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:27.078382 0.055873 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:27.134658 0.110258 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:27.135020 2.999575 tcp 10.0.2.19 50674 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 20:33:27.245280 0.340236 udp 10.0.2.19 1701 <-> 49.49.97.102 11369 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:27.585875 0.177008 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:27.763242 0.054709 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:27.818244 0.000000 udp 10.0.2.19 1701 -> 78.166.143.39 28610 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:33:36.133019 0.000000 tcp 10.0.2.19 50674 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 20:33:44.646537 0.046252 tcp 10.0.2.19 50675 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:33:44.693033 0.080119 tcp 10.0.2.19 50676 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:33:44.773677 0.351172 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:45.125248 0.143824 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:45.269533 0.172704 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:45.442628 0.132065 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:45.575164 0.058511 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:45.634204 0.040272 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:45.674806 0.225641 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:45.900804 0.147907 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:46.048977 0.260259 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:46.309545 0.294029 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:46.603923 0.112569 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:46.716850 0.082735 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:46.799914 0.285612 udp 10.0.2.19 1701 <-> 190.51.236.113 19077 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:33:47.085918 0.000000 udp 10.0.2.19 1701 -> 217.246.62.65 6857 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 20:34:04.014383 0.046425 tcp 10.0.2.19 50677 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:34:04.061073 0.077788 tcp 10.0.2.19 50678 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:34:04.139385 0.067677 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:04.207359 0.953178 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:05.160959 0.049960 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:05.211271 0.031155 udp 10.0.2.19 1701 <-> 94.21.216.25 1807 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:05.242769 0.096108 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:05.339207 0.084320 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:05.423882 0.105938 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:05.530325 0.445021 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:05.975709 0.675015 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:06.651072 0.078337 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:06.729814 0.059922 udp 10.0.2.19 1701 <-> 95.104.76.202 6491 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:06.790304 0.232752 udp 10.0.2.19 1701 <-> 41.221.67.129 9536 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:07.023464 0.416824 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:07.440696 0.542424 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:34:07.983533 0.178664 udp 10.0.2.19 1701 <-> 186.14.194.158 8944 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 20:36:16.364295 0.000140 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 20:36:16.364534 0.560133 tcp 10.0.2.19 50679 -> 85.67.124.167 6761 FSPA* 0 0 15 1711 flow=From-Botnet-V2-TCP-Established 1970/01/03 20:39:08.233039 3.001959 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 20:39:15.240651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:39:23.242431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:39:39.245593 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:40:11.251225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:46:17.401159 3.001615 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 20:46:24.408021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:46:32.409445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:46:48.412055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:47:20.418441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:53:24.424343 3.002009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 20:53:31.431494 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:53:39.433074 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:53:55.436055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 20:54:27.442879 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:00:31.447729 3.002737 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 21:00:38.455928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:00:46.457392 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:01:02.460803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:01:34.466156 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:04:38.701309 0.000145 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 21:04:38.701568 0.000000 rtcp 10.0.2.19 1701 -> 78.166.143.39 28610 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 21:04:56.038971 0.045743 tcp 10.0.2.19 50680 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:04:56.084918 0.071363 tcp 10.0.2.19 50681 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:04:56.156857 0.042549 udp 10.0.2.19 1701 <-> 217.246.62.65 6857 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:04:56.199732 0.085495 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:04:56.285594 0.000000 udp 10.0.2.19 1701 -> 49.49.97.102 11369 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 21:05:15.134960 0.046450 tcp 10.0.2.19 50682 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:05:15.181645 0.076714 tcp 10.0.2.19 50683 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:05:15.258888 0.072477 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:15.331714 0.185044 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:15.517187 0.172418 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:15.690020 0.056445 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:15.746904 0.176874 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:15.747254 3.001521 tcp 10.0.2.19 50684 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 21:05:15.924139 0.054446 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:15.978889 0.173086 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:16.152406 0.128251 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:16.281036 0.059532 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:16.340912 0.044913 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:16.386243 0.142959 udp 10.0.2.19 1701 <-> 188.169.28.246 23956 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:16.529553 0.502373 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:17.032336 0.271836 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:17.304575 0.176788 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:17.481723 0.057212 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:17.539320 0.150799 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:17.690507 0.235201 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:17.926315 0.314613 udp 10.0.2.19 1701 <-> 190.51.236.113 19077 CON 0 0 2 573 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:18.241345 0.049759 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:18.291432 0.072895 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:18.364781 0.981174 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:19.346359 0.050205 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:19.396936 0.031399 udp 10.0.2.19 1701 <-> 94.21.216.25 1807 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:19.428649 0.096981 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:19.525967 0.102084 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:19.628440 0.106151 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:19.734947 0.453141 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:20.188461 1.195896 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:21.384765 0.247065 udp 10.0.2.19 1701 <-> 41.221.67.129 9536 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:21.632233 0.103853 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:21.736470 0.077216 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:21.813986 0.058029 udp 10.0.2.19 1701 <-> 95.104.76.202 6491 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:21.872400 0.386468 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:22.259353 1.167362 udp 10.0.2.19 1701 <-> 186.14.194.158 8944 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:05:24.747390 0.000000 tcp 10.0.2.19 50684 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 21:06:19.065596 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 21:06:19.065815 0.662867 tcp 10.0.2.19 50685 -> 85.67.124.167 6761 FSPA* 0 0 14 1651 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:07:38.472618 3.001083 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 21:07:45.480050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:07:53.481389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:08:09.484429 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:08:41.490583 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:14:45.496096 3.001710 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 21:14:52.503577 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:15:03.148729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:15:19.152165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:15:51.158284 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:21:59.169674 3.002351 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 21:22:06.177551 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:22:14.178468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:22:30.181886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:23:02.187574 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:29:06.193974 3.001304 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 21:29:13.201040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:29:21.202527 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:29:37.205790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:30:09.211653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:35:32.697209 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 21:35:32.697337 0.000000 udp 10.0.2.19 1701 -> 49.49.97.102 11369 INT 0 1 113 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 21:35:50.745113 0.045447 tcp 10.0.2.19 50686 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:35:50.790818 0.080159 tcp 10.0.2.19 50687 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:35:50.871523 0.038900 udp 10.0.2.19 1701 <-> 217.246.62.65 6857 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:50.910739 0.104067 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.015201 0.104214 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.119812 0.055668 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.175822 0.078647 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.176160 3.001176 tcp 10.0.2.19 50688 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 21:35:51.254762 0.185736 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 572 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.440921 0.182616 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.623983 0.055149 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.679451 0.174453 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:51.854260 0.148617 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:52.003209 0.059137 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:52.062675 0.040394 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:35:52.103370 0.000000 udp 10.0.2.19 1701 -> 188.169.28.246 23956 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 21:36:00.176314 0.000000 tcp 10.0.2.19 50688 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 21:36:10.562923 0.045338 tcp 10.0.2.19 50689 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:36:10.608520 0.079861 tcp 10.0.2.19 50690 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:36:10.688925 0.075274 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:10.764502 0.271475 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:11.036339 0.178675 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:11.215395 0.054675 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:11.270369 0.149926 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:11.420598 0.603931 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:12.024914 0.064949 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:12.090228 0.234058 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:12.324641 0.000000 udp 10.0.2.19 1701 -> 190.51.236.113 19077 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 21:36:13.458004 3.001962 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 21:36:20.465813 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:36:21.217163 0.498992 tcp 10.0.2.19 50691 -> 85.67.124.167 6761 FSPA* 0 0 15 1788 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:36:28.467391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:36:30.440963 0.045163 tcp 10.0.2.19 50692 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:36:30.486330 0.076045 tcp 10.0.2.19 50693 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:36:30.562913 0.975706 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:31.539008 0.049023 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:31.588323 0.000000 udp 10.0.2.19 1701 -> 94.21.216.25 1807 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 21:36:44.470178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:36:49.599153 0.046687 tcp 10.0.2.19 50694 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:36:49.646036 0.086777 tcp 10.0.2.19 50695 -> 173.194.70.94 80 SRPA* 0 0 20 15536 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:36:49.733365 0.096378 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:49.830191 0.080470 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:49.911004 0.105308 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:50.016675 0.426579 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:50.443667 0.063056 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:50.507027 0.171498 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:36:50.678920 0.000000 udp 10.0.2.19 1701 -> 41.221.67.129 9536 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 21:37:06.242740 0.047174 tcp 10.0.2.19 50696 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:37:06.290202 0.076747 tcp 10.0.2.19 50697 -> 173.194.70.94 80 SRPA* 0 0 19 15482 flow=From-Botnet-V2-TCP-Established 1970/01/03 21:37:06.367480 0.380845 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:37:06.748758 0.078682 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:37:06.827817 0.057258 udp 10.0.2.19 1701 <-> 95.104.76.202 6491 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:37:06.885460 0.700139 udp 10.0.2.19 1701 <-> 186.14.194.158 8944 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 21:37:16.475850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:43:20.482461 3.001345 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 21:43:27.489445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:43:35.491208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:43:51.493796 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:44:23.590754 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:50:27.596121 3.002082 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 21:50:34.603746 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:50:42.604795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:50:58.608080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:51:30.614473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:57:34.620295 3.001758 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 21:57:41.627712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:57:49.629477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:58:05.632523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 21:58:37.637834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:04:41.643865 3.001608 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 22:04:48.651669 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:04:56.653313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:05:12.656292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:05:44.661717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:06:21.755643 0.889989 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/03 22:06:22.645695 2.114006 tcp 10.0.2.19 50698 -> 85.67.124.167 6761 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 22:06:30.758427 0.000000 tcp 10.0.2.19 50698 -> 85.67.124.167 6761 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 22:06:37.641538 0.164274 tcp 10.0.2.19 50699 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:06:37.806017 0.202955 tcp 10.0.2.19 50700 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:06:38.174007 1.256249 tcp 10.0.2.19 50701 -> 176.73.143.18 5326 FSPA* 0 0 14 1686 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:07:18.948299 0.000000 udp 10.0.2.19 1701 -> 188.169.28.246 23956 INT 0 1 166 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:07:23.834445 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 22:07:36.043210 1.731170 tcp 10.0.2.19 50702 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:07:36.206333 0.200853 tcp 10.0.2.19 50703 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:07:36.407771 0.000000 udp 10.0.2.19 1701 -> 190.51.236.113 19077 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:07:51.616043 0.297450 tcp 10.0.2.19 50704 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:07:51.913000 0.330908 tcp 10.0.2.19 50705 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:07:52.244488 0.000000 udp 10.0.2.19 1701 -> 94.21.216.25 1807 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:08:09.341421 0.163938 tcp 10.0.2.19 50706 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:08:09.505115 0.191135 tcp 10.0.2.19 50707 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:08:09.696798 0.000000 udp 10.0.2.19 1701 -> 41.221.67.129 9536 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:08:27.137148 0.160127 tcp 10.0.2.19 50708 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:08:27.297603 0.195906 tcp 10.0.2.19 50709 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:08:27.494065 0.261646 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:27.756075 0.320106 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:28.076627 0.206656 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:28.283654 0.182316 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 576 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:28.466377 0.148157 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:28.614989 0.130466 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:28.615355 2.996688 tcp 10.0.2.19 50710 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 22:08:28.745857 0.000000 udp 10.0.2.19 1701 -> 217.246.62.65 6857 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:08:37.620468 0.000000 tcp 10.0.2.19 50710 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 22:08:44.342054 0.164459 tcp 10.0.2.19 50711 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:08:44.506303 0.193953 tcp 10.0.2.19 50712 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:08:44.700830 0.164877 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:44.866265 0.232431 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:45.099095 0.221531 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 575 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:45.320992 0.138511 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:45.459867 0.210619 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:45.670887 0.288390 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:45.959670 0.203857 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:46.163915 0.365785 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:46.530053 0.339507 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:46.869917 0.305358 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 575 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:47.175613 0.110293 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:47.286281 0.119545 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:47.406200 0.409621 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:47.816260 0.121413 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:47.938169 0.318440 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:48.257019 0.158645 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 575 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:48.416043 0.524120 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:48.940551 0.141692 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:49.082631 0.233673 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:49.316712 0.175793 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:49.492877 0.165582 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:49.658899 0.350980 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:50.010289 0.146475 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:08:50.157123 0.000000 udp 10.0.2.19 1701 -> 95.104.76.202 6491 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:09:07.855463 0.171811 tcp 10.0.2.19 50713 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:09:08.027064 0.211302 tcp 10.0.2.19 50714 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:09:08.238961 0.000000 udp 10.0.2.19 1701 -> 186.14.194.158 8944 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:09:26.562665 0.161073 tcp 10.0.2.19 50715 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:09:26.724046 0.208170 tcp 10.0.2.19 50716 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:11:49.098674 3.002002 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 22:11:56.106317 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:12:04.107735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:12:20.110736 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:12:52.117032 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:18:56.123927 3.000748 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 22:19:03.129842 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:19:11.131514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:19:27.134434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:19:59.140388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:26:03.146453 3.001658 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 22:26:10.153707 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:26:18.155861 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:26:34.158644 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:27:06.164368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:33:10.169852 3.002069 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 22:33:17.178072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:33:25.179497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:33:41.182810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:34:13.188364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:36:39.429323 0.000116 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 22:36:39.429536 1.100947 tcp 10.0.2.19 50717 -> 176.73.143.18 5326 FSPA* 0 0 14 1630 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:39:53.057401 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 22:39:53.057521 0.000000 udp 10.0.2.19 1701 -> 217.246.62.65 6857 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:40:11.376489 0.179113 tcp 10.0.2.19 50718 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:40:11.555190 0.195937 tcp 10.0.2.19 50719 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:40:11.751700 0.000000 udp 10.0.2.19 1701 -> 186.14.194.158 8944 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:40:17.194301 3.002033 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 22:40:24.202388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:40:27.527861 0.178963 tcp 10.0.2.19 50720 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:40:27.707035 0.217936 tcp 10.0.2.19 50721 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:40:27.925541 0.000000 udp 10.0.2.19 1701 -> 95.104.76.202 6491 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 22:40:32.203323 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:40:44.051849 0.165832 tcp 10.0.2.19 50722 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:40:44.217925 0.198656 tcp 10.0.2.19 50723 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 22:40:44.417139 0.279700 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:44.697228 0.224643 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:44.922407 0.136928 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:44.922759 3.003559 tcp 10.0.2.19 50724 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 22:40:45.059743 0.168636 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:45.228729 0.217003 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:45.446098 0.255076 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:45.701563 0.153186 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:45.855117 0.220718 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:46.076291 0.132081 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:46.208832 0.224149 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:46.433376 0.213186 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:46.646994 0.242762 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:46.890154 3.372075 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:48.206134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:40:50.262608 0.205057 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:50.467996 0.239051 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:50.707446 0.125110 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:50.832947 0.119079 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:50.952348 0.308571 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:51.261266 0.404202 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:51.665845 0.122456 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:51.788690 0.339079 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:52.128174 1.163564 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:53.292131 0.150893 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:53.443417 0.172661 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:53.616511 0.173977 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:53.790843 0.545580 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:53.924833 0.000000 tcp 10.0.2.19 50724 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 22:40:54.336833 0.228142 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:54.565430 0.414028 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:40:54.979801 0.134683 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 22:41:20.212484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:47:24.218151 3.001846 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 22:47:31.225687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:47:39.227858 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:47:55.230489 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:48:27.236483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:54:31.241888 3.002238 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 22:54:38.249946 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:54:46.251075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:55:02.254321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 22:55:34.260512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:01:38.266658 3.001601 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:01:45.274324 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:01:54.727341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:02:10.730547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:02:42.736251 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:06:41.239836 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 23:06:41.240036 1.119346 tcp 10.0.2.19 50725 -> 176.73.143.18 5326 FSPA* 0 0 15 1739 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:08:46.742547 3.001433 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:08:53.749815 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:09:01.751636 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:09:17.754100 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:09:49.760721 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:11:18.017741 0.000066 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 23:11:18.017936 0.249537 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:18.267909 0.204435 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:18.472795 0.127160 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:18.473144 2.998791 tcp 10.0.2.19 50726 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 23:11:18.600301 0.000000 udp 10.0.2.19 1701 -> 31.192.33.235 9139 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 23:11:27.471119 0.000000 tcp 10.0.2.19 50726 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 23:11:35.224321 0.161427 tcp 10.0.2.19 50727 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:11:35.386167 0.199712 tcp 10.0.2.19 50728 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:11:35.586463 0.227154 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:35.813963 0.245613 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:36.059917 0.187910 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:36.248233 0.231179 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:36.479815 0.232292 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:36.712485 0.247294 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:36.960139 0.224129 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:37.184626 0.127966 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:37.312941 0.328360 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:37.641703 0.208445 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:37.850494 0.280535 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:38.131426 0.368550 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:38.500367 0.414610 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:38.915380 0.121838 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:39.037570 0.122005 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:39.159932 0.294773 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:39.455069 0.220302 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:39.675777 0.183213 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:39.859364 0.451204 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:40.310933 0.169949 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:40.481251 0.174157 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:40.655768 0.459790 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:41.115937 0.225898 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:41.342224 0.450585 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:11:41.793186 0.126447 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:15:53.766316 3.001979 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:16:00.773521 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:16:08.775722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:16:24.778371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:16:56.784287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:23:00.789847 3.002214 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:23:07.798231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:23:15.799240 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:23:31.802331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:24:03.808706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:30:07.814041 3.001790 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:30:14.821591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:30:22.823366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:30:38.826364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:31:10.831978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:36:42.359694 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 23:36:42.359898 1.993954 tcp 10.0.2.19 50729 -> 176.73.143.18 5326 FSPA* 0 0 15 1794 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:37:14.838432 3.001277 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:37:21.845585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:37:29.847354 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:37:45.850154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:38:17.856757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:41:54.628142 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/03 23:41:54.628332 0.000000 udp 10.0.2.19 1701 -> 31.192.33.235 9139 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 23:42:10.012465 0.171040 tcp 10.0.2.19 50730 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:42:10.183785 0.234599 tcp 10.0.2.19 50731 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:42:10.418934 0.171429 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:10.590779 0.254150 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:10.591140 2.993845 tcp 10.0.2.19 50732 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 23:42:10.845290 0.145629 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:10.991319 0.199820 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:11.191535 0.245913 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:11.437801 0.153813 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:11.591968 0.226975 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:11.819342 0.201823 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:12.021585 0.132603 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:12.154546 0.333989 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:12.488870 0.245283 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:12.734537 0.226712 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:12.961630 0.186671 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:13.148728 0.225738 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:13.374876 0.000000 udp 10.0.2.19 1701 -> 212.231.214.106 3015 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 23:42:19.584178 0.000000 tcp 10.0.2.19 50732 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/03 23:42:30.541143 0.213455 tcp 10.0.2.19 50733 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:42:30.754289 0.196513 tcp 10.0.2.19 50734 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:42:30.951361 0.177845 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:31.129576 0.306603 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:31.436590 0.240010 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:31.677029 0.424556 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:32.101987 0.126682 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:32.228989 0.173209 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:32.402520 0.000000 udp 10.0.2.19 1701 -> 193.169.115.140 1088 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/03 23:42:49.938783 0.187354 tcp 10.0.2.19 50735 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:42:50.126486 0.196487 tcp 10.0.2.19 50736 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/03 23:42:50.323511 0.189703 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:50.513576 0.172044 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:50.686001 0.470415 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:51.156797 0.306656 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:51.463826 0.351076 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:42:51.815232 0.133253 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/03 23:44:21.861558 3.002140 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/03 23:44:28.869770 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:44:36.871432 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:44:52.874495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:45:24.880154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:51:28.885672 3.002382 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:51:35.893606 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:51:43.895466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:51:59.897923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:52:31.904462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:58:35.910478 3.001273 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/03 23:58:42.917633 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:58:50.919213 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:59:06.922542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/03 23:59:41.632007 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:05:45.638038 3.001718 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 00:05:52.645373 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:06:00.786885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:06:16.790070 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:06:45.732125 3.806772 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/04 00:06:49.539135 0.929509 tcp 10.0.2.19 50737 -> 176.73.143.18 5326 FSPA* 0 0 16 1749 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:06:50.589034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:12:54.594697 3.001948 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 00:13:00.160375 0.481040 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/04 00:13:00.641501 0.000000 udp 10.0.2.19 1701 -> 212.231.214.106 3015 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 00:13:01.832932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:13:09.833786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:13:18.158538 0.164594 tcp 10.0.2.19 50738 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:13:18.322936 0.215406 tcp 10.0.2.19 50739 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:13:18.538900 0.147498 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:18.686732 0.144740 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:18.831864 0.155749 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:18.832225 2.999022 tcp 10.0.2.19 50740 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:13:18.987969 0.255692 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:19.244003 0.157682 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:19.402287 0.188237 udp 10.0.2.19 1701 <-> 87.7.185.64 9616 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:19.590895 0.256275 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:19.847550 0.223479 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:20.071392 0.169660 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:20.241415 0.129080 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:20.370833 0.315984 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:20.687179 0.179062 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:20.866593 0.162384 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:21.029341 0.250461 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:21.280188 0.225140 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:21.505727 0.298287 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:21.804396 0.116712 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:21.921459 0.222722 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:22.144582 0.410406 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:22.555324 0.123926 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:22.679622 0.166136 udp 10.0.2.19 1701 <-> 88.254.30.110 2062 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:22.846392 0.171777 udp 10.0.2.19 1701 <-> 88.254.68.195 18579 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:23.018526 0.180776 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:23.199673 0.531354 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:23.731377 0.362092 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:24.093824 0.423097 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:24.517283 0.135478 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:13:25.837177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:13:27.840390 0.000000 tcp 10.0.2.19 50740 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:13:57.953175 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:20:01.959438 3.001524 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 00:20:08.966834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:20:16.968665 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:20:32.971366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:21:04.976925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:27:08.983308 3.001251 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 00:27:15.991072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:27:23.991853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:27:39.995515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:28:12.001230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:34:16.007034 4.784722 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 00:34:24.797577 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:34:32.798559 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:34:48.801624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:35:20.867925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:36:51.818673 0.000124 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 00:36:51.818898 2.993839 tcp 10.0.2.19 50741 -> 176.73.143.18 5326 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:37:00.811786 0.000000 tcp 10.0.2.19 50741 -> 176.73.143.18 5326 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:37:06.822362 0.162761 tcp 10.0.2.19 50742 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:37:06.985239 0.196703 tcp 10.0.2.19 50743 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:37:07.323699 3.001165 tcp 10.0.2.19 50744 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:37:16.323439 0.000000 tcp 10.0.2.19 50744 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:37:22.323562 0.160623 tcp 10.0.2.19 50745 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:37:22.484416 0.198532 tcp 10.0.2.19 50746 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:37:22.776011 4.122887 tcp 10.0.2.19 50747 -> 90.156.118.144 5237 FSPA* 0 0 14 1534 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:41:25.093817 3.002084 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 00:41:32.101760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:41:40.103518 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:41:56.106435 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:42:28.112489 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:43:31.002625 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 00:43:31.002834 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 00:43:47.578651 0.161086 tcp 10.0.2.19 50748 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:43:47.739516 0.191236 tcp 10.0.2.19 50749 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:43:47.931315 0.146067 udp 10.0.2.19 1701 <-> 193.169.115.140 1088 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:43:48.077737 0.144036 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:43:48.222198 0.254244 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:43:48.222534 2.998910 tcp 10.0.2.19 50750 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:43:48.476800 0.155434 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:43:48.632579 0.000000 udp 10.0.2.19 1701 -> 87.7.185.64 9616 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 00:43:57.230011 0.000000 tcp 10.0.2.19 50750 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 00:44:07.386510 0.161408 tcp 10.0.2.19 50751 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:44:07.548162 0.188998 tcp 10.0.2.19 50752 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:44:07.737732 0.277899 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:08.015969 0.217751 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:08.234065 0.321525 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:08.556002 0.185106 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:08.741522 0.172914 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:08.914763 0.151845 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:09.066922 0.121442 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:09.188738 0.239485 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:09.428615 0.225543 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:09.654560 0.300904 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:09.955859 0.124198 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:10.080416 0.223775 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:44:10.304600 0.000000 udp 10.0.2.19 1701 -> 88.254.30.110 2062 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 00:44:28.145669 0.170785 tcp 10.0.2.19 50753 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:44:28.316650 0.193279 tcp 10.0.2.19 50754 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:44:28.510692 0.000000 udp 10.0.2.19 1701 -> 88.254.68.195 18579 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 00:44:45.060038 0.160382 tcp 10.0.2.19 50755 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:44:45.220654 0.195051 tcp 10.0.2.19 50756 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:44:45.416269 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 00:45:01.984988 0.164366 tcp 10.0.2.19 50757 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:45:02.149151 0.193780 tcp 10.0.2.19 50758 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 00:45:02.343561 0.136230 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:45:02.480190 0.182815 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:45:02.663350 0.482542 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:45:03.146265 0.228010 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:45:03.374645 0.355995 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:45:03.731041 0.125382 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 00:48:32.118242 3.001398 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 00:48:39.125223 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:48:47.126709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:49:03.130242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:49:35.136566 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:55:39.141862 3.652805 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 00:55:46.800157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:55:54.801985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:56:10.805316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 00:56:42.811105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:02:46.816857 3.001982 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 01:02:53.824715 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:03:01.825662 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:03:17.828804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:03:49.834893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:07:27.227820 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:07:27.228037 1.341004 tcp 10.0.2.19 50759 -> 90.156.118.144 5237 FSPA* 0 0 14 1508 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:09:53.840931 3.001544 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 01:10:00.848065 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:10:08.850053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:10:24.852680 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:10:56.859353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:15:23.312367 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:15:23.312641 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:15:39.448135 0.164595 tcp 10.0.2.19 50760 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:15:39.612911 0.193652 tcp 10.0.2.19 50761 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:15:39.807130 0.000000 udp 10.0.2.19 1701 -> 87.7.185.64 9616 INT 0 1 266 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:15:55.419298 0.163596 tcp 10.0.2.19 50762 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:15:55.583138 0.200613 tcp 10.0.2.19 50763 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:15:55.784303 0.467150 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:15:56.251852 0.000000 udp 10.0.2.19 1701 -> 88.254.68.195 18579 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:16:11.933185 0.164117 tcp 10.0.2.19 50764 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:16:12.097002 0.198439 tcp 10.0.2.19 50765 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:16:12.295982 0.000000 udp 10.0.2.19 1701 -> 88.254.30.110 2062 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:16:29.068088 0.163988 tcp 10.0.2.19 50766 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:16:29.231786 0.201644 tcp 10.0.2.19 50767 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:16:29.433977 0.145363 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:29.579771 0.000000 udp 10.0.2.19 1701 -> 193.169.115.140 1088 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:16:29.580138 2.991597 tcp 10.0.2.19 50768 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 01:16:38.579915 0.000000 tcp 10.0.2.19 50768 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 01:16:44.870852 0.176451 tcp 10.0.2.19 50769 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:16:45.047621 0.199666 tcp 10.0.2.19 50770 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:16:45.247848 0.253160 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:45.501374 0.163143 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:45.664913 0.193321 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:45.858640 0.233538 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:46.092566 0.260941 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:46.353883 0.334563 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:46.688843 0.232785 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:46.922066 0.124437 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:47.046860 0.153480 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:47.200736 0.182277 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:47.383419 0.254760 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:47.641608 0.305864 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:16:47.947825 0.000000 udp 10.0.2.19 1701 -> 99.50.244.169 3653 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:17:00.864608 3.002086 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 01:17:06.311570 0.163637 tcp 10.0.2.19 50771 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:17:06.475397 0.218240 tcp 10.0.2.19 50772 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:17:06.694400 0.127969 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:06.822738 0.122408 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:06.945488 0.182604 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:07.128433 0.370102 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:07.498938 0.489636 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:07.872271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:17:07.988893 0.220399 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:08.209671 0.143076 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:08.513068 0.000000 udp 10.0.2.19 1701 -> 193.169.115.140 1088 REQ 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:17:15.874188 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:17:17.446269 0.000000 udp 10.0.2.19 1701 -> 99.50.244.169 3653 REQ 0 1 295 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:17:25.317792 0.422740 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 847 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:25.740989 0.154447 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 854 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:25.895878 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 REQ 0 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:17:31.205667 0.246193 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 666 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:31.452314 0.451424 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:31.877154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:17:31.904160 0.196458 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:32.101126 0.339596 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 821 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:32.441192 0.259966 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 786 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:32.701677 0.158358 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 660 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:32.860497 0.179320 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 769 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:33.040270 0.249540 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 789 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:33.290250 0.238862 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 721 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:33.529610 0.131866 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 827 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:33.661924 0.303612 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 775 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:33.966010 0.124839 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 727 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:34.091283 0.177125 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 761 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:34.268859 0.372117 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 676 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:34.641448 0.146234 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 848 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:34.788091 0.231914 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 838 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:35.020473 0.149210 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 732 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:35.170297 0.489711 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 726 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:17:35.660540 0.000000 udp 10.0.2.19 1701 -> 172.5.194.234 7682 INT 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:17:40.369123 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:17:42.372037 0.000000 udp 10.0.2.19 1701 -> 188.49.45.200 3501 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:17:50.654124 0.000000 udp 10.0.2.19 1701 -> 174.141.117.232 3271 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:17:57.063626 0.000000 udp 10.0.2.19 1701 -> 64.77.237.107 6236 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:03.712878 0.000000 udp 10.0.2.19 1701 -> 178.42.234.135 7296 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:03.883149 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:18:09.661698 0.000000 udp 10.0.2.19 1701 -> 67.80.99.25 28906 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:14.367576 0.000077 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:18:15.549859 0.430173 udp 10.0.2.19 1701 <-> 189.235.166.233 10320 CON 0 0 2 803 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:18:16.021154 0.000000 udp 10.0.2.19 1701 -> 201.153.6.113 21142 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:22.790130 0.308971 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 793 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:18:23.132465 0.000000 udp 10.0.2.19 1701 -> 46.44.21.6 4958 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:31.372989 0.000000 udp 10.0.2.19 1701 -> 190.43.242.41 10646 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:38.112013 0.000000 udp 10.0.2.19 1701 -> 189.144.53.62 19989 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:44.641972 0.000000 udp 10.0.2.19 1701 -> 92.47.68.47 20353 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:49.418628 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:18:50.800697 0.000000 udp 10.0.2.19 1701 -> 31.167.175.79 9750 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:18:58.581867 0.000000 udp 10.0.2.19 1701 -> 213.98.108.145 7827 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:07.474694 0.182388 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:19:07.689789 0.000000 udp 10.0.2.19 1701 -> 66.64.171.254 3071 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:15.004931 0.000000 udp 10.0.2.19 1701 -> 65.175.211.52 4085 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:20.964239 0.000000 udp 10.0.2.19 1701 -> 31.192.7.51 9707 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:25.921196 0.052933 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:19:29.255999 0.000000 udp 10.0.2.19 1701 -> 121.54.86.114 8705 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:36.165807 0.362484 udp 10.0.2.19 1701 <-> 190.42.223.97 20050 CON 0 0 2 729 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:19:36.672064 0.000000 udp 10.0.2.19 1701 -> 76.189.32.164 3300 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:44.347126 0.000000 udp 10.0.2.19 1701 -> 95.247.158.109 9321 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:50.215744 0.000000 udp 10.0.2.19 1701 -> 190.19.112.167 5542 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:19:57.295756 0.000000 udp 10.0.2.19 1701 -> 2.133.120.233 6297 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:01.932535 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:20:05.097479 0.531638 udp 10.0.2.19 1701 <-> 75.202.252.61 4321 CON 0 0 2 767 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:20:05.676717 0.000000 udp 10.0.2.19 1701 -> 201.153.229.168 29587 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:12.017232 0.000000 udp 10.0.2.19 1701 -> 80.179.199.81 20802 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:19.348079 0.239753 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 805 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:20:19.634349 0.153763 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 792 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:20:19.810717 0.411065 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 657 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:20:20.260431 0.000000 udp 10.0.2.19 1701 -> 208.64.183.187 11296 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:27.058701 0.000000 udp 10.0.2.19 1701 -> 2.228.163.130 15554 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:32.727130 0.411087 udp 10.0.2.19 1701 -> 202.80.148.122 8683 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:33.138217 0.000000 icmp 202.80.148.122 0x0303 -> 10.0.2.19 0xeb21 URP 192 1 144 flow=Background 1970/01/04 01:20:37.433972 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:20:41.429366 0.000000 udp 10.0.2.19 1701 -> 79.100.90.72 4919 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:48.790381 0.343243 udp 10.0.2.19 1701 <-> 186.47.55.122 22660 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:20:49.172125 0.000000 udp 10.0.2.19 1701 -> 190.235.48.40 21762 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:20:57.492616 0.000000 udp 10.0.2.19 1701 -> 79.9.162.183 5265 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:04.312470 0.000000 udp 10.0.2.19 1701 -> 82.107.16.215 1949 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:13.285457 0.000000 udp 10.0.2.19 1701 -> 12.185.247.82 8581 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:17.931486 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:21:21.657810 0.000000 udp 10.0.2.19 1701 -> 216.230.228.174 3571 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:30.009722 0.465309 udp 10.0.2.19 1701 <-> 60.53.58.144 27629 CON 0 0 2 663 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:21:30.615481 0.000000 udp 10.0.2.19 1701 -> 63.172.252.79 1743 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:37.620380 0.000000 udp 10.0.2.19 1701 -> 74.40.168.78 21517 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:44.180006 0.221206 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:21:44.433118 0.300066 udp 10.0.2.19 1701 <-> 181.65.46.79 22330 CON 0 0 2 821 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:21:44.763974 0.000000 udp 10.0.2.19 1701 -> 186.3.235.218 4018 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:50.588951 0.610689 udp 10.0.2.19 1701 -> 186.178.102.100 7311 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:21:51.199640 0.000000 icmp 186.178.102.100 0x0303 -> 10.0.2.19 0x8f1c URP 192 1 213 flow=Background 1970/01/04 01:21:55.425869 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:21:56.117227 0.000000 udp 10.0.2.19 1701 -> 173.172.120.192 7717 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:04.709451 0.000000 udp 10.0.2.19 1701 -> 109.185.58.240 1358 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:12.260093 0.235402 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 795 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:22:12.507815 0.261507 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 717 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:22:12.777982 0.842524 udp 10.0.2.19 1701 <-> 186.22.206.204 4251 CON 0 0 2 735 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:22:13.668013 0.000000 udp 10.0.2.19 1701 -> 69.4.124.235 24053 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:21.143166 0.000000 udp 10.0.2.19 1701 -> 200.110.78.222 5822 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:30.095809 0.000000 udp 10.0.2.19 1701 -> 108.58.27.130 2061 INT 0 1 298 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:34.932503 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:22:35.373701 0.159030 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:22:35.543916 0.000000 udp 10.0.2.19 1701 -> 201.42.0.154 7181 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:43.144506 0.000000 udp 10.0.2.19 1701 -> 70.62.133.135 7833 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:49.262979 0.000000 udp 10.0.2.19 1701 -> 202.163.69.33 3828 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:22:57.315167 0.000000 udp 10.0.2.19 1701 -> 88.254.68.195 18579 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:02.822982 0.293804 udp 10.0.2.19 1701 <-> 70.29.186.246 3326 CON 0 0 2 727 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:23:03.126130 0.000000 udp 10.0.2.19 1701 -> 174.78.128.99 3129 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:10.403713 0.000000 udp 10.0.2.19 1701 -> 187.232.62.111 18437 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:14.930190 0.000066 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:23:18.004651 0.000000 udp 10.0.2.19 1701 -> 196.207.233.145 4482 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:23.773213 0.000000 udp 10.0.2.19 1701 -> 190.50.158.112 20159 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:30.882855 0.000000 udp 10.0.2.19 1701 -> 78.189.48.189 27189 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:39.495883 0.000000 udp 10.0.2.19 1701 -> 177.9.249.18 12279 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:46.055269 0.000000 udp 10.0.2.19 1701 -> 178.233.14.95 3010 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:23:50.971794 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:23:52.644934 0.000000 udp 10.0.2.19 1701 -> 99.6.85.206 3528 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:01.296622 0.260511 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 817 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:24:01.590428 0.000000 udp 10.0.2.19 1701 -> 186.86.122.18 4702 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:07.265524 0.217887 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:24:07.557324 0.000000 udp 10.0.2.19 1701 -> 41.56.42.93 8799 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:07.989524 3.001562 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 01:24:14.806310 0.433968 udp 10.0.2.19 1701 <-> 201.155.76.16 4440 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:24:14.996344 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:24:15.278550 0.334203 udp 10.0.2.19 1701 <-> 190.254.182.91 5030 CON 0 0 2 660 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:24:15.663460 0.000000 udp 10.0.2.19 1701 -> 87.19.152.116 2929 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:22.998056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:24:23.438860 0.000000 udp 10.0.2.19 1701 -> 24.251.117.45 4148 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:27.964897 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:24:30.619014 1.022988 udp 10.0.2.19 1701 <-> 190.200.221.34 1130 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:24:31.661166 0.000000 udp 10.0.2.19 1701 -> 98.166.184.128 9933 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:39.000909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:24:39.712013 0.000000 udp 10.0.2.19 1701 -> 92.54.218.73 10797 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:45.710782 0.000000 udp 10.0.2.19 1701 -> 217.133.70.14 6027 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:51.508932 0.000000 udp 10.0.2.19 1701 -> 58.172.168.141 8310 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:24:57.086865 0.000000 udp 10.0.2.19 1701 -> 189.224.50.100 2460 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:25:01.974268 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:25:05.739564 0.000000 udp 10.0.2.19 1701 -> 190.21.97.133 7137 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:25:11.006968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:25:13.780849 0.000000 udp 10.0.2.19 1701 -> 190.235.215.237 29447 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:25:21.001514 0.000000 udp 10.0.2.19 1701 -> 89.111.237.3 1025 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:25:27.941321 0.000000 udp 10.0.2.19 1701 -> 173.57.22.60 6439 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:31:15.012804 3.001818 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 01:31:22.020756 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:31:30.021808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:31:46.024743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:32:18.030842 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:37:28.668306 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:37:28.668445 3.600350 tcp 10.0.2.19 50773 -> 90.156.118.144 5237 FSPA* 0 0 14 1731 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:38:22.036341 3.002527 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 01:38:29.044511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:38:37.046187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:38:53.048886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:39:25.054734 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:45:29.060662 3.002129 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 01:45:36.068374 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:45:44.069594 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:46:00.072970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:46:32.078808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:52:36.084590 3.002460 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 01:52:43.092409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:52:51.093840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:53:07.096493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:53:39.102880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:55:58.834532 0.000146 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 01:55:58.834810 0.146273 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:55:58.981612 0.438802 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:55:58.982030 3.006370 tcp 10.0.2.19 50774 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 01:55:59.420766 0.243227 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:55:59.664389 0.258801 udp 10.0.2.19 1701 <-> 99.169.222.118 7026 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:55:59.923554 0.251903 udp 10.0.2.19 1701 <-> 188.54.123.76 14723 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:00.175819 0.174942 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:00.351122 0.334168 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:00.685692 0.218654 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:00.904698 0.126683 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:01.031834 0.163747 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:01.195912 0.172679 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:01.368945 0.254839 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:01.624173 0.372138 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:01.996745 0.299860 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:02.296981 0.125987 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:02.423321 0.176740 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:02.600402 0.135158 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:02.735937 0.509642 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:03.245940 0.117901 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:03.364187 1.356148 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:04.720732 0.298595 udp 10.0.2.19 1701 <-> 189.235.166.233 10320 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:05.019773 0.298986 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:05.319129 0.193868 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:05.513380 0.000000 udp 10.0.2.19 1701 -> 190.42.223.97 20050 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:56:07.987045 0.000000 tcp 10.0.2.19 50774 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 01:56:21.318684 0.207661 tcp 10.0.2.19 50775 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:56:21.526656 0.221749 tcp 10.0.2.19 50776 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:56:21.748963 0.276313 udp 10.0.2.19 1701 <-> 75.202.252.61 4321 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:22.025658 0.152980 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:22.179023 0.234912 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:22.414383 0.298397 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:22.713195 0.000000 udp 10.0.2.19 1701 -> 186.47.55.122 22660 INT 0 1 88 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:56:39.764160 0.164115 tcp 10.0.2.19 50777 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:56:39.928555 0.202334 tcp 10.0.2.19 50778 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:56:40.131448 0.000000 udp 10.0.2.19 1701 -> 60.53.58.144 27629 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:56:57.449328 0.166201 tcp 10.0.2.19 50779 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:56:57.615669 0.194087 tcp 10.0.2.19 50780 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:56:57.810352 0.226220 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:58.036927 0.793802 udp 10.0.2.19 1701 <-> 181.65.46.79 22330 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:58.831098 0.228515 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:59.059990 0.285935 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:56:59.346395 0.000000 udp 10.0.2.19 1701 -> 186.22.206.204 4251 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:57:15.975583 0.166642 tcp 10.0.2.19 50781 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:57:16.141921 0.197741 tcp 10.0.2.19 50782 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:57:16.340280 0.148523 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:57:16.489162 0.294414 udp 10.0.2.19 1701 <-> 70.29.186.246 3326 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:57:16.783906 0.251910 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:57:17.036205 0.219610 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:57:17.256252 0.000000 udp 10.0.2.19 1701 -> 190.254.182.91 5030 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:57:35.985541 0.170916 tcp 10.0.2.19 50783 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:57:36.149909 0.232483 tcp 10.0.2.19 50784 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:57:36.382934 0.000000 udp 10.0.2.19 1701 -> 201.155.76.16 4440 INT 0 1 103 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 01:57:53.159504 0.273972 tcp 10.0.2.19 50785 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:57:53.433651 0.598034 tcp 10.0.2.19 50786 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 01:57:54.032223 0.593043 udp 10.0.2.19 1701 <-> 190.200.221.34 1130 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 01:59:43.108706 3.002089 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 01:59:50.116340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 01:59:58.118092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:00:14.120546 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:00:46.127266 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:06:50.222838 3.002172 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:06:57.230422 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:07:05.232212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:07:21.234739 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:07:32.311339 0.000149 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 02:07:32.311640 1.059647 tcp 10.0.2.19 50787 -> 90.156.118.144 5237 SPA_* 0 0 9 1106 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:07:37.796969 0.251474 tcp 10.0.2.19 50787 -> 90.156.118.144 5237 FA_F* 0 0 6 561 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:07:53.240576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:13:57.246432 3.002356 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:14:04.254468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:14:12.255510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:14:28.258906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:15:00.264954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:21:04.270787 3.002207 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:21:11.278225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:21:19.279519 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:21:35.283145 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:22:07.288566 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:27:56.441099 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 02:27:56.441307 0.300834 udp 10.0.2.19 1701 <-> 190.42.223.97 20050 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:27:56.742542 0.000000 udp 10.0.2.19 1701 -> 186.47.55.122 22660 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 02:28:11.294552 3.002257 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:28:13.397582 0.164564 tcp 10.0.2.19 50788 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:28:13.562377 0.202692 tcp 10.0.2.19 50789 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:28:13.765821 0.000000 udp 10.0.2.19 1701 -> 60.53.58.144 27629 INT 0 1 99 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 02:28:18.301910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:28:26.304149 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:28:30.131185 0.174806 tcp 10.0.2.19 50790 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:28:30.305651 0.195223 tcp 10.0.2.19 50791 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:28:30.501470 0.351799 udp 10.0.2.19 1701 <-> 186.22.206.204 4251 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:28:30.853617 0.000000 udp 10.0.2.19 1701 -> 190.254.182.91 5030 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 02:28:42.306716 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:28:49.308144 0.163305 tcp 10.0.2.19 50792 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:28:49.471611 0.194575 tcp 10.0.2.19 50793 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:28:49.666758 0.316329 udp 10.0.2.19 1701 <-> 201.155.76.16 4440 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:28:49.983478 0.401580 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:28:50.385414 0.165419 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:28:50.551290 0.254194 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:28:50.551651 3.000942 tcp 10.0.2.19 50794 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 02:28:50.805876 0.187603 udp 10.0.2.19 1701 <-> 85.117.42.122 29881 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:28:50.993844 0.000000 udp 10.0.2.19 1701 -> 188.54.123.76 14723 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 02:28:59.551920 0.000000 tcp 10.0.2.19 50794 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 02:29:08.856584 0.164989 tcp 10.0.2.19 50795 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:29:09.021354 0.195328 tcp 10.0.2.19 50796 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:29:09.217221 0.000000 udp 10.0.2.19 1701 -> 99.169.222.118 7026 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 02:29:14.313191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:29:25.160130 0.164334 tcp 10.0.2.19 50797 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:29:25.324734 0.206941 tcp 10.0.2.19 50798 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:29:25.532205 0.335026 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:25.867628 0.182054 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:26.050181 0.224987 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:26.275601 0.164737 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:26.440700 0.944013 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:27.385090 0.124326 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:27.509797 0.127839 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:27.637939 0.296558 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:27.934896 0.447515 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:28.382846 0.127859 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:28.511031 0.177424 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:28.688871 0.117009 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:28.806252 0.476160 udp 10.0.2.19 1701 <-> 119.42.92.182 9546 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:29.282806 0.306420 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:29.589647 0.297771 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:29.887804 0.185616 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:30.073749 0.296790 udp 10.0.2.19 1701 <-> 189.235.166.233 10320 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:30.370884 0.330216 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:30.701507 0.267388 udp 10.0.2.19 1701 <-> 75.202.252.61 4321 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:30.969244 0.237909 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:31.207505 0.146326 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:31.354354 0.223072 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:31.577819 0.475403 udp 10.0.2.19 1701 <-> 181.65.46.79 22330 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:32.053638 0.231805 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:32.285837 0.000000 udp 10.0.2.19 1701 -> 70.96.145.133 4307 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 02:29:50.696621 0.165556 tcp 10.0.2.19 50799 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:29:50.862364 0.205758 tcp 10.0.2.19 50800 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:29:51.068693 0.292040 udp 10.0.2.19 1701 <-> 70.29.186.246 3326 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:51.361118 0.150020 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:51.511554 0.219910 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:51.731847 0.253153 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:29:51.985403 0.289588 udp 10.0.2.19 1701 <-> 190.200.221.34 1130 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 02:35:18.318879 3.001260 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:35:25.326124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:35:33.327617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:35:49.330743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:36:21.337030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:37:38.047734 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 02:37:38.047921 0.931940 tcp 10.0.2.19 50801 -> 90.156.118.144 5237 FSPA* 0 0 14 1537 flow=From-Botnet-V2-TCP-Established 1970/01/04 02:42:25.342586 3.001738 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:42:32.350413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:42:40.351357 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:42:56.514593 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:43:28.521227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:49:32.526625 3.002264 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:49:39.534123 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:49:47.535670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:50:03.538932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:50:35.545320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:56:39.550810 3.001717 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 02:56:46.558245 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:56:54.559831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:57:10.562660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 02:57:42.568957 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:00:22.058207 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 03:00:22.058378 0.000000 udp 10.0.2.19 1701 -> 99.169.222.118 7026 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:00:39.065240 0.171780 tcp 10.0.2.19 50802 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:00:39.237268 0.198641 tcp 10.0.2.19 50803 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:00:39.436463 0.000000 udp 10.0.2.19 1701 -> 188.54.123.76 14723 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:00:56.459384 0.165568 tcp 10.0.2.19 50804 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:00:56.625244 0.194533 tcp 10.0.2.19 50805 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:00:56.820333 0.261960 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:00:57.082697 0.308799 udp 10.0.2.19 1701 <-> 190.42.223.97 20050 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:00:57.392035 0.352741 udp 10.0.2.19 1701 <-> 186.22.206.204 4251 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:00:57.745158 0.246642 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:00:57.992169 0.408864 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:00:58.401399 0.299247 udp 10.0.2.19 1701 <-> 201.155.76.16 4440 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:00:58.701047 0.146073 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:00:58.847550 0.000000 udp 10.0.2.19 1701 -> 85.117.42.122 29881 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:00:58.847897 2.997319 tcp 10.0.2.19 50806 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 03:01:07.843671 0.000000 tcp 10.0.2.19 50806 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 03:01:14.135780 0.175056 tcp 10.0.2.19 50807 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:01:14.311038 0.202930 tcp 10.0.2.19 50808 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:01:14.514521 0.322015 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:14.836906 0.155171 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:14.992448 0.226858 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:15.219686 0.182141 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:15.402211 0.377536 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:15.780116 0.131871 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:15.912304 0.133723 udp 10.0.2.19 1701 <-> 94.251.242.238 9471 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:16.046332 0.138002 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:16.184702 0.176730 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:16.361774 0.121711 udp 10.0.2.19 1701 <-> 86.148.49.183 2460 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:16.483842 0.639016 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:17.123258 0.301100 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:17.424733 0.000000 udp 10.0.2.19 1701 -> 119.42.92.182 9546 INT 0 1 98 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:01:33.261706 0.635806 tcp 10.0.2.19 50809 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:01:33.897033 0.210338 tcp 10.0.2.19 50810 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:01:34.107909 0.712900 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:34.821218 0.301239 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:35.122899 0.303243 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:35.426502 0.175934 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:35.602827 0.304247 udp 10.0.2.19 1701 <-> 189.235.166.233 10320 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:35.907473 0.149675 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:36.057517 0.225912 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:36.283803 0.276577 udp 10.0.2.19 1701 <-> 75.202.252.61 4321 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:36.560781 0.228759 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:36.789887 0.231804 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:37.022023 0.000000 udp 10.0.2.19 1701 -> 181.65.46.79 22330 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:01:55.173302 0.166307 tcp 10.0.2.19 50811 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:01:55.339354 0.198423 tcp 10.0.2.19 50812 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:01:55.538303 0.222615 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:55.761284 0.293406 udp 10.0.2.19 1701 <-> 70.29.186.246 3326 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:56.055104 0.153113 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:56.208560 0.254508 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:01:56.463418 0.000000 udp 10.0.2.19 1701 -> 190.200.221.34 1130 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:02:14.260503 1.363135 tcp 10.0.2.19 50813 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:02:14.426192 0.196267 tcp 10.0.2.19 50814 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:03:48.888300 3.001380 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 03:03:55.895573 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:04:03.897118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:04:19.899962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:04:52.557419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:07:40.638862 0.651601 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/04 03:07:41.290553 0.756506 tcp 10.0.2.19 50815 -> 90.156.118.144 5237 FSPA* 0 0 14 1576 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:10:56.883837 3.001078 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 03:11:03.891373 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:11:11.892531 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:11:27.895191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:11:59.901677 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:18:03.907483 3.001898 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 03:18:10.914678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:18:18.916384 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:18:34.919302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:19:06.925617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:25:10.931190 3.001805 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 03:25:18.289366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:25:26.290982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:25:42.293737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:26:14.299896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:32:18.305651 3.002393 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 03:32:25.313382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:32:28.709010 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 03:32:28.709217 0.000000 udp 10.0.2.19 1701 -> 85.117.42.122 29881 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:32:33.314879 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:32:44.893950 0.165422 tcp 10.0.2.19 50816 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:32:45.059613 0.204843 tcp 10.0.2.19 50817 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:32:45.264997 0.000000 udp 10.0.2.19 1701 -> 119.42.92.182 9546 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:32:50.268945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:33:02.017331 0.168247 tcp 10.0.2.19 50818 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:02.185922 0.207364 tcp 10.0.2.19 50819 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:02.393860 0.000000 udp 10.0.2.19 1701 -> 181.65.46.79 22330 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:33:18.641682 0.164813 tcp 10.0.2.19 50820 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:18.806665 0.191802 tcp 10.0.2.19 50821 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:18.999025 0.000000 udp 10.0.2.19 1701 -> 190.200.221.34 1130 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:33:22.275595 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:33:35.575466 0.164832 tcp 10.0.2.19 50822 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:35.740522 0.191534 tcp 10.0.2.19 50823 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:35.932601 0.000000 udp 10.0.2.19 1701 -> 186.22.206.204 4251 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:33:51.268024 0.165316 tcp 10.0.2.19 50824 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:51.433553 0.201828 tcp 10.0.2.19 50825 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:33:51.635945 0.322363 udp 10.0.2.19 1701 <-> 190.42.223.97 20050 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:33:51.958692 0.248881 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:33:52.207936 0.186576 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:33:52.394957 0.416767 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:33:52.395291 2.987452 tcp 10.0.2.19 50826 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 03:33:52.812164 0.000000 udp 10.0.2.19 1701 -> 201.155.76.16 4440 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:34:01.381417 0.000000 tcp 10.0.2.19 50826 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 03:34:08.845092 0.170913 tcp 10.0.2.19 50827 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:34:09.015653 0.208954 tcp 10.0.2.19 50828 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:34:09.225151 0.256594 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:09.482130 0.324330 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:09.806876 0.175377 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:09.982621 0.233270 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:10.216293 0.166896 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:10.383520 0.431445 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:10.815318 0.000000 udp 10.0.2.19 1701 -> 86.148.49.183 2460 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:34:25.888297 0.164190 tcp 10.0.2.19 50829 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:34:26.052749 0.200331 tcp 10.0.2.19 50830 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:34:26.253618 0.132267 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 206 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:26.386328 0.126862 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:26.513570 0.186174 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:26.700098 0.000000 udp 10.0.2.19 1701 -> 94.251.242.238 9471 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 03:34:44.094229 0.165538 tcp 10.0.2.19 50831 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:34:44.259709 0.196164 tcp 10.0.2.19 50832 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:34:44.456401 0.637864 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:45.094651 0.529350 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:45.624458 0.228012 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:45.624795 3.004666 tcp 10.0.2.19 50833 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 03:34:45.852835 0.148129 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:46.001348 0.193073 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:46.194745 0.302383 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:46.497526 0.294932 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:46.792839 0.306648 udp 10.0.2.19 1701 <-> 189.235.166.233 10320 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:47.099884 0.272327 udp 10.0.2.19 1701 <-> 75.202.252.61 4321 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:47.372586 0.220365 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:47.593337 0.237173 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:47.830864 0.237043 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:48.068248 0.214031 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:48.282648 0.290448 udp 10.0.2.19 1701 <-> 70.29.186.246 3326 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:48.573465 0.162257 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:48.736083 0.267729 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 03:34:54.628184 0.000000 tcp 10.0.2.19 50833 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 03:37:42.699912 0.000059 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 03:37:42.700018 2.160679 tcp 10.0.2.19 50834 -> 90.156.118.144 5237 FSPA* 0 0 14 1749 flow=From-Botnet-V2-TCP-Established 1970/01/04 03:39:26.281195 3.002030 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 03:39:33.288472 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:39:41.290232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:40:07.753686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:40:39.342460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:46:38.432549 2.958157 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 03:46:45.344557 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:46:53.234055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:47:09.016744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:47:42.735651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:53:53.433755 2.964634 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 03:54:00.347412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:54:08.243722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:54:24.032237 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 03:54:55.597473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:00:54.709931 2.955660 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 04:01:01.625420 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:01:09.520928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:01:25.307124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:01:56.890755 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:05:18.100290 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 04:05:18.100469 0.327175 udp 10.0.2.19 1701 <-> 186.22.206.204 4251 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:05:18.428026 0.000000 udp 10.0.2.19 1701 -> 201.155.76.16 4440 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:05:35.197702 0.174720 tcp 10.0.2.19 50835 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:05:35.372604 0.200645 tcp 10.0.2.19 50836 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:05:35.573794 0.000000 udp 10.0.2.19 1701 -> 94.251.242.238 9471 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:05:51.779856 0.261709 tcp 10.0.2.19 50837 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:05:52.041741 0.206668 tcp 10.0.2.19 50838 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:05:52.248980 0.000000 udp 10.0.2.19 1701 -> 86.148.49.183 2460 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:06:09.054732 0.165688 tcp 10.0.2.19 50839 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:06:09.220369 0.205845 tcp 10.0.2.19 50840 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:06:09.426745 0.260951 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:09.688047 0.313362 udp 10.0.2.19 1701 <-> 190.42.223.97 20050 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:10.001888 0.159147 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:10.002262 3.006704 tcp 10.0.2.19 50841 -> 190.42.223.97 7646 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 04:06:10.161412 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:06:19.007428 0.000000 tcp 10.0.2.19 50841 -> 190.42.223.97 7646 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 04:06:27.760988 0.164695 tcp 10.0.2.19 50842 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:06:27.925586 0.195850 tcp 10.0.2.19 50843 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:06:28.122001 0.257492 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:28.379867 0.000000 udp 10.0.2.19 1701 -> 190.72.22.249 3956 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:06:44.716187 0.167938 tcp 10.0.2.19 50844 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:06:44.883967 0.195994 tcp 10.0.2.19 50845 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:06:45.080505 0.165591 udp 10.0.2.19 1701 <-> 46.49.120.58 1069 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:45.246465 0.158035 rtcp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:45.404856 0.224555 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:45.629821 0.324907 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:45.955161 0.179036 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:46.134537 0.136886 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:46.271723 0.125144 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:46.397167 0.302547 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:46.700123 0.620195 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:46.700479 2.991425 tcp 10.0.2.19 50846 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 04:06:47.320661 0.191872 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:47.512836 0.297857 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:47.811084 0.827327 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:48.638844 0.149626 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:48.788794 0.305664 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:49.094838 0.308649 udp 10.0.2.19 1701 <-> 189.235.166.233 10320 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:49.403896 0.439043 udp 10.0.2.19 1701 <-> 75.202.252.61 4321 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:49.843337 0.222419 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:50.066150 0.218026 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:06:50.284566 0.000000 udp 10.0.2.19 1701 -> 70.29.186.246 3326 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:06:55.700152 0.000000 tcp 10.0.2.19 50846 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 04:07:05.595979 0.164144 tcp 10.0.2.19 50847 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:07:05.760363 0.192051 tcp 10.0.2.19 50848 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:07:05.952954 0.160312 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:07:06.113636 0.235822 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:07:06.349830 0.411230 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:07:06.761436 0.256361 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:07:46.923821 0.693204 tcp 10.0.2.19 50849 -> 90.156.118.144 5237 FSPA* 0 0 14 1632 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:07:56.470286 3.002000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 04:08:03.477505 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:08:11.479352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:08:27.482067 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:08:59.488129 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:15:04.495525 3.002129 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 04:15:11.503131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:15:19.504795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:15:35.507825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:16:07.513941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:22:11.519398 3.001523 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 04:22:18.526903 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:22:26.528592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:22:42.531649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:23:14.537813 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:29:18.542856 3.002634 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 04:29:25.551215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:29:33.552267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:29:49.555672 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:30:21.561686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:36:25.588077 3.001245 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 04:36:32.594856 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:36:40.596843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:36:56.599722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:37:24.469721 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 04:37:24.469908 0.309725 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:37:24.779996 0.000000 udp 10.0.2.19 1701 -> 190.72.22.249 3956 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:37:28.605493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:37:42.398273 0.176652 tcp 10.0.2.19 50850 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:37:42.575237 0.191117 tcp 10.0.2.19 50851 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:37:42.767466 0.000000 udp 10.0.2.19 1701 -> 70.29.186.246 3326 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:37:47.623355 0.643243 tcp 10.0.2.19 50852 -> 90.156.118.144 5237 FSPA* 0 0 14 1742 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:37:59.771621 0.164383 tcp 10.0.2.19 50853 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:37:59.935706 0.210532 tcp 10.0.2.19 50854 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:38:00.146773 0.328426 udp 10.0.2.19 1701 <-> 186.22.206.204 4251 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:00.475548 0.000000 udp 10.0.2.19 1701 -> 70.96.145.133 4307 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:38:16.656256 0.179382 tcp 10.0.2.19 50855 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:38:16.835133 0.208142 tcp 10.0.2.19 50856 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:38:17.043850 0.300566 udp 10.0.2.19 1701 <-> 190.42.223.97 20050 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:17.344804 0.147572 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:17.345181 3.004566 tcp 10.0.2.19 50857 -> 190.42.223.97 7646 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 04:38:17.492778 0.248445 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:17.741603 0.000000 udp 10.0.2.19 1701 -> 46.49.120.58 1069 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:38:26.348744 0.000000 tcp 10.0.2.19 50857 -> 190.42.223.97 7646 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 04:38:35.893393 0.163799 tcp 10.0.2.19 50858 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:38:36.057374 0.198338 tcp 10.0.2.19 50859 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:38:36.256240 0.253926 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:36.510505 0.228738 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:36.739567 0.174150 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:36.914443 0.123605 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:37.038429 0.270910 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:37.309666 0.181224 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:37.491276 0.136481 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:37.628144 0.180131 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:37.808605 0.636741 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:38.445735 0.294151 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:38.740211 0.231558 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:38.972172 0.152567 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:39.125114 0.296432 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:39.421972 0.220485 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:39.642807 0.000000 udp 10.0.2.19 1701 -> 75.202.252.61 4321 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 04:38:58.336223 0.273020 tcp 10.0.2.19 50860 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:38:58.609529 0.193573 tcp 10.0.2.19 50861 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 04:38:58.803673 0.336281 udp 10.0.2.19 1701 <-> 189.235.166.233 10320 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:59.140312 0.220176 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:59.360876 0.150813 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:59.512073 0.256761 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:38:59.769166 0.232704 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:39:00.002238 0.239675 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 04:43:32.612212 3.000591 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 04:43:40.410421 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:43:49.172549 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:44:05.176019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:44:37.181936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:50:41.187299 3.002327 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 04:50:48.195101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:50:56.196812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:51:12.199915 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:51:44.205308 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:58:00.218512 3.001742 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 04:58:07.226342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:58:15.227759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:58:31.230867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 04:59:07.332461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:05:12.911251 3.001575 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 05:05:19.918939 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:05:27.919618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:05:43.923040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:06:16.559748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:07:52.128015 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:07:52.128186 0.728424 tcp 10.0.2.19 50862 -> 90.156.118.144 5237 FSPA* 0 0 14 1707 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:09:17.690835 0.000064 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:09:17.690995 0.248975 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:09:17.940323 0.000000 udp 10.0.2.19 1701 -> 46.49.120.58 1069 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:09:35.457871 0.165975 tcp 10.0.2.19 50863 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:09:35.624100 0.206583 tcp 10.0.2.19 50864 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:09:35.831242 0.000000 udp 10.0.2.19 1701 -> 75.202.252.61 4321 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:09:53.563442 0.164993 tcp 10.0.2.19 50865 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:09:53.728101 0.204593 tcp 10.0.2.19 50866 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:09:53.933247 0.307902 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:09:54.241555 0.333402 udp 10.0.2.19 1701 <-> 186.22.206.204 4251 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:09:54.575318 0.145120 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:09:54.720852 0.000000 udp 10.0.2.19 1701 -> 190.42.223.97 20050 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:09:54.721220 3.006506 tcp 10.0.2.19 50867 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 05:10:03.726182 0.000000 tcp 10.0.2.19 50867 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 05:10:10.407519 0.164908 tcp 10.0.2.19 50868 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:10:10.572681 0.209479 tcp 10.0.2.19 50869 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:10:10.782715 0.448262 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:11.231391 0.334492 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:11.566456 0.174422 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:11.741235 0.130494 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:11.872044 0.000000 udp 10.0.2.19 1701 -> 50.101.238.77 5571 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:10:28.092621 0.169086 tcp 10.0.2.19 50870 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:10:28.261300 0.197682 tcp 10.0.2.19 50871 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:10:28.459511 0.184480 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:28.644363 0.135426 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:28.780179 0.239458 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 576 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:29.019998 0.187934 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:29.208309 0.629645 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:29.838363 0.149660 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:29.988356 0.305950 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:30.294659 0.221510 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:30.516545 0.330081 udp 10.0.2.19 1701 <-> 201.152.219.188 6388 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:30.847036 0.224028 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:31.071426 0.221808 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:31.293575 0.150157 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:31.444125 0.000000 udp 10.0.2.19 1701 -> 189.235.166.233 10320 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:10:48.001805 0.189595 tcp 10.0.2.19 50872 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:10:48.191652 0.231075 tcp 10.0.2.19 50873 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:10:48.423295 0.284315 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:48.707952 0.253194 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:10:48.961521 0.228589 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:12:20.565763 3.002945 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 05:12:27.573252 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:12:35.574540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:12:51.577596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:13:23.714092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:19:28.561212 3.001804 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 05:19:35.568649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:19:43.570372 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:19:59.573262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:20:31.579172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:26:35.584863 3.001716 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 05:26:42.592847 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:26:50.594028 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:27:06.596980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:27:38.603006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:33:42.609177 3.001588 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 05:33:49.616524 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:33:57.618561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:34:13.621166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:34:45.627155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:37:53.327592 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:37:53.327784 3.013387 tcp 10.0.2.19 50874 -> 90.156.118.144 5237 FSPA* 0 0 14 1645 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:40:49.632924 3.001581 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 05:40:56.640290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:41:00.216365 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:41:00.216570 0.000000 udp 10.0.2.19 1701 -> 190.42.223.97 20050 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:41:04.641759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:41:17.903853 3.844897 tcp 10.0.2.19 50875 -> 173.194.70.99 80 FSPA* 0 0 11 1884 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:41:21.749039 0.203367 tcp 10.0.2.19 50876 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:41:21.952989 0.220146 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:41:22.173577 0.000000 udp 10.0.2.19 1701 -> 189.235.166.233 10320 INT 0 1 117 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:41:22.173932 2.997771 tcp 10.0.2.19 50877 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 05:41:22.427948 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:41:31.180326 0.000000 tcp 10.0.2.19 50877 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 05:41:38.011627 0.175220 tcp 10.0.2.19 50878 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:41:38.186408 0.194528 tcp 10.0.2.19 50879 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:41:38.381525 0.258117 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:41:38.640016 0.000000 udp 10.0.2.19 1701 -> 186.22.206.204 4251 INT 0 1 87 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:41:54.274609 3.105557 tcp 10.0.2.19 50880 -> 173.194.70.99 80 FSPA* 0 0 11 1884 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:41:57.223666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:41:57.380074 4.193330 tcp 10.0.2.19 50881 -> 173.194.70.94 80 SRPA* 0 0 74 79372 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:42:01.574007 0.299175 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:01.873614 0.146293 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:02.020379 0.374570 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:02.020735 2.998283 tcp 10.0.2.19 50882 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 05:42:02.395343 0.246808 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:02.642508 0.127811 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:02.770695 0.167177 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:02.938415 0.225855 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:03.164654 0.186520 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:03.351539 0.139080 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:03.490996 0.191232 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:03.682566 0.219501 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:03.902430 0.588346 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:04.491123 0.165311 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:04.656809 0.317129 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:04.974316 0.223398 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:05.198087 0.155325 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:05.353809 0.755591 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:06.109828 0.000000 udp 10.0.2.19 1701 -> 201.152.219.188 6388 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:42:11.017890 0.000000 tcp 10.0.2.19 50882 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 05:42:24.568542 0.163650 tcp 10.0.2.19 50883 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:42:24.732447 0.202624 tcp 10.0.2.19 50884 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 05:42:24.935621 0.243147 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:25.179153 0.329402 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:25.508916 0.251600 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:25.853478 0.000000 udp 10.0.2.19 1701 -> 186.22.206.204 4251 INT 0 1 293 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:42:33.770298 0.000000 udp 10.0.2.19 1701 -> 201.152.219.188 6388 REQ 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:42:40.249715 0.217150 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 741 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:40.467335 0.254761 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 828 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:40.722660 0.150752 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 723 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:40.873870 0.326837 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 788 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:41.201184 0.247266 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 667 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:41.448844 0.466353 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:41.915736 0.165041 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:42.081210 0.125130 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:42.206780 0.136038 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 663 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:42.343183 0.175962 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:42.519584 0.230011 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 685 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:42.750131 0.241883 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 757 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:42.992446 0.194940 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:43.187780 0.316969 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:43.505187 0.592602 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:44.098469 0.159054 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 706 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:44.257933 0.635932 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 801 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:44.894396 0.156894 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 712 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:45.051710 0.224330 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 767 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:45.276524 0.380764 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:45.657740 0.238925 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 839 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:45.897114 0.259843 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:46.157463 0.155580 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 783 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:42:46.376857 0.000000 udp 10.0.2.19 1701 -> 173.13.70.100 5273 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:42:52.356982 0.000000 udp 10.0.2.19 1701 -> 88.116.98.186 2848 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:00.038282 0.000000 udp 10.0.2.19 1701 -> 72.4.69.34 5614 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:04.724567 2.813294 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:43:08.740375 0.000000 udp 10.0.2.19 1701 -> 116.14.148.83 3687 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:14.008396 0.000000 udp 10.0.2.19 1701 -> 93.39.6.109 2283 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:19.255832 0.000000 udp 10.0.2.19 1701 -> 219.92.21.212 4201 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:27.056909 0.484108 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 696 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:43:27.681411 0.000000 udp 10.0.2.19 1701 -> 70.127.147.138 8645 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:35.820047 0.113831 udp 10.0.2.19 1701 -> 2.137.54.10 2958 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:35.933878 0.000000 icmp 2.137.54.10 0x0303 -> 10.0.2.19 0x8e0b URP 192 1 275 flow=Background 1970/01/04 05:43:40.746836 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:43:43.891081 0.000000 udp 10.0.2.19 1701 -> 46.44.21.6 4958 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:43:53.234839 0.000000 udp 10.0.2.19 1701 -> 41.79.15.23 26474 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:00.606014 0.363729 udp 10.0.2.19 1701 <-> 139.194.211.145 9285 CON 0 0 2 745 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:44:01.186930 0.000000 udp 10.0.2.19 1701 -> 31.167.175.79 9750 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:08.146337 0.000000 udp 10.0.2.19 1701 -> 58.162.85.176 15183 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:14.104937 0.000000 udp 10.0.2.19 1701 -> 66.64.171.254 3071 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:19.091955 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:44:21.945586 0.496949 udp 10.0.2.19 1701 <-> 181.64.105.137 18246 CON 0 0 2 666 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:44:25.384133 0.000000 udp 10.0.2.19 1701 -> 142.255.74.212 5452 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:31.289253 0.000000 udp 10.0.2.19 1701 -> 118.70.233.41 3566 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:37.207602 0.000000 udp 10.0.2.19 1701 -> 124.183.248.5 2718 INT 0 1 300 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:45.830355 0.519010 udp 10.0.2.19 1701 <-> 180.241.158.48 10849 CON 0 0 2 684 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:44:46.621257 0.000000 udp 10.0.2.19 1701 -> 109.65.195.62 6218 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:51.738791 0.272232 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 780 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:44:52.095972 0.000000 udp 10.0.2.19 1701 -> 121.238.13.187 10787 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:44:56.585764 0.842734 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:45:00.541194 0.233846 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:45:00.852572 0.000000 udp 10.0.2.19 1701 -> 80.179.199.81 20802 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:08.783649 0.000000 udp 10.0.2.19 1701 -> 113.53.207.175 27235 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:15.663077 0.000000 udp 10.0.2.19 1701 -> 78.189.48.189 27189 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:21.581570 0.193231 udp 10.0.2.19 1701 <-> 74.88.250.25 9794 CON 0 0 2 784 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:45:21.830284 0.000000 udp 10.0.2.19 1701 -> 113.53.30.137 20153 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:30.724462 0.000000 udp 10.0.2.19 1701 -> 92.47.68.47 20353 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:35.491763 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:45:39.727766 0.000000 udp 10.0.2.19 1701 -> 92.54.197.77 12735 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:45.295400 0.000000 udp 10.0.2.19 1701 -> 68.70.45.237 7493 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:52.085264 0.000000 udp 10.0.2.19 1701 -> 58.136.208.226 15744 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:45:57.583068 0.000000 udp 10.0.2.19 1701 -> 5.98.103.145 8115 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:04.022413 0.227682 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 835 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:46:04.259397 0.000000 udp 10.0.2.19 1701 -> 79.100.90.72 4919 INT 0 1 298 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:11.553457 0.583510 udp 10.0.2.19 1701 <-> 14.214.247.251 2042 CON 0 0 2 820 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:46:12.146648 0.632668 udp 10.0.2.19 1701 <-> 60.164.177.244 3057 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:46:12.795833 0.000000 udp 10.0.2.19 1701 -> 171.6.137.163 16619 INT 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:16.490695 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:46:18.793838 0.000000 udp 10.0.2.19 1701 -> 79.130.34.86 7895 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:25.473833 0.000000 udp 10.0.2.19 1701 -> 69.4.124.235 24053 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:31.051600 0.000000 udp 10.0.2.19 1701 -> 99.6.85.206 3528 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:36.108807 0.000000 udp 10.0.2.19 1701 -> 121.97.114.61 3646 INT 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:41.807168 0.000000 udp 10.0.2.19 1701 -> 173.219.182.186 11601 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:47.264997 0.000000 udp 10.0.2.19 1701 -> 182.93.99.254 15462 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:46:51.991721 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 05:46:55.537004 0.000000 udp 10.0.2.19 1701 -> 60.53.148.125 10133 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:47:03.358528 0.475276 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 753 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:47:03.849987 0.493164 udp 10.0.2.19 1701 <-> 119.42.92.198 9546 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:47:04.351796 0.000000 udp 10.0.2.19 1701 -> 27.54.51.115 2657 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:47:09.386969 0.000000 udp 10.0.2.19 1701 -> 202.47.239.222 6505 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:47:15.946354 0.676114 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:47:16.632374 0.518595 udp 10.0.2.19 1701 <-> 36.83.113.195 11677 CON 0 0 2 747 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 05:47:17.191084 0.000000 udp 10.0.2.19 1701 -> 110.139.173.239 14266 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 05:48:03.987350 3.002295 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 05:48:10.995031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:48:18.996821 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:48:34.999739 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:49:07.006406 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:55:11.012048 3.001262 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 05:55:18.019284 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:55:26.020405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:55:42.023818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 05:56:14.049635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:02:18.055213 3.001869 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 06:02:25.062898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:02:33.064239 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:02:49.067750 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:03:21.073801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:08:02.308299 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 06:08:02.308456 0.111601 tcp 10.0.2.19 50885 -> 90.156.118.144 5237 SPA_* 0 0 9 1034 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:08:32.423499 0.168300 tcp 10.0.2.19 50886 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:08:32.577633 0.610159 tcp 10.0.2.19 50885 -> 90.156.118.144 5237 FA_FA 0 0 4 216 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:08:32.591964 0.360680 tcp 10.0.2.19 50887 -> 173.194.70.94 80 SRPA* 0 0 34 32932 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:08:33.188022 2.998975 tcp 10.0.2.19 50888 -> 31.192.3.38 2479 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:08:42.185284 0.000000 tcp 10.0.2.19 50888 -> 31.192.3.38 2479 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:08:48.185094 0.166740 tcp 10.0.2.19 50889 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:08:48.351731 0.203797 tcp 10.0.2.19 50890 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:08:48.606652 3.002303 tcp 10.0.2.19 50891 -> 190.60.50.180 4059 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:08:57.607608 0.000000 tcp 10.0.2.19 50891 -> 190.60.50.180 4059 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:03.607561 0.165563 tcp 10.0.2.19 50892 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:03.773226 0.203925 tcp 10.0.2.19 50893 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:04.099217 0.825105 tcp 10.0.2.19 50894 -> 77.50.112.98 27555 FSPA* 0 0 13 1250 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:04.523575 0.164163 tcp 10.0.2.19 50895 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:04.687908 0.203327 tcp 10.0.2.19 50896 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:04.924541 2.997720 tcp 10.0.2.19 50897 -> 46.48.220.55 23394 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:13.931225 0.000000 tcp 10.0.2.19 50897 -> 46.48.220.55 23394 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:20.441641 0.175244 tcp 10.0.2.19 50898 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:20.617116 0.192392 tcp 10.0.2.19 50899 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:21.050162 2.995130 tcp 10.0.2.19 50900 -> 176.62.240.159 19094 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:25.599804 3.001847 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 06:09:30.044090 0.000000 tcp 10.0.2.19 50900 -> 176.62.240.159 19094 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:32.608020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:09:36.044357 0.162947 tcp 10.0.2.19 50901 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:36.207420 0.236029 tcp 10.0.2.19 50902 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:36.613284 3.004865 tcp 10.0.2.19 50903 -> 31.192.42.213 2390 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:40.608931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:09:45.616723 0.000000 tcp 10.0.2.19 50903 -> 31.192.42.213 2390 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:51.606776 0.167750 tcp 10.0.2.19 50904 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:51.774420 0.192903 tcp 10.0.2.19 50905 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:09:52.100344 2.999727 tcp 10.0.2.19 50906 -> 190.255.3.74 5982 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:09:56.612471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:10:01.099009 0.000000 tcp 10.0.2.19 50906 -> 190.255.3.74 5982 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:10:07.098763 0.166266 tcp 10.0.2.19 50907 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:10:07.264827 0.202929 tcp 10.0.2.19 50908 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:10:07.478500 2.993852 tcp 10.0.2.19 50909 -> 85.67.124.167 6761 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:10:16.481114 0.000000 tcp 10.0.2.19 50909 -> 85.67.124.167 6761 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:10:22.480940 0.180967 tcp 10.0.2.19 50910 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:10:22.646415 0.191381 tcp 10.0.2.19 50911 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:10:23.201975 1.042554 tcp 10.0.2.19 50912 -> 176.73.143.18 5326 FSPA* 0 0 15 1595 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:10:28.618511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:16:32.624077 3.001776 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 06:16:39.631515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:16:47.633379 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:17:03.636561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:17:35.823101 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 06:17:35.823208 0.387487 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:36.211187 0.253493 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:36.211613 3.005758 tcp 10.0.2.19 50913 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:17:36.372981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:17:36.465067 0.146981 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:36.612485 0.296756 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:36.909609 0.169561 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:37.079536 0.243975 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:37.323916 0.244582 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:37.568886 0.138927 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:37.708199 0.179399 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:37.887979 0.222663 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:38.111020 0.126581 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:38.237927 0.301854 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:38.540225 0.236236 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:38.776851 0.186410 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:38.963668 0.350927 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:39.315018 0.148571 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:39.463934 0.213262 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:39.677609 0.224966 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:39.902958 0.150770 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:40.054197 0.256400 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:40.310991 0.154904 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:40.466302 0.243832 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:40.710492 0.240442 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:40.951309 0.174570 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:41.126276 0.377291 udp 10.0.2.19 1701 <-> 139.194.211.145 9285 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:41.503967 0.000000 udp 10.0.2.19 1701 -> 181.64.105.137 18246 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:17:45.216145 0.000000 tcp 10.0.2.19 50913 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:17:56.774712 0.162869 tcp 10.0.2.19 50914 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:17:56.937826 0.197118 tcp 10.0.2.19 50915 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:17:57.135512 0.663369 udp 10.0.2.19 1701 <-> 180.241.158.48 10849 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:57.799243 0.370569 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:58.170185 0.235879 udp 10.0.2.19 1701 <-> 99.50.244.169 3653 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:17:58.406434 0.000000 udp 10.0.2.19 1701 -> 74.88.250.25 9794 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:18:16.692994 0.163487 tcp 10.0.2.19 50916 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:18:16.856835 0.196629 tcp 10.0.2.19 50917 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:18:17.054003 0.198741 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:18:17.253140 0.630018 udp 10.0.2.19 1701 <-> 14.214.247.251 2042 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:18:17.883810 0.599399 udp 10.0.2.19 1701 <-> 60.164.177.244 3057 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:18:18.483586 0.476795 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:18:18.960814 0.482277 udp 10.0.2.19 1701 <-> 119.42.92.198 9546 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:18:19.443489 0.493109 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:18:19.937000 0.532725 udp 10.0.2.19 1701 <-> 36.83.113.195 11677 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:23:40.380117 3.000977 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 06:23:47.386703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:23:55.388337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:24:11.390929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:24:43.397616 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:30:47.403927 3.001335 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 06:30:54.411017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:31:02.412174 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:31:18.415590 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:31:50.421094 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:37:54.427121 3.001876 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 06:38:01.434550 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:38:09.435979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:38:25.439275 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:38:57.445112 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:40:24.611081 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 06:40:24.611259 1.053330 tcp 10.0.2.19 50918 -> 176.73.143.18 5326 FSPA* 0 0 14 1548 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:45:01.451152 3.001989 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 06:45:08.458628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:45:16.460459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:45:33.034389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:46:05.039722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:48:46.993465 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 06:48:46.993630 0.000000 udp 10.0.2.19 1701 -> 181.64.105.137 18246 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:49:05.762772 0.164367 tcp 10.0.2.19 50919 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:49:05.927330 0.192693 tcp 10.0.2.19 50920 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:49:06.120641 0.000000 udp 10.0.2.19 1701 -> 74.88.250.25 9794 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:49:22.384752 0.176847 tcp 10.0.2.19 50921 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:49:22.562007 0.216184 tcp 10.0.2.19 50922 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:49:22.778744 0.260208 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:23.039296 0.209901 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:23.249613 0.145840 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:23.249975 2.999583 tcp 10.0.2.19 50923 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:49:23.395786 0.258154 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:23.654347 0.251777 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:23.906497 0.136667 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:24.043540 0.183837 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 218 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:24.227743 0.216533 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 211 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:24.444616 0.296643 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:24.741615 0.188686 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:24.930687 0.304358 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:25.235433 0.221513 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:25.457331 0.130245 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:25.587960 0.229365 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:25.817698 0.580025 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:26.398254 0.148558 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:26.547186 0.577990 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:27.125628 0.225750 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:27.351748 0.150012 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:27.502314 0.233639 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:27.736340 0.178484 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:27.915206 0.256125 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:28.171697 0.152589 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:28.324624 0.240103 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:28.565144 0.368527 udp 10.0.2.19 1701 <-> 139.194.211.145 9285 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:28.934023 0.482611 udp 10.0.2.19 1701 <-> 180.241.158.48 10849 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:29.417016 0.000000 udp 10.0.2.19 1701 -> 99.50.244.169 3653 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:49:32.247968 0.000000 tcp 10.0.2.19 50923 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 06:49:46.108997 0.163638 tcp 10.0.2.19 50924 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:49:46.272969 0.203758 tcp 10.0.2.19 50925 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:49:46.477280 0.366033 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:46.843694 0.184297 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:49:47.028359 0.000000 udp 10.0.2.19 1701 -> 60.164.177.244 3057 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:50:03.123742 0.165427 tcp 10.0.2.19 50926 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:50:03.289388 0.200276 tcp 10.0.2.19 50927 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:50:03.490474 0.612136 udp 10.0.2.19 1701 <-> 14.214.247.251 2042 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:50:04.103019 0.466143 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:50:04.569537 0.000000 udp 10.0.2.19 1701 -> 119.42.92.198 9546 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:50:21.870551 0.165951 tcp 10.0.2.19 50928 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:50:22.036742 0.203947 tcp 10.0.2.19 50929 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:50:22.241232 0.508031 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 06:50:22.749618 0.000000 udp 10.0.2.19 1701 -> 36.83.113.195 11677 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 06:50:41.548797 0.164780 tcp 10.0.2.19 50930 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:50:41.713814 0.207018 tcp 10.0.2.19 50931 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 06:52:09.045595 3.001862 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 06:52:16.053685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:52:24.054825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:52:40.057740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:53:12.063687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:59:16.070229 3.001056 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 06:59:23.077352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:59:31.078963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 06:59:47.081577 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:00:19.087855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:06:23.094130 3.001317 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 07:06:30.101064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:06:38.102551 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:06:54.105805 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:07:26.562815 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:10:26.181596 0.000064 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 07:10:26.181713 0.999570 tcp 10.0.2.19 50932 -> 176.73.143.18 5326 FSPA* 0 0 15 1559 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:13:30.568547 3.001748 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 07:13:37.575854 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:13:45.577213 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:14:01.580729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:14:34.467978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:20:38.473304 3.001826 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 07:20:42.927952 0.000046 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 07:20:42.928046 0.000000 udp 10.0.2.19 1701 -> 99.50.244.169 3653 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 07:20:45.481363 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:20:53.483209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:21:00.765741 0.166109 tcp 10.0.2.19 50933 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:00.931658 0.201221 tcp 10.0.2.19 50934 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:01.133439 0.000000 udp 10.0.2.19 1701 -> 60.164.177.244 3057 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 07:21:09.485499 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:21:16.667598 0.164728 tcp 10.0.2.19 50935 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:16.832636 0.209191 tcp 10.0.2.19 50936 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:17.042409 0.000000 udp 10.0.2.19 1701 -> 119.42.92.198 9546 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 07:21:35.474358 0.164699 tcp 10.0.2.19 50937 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:35.638694 0.193084 tcp 10.0.2.19 50938 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:35.832331 0.000000 udp 10.0.2.19 1701 -> 36.83.113.195 11677 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 07:21:41.491767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:21:54.431518 0.173872 tcp 10.0.2.19 50939 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:54.605129 0.199862 tcp 10.0.2.19 50940 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:21:54.805541 0.208815 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:55.014825 0.250306 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:55.015188 2.999975 tcp 10.0.2.19 50941 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 07:21:55.265538 0.146812 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:55.412721 0.168344 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:55.581442 0.259345 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:55.841156 0.258848 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:56.100378 0.186481 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:56.287215 0.136208 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:56.423775 0.366837 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:56.790983 0.176675 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:56.968016 0.227634 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:57.196010 0.302616 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:57.499024 0.124560 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:57.623944 0.229146 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:57.853480 0.229664 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:58.083512 0.195602 udp 10.0.2.19 1701 <-> 85.75.245.242 13944 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:58.279547 0.150440 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:58.430379 0.576793 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:59.007552 0.219782 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:59.227753 0.235340 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:59.463472 0.232764 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:59.696603 0.174140 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:21:59.871087 0.155489 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:00.026949 0.285660 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:00.313012 0.377600 udp 10.0.2.19 1701 <-> 139.194.211.145 9285 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:00.690996 0.467940 udp 10.0.2.19 1701 <-> 180.241.158.48 10849 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:01.159328 0.269420 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:01.429121 0.204415 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:01.633905 0.586627 udp 10.0.2.19 1701 <-> 14.214.247.251 2042 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:02.220847 0.467402 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:02.688683 0.877158 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:22:04.013939 0.000000 tcp 10.0.2.19 50941 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 07:27:45.497507 4.463778 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/04 07:27:52.675633 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:28:23.753727 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:28:32.667638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:28:48.455623 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:29:20.032136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:35:26.019310 2.965280 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 07:35:32.935558 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:35:40.835046 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:35:59.635797 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:36:31.214610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:40:50.520851 0.000125 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 07:40:50.521078 1.131709 tcp 10.0.2.19 50942 -> 176.73.143.18 5326 FSPA* 0 0 15 1691 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:42:30.386039 2.957136 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 07:42:37.296682 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:42:45.187967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:43:00.966269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:43:33.708089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:49:32.816868 2.961897 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 07:49:39.728395 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:49:47.618621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:50:03.409118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:50:36.864480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:52:33.851399 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 07:52:33.851588 0.166984 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:34.019060 0.161663 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 586 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:34.019510 2.965489 tcp 10.0.2.19 50943 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 07:52:34.181115 0.245799 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:34.427354 0.206508 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:34.634295 0.252654 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:34.887365 0.246212 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:35.133965 0.173048 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:35.307414 0.128565 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:35.436387 0.354198 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:35.790970 0.298135 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:36.089485 0.124875 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:36.214759 0.224474 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:36.439624 0.174625 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:36.614643 0.219538 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:36.834576 0.235160 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:37.070168 0.000000 udp 10.0.2.19 1701 -> 85.75.245.242 13944 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 07:52:42.899353 0.000000 tcp 10.0.2.19 50943 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 07:52:55.560623 0.164084 tcp 10.0.2.19 50944 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:52:55.724337 0.202902 tcp 10.0.2.19 50945 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:52:55.927879 0.157710 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:56.086214 0.231507 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:56.318152 0.232288 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:56.550871 0.166664 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:56.717909 0.356616 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:57.074914 0.222472 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:57.298162 0.156463 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:57.455130 0.289412 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:57.455502 2.956290 tcp 10.0.2.19 50946 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 07:52:57.744924 0.365600 udp 10.0.2.19 1701 <-> 139.194.211.145 9285 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:58.110931 0.180449 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:52:58.291782 0.000000 udp 10.0.2.19 1701 -> 180.241.158.48 10849 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 07:53:06.338620 0.000000 tcp 10.0.2.19 50946 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 07:53:17.420109 0.163906 tcp 10.0.2.19 50947 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:53:17.584298 0.206586 tcp 10.0.2.19 50948 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 07:53:17.791480 0.287139 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:53:18.079053 0.545480 udp 10.0.2.19 1701 <-> 14.214.247.251 2042 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:53:18.624973 0.463880 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:53:19.089231 0.510606 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 07:56:39.016822 2.961422 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 07:56:45.930941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:56:53.826970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:57:09.613136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 07:57:41.189056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:03:40.277081 4.959084 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 08:03:49.192226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:03:57.087688 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:04:12.881095 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:04:44.464913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:10:35.553720 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 08:10:35.553913 1.419985 tcp 10.0.2.19 50949 -> 176.73.143.18 5326 FSPA* 0 0 16 1858 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:10:43.553963 2.966880 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 08:10:50.464407 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:10:58.358492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:11:15.514268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:11:47.093299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:17:49.997092 3.002538 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 08:17:57.004869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:18:05.006142 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:18:28.330203 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:18:59.887934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:23:17.595850 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 08:23:17.596086 0.000000 udp 10.0.2.19 1701 -> 85.75.245.242 13944 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 08:23:33.421194 0.163812 tcp 10.0.2.19 50950 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:23:33.585277 0.193181 tcp 10.0.2.19 50951 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:23:33.779059 0.000000 udp 10.0.2.19 1701 -> 180.241.158.48 10849 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 08:23:51.856611 0.162525 tcp 10.0.2.19 50952 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:23:52.019323 0.199416 tcp 10.0.2.19 50953 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:23:52.219297 0.148239 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:52.367980 0.210305 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:52.368346 3.002046 tcp 10.0.2.19 50954 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 08:23:52.578652 0.252645 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:52.831714 0.249230 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:53.081324 0.177713 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:53.259427 0.314230 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:53.574007 0.297319 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:53.871727 0.173969 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:54.046247 0.252579 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:54.299184 0.127122 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:23:54.426705 0.000000 udp 10.0.2.19 1701 -> 99.188.253.63 7184 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 08:24:01.369127 0.000000 tcp 10.0.2.19 50954 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 08:24:12.206253 0.163151 tcp 10.0.2.19 50955 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:24:12.369631 0.199027 tcp 10.0.2.19 50956 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:24:12.569224 0.229741 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:12.799409 0.229986 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:13.029795 0.122946 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:13.153032 0.187130 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 582 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:13.340490 0.168387 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:13.509261 0.241752 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:13.751374 0.170050 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:13.921761 0.238559 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:14.160655 0.238618 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:14.399667 0.156095 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:14.556229 0.282355 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:14.556595 2.995351 tcp 10.0.2.19 50957 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 08:24:14.838940 0.596664 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:15.435955 0.173397 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:15.609699 0.000000 udp 10.0.2.19 1701 -> 139.194.211.145 9285 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 08:24:23.560470 0.000000 tcp 10.0.2.19 50957 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 08:24:35.979814 0.165241 tcp 10.0.2.19 50958 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:24:36.144790 0.193979 tcp 10.0.2.19 50959 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:24:36.339338 0.315632 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:36.655374 0.000000 udp 10.0.2.19 1701 -> 14.214.247.251 2042 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 08:24:53.464945 0.166460 tcp 10.0.2.19 50960 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:24:53.631756 0.194562 tcp 10.0.2.19 50961 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:24:53.826852 0.479714 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:24:54.306984 0.498917 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:25:00.556273 3.001807 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 08:25:07.563852 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:25:16.116462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:25:32.119184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:26:08.962361 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:32:10.274324 3.002009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 08:32:17.281831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:32:26.014927 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:32:42.017546 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:33:14.023548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:39:18.028936 3.002613 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 08:39:25.036772 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:39:34.681334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:39:50.684006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:40:25.033304 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:40:42.978999 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 08:40:42.979223 0.911505 tcp 10.0.2.19 50962 -> 176.73.143.18 5326 FSPA* 0 0 15 1567 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:46:29.919869 3.002151 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 08:46:36.928148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:46:44.929041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:47:00.932070 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:47:32.938371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:53:36.944164 3.001526 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 08:53:43.951932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:53:51.952991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:54:08.066219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:54:40.072766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 08:55:28.732924 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 08:55:28.733133 0.219909 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:55:28.953391 0.000000 udp 10.0.2.19 1701 -> 139.194.211.145 9285 INT 0 1 251 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 08:55:44.017390 0.164490 tcp 10.0.2.19 50963 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:55:44.182367 0.202950 tcp 10.0.2.19 50964 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:55:44.385911 0.000000 udp 10.0.2.19 1701 -> 14.214.247.251 2042 INT 0 1 251 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 08:56:01.601215 0.164618 tcp 10.0.2.19 50965 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:56:01.765440 0.201328 tcp 10.0.2.19 50966 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 08:56:01.967372 0.149603 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:02.117395 0.208225 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:02.117752 2.996627 tcp 10.0.2.19 50967 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 08:56:02.325985 0.255112 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:02.581481 0.244015 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:02.825883 0.168768 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:02.994999 0.391540 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:04.154785 0.172674 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:04.327834 0.298802 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:04.627018 0.130569 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:04.757925 0.249875 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:05.008192 0.181186 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:05.189717 0.161541 udp 10.0.2.19 1701 <-> 31.192.33.235 9139 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:05.351637 0.229170 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:05.581206 0.230692 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:05.812274 0.222570 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:06.035322 0.129272 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:06.164913 0.155062 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:06.320406 0.148958 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:06.469730 0.229471 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:06.699546 0.221647 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:06.921621 0.520510 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 202 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:07.442537 0.287830 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:07.730780 0.189486 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:07.920614 0.278803 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:08.199793 0.459795 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:08.660430 0.489939 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 08:56:11.113714 0.000000 tcp 10.0.2.19 50967 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:00:44.399048 3.001816 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 09:00:51.406332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:00:59.407540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:01:15.411083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:01:51.071921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:08:00.585766 3.002324 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 09:08:07.593166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:08:15.595440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:08:31.597906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:09:03.603998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:10:47.824519 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 09:10:47.824706 3.003185 tcp 10.0.2.19 50968 -> 176.73.143.18 5326 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:10:56.827046 0.000000 tcp 10.0.2.19 50968 -> 176.73.143.18 5326 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:11:02.828035 0.163641 tcp 10.0.2.19 50969 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:11:02.992067 0.205617 tcp 10.0.2.19 50970 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:11:04.796512 1.094361 tcp 10.0.2.19 50971 -> 82.211.141.181 5977 FSPA* 0 0 14 1577 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:15:07.749856 3.002460 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 09:15:14.757779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:15:22.759123 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:15:41.746629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:16:14.283011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:22:18.589117 3.002307 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 09:22:25.596987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:22:33.598763 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:22:49.601598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:23:21.607628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:26:20.535466 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 09:26:20.535649 0.221241 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:20.757256 0.251675 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:21.009299 0.258346 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:21.268068 0.146093 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:21.414634 0.205341 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:21.415077 3.005182 tcp 10.0.2.19 50972 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:26:21.620354 0.173415 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:21.794183 0.297776 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:22.092351 0.130687 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:22.223430 0.386001 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:22.609823 0.169595 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:22.779777 0.258098 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:23.038362 0.198324 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:23.237079 0.000000 udp 10.0.2.19 1701 -> 31.192.33.235 9139 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 09:26:30.418941 0.000000 tcp 10.0.2.19 50972 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:26:39.163907 0.174269 tcp 10.0.2.19 50973 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:26:39.338372 0.198499 tcp 10.0.2.19 50974 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:26:39.537439 0.245348 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:39.783170 0.493697 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:40.277283 0.154908 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:40.432544 0.148106 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:40.580992 0.237176 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:40.818607 0.234027 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:41.053025 0.125451 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:41.178826 0.214249 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:41.393427 0.429730 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:41.823519 0.288059 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:42.111974 0.468454 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:42.580852 0.181414 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:42.762606 0.281353 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:26:43.044363 0.957481 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:29:25.613334 3.002203 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 09:29:32.621459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:29:40.623036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:29:56.625902 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:30:28.631386 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:36:32.637601 3.002009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 09:36:39.645165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:36:47.646798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:37:03.649883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:37:35.655722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:41:07.740685 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 09:41:07.740857 0.913053 tcp 10.0.2.19 50975 -> 82.211.141.181 5977 FSPA* 0 0 14 1710 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:43:39.661285 3.002013 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 09:43:46.668960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:43:54.670498 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:44:10.673249 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:44:42.679867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:50:46.685247 3.002294 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 09:50:53.692863 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:51:01.694424 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:51:17.697605 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:51:49.703833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:57:11.186214 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 09:57:11.186394 0.000000 udp 10.0.2.19 1701 -> 31.192.33.235 9139 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 09:57:27.311699 0.165731 tcp 10.0.2.19 50976 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:57:27.477184 0.201371 tcp 10.0.2.19 50977 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:57:27.679126 0.234674 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:27.914194 0.314922 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:28.229574 0.320889 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:28.229910 2.994362 tcp 10.0.2.19 50978 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:57:28.550849 0.252643 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:28.803830 0.146808 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:28.950953 0.000000 udp 10.0.2.19 1701 -> 88.244.250.216 6049 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 09:57:37.223413 0.000000 tcp 10.0.2.19 50978 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:57:47.199081 0.174674 tcp 10.0.2.19 50979 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:57:47.374167 0.207355 tcp 10.0.2.19 50980 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 09:57:47.582061 0.144223 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:47.726665 0.309417 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:48.036440 0.188742 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:48.225543 0.173373 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:48.399255 0.400725 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:48.800370 0.254868 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:49.055612 0.229079 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:49.285018 1.006839 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:50.292261 0.155012 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:50.447688 0.149382 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:50.448046 2.998243 tcp 10.0.2.19 50981 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:57:50.597430 0.125545 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:50.723389 0.227837 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:50.951608 0.236431 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:51.188396 0.224512 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:51.413304 0.437106 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:51.850807 0.282808 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:52.134007 0.268723 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:52.403135 0.483196 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:52.886743 0.183662 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:53.070777 0.484600 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 09:57:54.700897 3.001513 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 09:57:59.445340 0.000000 tcp 10.0.2.19 50981 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 09:58:01.708589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:58:09.710085 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:58:27.375050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 09:58:59.381570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:05:04.428833 3.001462 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:05:11.436184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:05:19.438292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:05:35.440682 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:06:07.446703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:11:11.004007 0.000138 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 10:11:11.004310 0.948407 tcp 10.0.2.19 50982 -> 82.211.141.181 5977 FSPA* 0 0 14 1688 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:12:11.452372 3.002065 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:12:18.460530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:12:26.462060 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:12:42.464965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:13:14.470597 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:19:18.476862 3.001430 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:19:25.483859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:19:33.485774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:19:49.488600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:20:21.494586 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:26:25.500521 3.001976 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:26:32.507896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:26:40.519312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:26:56.522431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:27:28.528539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:28:17.999897 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 10:28:18.000090 0.157025 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:18.157459 0.215235 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:18.373090 0.224399 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:18.373484 3.000924 tcp 10.0.2.19 50983 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 10:28:18.597848 0.255078 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:18.853310 0.236405 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 206 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:19.090190 0.152124 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:19.242695 0.136864 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:19.379907 0.169603 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 210 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:19.549891 0.520810 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:20.071115 0.293687 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:20.365175 0.177662 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:20.543206 0.247528 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:20.791128 0.238899 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:21.030415 0.227835 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:21.258591 0.165500 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:21.424449 0.160593 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:21.585385 0.237067 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:21.822815 0.223563 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:22.046752 0.135514 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:22.182625 0.220177 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:22.403239 0.534659 udp 10.0.2.19 1701 <-> 122.5.30.98 29683 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:22.938323 0.290025 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:23.228719 0.265806 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:23.494874 0.496427 udp 10.0.2.19 1701 <-> 125.162.159.200 11664 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:23.991672 0.471589 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:24.463658 0.173343 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:28:27.373231 0.000000 tcp 10.0.2.19 50983 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 10:33:32.534665 3.001611 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:33:39.542409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:33:47.543832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:34:03.547041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:34:35.552495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:40:39.558527 3.002223 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:40:46.566359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:40:54.567698 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:41:10.570747 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:41:11.952914 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 10:41:11.953069 1.033714 tcp 10.0.2.19 50984 -> 82.211.141.181 5977 FSPA* 0 0 14 1718 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:41:42.576468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:47:46.582372 3.001794 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:47:53.590471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:48:01.591873 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:48:17.594626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:48:49.600702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:54:53.606539 3.001404 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 10:55:00.614033 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:55:08.615907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:55:24.618798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:55:56.624614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 10:58:31.998087 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 10:58:31.998200 0.000000 udp 10.0.2.19 1701 -> 99.188.253.63 7184 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 10:58:49.445888 0.174418 tcp 10.0.2.19 50985 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:58:49.620562 0.210268 tcp 10.0.2.19 50986 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:58:49.831397 0.166871 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:49.998688 0.211978 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:50.211153 0.256974 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:50.211503 3.007284 tcp 10.0.2.19 50987 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 10:58:50.468514 0.244165 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 583 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:50.713108 0.152825 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:50.866506 0.138842 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:51.005694 0.188416 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:51.194460 0.192868 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:51.387704 0.245797 udp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:51.633839 0.400519 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:52.034746 0.293833 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:52.328940 0.233109 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:52.562487 0.533561 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:53.096472 0.156830 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:53.253751 0.148656 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:53.402811 0.233274 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:53.636464 0.221920 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:53.858774 0.224143 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:54.083332 0.124323 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:58:54.208044 0.000000 udp 10.0.2.19 1701 -> 122.5.30.98 29683 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 10:58:59.217260 0.000000 tcp 10.0.2.19 50987 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 10:59:09.843989 0.164768 tcp 10.0.2.19 50988 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:59:10.008239 0.204482 tcp 10.0.2.19 50989 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:59:10.213350 0.314545 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:59:10.528284 0.281952 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:59:10.810618 0.175220 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 10:59:10.986261 0.000000 udp 10.0.2.19 1701 -> 125.162.159.200 11664 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 10:59:28.660539 0.163822 tcp 10.0.2.19 50990 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:59:28.824542 0.198069 tcp 10.0.2.19 50991 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 10:59:29.023198 0.465924 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:02:00.630014 3.002501 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 11:02:07.638080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:02:15.639260 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:02:31.642269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:03:03.648706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:09:07.654255 3.001850 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 11:09:14.661759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:09:22.663125 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:09:38.666855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:10:10.672863 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:11:12.992840 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:11:12.993040 0.960536 tcp 10.0.2.19 50992 -> 82.211.141.181 5977 FSPA* 0 0 14 1611 flow=From-Botnet-V2-TCP-Established 1970/01/04 11:16:14.678819 3.001264 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 11:16:21.685626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:16:29.687850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:16:45.690567 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:17:17.696332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:23:21.702409 3.002328 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 11:23:28.710019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:23:36.711415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:23:52.715532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:24:24.720654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:29:50.839244 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:29:50.839425 0.224692 udp 10.0.2.19 1701 <-> 99.188.253.63 7184 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:29:51.064499 0.000000 udp 10.0.2.19 1701 -> 122.5.30.98 29683 INT 0 1 97 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:30:07.335847 0.164405 tcp 10.0.2.19 50993 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 11:30:07.500446 0.229108 tcp 10.0.2.19 50994 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 11:30:07.730155 0.000000 udp 10.0.2.19 1701 -> 125.162.159.200 11664 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:30:23.527342 0.169630 tcp 10.0.2.19 50995 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 11:30:23.697302 0.198024 tcp 10.0.2.19 50996 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 11:30:23.895885 0.258762 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:24.155046 0.245809 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:24.401215 0.168659 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:24.570316 0.208475 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:24.779233 0.157936 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:24.779607 2.992868 tcp 10.0.2.19 50997 -> 50.101.238.77 7040 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 11:30:24.937538 0.242679 rtcp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:25.180575 0.174558 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:25.355542 0.129979 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:25.485891 0.189209 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:25.675464 0.409133 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:26.084960 0.293879 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:26.379249 0.230529 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:26.610205 0.150735 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:26.761293 0.156310 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:26.918000 0.234951 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:27.153348 0.230378 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:27.384148 0.238243 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:27.622767 0.215821 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:27.838956 0.110123 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:27.949435 0.289192 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:28.239020 0.278999 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:28.518442 0.192233 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:28.711040 0.466099 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:28.725813 3.002218 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 11:30:29.260727 0.000000 udp 10.0.2.19 1701 -> 99.188.253.63 7184 REQ 0 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:30:33.780706 0.000000 tcp 10.0.2.19 50997 -> 50.101.238.77 7040 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 11:30:35.733703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:30:36.655138 0.244154 udp 10.0.2.19 1701 <-> 108.194.154.27 2324 CON 0 0 2 814 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:36.899793 0.186351 udp 10.0.2.19 1701 <-> 88.244.250.216 6049 CON 0 0 2 742 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:37.086600 0.211611 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 662 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:37.298703 0.255780 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 852 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:37.554978 0.156007 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 675 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:37.711520 0.242707 rtcp 10.0.2.19 1701 <-> 99.118.5.189 8348 CON 0 0 2 747 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:37.954705 0.188966 udp 10.0.2.19 1701 <-> 89.139.2.103 9922 CON 0 0 2 709 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:38.144127 0.135428 udp 10.0.2.19 1701 <-> 46.10.105.137 10088 CON 0 0 2 806 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:38.279982 0.189854 udp 10.0.2.19 1701 <-> 92.51.105.117 7836 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:38.470387 0.401913 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 835 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:38.872819 0.340479 udp 10.0.2.19 1701 <-> 189.149.119.209 25608 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:39.213800 0.235755 udp 10.0.2.19 1701 <-> 50.36.56.127 6860 CON 0 0 2 702 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:39.450188 0.150293 udp 10.0.2.19 1701 <-> 2.85.40.218 2756 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:39.601022 0.234078 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 708 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:39.835574 0.238227 udp 10.0.2.19 1701 <-> 99.160.9.130 8136 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:40.074280 0.238255 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 671 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:40.313001 0.158788 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 759 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:40.472223 0.218891 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 661 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:40.691607 0.111863 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 704 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:40.803944 0.289916 udp 10.0.2.19 1701 <-> 76.79.114.250 6123 CON 0 0 2 823 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:41.094351 0.282318 udp 10.0.2.19 1701 <-> 190.72.22.249 3956 CON 0 0 2 670 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:41.377111 0.237095 udp 10.0.2.19 1701 <-> 188.52.57.142 10172 CON 0 0 2 663 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:41.614661 0.465831 udp 10.0.2.19 1701 <-> 183.89.113.140 28486 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:30:42.081004 0.000000 udp 10.0.2.19 1701 -> 67.184.50.84 3509 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:30:43.735234 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:30:47.231146 0.000000 udp 10.0.2.19 1701 -> 175.139.190.82 6512 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:30:53.249062 0.443499 udp 10.0.2.19 1701 -> 101.109.16.188 1828 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:30:53.692561 0.000000 icmp 101.109.16.188 0x0303 -> 10.0.2.19 0x2407 URP 192 1 319 flow=Background 1970/01/04 11:30:58.196232 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:30:59.738032 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:31:01.190672 0.000000 udp 10.0.2.19 1701 -> 95.225.178.218 1380 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:06.328187 0.168446 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:06.639936 0.364291 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:07.049362 0.164868 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 784 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:07.266234 0.114498 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 754 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:07.530293 0.000000 udp 10.0.2.19 1701 -> 62.110.49.137 1919 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:12.927482 0.240071 udp 10.0.2.19 1701 <-> 95.58.15.211 10483 CON 0 0 2 657 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:13.204753 0.000000 udp 10.0.2.19 1701 -> 223.207.3.244 13127 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:20.358449 0.254846 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 839 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:20.653950 0.172234 udp 10.0.2.19 1701 <-> 176.73.253.198 2001 CON 0 0 2 825 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:20.862925 0.361257 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 714 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:21.280593 0.205797 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:21.528742 0.000000 udp 10.0.2.19 1701 -> 95.253.224.5 7276 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:30.212613 0.182442 udp 10.0.2.19 1701 -> 188.169.55.26 29407 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:30.395055 0.000000 icmp 188.169.55.26 0x0303 -> 10.0.2.19 0xdf72 URP 192 1 208 flow=Background 1970/01/04 11:31:31.744540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:31:35.199513 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:31:37.463045 0.000000 udp 10.0.2.19 1701 -> 180.251.160.125 23016 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:44.693022 0.000000 udp 10.0.2.19 1701 -> 196.218.36.18 26472 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:51.412482 0.342129 udp 10.0.2.19 1701 <-> 123.203.24.77 7236 CON 0 0 2 863 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:51.805391 0.000000 udp 10.0.2.19 1701 -> 91.235.36.83 17730 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:31:58.493146 0.151629 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:58.653862 0.237280 udp 10.0.2.19 1701 <-> 103.19.249.96 28066 CON 0 0 2 714 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:58.901997 0.300634 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 801 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:31:59.218282 0.000000 udp 10.0.2.19 1701 -> 117.198.207.110 13751 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:06.945449 0.212308 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:32:07.166891 0.248049 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:32:07.423616 0.171305 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 692 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:32:07.609294 0.000000 udp 10.0.2.19 1701 -> 117.192.107.51 2334 INT 0 1 295 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:11.701777 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:32:15.867737 0.000000 udp 10.0.2.19 1701 -> 95.252.119.186 3280 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:22.287000 0.000000 udp 10.0.2.19 1701 -> 103.23.51.2 6806 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:28.416267 0.411721 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 801 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:32:28.896975 0.000000 udp 10.0.2.19 1701 -> 78.187.82.127 7499 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:35.666554 0.570149 udp 10.0.2.19 1701 <-> 110.137.7.240 19010 CON 0 0 2 673 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:32:36.516218 0.000000 udp 10.0.2.19 1701 -> 117.218.55.176 2089 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:42.676177 0.170133 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 760 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:32:42.892691 0.426440 udp 10.0.2.19 1701 <-> 203.198.93.5 15171 CON 0 0 2 808 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:32:43.329740 0.000000 udp 10.0.2.19 1701 -> 105.236.188.121 1196 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:47.202570 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:32:49.526262 0.000000 udp 10.0.2.19 1701 -> 80.14.171.25 8871 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:32:57.817961 0.000000 udp 10.0.2.19 1701 -> 61.5.44.98 14318 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:03.316185 0.514721 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 797 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:33:03.861606 0.000000 udp 10.0.2.19 1701 -> 83.97.28.139 12545 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:10.796611 0.000000 udp 10.0.2.19 1701 -> 95.231.149.46 1621 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:18.197329 0.541210 udp 10.0.2.19 1701 <-> 182.64.80.71 17782 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:33:18.810508 0.000000 udp 10.0.2.19 1701 -> 123.201.136.114 2546 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:23.194740 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:33:27.030173 0.000000 udp 10.0.2.19 1701 -> 85.37.144.9 26982 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:32.958496 0.000000 udp 10.0.2.19 1701 -> 2.114.131.45 7371 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:39.688471 0.308947 udp 10.0.2.19 1701 <-> 201.209.29.166 9661 CON 0 0 2 696 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:33:40.227326 0.185472 udp 10.0.2.19 1701 <-> 176.74.91.96 4555 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:33:40.790181 0.000000 udp 10.0.2.19 1701 -> 23.24.76.117 3168 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:47.830345 0.000000 udp 10.0.2.19 1701 -> 68.39.67.168 8222 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:33:56.192245 0.000000 udp 10.0.2.19 1701 -> 79.129.53.83 24517 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:00.698628 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:34:01.789949 0.534348 udp 10.0.2.19 1701 <-> 36.73.185.159 29304 CON 0 0 2 688 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:02.366520 0.000000 udp 10.0.2.19 1701 -> 95.104.7.188 5542 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:09.070811 0.392142 udp 10.0.2.19 1701 <-> 14.99.39.64 3969 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:09.507916 0.167111 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 776 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:09.723827 0.473643 udp 10.0.2.19 1701 <-> 180.183.68.61 23413 CON 0 0 2 768 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:10.207426 0.092395 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 820 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:10.324269 0.000000 udp 10.0.2.19 1701 -> 83.31.145.117 16009 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:16.891873 0.000000 udp 10.0.2.19 1701 -> 62.1.138.200 16241 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:24.833468 0.000000 udp 10.0.2.19 1701 -> 114.91.199.193 14347 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:31.462903 0.240694 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 748 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:31.796498 0.205339 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 793 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:32.011062 0.263283 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:34:32.356076 0.000000 udp 10.0.2.19 1701 -> 112.200.12.76 7694 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:36.199659 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:34:41.077045 0.000000 udp 10.0.2.19 1701 -> 188.169.30.5 17609 INT 0 1 303 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:47.505670 0.000000 udp 10.0.2.19 1701 -> 41.233.201.35 11287 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:52.803891 0.000000 udp 10.0.2.19 1701 -> 78.164.200.159 21489 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:34:57.951339 0.000000 udp 10.0.2.19 1701 -> 62.61.181.143 7922 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:06.683590 0.000000 udp 10.0.2.19 1701 -> 194.225.212.130 9416 INT 0 1 298 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:11.200154 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:35:15.295784 0.000000 udp 10.0.2.19 1701 -> 2.177.164.7 8887 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:21.525223 0.101357 udp 10.0.2.19 1701 <-> 178.210.233.68 4034 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:35:21.672257 0.000000 udp 10.0.2.19 1701 -> 82.91.101.29 9467 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:28.284528 0.549882 udp 10.0.2.19 1701 <-> 119.144.23.153 25403 CON 0 0 2 759 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:35:28.892989 0.279818 udp 10.0.2.19 1701 <-> 115.119.5.156 7884 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:35:29.225387 0.000000 udp 10.0.2.19 1701 -> 213.132.190.206 15639 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:35.264929 0.000000 rtcp 10.0.2.19 1701 -> 188.169.118.85 10043 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:41.173503 0.468554 udp 10.0.2.19 1701 <-> 180.183.49.99 16780 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:35:41.684919 0.000000 udp 10.0.2.19 1701 -> 180.241.151.196 16472 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:45.699475 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:35:49.244458 0.000000 udp 10.0.2.19 1701 -> 125.25.122.205 24584 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:35:54.852538 0.000000 udp 10.0.2.19 1701 -> 168.187.127.206 1874 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:01.101748 0.589981 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 703 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:36:01.823830 0.000000 udp 10.0.2.19 1701 -> 79.15.117.170 8549 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:09.103086 0.397291 udp 10.0.2.19 1701 <-> 118.68.150.223 16833 CON 0 0 2 724 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:36:09.548663 0.000000 udp 10.0.2.19 1701 -> 37.150.84.28 24388 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:18.506987 0.135408 udp 10.0.2.19 1701 -> 87.8.121.235 9180 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:18.642395 0.000000 icmp 87.8.121.235 0x0303 -> 10.0.2.19 0xdc23 URP 192 1 294 flow=Background 1970/01/04 11:36:23.193104 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:36:25.076051 0.000000 udp 10.0.2.19 1701 -> 188.4.86.90 25014 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:33.037923 0.000000 udp 10.0.2.19 1701 -> 105.236.33.95 7509 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:38.575589 0.278067 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 771 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:36:38.878550 0.000000 udp 10.0.2.19 1701 -> 160.78.109.81 9032 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:46.206393 0.278389 udp 10.0.2.19 1701 <-> 59.181.111.224 14240 CON 0 0 2 785 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:36:46.516644 0.000000 udp 10.0.2.19 1701 -> 74.7.208.130 8232 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:54.268058 0.000000 udp 10.0.2.19 1701 -> 37.6.140.5 9055 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:36:59.195661 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:37:03.071054 0.000000 udp 10.0.2.19 1701 -> 116.48.155.216 1112 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:10.131318 0.000000 udp 10.0.2.19 1701 -> 85.97.42.133 4990 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:15.318224 0.000000 udp 10.0.2.19 1701 -> 89.135.114.8 9904 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:21.236907 0.442961 udp 10.0.2.19 1701 <-> 122.176.58.33 20193 CON 0 0 2 686 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:37:21.808836 0.175782 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 803 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:37:22.020117 0.167960 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 792 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:37:22.230642 0.332566 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 832 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:37:22.672924 0.000000 udp 10.0.2.19 1701 -> 86.122.81.76 10343 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:30.920814 0.199700 udp 10.0.2.19 1701 -> 77.92.231.157 4539 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:31.120514 0.000000 icmp 77.92.231.157 0x0303 -> 10.0.2.19 0xbb11 URP 192 1 164 flow=Background 1970/01/04 11:37:35.697569 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:37:35.750457 3.001520 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 11:37:39.302674 0.000000 udp 10.0.2.19 1701 -> 122.179.165.180 2123 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:42.758261 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:37:46.283128 0.000000 udp 10.0.2.19 1701 -> 79.107.1.163 7466 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:50.759433 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:37:51.721305 0.000000 udp 10.0.2.19 1701 -> 210.177.99.253 18747 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:37:57.098653 0.000000 udp 10.0.2.19 1701 -> 95.227.133.172 5761 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:38:05.760839 0.934675 udp 10.0.2.19 1701 -> 117.211.49.137 1446 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:38:06.695514 0.000000 icmp 117.211.49.137 0x0303 -> 10.0.2.19 0xa605 URP 192 1 322 flow=Background 1970/01/04 11:38:06.983103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:38:10.417643 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:38:14.272957 0.000000 udp 10.0.2.19 1701 -> 46.198.7.32 4885 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:38:25.750410 0.259075 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 814 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:38:26.075266 0.177218 udp 10.0.2.19 1701 <-> 79.107.111.107 11174 CON 0 0 2 698 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:38:26.345248 0.614408 udp 10.0.2.19 1701 <-> 36.70.98.247 28606 CON 0 0 2 831 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:38:27.172072 0.215896 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 836 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:38:27.501578 0.000000 udp 10.0.2.19 1701 -> 203.55.18.199 7607 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:38:35.343584 0.411606 udp 10.0.2.19 1701 <-> 125.113.181.147 15020 CON 0 0 2 787 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:38:35.815308 0.297623 udp 10.0.2.19 1701 <-> 189.187.96.177 26503 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:38:36.176956 0.000000 udp 10.0.2.19 1701 -> 79.9.247.150 5295 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:38:40.270373 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:38:41.442275 0.000000 udp 10.0.2.19 1701 -> 87.23.173.69 6217 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:38:46.198766 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:38:50.215542 0.000000 udp 10.0.2.19 1701 -> 186.109.94.100 1037 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 11:38:57.966269 0.224544 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 11:41:15.464391 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 11:41:15.464596 1.045192 tcp 10.0.2.19 50998 -> 82.211.141.181 5977 FSPA* 0 0 14 1648 flow=From-Botnet-V2-TCP-Established 1970/01/04 11:44:44.276463 4.243327 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 2 292 flow=Background 1970/01/04 11:44:50.523011 4.005806 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/04 11:45:02.530605 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:45:18.532979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:45:50.729544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:51:59.211409 3.002438 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 11:52:06.219112 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:52:14.220671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:52:30.223443 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:53:02.230225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:59:06.235732 3.001390 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 11:59:13.243552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:59:21.244459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 11:59:37.247643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:00:10.054913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:06:14.060436 3.002367 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 12:06:21.068262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:06:29.069690 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:06:45.072925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:07:17.079059 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:09:18.002985 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 12:09:18.003156 0.151517 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:18.155162 0.152950 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:18.155638 3.001714 tcp 10.0.2.19 50999 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:09:18.308487 0.166055 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:18.474956 0.118336 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:18.593635 0.330677 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:18.924677 0.130359 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:19.055395 0.000000 udp 10.0.2.19 1701 -> 95.58.15.211 10483 INT 0 1 94 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:09:27.155783 0.000000 tcp 10.0.2.19 50999 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:09:36.141430 0.166122 tcp 10.0.2.19 51000 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:09:36.307860 0.216575 tcp 10.0.2.19 51001 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:09:36.524988 0.283048 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:36.808446 0.211239 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:37.020116 0.165865 udp 10.0.2.19 1701 <-> 176.73.253.198 2001 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:37.186519 0.356533 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:37.543418 0.332252 udp 10.0.2.19 1701 <-> 123.203.24.77 7236 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:37.876039 0.160557 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:38.036959 0.294194 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:38.331506 0.933025 udp 10.0.2.19 1701 <-> 103.19.249.96 28066 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:39.264981 0.208006 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:39.265341 3.002408 tcp 10.0.2.19 51002 -> 103.19.249.96 1576 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:09:39.473363 0.166329 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:39.640039 0.401781 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:40.042408 0.417664 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:40.460484 0.000000 udp 10.0.2.19 1701 -> 110.137.7.240 19010 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:09:48.266041 0.000000 tcp 10.0.2.19 51002 -> 103.19.249.96 1576 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:09:59.163411 0.175180 tcp 10.0.2.19 51003 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:09:59.338793 0.196496 tcp 10.0.2.19 51004 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:09:59.535927 0.432252 udp 10.0.2.19 1701 <-> 203.198.93.5 15171 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:09:59.968556 0.154765 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:00.123695 0.488509 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:00.612676 0.000000 udp 10.0.2.19 1701 -> 182.64.80.71 17782 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:10:00.613036 3.005331 tcp 10.0.2.19 51005 -> 117.198.174.226 9206 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:10:09.617029 0.000000 tcp 10.0.2.19 51005 -> 117.198.174.226 9206 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:10:18.190876 0.214953 tcp 10.0.2.19 51006 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:10:18.405614 0.204822 tcp 10.0.2.19 51007 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:10:18.611009 0.304995 udp 10.0.2.19 1701 <-> 201.209.29.166 9661 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:18.916390 0.000000 udp 10.0.2.19 1701 -> 176.74.91.96 4555 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:10:34.684626 1.780474 tcp 10.0.2.19 51008 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:10:34.859430 0.205931 tcp 10.0.2.19 51009 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:10:35.065939 0.440030 udp 10.0.2.19 1701 <-> 36.73.185.159 29304 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:35.506586 0.161921 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:35.506938 3.001658 tcp 10.0.2.19 51010 -> 36.73.185.159 4180 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:10:35.668873 0.295126 udp 10.0.2.19 1701 <-> 14.99.39.64 3969 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:35.964370 0.000000 udp 10.0.2.19 1701 -> 180.183.68.61 23413 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:10:44.507430 0.000000 tcp 10.0.2.19 51010 -> 36.73.185.159 4180 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:10:53.892544 0.175049 tcp 10.0.2.19 51011 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:10:54.067809 0.199565 tcp 10.0.2.19 51012 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:10:54.267955 0.096102 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:54.364466 0.243515 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:54.608375 0.179903 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:54.788651 0.286045 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:10:55.075096 0.000000 udp 10.0.2.19 1701 -> 178.210.233.68 4034 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:11:10.876011 0.169226 tcp 10.0.2.19 51013 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:11:11.039595 0.209338 tcp 10.0.2.19 51014 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:11:11.249500 0.449520 udp 10.0.2.19 1701 <-> 119.144.23.153 25403 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:11.699482 0.271782 udp 10.0.2.19 1701 <-> 115.119.5.156 7884 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:11.699828 3.000526 tcp 10.0.2.19 51015 -> 119.144.23.153 1310 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:11:11.971660 0.463055 udp 10.0.2.19 1701 <-> 180.183.49.99 16780 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:12.435186 0.420773 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:12.856366 0.000000 udp 10.0.2.19 1701 -> 118.68.150.223 16833 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:11:18.796422 1.155253 tcp 10.0.2.19 51016 -> 82.211.141.181 5977 FSPA* 0 0 14 1523 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:11:20.698820 0.000000 tcp 10.0.2.19 51015 -> 119.144.23.153 1310 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:11:29.613183 0.175199 tcp 10.0.2.19 51017 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:11:29.788621 0.201715 tcp 10.0.2.19 51018 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:11:29.990894 0.270696 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:30.261983 0.000000 udp 10.0.2.19 1701 -> 59.181.111.224 14240 INT 0 1 93 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:11:48.460347 0.164716 tcp 10.0.2.19 51019 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:11:48.625266 0.207161 tcp 10.0.2.19 51020 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:11:48.833037 0.466479 udp 10.0.2.19 1701 <-> 122.176.58.33 20193 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:49.299995 0.158895 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:49.300330 2.994159 tcp 10.0.2.19 51021 -> 122.176.58.33 1010 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:11:49.459283 0.497193 udp 10.0.2.19 1701 <-> 79.107.111.107 11174 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:49.956856 0.253427 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:50.210695 0.390690 udp 10.0.2.19 1701 <-> 36.70.98.247 28606 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:11:50.601765 0.000000 udp 10.0.2.19 1701 -> 125.113.181.147 15020 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:11:58.293351 0.000000 tcp 10.0.2.19 51021 -> 122.176.58.33 1010 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:12:06.776333 0.073038 udp 10.0.2.19 62546 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/04 12:12:06.856336 0.072619 udp 10.0.2.19 52005 <-> 8.8.8.8 53 CON 0 0 2 180 flow=From-Botnet-V2-DNS 1970/01/04 12:12:07.818245 0.166095 tcp 10.0.2.19 51022 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:12:07.984479 0.215528 tcp 10.0.2.19 51023 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:12:08.200600 0.000000 udp 10.0.2.19 1701 -> 189.187.96.177 26503 INT 0 1 103 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:12:25.063283 0.164281 tcp 10.0.2.19 51024 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:12:25.227914 0.208584 tcp 10.0.2.19 51025 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:12:25.437039 0.226308 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:12:25.664635 3.002391 tcp 10.0.2.19 51026 -> 109.127.20.14 1901 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:12:34.665788 0.000000 tcp 10.0.2.19 51026 -> 109.127.20.14 1901 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 12:12:46.604946 0.082242 udp 10.0.2.19 61289 <-> 8.8.8.8 53 CON 0 0 2 168 flow=From-Botnet-V2-DNS 1970/01/04 12:12:46.687743 0.072134 udp 10.0.2.19 56533 <-> 8.8.8.8 53 CON 0 0 2 180 flow=From-Botnet-V2-DNS 1970/01/04 12:13:21.084727 3.001580 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 12:13:28.092135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:13:36.093691 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:13:52.097476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:14:24.103052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:20:28.108647 3.002102 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 12:20:35.116062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:20:43.117990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:20:59.121140 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:21:31.567387 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:27:35.572979 3.002540 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 12:27:42.580589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:27:50.582056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:28:06.585223 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:28:38.591450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:34:42.597151 3.001602 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 12:34:49.605136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:34:57.606405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:35:13.609014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:35:45.615481 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:41:20.177098 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 12:41:20.177195 0.908552 tcp 10.0.2.19 51027 -> 82.211.141.181 5977 FSPA* 0 0 14 1740 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:41:49.620823 3.002222 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 12:41:56.628709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:42:04.629984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:42:20.632984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:42:49.334622 0.000053 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 12:42:49.334727 0.000000 udp 10.0.2.19 1701 -> 95.58.15.211 10483 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:42:52.639655 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:43:06.802724 0.165777 tcp 10.0.2.19 51028 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:43:06.968857 0.196430 tcp 10.0.2.19 51029 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:43:07.165838 0.000000 udp 10.0.2.19 1701 -> 110.137.7.240 19010 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:43:23.945724 0.172495 tcp 10.0.2.19 51030 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:43:24.118442 0.194904 tcp 10.0.2.19 51031 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:43:24.313922 0.000000 udp 10.0.2.19 1701 -> 182.64.80.71 17782 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:43:39.788669 0.174918 tcp 10.0.2.19 51032 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:43:39.963773 0.201608 tcp 10.0.2.19 51033 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:43:40.165930 0.000000 udp 10.0.2.19 1701 -> 176.74.91.96 4555 INT 0 1 101 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:43:59.096403 1.363450 tcp 10.0.2.19 51034 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:00.460048 0.195921 tcp 10.0.2.19 51035 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:00.656985 0.000000 udp 10.0.2.19 1701 -> 180.183.68.61 23413 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:44:16.371523 0.164922 tcp 10.0.2.19 51036 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:16.536229 0.207510 tcp 10.0.2.19 51037 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:16.744329 0.207057 udp 10.0.2.19 1701 <-> 178.210.233.68 4034 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:44:16.951842 0.000000 udp 10.0.2.19 1701 -> 118.68.150.223 16833 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:44:16.952200 3.846590 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 SPA_* 0 0 27 17297 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:22.309241 4.775641 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 55 45978 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:27.373839 4.698257 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 71 59311 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:32.434541 0.216165 tcp 10.0.2.19 51039 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:32.650930 0.225179 tcp 10.0.2.19 51040 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:32.674683 3.949341 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 31 27627 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:32.876647 0.000000 udp 10.0.2.19 1701 -> 59.181.111.224 14240 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:44:37.748406 4.867856 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 62 55038 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:42.817937 4.834173 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 33 26358 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:47.855107 4.836789 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 32 24964 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:49.338629 0.173568 tcp 10.0.2.19 51041 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:49.506537 0.221699 tcp 10.0.2.19 51042 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:49.728784 0.000000 udp 10.0.2.19 1701 -> 189.187.96.177 26503 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:44:53.681738 4.938668 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 30 25488 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:44:58.761978 4.995998 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 29 24726 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:03.958291 4.866801 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 13 8818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:06.923882 0.175204 tcp 10.0.2.19 51043 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:07.099332 1.284545 tcp 10.0.2.19 51044 -> 173.194.70.94 80 SRPA* 0 0 71 77790 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:08.384432 0.000000 udp 10.0.2.19 1701 -> 125.113.181.147 15020 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:45:09.007763 4.837671 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 27 21382 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:14.181562 2.985801 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 12 8132 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:21.323022 4.096925 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 23 18334 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:27.172978 0.165212 tcp 10.0.2.19 51045 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:27.338314 0.198030 tcp 10.0.2.19 51046 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:27.349337 4.559299 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 20 17312 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:27.536924 0.154473 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:27.691740 0.156180 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:27.848277 0.121386 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:27.969986 0.159684 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:28.130023 0.144128 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:28.274479 0.290175 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:28.565019 0.174030 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:28.739455 0.352810 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:29.092655 0.205515 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:29.298547 0.168881 udp 10.0.2.19 1701 <-> 176.73.253.198 2001 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:29.467788 0.153864 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:29.622062 0.285387 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:29.907811 0.329434 udp 10.0.2.19 1701 <-> 123.203.24.77 7236 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:30.237588 0.235161 udp 10.0.2.19 1701 <-> 103.19.249.96 28066 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:30.473102 0.208093 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:30.681565 0.153517 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:30.835488 0.406045 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:31.241929 0.440175 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:31.682470 0.170205 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:31.853050 0.000000 udp 10.0.2.19 1701 -> 203.198.93.5 15171 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:45:32.397012 4.588978 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 A_PA 0 0 41 31038 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:38.727669 1.701849 tcp 10.0.2.19 51038 -> 178.210.233.68 3084 FPA_* 0 0 11 3648 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:49.585355 0.168570 tcp 10.0.2.19 51047 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:49.754332 0.205213 tcp 10.0.2.19 51048 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:45:49.960094 0.523286 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:50.483800 0.296880 udp 10.0.2.19 1701 <-> 201.209.29.166 9661 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:45:50.781092 0.000000 udp 10.0.2.19 1701 -> 36.73.185.159 29304 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:46:07.100375 0.176140 tcp 10.0.2.19 51049 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:46:07.276686 0.196187 tcp 10.0.2.19 51050 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:46:07.473438 0.173960 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:07.647825 0.616028 udp 10.0.2.19 1701 <-> 14.99.39.64 3969 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:08.264190 0.205111 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:08.469766 0.238752 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:08.708909 0.089929 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:08.799213 0.262406 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:09.061950 0.573177 udp 10.0.2.19 1701 <-> 119.144.23.153 25403 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:09.635534 0.000000 udp 10.0.2.19 1701 -> 180.183.49.99 16780 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 12:46:25.597752 0.175528 tcp 10.0.2.19 51051 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:46:25.773510 0.205421 tcp 10.0.2.19 51052 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 12:46:25.979463 0.272541 udp 10.0.2.19 1701 <-> 115.119.5.156 7884 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:26.252364 0.597691 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:26.850400 0.283386 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:27.134134 0.314675 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:27.449163 0.572457 udp 10.0.2.19 1701 <-> 122.176.58.33 20193 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:28.021963 0.319628 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:28.342147 0.179127 udp 10.0.2.19 1701 <-> 79.107.111.107 11174 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:28.521701 0.384526 udp 10.0.2.19 1701 <-> 36.70.98.247 28606 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:46:28.906659 0.211146 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 12:48:57.245608 3.001982 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 12:49:04.253441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:49:12.254867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:49:28.258256 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:50:00.264383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:56:04.269542 3.983606 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 12:56:12.258955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:56:20.260368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:56:36.263912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 12:57:08.269889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:03:12.275277 3.372701 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 13:03:19.653822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:03:27.655089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:03:43.657986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:04:15.664243 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:10:19.670131 3.001688 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 13:10:26.677670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:10:34.879414 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:10:50.882166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:11:22.448312 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 13:11:22.448535 1.120962 tcp 10.0.2.19 51053 -> 82.211.141.181 5977 FSPA* 0 0 14 1664 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:11:22.888430 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:16:46.183110 0.000052 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 13:16:46.183218 0.000000 udp 10.0.2.19 1701 -> 203.198.93.5 15171 INT 0 1 90 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:17:01.628901 0.159779 tcp 10.0.2.19 51054 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:17:01.788931 0.194399 tcp 10.0.2.19 51055 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:17:01.983922 0.000000 udp 10.0.2.19 1701 -> 36.73.185.159 29304 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:17:20.724461 0.159668 tcp 10.0.2.19 51056 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:17:20.884269 0.962840 tcp 10.0.2.19 51057 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:17:21.847654 0.000000 udp 10.0.2.19 1701 -> 180.183.49.99 16780 INT 0 1 98 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:17:26.894160 3.002094 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 13:17:33.902060 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:17:40.743142 0.182315 tcp 10.0.2.19 51058 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:17:40.925235 0.198861 tcp 10.0.2.19 51059 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:17:41.124663 0.154314 udp 10.0.2.19 1701 <-> 178.210.233.68 4034 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:41.279364 0.146710 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:41.426561 0.150559 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:41.426915 3.000147 tcp 10.0.2.19 51060 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 13:17:41.577516 0.179058 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:41.756969 0.294676 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:41.903180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:17:42.999601 0.280154 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:43.280132 0.111795 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:43.392303 0.240761 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:43.633405 0.366183 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:44.000002 0.208780 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:44.209358 0.161429 udp 10.0.2.19 1701 <-> 176.73.253.198 2001 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:44.371161 0.148877 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:44.520461 0.166711 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:44.687673 0.293422 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:44.981480 0.250957 udp 10.0.2.19 1701 <-> 103.19.249.96 28066 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:45.232799 0.207913 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:45.441051 0.327909 udp 10.0.2.19 1701 <-> 123.203.24.77 7236 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:45.769399 0.451318 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:46.221061 0.403368 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:46.624801 0.295973 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:46.921162 0.364437 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:17:47.285994 0.000000 udp 10.0.2.19 1701 -> 201.209.29.166 9661 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:17:50.425861 0.000000 tcp 10.0.2.19 51060 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 13:17:57.906299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:18:06.199936 0.159739 tcp 10.0.2.19 51061 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:18:06.360030 0.199933 tcp 10.0.2.19 51062 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:18:06.560511 0.211371 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:06.772251 0.235341 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:07.007974 0.109685 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:07.118025 0.190912 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:07.309342 0.303135 udp 10.0.2.19 1701 <-> 14.99.39.64 3969 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:07.612858 0.267196 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:07.880443 0.583530 udp 10.0.2.19 1701 <-> 119.144.23.153 25403 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:08.464387 0.274882 udp 10.0.2.19 1701 <-> 115.119.5.156 7884 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:08.739669 0.589968 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:09.329991 0.216580 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:09.547003 0.146191 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:09.693535 0.430086 udp 10.0.2.19 1701 <-> 79.107.111.107 11174 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:10.123970 0.509743 udp 10.0.2.19 1701 <-> 122.176.58.33 20193 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:10.634136 0.250678 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:10.885154 0.393558 udp 10.0.2.19 1701 <-> 36.70.98.247 28606 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:11.279073 0.216316 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:18:29.911964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:24:33.917647 3.002497 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 13:24:40.925887 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:24:48.927184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:25:04.930431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:25:36.936534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:31:40.942405 3.001386 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 13:31:47.950136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:31:57.283457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:32:13.286097 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:32:45.292106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:38:49.297996 3.001520 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 13:38:56.305668 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:39:04.306940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:39:20.310197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:39:52.315949 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:41:24.228824 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 13:41:24.228980 0.849481 tcp 10.0.2.19 51063 -> 82.211.141.181 5977 FSPA* 0 0 14 1662 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:46:05.324744 3.002352 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 13:46:12.332553 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:46:20.333697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:46:36.337155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:47:08.342884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:48:15.650424 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 13:48:15.650558 0.000000 udp 10.0.2.19 1701 -> 201.209.29.166 9661 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:48:33.638650 0.159199 tcp 10.0.2.19 51064 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:48:33.798092 0.206861 tcp 10.0.2.19 51065 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:48:34.005564 0.163729 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:34.169784 0.343989 udp 10.0.2.19 1701 <-> 178.210.233.68 4034 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:34.170187 3.000772 tcp 10.0.2.19 51066 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 13:48:34.514168 0.144800 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:34.659328 0.155870 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:34.815600 0.112215 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:34.928153 0.151485 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:35.080009 0.139909 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:35.220295 0.304990 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:35.525675 0.203056 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:35.729239 0.352985 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:36.082597 0.152794 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:36.235736 0.152173 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:36.388291 0.158134 udp 10.0.2.19 1701 <-> 176.73.253.198 2001 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:36.546795 0.287821 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:36.834977 0.492375 udp 10.0.2.19 1701 <-> 103.19.249.96 28066 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:37.327736 0.207455 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:37.535545 0.427129 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:37.963050 0.218157 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:38.181572 0.000000 udp 10.0.2.19 1701 -> 123.203.24.77 7236 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:48:43.169727 0.000000 tcp 10.0.2.19 51066 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 13:48:54.897847 0.163682 tcp 10.0.2.19 51067 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:48:55.061419 0.200549 tcp 10.0.2.19 51068 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:48:55.262526 0.172994 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:55.435920 0.326371 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:55.762687 0.235245 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:55.998293 0.087309 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:56.085950 0.180262 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:56.266543 0.376730 udp 10.0.2.19 1701 <-> 14.99.39.64 3969 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:56.643706 0.143093 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:56.787164 0.259263 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:57.046802 0.558542 udp 10.0.2.19 1701 <-> 119.144.23.153 25403 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:48:57.605724 0.000000 udp 10.0.2.19 1701 -> 115.119.5.156 7884 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:49:15.486886 0.173734 tcp 10.0.2.19 51069 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:49:15.660808 0.194937 tcp 10.0.2.19 51070 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:49:15.856525 0.000000 udp 10.0.2.19 1701 -> 219.139.20.20 29519 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:49:32.301140 0.161226 tcp 10.0.2.19 51071 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:49:32.462133 0.198593 tcp 10.0.2.19 51072 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:49:32.661295 0.397999 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:49:33.059686 0.147081 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:49:33.207173 0.000000 udp 10.0.2.19 1701 -> 79.107.111.107 11174 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:49:48.374620 0.161135 tcp 10.0.2.19 51073 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:49:48.535582 0.199481 tcp 10.0.2.19 51074 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:49:48.735604 0.000000 udp 10.0.2.19 1701 -> 122.176.58.33 20193 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:50:05.779152 2.030086 tcp 10.0.2.19 51075 -> 173.194.70.99 80 FSPA* 0 0 11 2873 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:50:07.809566 0.203785 tcp 10.0.2.19 51076 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:50:08.013886 0.220130 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:50:08.234417 0.257805 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 13:50:08.492604 0.000000 udp 10.0.2.19 1701 -> 36.70.98.247 28606 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 13:50:24.966840 0.159683 tcp 10.0.2.19 51077 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:50:25.126692 0.192766 tcp 10.0.2.19 51078 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 13:53:33.348811 3.001975 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 13:53:40.356669 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:53:48.357969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:54:04.361493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 13:54:36.367255 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:00:40.372719 3.002056 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 14:00:47.380509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:00:55.382535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:01:11.385299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:01:43.391715 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:07:47.397244 3.001784 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 14:07:54.404876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:08:02.406148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:08:21.563609 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:08:53.569752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:11:26.600403 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 14:11:26.600605 1.008536 tcp 10.0.2.19 51079 -> 82.211.141.181 5977 FSPA* 0 0 14 1528 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:14:57.575570 3.001409 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 14:15:04.583503 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:15:12.584338 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:15:28.587802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:16:00.593437 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:20:28.667624 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 14:20:28.667808 0.000000 udp 10.0.2.19 1701 -> 123.203.24.77 7236 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:20:44.394342 0.160536 tcp 10.0.2.19 51080 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:20:44.555134 0.197493 tcp 10.0.2.19 51081 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:20:44.753206 0.000000 udp 10.0.2.19 1701 -> 115.119.5.156 7884 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:20:59.945098 0.161271 tcp 10.0.2.19 51082 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:00.106526 0.193563 tcp 10.0.2.19 51083 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:00.300651 0.600450 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:01.603632 0.000000 udp 10.0.2.19 1701 -> 122.176.58.33 20193 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:21:16.739649 0.166569 tcp 10.0.2.19 51084 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:16.906523 0.198980 tcp 10.0.2.19 51085 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:17.106094 0.000000 udp 10.0.2.19 1701 -> 79.107.111.107 11174 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:21:34.655394 0.170334 tcp 10.0.2.19 51086 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:34.825994 0.205078 tcp 10.0.2.19 51087 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:35.031723 0.000000 udp 10.0.2.19 1701 -> 36.70.98.247 28606 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:21:51.099333 0.160199 tcp 10.0.2.19 51088 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:51.259438 0.205069 tcp 10.0.2.19 51089 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:21:51.465092 0.171240 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:51.636814 0.312345 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:51.637172 2.995195 tcp 10.0.2.19 51090 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 14:21:51.949515 0.201725 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:52.151634 0.096449 udp 10.0.2.19 1701 <-> 178.210.233.68 4034 CON 0 0 2 568 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:52.248468 0.144875 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:52.393711 0.236186 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:52.630460 0.121538 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:52.752378 0.136800 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:52.889558 0.816721 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:53.706656 0.217538 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:53.924545 0.167617 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:54.092514 0.155195 udp 10.0.2.19 1701 <-> 176.73.253.198 2001 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:21:54.248056 0.000000 udp 10.0.2.19 1701 -> 103.19.249.96 28066 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:22:00.631513 0.000000 tcp 10.0.2.19 51090 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 14:22:04.919811 3.001974 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 14:22:09.715779 0.160779 tcp 10.0.2.19 51091 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:22:09.876792 0.208430 tcp 10.0.2.19 51092 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:22:10.085923 0.363830 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:10.450354 0.157749 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:10.608531 0.280001 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:10.888933 0.418528 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:11.307810 0.229640 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:11.537836 0.165514 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:11.703715 0.232235 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:11.927841 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:22:11.936295 0.158387 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:12.095049 0.288922 udp 10.0.2.19 1701 <-> 14.99.39.64 3969 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:12.384346 0.289566 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:12.674392 0.097793 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:12.772557 0.200207 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:12.973155 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:22:19.928625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:22:31.156564 0.161121 tcp 10.0.2.19 51093 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:22:31.317900 0.191822 tcp 10.0.2.19 51094 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:22:31.510474 0.000000 udp 10.0.2.19 1701 -> 119.144.23.153 25403 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:22:35.931776 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:22:50.143841 0.163335 tcp 10.0.2.19 51095 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:22:50.307411 0.205466 tcp 10.0.2.19 51096 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:22:50.513430 0.146396 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:50.660215 0.310148 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:50.970711 0.216786 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:22:51.187899 0.256544 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:23:07.937663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:29:11.943648 3.002239 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 14:29:18.951464 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:29:26.953063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:29:42.955928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:30:14.961880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:36:19.598773 3.001509 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 14:36:26.606564 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:36:34.607633 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:36:50.610988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:37:22.616944 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:41:28.230399 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 14:41:28.230603 0.900415 tcp 10.0.2.19 51097 -> 82.211.141.181 5977 FSPA* 0 0 14 1632 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:43:26.622455 3.002541 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 14:43:34.882444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:43:42.883914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:43:58.886632 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:44:30.892660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:50:34.898345 3.002019 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 14:50:41.906036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:50:49.907876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:51:05.910688 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:51:37.916614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:53:08.977905 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 14:53:08.978117 0.000000 udp 10.0.2.19 1701 -> 103.19.249.96 28066 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:53:24.662653 0.160228 tcp 10.0.2.19 51098 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:53:24.822784 0.203471 tcp 10.0.2.19 51099 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:53:25.026840 0.269205 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:25.296435 0.000000 udp 10.0.2.19 1701 -> 119.144.23.153 25403 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:53:40.834529 0.159106 tcp 10.0.2.19 51100 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:53:40.993514 0.194667 tcp 10.0.2.19 51101 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:53:41.188728 0.554284 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:41.743362 0.155337 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:41.899155 0.222078 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:41.899515 2.999646 tcp 10.0.2.19 51102 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 14:53:42.508626 0.113109 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:42.622390 0.146671 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:42.769465 0.102452 udp 10.0.2.19 1701 <-> 178.210.233.68 4034 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:42.872225 0.205382 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:43.078249 0.285904 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:43.364518 0.160489 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:43.525366 0.204568 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:43.730313 0.173754 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:43.904396 0.138692 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:53:44.043414 0.000000 udp 10.0.2.19 1701 -> 176.73.253.198 2001 INT 0 1 93 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:53:50.897414 0.000000 tcp 10.0.2.19 51102 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 14:54:00.643742 0.159975 tcp 10.0.2.19 51103 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:54:00.803891 0.212209 tcp 10.0.2.19 51104 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:54:01.016712 0.298558 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:01.315669 0.000000 udp 10.0.2.19 1701 -> 188.129.163.108 5824 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:54:17.567672 0.160098 tcp 10.0.2.19 51105 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:54:17.728140 0.201213 tcp 10.0.2.19 51106 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:54:17.929924 0.370375 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:18.300700 0.239981 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:18.541049 0.373743 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:18.915213 0.258226 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:19.173848 0.437321 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:19.611526 0.156199 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:19.768071 0.343549 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:20.112009 0.000000 udp 10.0.2.19 1701 -> 14.99.39.64 3969 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 14:54:38.958449 0.167669 tcp 10.0.2.19 51107 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:54:39.126309 0.197375 tcp 10.0.2.19 51108 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 14:54:39.324261 0.324986 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:39.649627 0.237722 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:39.887707 0.148923 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:40.036966 0.267638 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:40.304960 0.219731 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:54:40.525032 0.223186 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 14:57:41.992507 3.001654 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 14:57:48.999940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:57:57.001862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:58:13.004888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 14:58:45.010741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:04:49.016196 3.002602 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 15:04:56.024006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:05:04.025517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:05:20.028504 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:05:52.034829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:11:29.830930 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 15:11:29.831058 0.926925 tcp 10.0.2.19 51109 -> 82.211.141.181 5977 FSPA* 0 0 14 1669 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:11:56.040740 3.001673 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 15:12:03.048512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:12:11.049396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:12:27.052900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:12:59.058895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:19:03.936078 3.001518 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 15:19:10.943730 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:19:18.944844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:19:34.947480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:20:06.953762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:25:05.473077 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 15:25:05.475614 0.000000 udp 10.0.2.19 1701 -> 176.73.253.198 2001 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 15:25:23.090949 0.160646 tcp 10.0.2.19 51110 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:25:23.251491 0.191639 tcp 10.0.2.19 51111 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:25:23.443749 0.000000 udp 10.0.2.19 1701 -> 188.129.163.108 5824 INT 0 1 246 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 15:25:39.072431 0.159909 tcp 10.0.2.19 51112 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:25:39.232525 0.197151 tcp 10.0.2.19 51113 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:25:39.430426 0.000000 udp 10.0.2.19 1701 -> 14.99.39.64 3969 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 15:25:55.667413 0.176968 tcp 10.0.2.19 51114 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:25:55.844600 0.216615 tcp 10.0.2.19 51115 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:25:56.061858 0.271053 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:56.333292 0.587144 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:56.920803 0.144459 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:57.065703 0.151157 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:57.066060 3.005663 tcp 10.0.2.19 51116 -> 217.220.223.98 4580 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 15:25:57.217211 0.206048 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:57.423635 0.118153 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:57.542145 0.357380 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:57.899912 0.161487 udp 10.0.2.19 1701 <-> 178.210.233.68 4034 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:58.061703 0.202980 udp 10.0.2.19 1701 <-> 94.56.145.220 7196 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:58.265068 0.191139 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:58.456592 0.207465 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:58.664428 0.164284 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:58.829078 0.163984 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:58.993451 0.279261 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:59.273123 0.345461 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:59.618938 0.230810 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:25:59.850154 0.167239 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:00.017732 0.160232 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:00.178458 0.222157 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:00.400983 0.489248 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:00.890618 0.190751 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:01.081789 0.088873 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:01.171053 0.264740 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:01.436181 0.249487 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:01.686113 0.224099 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:01.910539 0.663835 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:02.574763 0.263612 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:26:06.079781 0.000000 tcp 10.0.2.19 51116 -> 217.220.223.98 4580 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 15:26:10.959704 3.001949 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 15:26:17.967448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:26:25.968477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:26:41.972065 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:27:13.977913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:33:17.983473 3.002831 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 15:33:24.991783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:33:32.992377 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:33:48.995482 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:34:22.864724 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:40:26.870379 3.001616 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 15:40:33.877977 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:40:41.879447 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:40:57.882175 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:41:29.918104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:41:32.101631 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 15:41:32.101823 0.745660 tcp 10.0.2.19 51117 -> 82.211.141.181 5977 FSPA* 0 0 14 1702 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:47:33.924483 3.001885 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 15:47:40.931931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:47:48.933497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:48:04.936359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:48:37.603339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:54:41.608771 3.002424 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 15:54:48.616980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:54:56.618079 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:55:12.621173 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:55:44.627784 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 15:56:28.951095 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 15:56:28.951283 0.261706 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:56:29.213370 0.156363 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:56:29.370146 0.182532 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:56:29.370564 2.995032 tcp 10.0.2.19 51118 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 15:56:29.553057 0.116794 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:56:29.670316 0.563833 udp 10.0.2.19 1701 <-> 219.139.20.20 29519 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:56:30.234509 0.145369 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:56:30.380244 0.401707 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:56:30.782354 0.000000 udp 10.0.2.19 1701 -> 178.210.233.68 4034 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 15:56:38.364866 0.000000 tcp 10.0.2.19 51118 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 15:56:48.131491 0.160655 tcp 10.0.2.19 51119 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:56:48.292385 0.201033 tcp 10.0.2.19 51120 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:56:48.493974 0.000000 udp 10.0.2.19 1701 -> 94.56.145.220 7196 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 15:57:05.855655 1.523204 tcp 10.0.2.19 51121 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:57:06.015755 0.189804 tcp 10.0.2.19 51122 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:57:06.206138 0.170981 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:06.377524 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 106 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 15:57:24.081631 0.160829 tcp 10.0.2.19 51123 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:57:24.242825 0.193724 tcp 10.0.2.19 51124 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:57:24.437110 0.172533 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:24.610272 0.175738 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:24.610622 4.936960 tcp 10.0.2.19 51125 -> 46.49.74.62 5181 SPA_* 0 0 308 223732 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:57:24.786375 0.290264 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:25.077035 0.362925 udp 10.0.2.19 1701 <-> 190.9.171.230 15655 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:25.440313 0.236824 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:25.677492 0.223378 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:25.901204 0.164490 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:26.066041 0.235373 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:26.301839 0.523812 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:26.826166 0.197016 udp 10.0.2.19 1701 <-> 2.84.26.82 24635 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:27.023626 0.090001 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:27.114092 0.261297 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:27.375741 0.223867 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:27.599978 0.257210 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:27.857574 0.226903 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:28.084833 0.271578 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 15:57:29.769744 1.900890 tcp 10.0.2.19 51125 -> 46.49.74.62 5181 FPA_* 0 0 102 73788 flow=From-Botnet-V2-TCP-Established 1970/01/04 15:57:47.023068 0.000000 udp 10.0.2.19 1701 <- 188.169.55.215 18951 RSP 0 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 15:57:55.103776 0.000000 udp 10.0.2.19 1701 <- 75.1.149.150 9432 RSP 0 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:01:53.690296 3.001862 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 16:02:00.698348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:02:08.699136 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:02:24.702825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:02:56.708320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:09:00.714322 3.002207 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 16:09:07.721973 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:09:15.723480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:09:31.726456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:10:03.923057 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:11:35.314919 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:11:35.315079 1.025515 tcp 10.0.2.19 51126 -> 82.211.141.181 5977 FSPA* 0 0 14 1516 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:16:14.928832 3.001416 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 16:16:21.936308 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:16:29.937429 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:16:45.941135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:17:17.947090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:23:21.952517 3.001694 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 16:23:28.960093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:23:36.961966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:23:52.964900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:24:24.970964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:27:56.064851 0.000113 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:27:56.065082 0.000000 udp 10.0.2.19 1701 -> 94.56.145.220 7196 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:28:12.470736 0.479792 tcp 10.0.2.19 51127 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:28:12.950435 0.500328 tcp 10.0.2.19 51128 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:28:13.451330 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:28:29.383671 0.160372 tcp 10.0.2.19 51129 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:28:29.544363 0.490875 tcp 10.0.2.19 51130 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:28:30.035803 0.000000 udp 10.0.2.19 1701 -> 178.210.233.68 4034 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:28:45.727151 0.296686 tcp 10.0.2.19 51131 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:28:46.023748 0.206896 tcp 10.0.2.19 51132 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:28:46.231203 0.120658 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:28:46.352272 0.258246 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:28:46.610929 0.186665 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:28:46.798144 0.161481 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:28:46.959968 0.145548 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:28:47.105915 0.000000 udp 10.0.2.19 1701 -> 219.139.20.20 29519 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:29:04.413579 0.164673 tcp 10.0.2.19 51133 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:29:04.578474 0.193496 tcp 10.0.2.19 51134 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:29:04.772511 0.297727 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:29:05.269709 0.000000 udp 10.0.2.19 1701 -> 79.132.4.58 2921 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:29:20.687206 0.160981 tcp 10.0.2.19 51135 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:29:20.848098 0.208914 tcp 10.0.2.19 51136 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:29:21.057554 0.159987 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:29:21.217941 0.134426 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:29:21.352738 0.288510 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:29:21.641605 0.000000 udp 10.0.2.19 1701 -> 190.9.171.230 15655 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:29:39.304474 4.679807 tcp 10.0.2.19 51137 -> 173.194.70.99 80 FSPA* 0 0 12 1938 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:29:43.983992 0.199829 tcp 10.0.2.19 51138 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:29:44.184425 0.245338 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:29:44.430300 0.223998 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:29:44.654717 0.174548 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:29:44.829639 0.000000 udp 10.0.2.19 1701 -> 2.84.26.82 24635 INT 0 1 109 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:30:00.354417 0.171026 tcp 10.0.2.19 51139 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:30:00.525792 0.193460 tcp 10.0.2.19 51140 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:30:00.719794 0.099485 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:00.819622 0.161962 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:00.982149 0.425384 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:01.407924 0.262896 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:01.671214 0.264575 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:01.936160 0.259382 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:02.195915 0.237547 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:02.433867 0.161332 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:02.692960 0.000000 udp 10.0.2.19 1701 -> 219.139.20.20 29519 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:30:11.629312 0.147944 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 775 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:11.777706 0.000000 udp 10.0.2.19 1701 -> 190.9.171.230 15655 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:30:17.608031 0.000000 udp 10.0.2.19 1701 -> 2.84.26.82 24635 REQ 0 1 308 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:30:25.419188 0.132303 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 727 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:25.552194 0.268440 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 808 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:25.821127 0.148714 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 720 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:25.970338 0.155374 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:26.126237 0.155530 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 711 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:26.282245 0.290148 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 854 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:26.572861 0.147150 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 813 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:26.720475 0.153830 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 761 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:26.874725 0.290064 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:27.165210 0.152654 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 683 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:27.318310 0.257674 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 708 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:27.576462 0.235873 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 733 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:27.812832 0.161923 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 678 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:27.975161 0.099356 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 686 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:28.074953 0.288033 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 844 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:28.363428 0.155654 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 829 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:28.519529 0.425013 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 809 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:28.944988 0.228979 udp 10.0.2.19 1701 <-> 109.127.20.14 17939 CON 0 0 2 859 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:29.174492 0.156879 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 826 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:29.331866 0.254503 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 790 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:30:29.586911 0.000000 udp 10.0.2.19 1701 -> 23.24.76.117 3168 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:30:30.288542 3.001465 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 16:30:37.295867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:30:38.357994 0.000000 udp 10.0.2.19 1701 -> 190.166.194.45 7585 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:30:43.164727 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:30:45.297668 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:30:45.878577 0.000000 udp 10.0.2.19 1701 -> 98.208.182.36 9951 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:30:53.219131 0.000000 udp 10.0.2.19 1701 -> 68.39.67.168 8222 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:01.120292 0.000000 udp 10.0.2.19 1701 -> 88.236.103.4 5615 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:01.300934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:31:07.489763 0.000000 udp 10.0.2.19 1701 -> 188.169.30.5 27696 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:13.047902 0.000000 udp 10.0.2.19 1701 -> 79.129.53.83 24517 INT 0 1 188 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:17.664125 0.000113 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:31:18.375023 0.000000 udp 10.0.2.19 1701 -> 78.157.7.234 6941 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:24.904331 0.000000 udp 10.0.2.19 1701 -> 86.122.81.76 29531 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:30.943636 0.000000 udp 10.0.2.19 1701 -> 41.134.200.145 5746 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:34.178071 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:31:40.516800 0.546923 udp 10.0.2.19 1701 <-> 36.73.185.159 29304 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:31:42.156546 0.000000 udp 10.0.2.19 1701 -> 196.215.160.36 4575 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:49.950860 0.000000 udp 10.0.2.19 1701 -> 74.7.208.130 8232 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:31:54.537454 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:31:58.343047 0.000000 udp 10.0.2.19 1701 -> 50.74.153.34 7404 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:32:04.381599 0.000000 udp 10.0.2.19 1701 -> 178.194.118.70 6150 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:32:11.832013 0.000000 udp 10.0.2.19 1701 -> 64.183.131.195 1949 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:32:20.774692 0.000000 udp 10.0.2.19 1701 -> 50.20.182.29 3684 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:32:28.626036 0.000000 udp 10.0.2.19 1701 -> 117.216.177.159 5156 INT 0 1 117 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:32:33.532827 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:32:34.384270 0.000000 udp 10.0.2.19 1701 -> 101.109.200.63 27872 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:32:41.775439 0.000000 udp 10.0.2.19 1701 -> 59.182.136.118 3579 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:32:55.087194 0.000000 udp 10.0.2.19 1701 -> 62.1.138.200 16241 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:02.772031 0.220239 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:33:03.062327 0.000000 udp 10.0.2.19 1701 -> 78.139.132.103 4876 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:08.107876 0.000000 udp 10.0.2.19 1701 -> 69.250.218.50 6179 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:16.166764 0.000000 udp 10.0.2.19 1701 -> 95.225.178.218 1380 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:20.963467 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:33:24.953265 0.000000 udp 10.0.2.19 1701 -> 83.97.28.139 12545 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:32.948352 0.000000 udp 10.0.2.19 1701 -> 95.253.14.57 1844 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:38.661253 0.000000 udp 10.0.2.19 1701 -> 117.28.238.5 2342 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:44.256208 0.000000 udp 10.0.2.19 1701 -> 95.231.149.46 1621 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:50.648372 0.000000 udp 10.0.2.19 1701 -> 5.146.6.175 7876 INT 0 1 296 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:33:55.504159 0.000066 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:33:57.406533 0.000000 udp 10.0.2.19 1701 -> 176.221.166.164 3056 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:02.420715 0.167242 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 830 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:34:02.678765 0.160914 udp 10.0.2.19 1701 <-> 212.70.205.195 13908 CON 0 0 2 818 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:34:02.908774 0.264021 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 720 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:34:03.212588 0.172171 udp 10.0.2.19 1701 <-> 88.247.65.143 2039 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:34:03.423745 0.000000 udp 10.0.2.19 1701 -> 23.30.177.153 7810 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:10.259066 0.000000 udp 10.0.2.19 1701 -> 99.196.162.114 5767 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:18.353059 0.000000 udp 10.0.2.19 1701 -> 171.98.145.136 7044 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:23.912400 0.000000 udp 10.0.2.19 1701 -> 98.119.61.37 2880 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:30.242243 0.413790 udp 10.0.2.19 1701 <-> 190.239.253.243 26762 CON 0 0 2 797 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:34:30.690988 0.225507 udp 10.0.2.19 1701 <-> 46.71.187.210 13907 CON 0 0 2 780 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:34:31.045665 0.000000 udp 10.0.2.19 1701 -> 95.58.15.211 26121 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:34.978758 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:34:35.984425 0.000000 udp 10.0.2.19 1701 -> 37.232.7.128 11208 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:43.785097 0.000000 udp 10.0.2.19 1701 -> 39.41.115.86 4841 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:49.669076 0.000000 udp 10.0.2.19 1701 -> 27.3.194.218 2189 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:34:56.108021 0.000000 udp 10.0.2.19 1701 -> 113.179.3.22 29240 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:03.088287 0.000000 udp 10.0.2.19 1701 -> 50.75.48.164 3660 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:07.624767 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:35:08.856900 0.000000 udp 10.0.2.19 1701 -> 190.199.91.254 29770 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:16.968376 0.163546 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 720 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:35:17.217206 0.155948 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:35:17.466174 0.000000 udp 10.0.2.19 1701 -> 79.33.110.250 4340 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:24.299091 0.000000 udp 10.0.2.19 1701 -> 88.236.250.104 14502 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:30.707975 0.153783 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 691 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:35:30.941210 0.161979 udp 10.0.2.19 1701 <-> 78.188.99.85 11735 CON 0 0 2 672 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:35:31.173090 0.000000 udp 10.0.2.19 1701 -> 62.174.80.114 7773 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:38.539317 0.000000 udp 10.0.2.19 1701 -> 92.24.108.105 22627 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:43.116167 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:35:47.071436 0.000000 udp 10.0.2.19 1701 -> 90.189.52.183 8989 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:35:54.582608 0.000000 udp 10.0.2.19 1701 -> 41.207.218.206 8238 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:01.883164 0.000000 udp 10.0.2.19 1701 -> 41.73.234.189 9236 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:10.375206 0.000000 udp 10.0.2.19 1701 -> 46.2.71.141 5433 INT 0 1 303 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:17.415375 0.134439 udp 10.0.2.19 1701 <-> 31.51.19.187 5008 CON 0 0 2 683 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:36:17.559794 0.000000 udp 10.0.2.19 1701 -> 193.205.233.25 5764 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:22.121727 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:36:24.755619 0.000000 udp 10.0.2.19 1701 -> 95.141.110.230 20823 INT 0 1 298 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:32.767503 0.000000 udp 10.0.2.19 1701 -> 95.225.128.139 8521 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:41.049534 0.154861 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 856 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:36:41.312499 0.618562 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 833 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:36:42.093468 0.156284 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 753 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:36:42.304492 0.241642 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 825 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:36:42.571351 0.000000 udp 10.0.2.19 1701 -> 24.176.227.204 2607 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:49.961854 0.176471 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:36:50.213160 0.000000 udp 10.0.2.19 1701 -> 212.5.202.84 20445 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:36:57.302502 0.000000 udp 10.0.2.19 1701 -> 78.167.82.36 22637 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:02.119694 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:37:03.271620 0.000000 udp 10.0.2.19 1701 -> 186.109.94.100 1037 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:11.222351 0.211206 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 760 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:37:11.490383 0.000000 udp 10.0.2.19 1701 -> 95.227.166.142 9293 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:17.221132 0.139418 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 736 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:37:17.461924 0.000000 udp 10.0.2.19 1701 -> 182.1.94.91 1822 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:25.453196 0.000000 udp 10.0.2.19 1701 -> 182.72.118.131 7508 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:32.703400 0.000000 udp 10.0.2.19 1701 -> 176.73.130.200 24915 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:37.620357 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:37:40.266241 3.002574 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 16:37:40.324328 0.000000 udp 10.0.2.19 1701 -> 125.166.235.54 15742 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:46.263024 0.488920 udp 10.0.2.19 1701 <-> 125.161.223.169 15153 CON 0 0 2 747 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:37:46.875454 0.000000 udp 10.0.2.19 1701 -> 90.25.116.35 5145 INT 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:37:47.274375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:37:55.275896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:37:55.776776 0.000000 udp 10.0.2.19 1701 -> 88.149.132.57 3782 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:04.549623 0.000000 udp 10.0.2.19 1701 -> 114.79.0.24 13764 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:10.848317 2.952451 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 778 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:38:12.894663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:38:13.864154 0.000000 udp 10.0.2.19 1701 -> 87.119.163.4 5920 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:16.616282 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:38:21.012715 0.000000 udp 10.0.2.19 1701 -> 207.237.76.230 2661 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:26.160120 0.000000 udp 10.0.2.19 1701 -> 197.255.192.12 8045 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:31.758544 0.000000 udp 10.0.2.19 1701 -> 203.45.110.91 3189 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:38.477721 0.000000 udp 10.0.2.19 1701 -> 83.166.221.213 1777 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:45.087270 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:38:47.751073 0.557503 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:38:50.128445 0.000000 udp 10.0.2.19 1701 -> 197.206.3.248 10337 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:38:52.307855 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:38:58.226438 0.219516 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 788 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:38:58.529976 0.000000 udp 10.0.2.19 1701 -> 93.67.152.174 5821 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:06.918594 0.000000 udp 10.0.2.19 1701 -> 80.98.17.66 5151 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:13.157743 0.000000 udp 10.0.2.19 1701 -> 194.30.130.14 4130 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:20.919242 0.000000 udp 10.0.2.19 1701 -> 36.70.98.247 28606 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:27.899015 0.000000 udp 10.0.2.19 1701 -> 69.231.42.234 8252 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:34.007793 0.000117 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:39:37.082353 0.316156 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:39:37.446747 0.000000 udp 10.0.2.19 1701 -> 68.114.245.252 5007 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:46.005052 0.000000 udp 10.0.2.19 1701 -> 87.19.16.233 28423 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:53.235222 0.000000 udp 10.0.2.19 1701 -> 66.180.248.3 7258 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:39:58.663061 0.289370 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:39:59.052390 0.000000 udp 10.0.2.19 1701 -> 37.232.117.148 16542 INT 0 1 306 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:06.194025 0.000000 udp 10.0.2.19 1701 -> 151.50.102.109 7149 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:17.754903 0.000064 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:40:19.588493 0.346126 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 832 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:40:20.028701 0.479775 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 662 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:40:20.590347 0.000000 udp 10.0.2.19 1701 -> 110.171.136.37 1426 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:28.388341 0.000000 udp 10.0.2.19 1701 -> 92.119.19.131 9236 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:33.980586 0.000000 udp 10.0.2.19 1701 -> 94.71.146.85 6668 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:39.832011 0.000000 udp 10.0.2.19 1701 -> 94.125.134.1 10772 INT 0 1 117 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:45.117890 0.229280 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 674 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:40:45.470892 0.000000 udp 10.0.2.19 1701 -> 176.92.175.97 7194 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:51.326720 0.000000 udp 10.0.2.19 1701 -> 188.169.107.225 15894 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:40:56.913349 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:40:59.257294 0.000000 udp 10.0.2.19 1701 -> 79.45.144.39 8458 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:41:05.733224 0.262702 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 764 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 16:41:06.095948 0.000000 udp 10.0.2.19 1701 -> 122.179.33.161 10880 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:41:12.195804 0.000000 udp 10.0.2.19 1701 -> 94.93.30.18 21911 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:41:20.508125 0.000000 udp 10.0.2.19 1701 -> 80.14.30.94 4619 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:41:27.570614 0.000000 udp 10.0.2.19 1701 -> 82.91.101.29 9467 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 16:41:32.446234 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 16:41:50.678668 0.929684 tcp 10.0.2.19 51141 -> 82.211.141.181 5977 FSPA* 0 0 14 1622 flow=From-Botnet-V2-TCP-Established 1970/01/04 16:44:53.279365 3.001464 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 16:45:00.286849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:45:08.288674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:45:24.291461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:45:56.297145 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:52:07.313155 3.002276 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 16:52:14.320594 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:52:22.322726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:52:38.325570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:53:10.331868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:59:14.336896 3.002283 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 16:59:21.345178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:59:29.346396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 16:59:46.851795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:00:18.857578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:06:22.863513 3.001867 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 17:06:29.870703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:06:37.872370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:06:53.875543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:07:25.881342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:11:32.656302 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 17:11:32.656521 0.150508 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:32.807377 0.145634 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:32.953380 0.151086 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:33.104862 0.165268 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:33.270517 0.154488 udp 10.0.2.19 1701 <-> 213.123.181.44 4921 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:33.425394 0.258341 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:33.684114 0.163259 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:33.847714 0.357908 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:34.205980 0.135740 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:34.342225 0.154484 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:34.497123 0.279704 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:34.777215 0.154007 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:34.931565 0.087701 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:35.019725 0.261004 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:35.281093 0.222198 udp 10.0.2.19 1701 <-> 188.169.55.215 18951 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:35.503668 0.238974 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:35.743020 0.200903 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:35.944381 0.254337 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:36.199083 0.285333 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:36.484824 0.406915 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:36.892131 0.000000 udp 10.0.2.19 1701 -> 109.127.20.14 17939 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:11:47.648076 0.824458 tcp 10.0.2.19 51142 -> 82.211.141.181 5977 FSPA* 0 0 14 1656 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:11:55.322735 0.160693 tcp 10.0.2.19 51143 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:11:55.483677 0.243566 tcp 10.0.2.19 51144 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:11:55.728010 0.525131 udp 10.0.2.19 1701 <-> 36.73.185.159 29304 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:56.253584 0.205692 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:11:56.459742 0.000000 udp 10.0.2.19 1701 -> 188.129.163.108 5824 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:12:11.924133 0.160789 tcp 10.0.2.19 51145 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:12:12.085192 0.194992 tcp 10.0.2.19 51146 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:12:12.281216 0.178277 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:12.459885 0.463608 udp 10.0.2.19 1701 <-> 212.70.205.195 13908 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:12.923887 0.168637 udp 10.0.2.19 1701 <-> 88.247.65.143 2039 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:13.092933 0.000000 udp 10.0.2.19 1701 -> 190.239.253.243 26762 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:12:22.351988 0.000000 udp 10.0.2.19 1701 <- 88.247.65.143 2039 RSP 0 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:12:31.722835 0.159423 tcp 10.0.2.19 51147 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:12:31.882403 0.196436 tcp 10.0.2.19 51148 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:12:32.079386 0.191878 udp 10.0.2.19 1701 <-> 46.71.187.210 13907 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:32.271652 0.148547 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:32.420585 0.155574 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:32.576599 0.168251 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:32.745186 0.174781 udp 10.0.2.19 1701 <-> 78.188.99.85 11735 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:32.920298 0.127610 udp 10.0.2.19 1701 <-> 31.51.19.187 5008 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:33.048208 0.166005 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:33.214576 0.227987 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:33.442959 0.169586 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:33.612887 0.235524 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:33.848738 0.152713 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:34.001772 0.221369 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:34.223492 0.132834 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:34.356652 0.390638 udp 10.0.2.19 1701 <-> 125.161.223.169 15153 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:34.747649 0.814046 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:35.562141 0.577928 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:36.140519 0.293174 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:36.434047 0.431595 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:36.866035 0.265432 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:37.131845 0.475495 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:37.607781 0.156156 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:12:37.764254 0.275764 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:13:32.891860 3.001391 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 17:13:39.899075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:13:47.900440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:14:03.903945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:14:35.909789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:20:45.924816 3.001090 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 17:20:52.931782 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:21:00.933055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:21:16.936740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:21:51.035778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:27:57.174580 3.001981 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 17:28:04.182012 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:28:12.183491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:28:28.186512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:29:00.192623 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:35:13.201306 3.001864 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 17:35:20.209193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:35:28.210305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:35:44.213170 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:36:16.219109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:41:51.641833 0.000063 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 17:41:51.641953 0.977272 tcp 10.0.2.19 51149 -> 82.211.141.181 5977 FSPA* 0 0 14 1689 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:42:20.225047 3.001901 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 17:42:27.232748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:42:35.234301 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:42:51.237654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:43:00.010347 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 17:43:00.010559 0.000000 udp 10.0.2.19 1701 -> 109.127.20.14 17939 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:43:18.188278 0.159101 tcp 10.0.2.19 51150 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:43:18.347594 0.194711 tcp 10.0.2.19 51151 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:43:18.542867 0.000000 udp 10.0.2.19 1701 -> 188.129.163.108 5824 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:43:23.243194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:43:34.941160 0.671157 tcp 10.0.2.19 51152 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:43:35.611955 0.197437 tcp 10.0.2.19 51153 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:43:35.809930 0.698029 udp 10.0.2.19 1701 <-> 190.239.253.243 26762 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:36.508355 0.000000 udp 10.0.2.19 1701 -> 213.123.181.44 4921 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:43:53.177428 0.159504 tcp 10.0.2.19 51154 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:43:53.336662 0.205766 tcp 10.0.2.19 51155 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:43:53.542993 0.271910 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:53.815344 0.156670 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:53.972383 0.146009 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:54.118776 0.158648 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:54.277762 0.259973 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:54.538281 0.292812 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:54.831468 0.156256 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:54.988070 0.155827 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:55.144236 0.088177 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:55.232749 0.259237 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:55.492381 0.297013 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:43:55.789753 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:44:10.793026 0.161363 tcp 10.0.2.19 51156 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:44:10.954287 0.199298 tcp 10.0.2.19 51157 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:44:11.154172 0.162591 udp 10.0.2.19 1701 <-> 87.3.226.73 11075 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:11.317169 0.235820 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:11.553349 0.149528 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:11.703224 0.252325 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:11.955919 0.000000 udp 10.0.2.19 1701 -> 188.169.55.215 18951 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:44:27.747762 0.161491 tcp 10.0.2.19 51158 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:44:27.909513 0.192905 tcp 10.0.2.19 51159 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:44:28.102951 0.392308 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:28.495642 0.446049 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:28.942208 3.575963 udp 10.0.2.19 1701 <-> 36.73.185.159 29304 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:32.520240 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:44:48.127099 0.578599 tcp 10.0.2.19 51160 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:44:48.705790 0.198214 tcp 10.0.2.19 51161 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:44:48.904570 0.180881 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:49.085822 0.153098 udp 10.0.2.19 1701 <-> 212.70.205.195 13908 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:49.239314 0.177075 udp 10.0.2.19 1701 <-> 88.247.65.143 2039 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:49.416781 0.207788 udp 10.0.2.19 1701 <-> 46.71.187.210 13907 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:49.624979 0.161992 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:49.787345 0.182059 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:49.969783 0.164618 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:44:50.134753 0.000000 udp 10.0.2.19 1701 -> 78.188.99.85 11735 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:45:06.002355 0.162519 tcp 10.0.2.19 51162 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:45:06.164501 0.205850 tcp 10.0.2.19 51163 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:45:06.370926 0.000000 udp 10.0.2.19 1701 -> 31.51.19.187 5008 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:45:21.514988 0.178281 tcp 10.0.2.19 51164 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:45:21.693383 0.202827 tcp 10.0.2.19 51165 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:45:21.896777 0.167474 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:22.064599 0.230077 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:22.295055 0.152531 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:22.447950 0.227078 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:22.675370 0.152185 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:22.827917 0.220191 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:24.879085 0.138358 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:25.017831 0.390117 udp 10.0.2.19 1701 <-> 125.161.223.169 15153 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:25.408341 0.773180 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:26.181878 0.585379 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:26.767615 0.219029 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:26.987006 0.000000 udp 10.0.2.19 1701 -> 190.206.29.96 13874 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 17:45:42.164738 0.165063 tcp 10.0.2.19 51166 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:45:42.330110 0.202001 tcp 10.0.2.19 51167 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 17:45:42.532652 0.284651 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:42.817694 0.260722 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:43.078826 0.483913 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:45:43.563116 0.156084 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 17:49:27.689886 3.001522 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 17:49:34.697069 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:49:42.699262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:49:58.702302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:50:30.707936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:56:34.713721 3.002167 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 17:56:41.721655 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:56:49.722525 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:57:05.726200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 17:57:37.731697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:03:41.737865 3.002085 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 18:03:48.745404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:03:56.746859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:04:13.611026 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:04:45.617151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:10:50.624050 3.002265 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 18:10:57.631841 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:11:05.633526 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:11:21.806819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:11:53.562986 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 18:11:53.563171 0.972941 tcp 10.0.2.19 51168 -> 82.211.141.181 5977 FSPA* 0 0 14 1655 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:11:53.812814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:15:51.544824 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 18:15:51.544929 0.000000 udp 10.0.2.19 1701 -> 213.123.181.44 4921 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:16:09.262748 0.160716 tcp 10.0.2.19 51169 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:16:09.423565 0.196452 tcp 10.0.2.19 51170 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:16:09.620662 0.178895 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:16:09.799940 0.000000 udp 10.0.2.19 1701 -> 188.169.55.215 18951 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:16:27.667704 0.189272 tcp 10.0.2.19 51171 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:16:27.857300 0.295471 tcp 10.0.2.19 51172 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:16:28.153334 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:16:46.504776 0.168026 tcp 10.0.2.19 51173 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:16:46.673003 0.211893 tcp 10.0.2.19 51174 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:16:46.885487 0.000000 udp 10.0.2.19 1701 -> 31.51.19.187 5008 INT 0 1 266 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:17:05.862637 0.171185 tcp 10.0.2.19 51175 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:17:06.033531 0.196679 tcp 10.0.2.19 51176 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:17:06.230766 0.000000 udp 10.0.2.19 1701 -> 78.188.99.85 11735 INT 0 1 92 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:17:24.269134 0.160267 tcp 10.0.2.19 51177 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:17:24.428978 0.192002 tcp 10.0.2.19 51178 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:17:24.621550 0.420599 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:25.042499 0.000000 udp 10.0.2.19 1701 -> 190.239.253.243 26762 INT 0 1 98 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:17:43.476688 0.160005 tcp 10.0.2.19 51179 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:17:43.636951 0.190112 tcp 10.0.2.19 51180 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:17:43.827613 0.183651 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:44.011683 0.151527 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:44.163552 0.162157 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:44.326304 0.158170 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:44.484891 0.260377 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:44.745647 0.283423 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:45.029503 0.165032 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:45.194870 0.151550 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:45.346782 0.088242 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:45.435347 0.262059 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:45.697777 0.281298 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:45.979439 0.191788 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:17:46.171652 0.000000 udp 10.0.2.19 1701 -> 87.3.226.73 11075 INT 0 1 99 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:18:01.712737 0.164293 tcp 10.0.2.19 51181 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:18:01.877280 0.257675 tcp 10.0.2.19 51182 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:18:02.135492 0.313892 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:02.449777 0.257861 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:02.708042 0.414790 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:03.123178 0.204664 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:03.328263 0.406660 udp 10.0.2.19 1701 <-> 36.73.185.159 29304 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:03.735295 0.189224 udp 10.0.2.19 1701 <-> 46.71.187.210 13907 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:03.924872 0.000000 udp 10.0.2.19 1701 -> 88.247.65.143 2039 INT 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:18:04.829012 3.001644 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 18:18:11.836022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:18:19.508660 0.171245 tcp 10.0.2.19 51183 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:18:19.679737 0.191751 tcp 10.0.2.19 51184 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:18:19.838367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:18:19.872057 0.164031 udp 10.0.2.19 1701 <-> 212.70.205.195 13908 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:20.036454 0.171135 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:20.207975 0.152004 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:20.360365 0.167203 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:20.527951 0.153307 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:20.681625 0.197753 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:20.879748 0.445864 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:21.325971 0.156224 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:21.482611 0.164438 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:21.647474 0.226752 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:21.874582 0.328651 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:22.203574 0.138132 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:22.342291 0.396374 udp 10.0.2.19 1701 <-> 125.161.223.169 15153 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:22.739038 0.606584 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:23.345979 0.000000 udp 10.0.2.19 1701 -> 190.175.199.126 4258 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:18:35.841737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:18:39.577934 0.160480 tcp 10.0.2.19 51185 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:18:39.738011 0.195772 tcp 10.0.2.19 51186 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:18:39.934505 0.230555 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:40.165427 0.276237 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:40.442048 0.152801 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:40.595227 0.274169 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:18:40.869805 0.470676 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:19:07.846892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:25:35.857060 3.001988 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 18:25:42.864850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:25:50.866654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:26:06.869613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:26:38.875520 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:32:42.880799 3.002033 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 18:32:49.888958 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:32:57.890118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:33:13.893206 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:33:45.899154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:39:49.905016 3.001998 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 18:39:56.912356 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:40:04.914028 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:40:20.917044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:40:53.184075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:41:54.672664 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 18:41:54.672860 0.930278 tcp 10.0.2.19 51187 -> 82.211.141.181 5977 FSPA* 0 0 15 1611 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:47:00.193813 3.001527 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 18:47:07.201275 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:47:15.202876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:47:31.205984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:48:03.211964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:48:58.531743 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 18:48:58.531850 0.000000 udp 10.0.2.19 1701 -> 190.239.253.243 26762 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:49:15.398039 0.171042 tcp 10.0.2.19 51188 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:49:15.569252 0.197181 tcp 10.0.2.19 51189 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:49:15.766991 0.000000 udp 10.0.2.19 1701 -> 87.3.226.73 11075 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:49:33.102471 0.177125 tcp 10.0.2.19 51190 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:49:33.279812 0.201051 tcp 10.0.2.19 51191 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:49:33.481423 0.000000 udp 10.0.2.19 1701 -> 88.247.65.143 2039 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:49:48.744770 0.160631 tcp 10.0.2.19 51192 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:49:48.904895 0.214859 tcp 10.0.2.19 51193 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:49:49.120300 0.000000 udp 10.0.2.19 1701 -> 190.175.199.126 4258 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:50:07.201140 0.160169 tcp 10.0.2.19 51194 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:50:07.361114 0.196830 tcp 10.0.2.19 51195 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:50:07.558695 0.174131 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:07.733231 0.601601 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:08.335176 0.181385 udp 10.0.2.19 1701 <-> 62.18.183.173 2682 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:08.516929 0.283200 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:08.800513 0.162573 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:08.963478 0.136077 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:09.099937 0.095928 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:09.196220 0.155598 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:09.352184 0.145354 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:09.497932 0.265795 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:09.764125 0.158925 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:09.923383 0.145172 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:10.068993 0.257018 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:10.326383 0.285209 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:10.611951 0.267564 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:10.879872 0.234926 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:11.115225 0.199733 udp 10.0.2.19 1701 <-> 46.71.187.210 13907 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:11.315371 0.520493 udp 10.0.2.19 1701 <-> 36.73.185.159 29304 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:11.836232 0.272377 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:12.109017 0.406698 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:12.516132 0.000000 udp 10.0.2.19 1701 -> 212.70.205.195 13908 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:50:29.704014 0.161416 tcp 10.0.2.19 51196 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:50:29.865121 0.203154 tcp 10.0.2.19 51197 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:50:30.068835 0.165980 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:30.235221 0.157929 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:30.393494 0.165004 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:30.558854 0.170019 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:30.729296 0.170380 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:30.900073 0.155053 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:31.055508 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 90 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:50:48.350328 0.170590 tcp 10.0.2.19 51198 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:50:48.521210 0.204094 tcp 10.0.2.19 51199 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:50:48.725857 0.172505 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:48.898767 0.218279 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:49.117471 0.136677 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:49.254516 0.296073 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:50:49.550946 0.000000 udp 10.0.2.19 1701 -> 125.161.223.169 15153 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 18:51:06.856891 0.160331 tcp 10.0.2.19 51200 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:51:07.017563 0.201762 tcp 10.0.2.19 51201 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 18:51:07.219899 0.589914 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:51:07.810359 0.269972 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:51:08.080710 0.169814 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:51:08.250928 0.267484 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:51:08.518800 0.219537 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:51:08.738723 0.467137 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 18:54:07.217741 3.001973 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 18:54:14.225475 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:54:22.226716 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:54:38.229799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 18:55:10.446055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:01:14.452062 3.002136 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 19:01:21.459400 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:01:29.461411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:01:45.463791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:02:17.470334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:08:21.476301 3.001760 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 19:08:28.483792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:08:36.484822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:08:52.488073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:09:24.493979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:11:55.712069 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 19:11:55.712280 0.960868 tcp 10.0.2.19 51202 -> 82.211.141.181 5977 FSPA* 0 0 14 1611 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:15:28.499920 3.001620 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 19:15:35.507454 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:15:43.509391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:15:59.512061 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:16:31.517699 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:21:38.680177 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 19:21:38.680365 0.000000 udp 10.0.2.19 1701 -> 212.70.205.195 13908 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 19:21:55.055630 0.162892 tcp 10.0.2.19 51203 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:21:55.218059 0.192472 tcp 10.0.2.19 51204 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:21:55.411115 0.242659 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:21:55.654273 0.000000 udp 10.0.2.19 1701 -> 125.161.223.169 15153 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 19:22:11.888733 0.158995 tcp 10.0.2.19 51205 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:22:12.047454 0.193066 tcp 10.0.2.19 51206 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:22:12.241101 0.177396 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:12.418893 0.283346 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:12.702604 0.376088 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:13.079067 0.000000 udp 10.0.2.19 1701 -> 62.18.183.173 2682 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 19:22:28.613025 0.162897 tcp 10.0.2.19 51207 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:22:28.776124 0.216137 tcp 10.0.2.19 51208 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:22:28.992853 0.108149 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:29.101356 0.979288 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:30.081027 0.143119 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:30.224511 0.136262 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:30.361122 0.143776 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:30.505308 0.170273 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:30.675915 0.269284 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:30.945588 0.174966 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:31.120968 0.295742 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:31.417074 0.143973 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:31.561386 0.257597 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:31.819338 0.238624 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:32.058322 0.190970 udp 10.0.2.19 1701 <-> 46.71.187.210 13907 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:32.249704 0.000000 udp 10.0.2.19 1701 -> 36.73.185.159 29304 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 19:22:35.524300 3.001457 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 19:22:42.531453 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:22:47.640099 0.380927 tcp 10.0.2.19 51209 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:22:48.021140 0.192228 tcp 10.0.2.19 51210 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:22:48.213955 0.278197 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:48.492536 0.403116 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:48.896031 0.164900 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:49.061357 0.171026 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:49.232725 0.154954 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:49.388064 0.159404 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:49.547838 0.157352 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:49.705608 0.225247 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:49.931221 0.155588 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:50.087158 0.304851 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:50.392355 0.120531 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 212 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:50.513255 0.264227 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:50.643174 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:22:50.777823 0.585929 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:51.364100 0.267395 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:51.631852 0.219977 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:51.852186 0.278278 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:52.130811 0.167682 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:22:52.298820 0.472613 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:23:06.645822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:23:38.652507 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:29:42.658820 3.001368 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 19:29:49.665906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:29:57.666800 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:30:13.670475 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:30:45.676125 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:36:49.682011 3.001573 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 19:36:56.689722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:37:04.691436 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:37:20.694097 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:37:52.700091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:41:56.791309 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 19:41:56.791505 0.997048 tcp 10.0.2.19 51211 -> 82.211.141.181 5977 FSPA* 0 0 14 1614 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:43:56.705454 3.002460 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 19:44:03.713804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:44:11.715171 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:44:28.749492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:45:00.755351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:51:04.761018 3.002548 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 19:51:11.768694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:51:19.770806 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:51:35.773457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:52:07.779824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:53:21.956458 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 19:53:21.956640 0.000000 udp 10.0.2.19 1701 -> 62.18.183.173 2682 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 19:53:38.812716 0.161513 tcp 10.0.2.19 51212 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:53:38.974473 0.207666 tcp 10.0.2.19 51213 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:53:39.182688 0.000000 udp 10.0.2.19 1701 -> 36.73.185.159 29304 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 19:53:58.169210 0.161921 tcp 10.0.2.19 51214 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:53:58.331401 0.202963 tcp 10.0.2.19 51215 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 19:53:58.534926 0.237646 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:53:58.772920 0.150360 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:53:58.923661 0.410114 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:53:59.334180 0.306076 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:53:59.640596 0.176887 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:53:59.817872 0.126281 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:53:59.944492 0.172393 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:00.117271 0.271800 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:00.389434 0.418788 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:00.808568 0.274695 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:01.083657 0.149117 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:01.233135 0.258380 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:01.491907 0.168104 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:01.660374 0.165085 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:01.826053 0.215949 udp 10.0.2.19 1701 <-> 46.71.187.210 13907 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:02.042347 0.247098 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:02.289816 0.231513 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:02.521757 0.147125 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:02.669293 0.164146 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:02.833897 0.170008 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:03.004271 0.152703 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:03.157346 0.164556 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:03.322407 0.157003 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:03.479825 0.401002 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:03.881234 0.150957 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:04.032531 0.311860 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:04.344834 0.140868 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:04.486195 0.157387 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:04.643974 0.595774 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:05.240180 0.276826 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:05.517420 0.230128 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:05.747896 0.153999 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:05.902343 0.217481 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:06.120176 0.267606 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:54:06.388187 0.475016 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 19:58:11.785683 3.001222 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 19:58:18.792826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:58:26.794653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:58:42.797409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 19:59:14.803726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:05:18.808920 3.002233 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 20:05:25.817075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:05:34.128795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:05:50.131805 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:06:22.137762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:11:58.451702 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 20:11:58.451797 1.175320 tcp 10.0.2.19 51216 -> 82.211.141.181 5977 FSPA* 0 0 15 1697 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:12:26.143607 3.212072 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/04 20:12:31.359006 4.005888 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/04 20:12:44.557998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:13:00.560460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:13:33.557945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:19:41.880290 3.001498 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 20:19:48.888092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:19:56.889393 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:20:12.892261 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:20:44.898399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:24:13.207810 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 20:24:13.207983 0.228384 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:13.436786 0.401459 udp 10.0.2.19 1701 <-> 97.116.228.60 8666 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:13.838715 0.088400 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:13.927484 0.158917 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:14.086803 0.388206 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:14.475380 0.133107 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:14.608858 0.150705 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:14.760051 0.262779 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:15.023220 0.142216 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:15.165801 0.257326 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:15.423523 0.165886 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:15.589788 0.154028 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:15.744225 0.277916 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:16.022498 0.147192 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:16.170040 0.000000 udp 10.0.2.19 1701 -> 46.71.187.210 13907 INT 0 1 113 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 20:24:31.446581 0.160825 tcp 10.0.2.19 51217 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:24:31.607643 0.200696 tcp 10.0.2.19 51218 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:24:31.808912 1.060413 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:32.869703 0.233169 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:33.103282 0.271649 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:33.375364 0.165097 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:33.540823 0.166085 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:33.707248 0.153002 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:33.860564 0.176253 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:34.037207 0.386198 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:34.423759 0.416614 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:34.840755 0.163636 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 212 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:35.004788 0.306789 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:35.312000 0.155278 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:35.467638 0.152485 udp 10.0.2.19 1701 <-> 5.178.147.12 8396 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:35.620478 0.223349 udp 10.0.2.19 1701 <-> 94.43.33.13 15074 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:35.844193 0.617378 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:36.462078 0.283082 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:36.745572 0.267713 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:37.013688 0.179297 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:37.193382 0.221285 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:24:37.415092 0.468001 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:26:48.904165 3.001582 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 20:26:55.912034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:27:03.913741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:27:19.916240 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:27:51.922701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:33:57.990641 3.002368 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 20:34:04.998662 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:34:13.000472 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:34:29.003210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:35:01.009162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:41:10.022461 3.001441 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 20:41:17.030331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:41:25.031276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:41:41.034719 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:42:06.160635 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 20:42:06.160831 0.950666 tcp 10.0.2.19 51219 -> 82.211.141.181 5977 FSPA* 0 0 14 1710 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:42:15.494207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:48:19.499870 3.001533 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 20:48:26.507643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:48:34.508757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:48:50.511650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:49:22.517696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:55:06.051796 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 20:55:06.051975 0.000000 udp 10.0.2.19 1701 -> 46.71.187.210 13907 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 20:55:22.337575 0.166410 tcp 10.0.2.19 51220 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:55:22.503425 0.217664 tcp 10.0.2.19 51221 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:55:22.721646 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 20:55:26.523796 3.002049 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 20:55:33.531118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:55:41.223593 0.161163 tcp 10.0.2.19 51222 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:55:41.384943 0.193364 tcp 10.0.2.19 51223 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:55:41.532801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:55:41.578872 0.395937 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:55:41.975160 0.136927 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:55:42.112422 0.000000 udp 10.0.2.19 1701 -> 97.116.228.60 8666 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 20:55:57.535740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:56:00.482410 0.168798 tcp 10.0.2.19 51224 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:56:00.650716 0.196890 tcp 10.0.2.19 51225 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:56:00.848175 0.093098 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:00.941626 0.163799 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:01.105763 0.143008 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:01.249093 0.146473 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:01.395931 0.267526 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:01.663840 0.156079 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:01.820319 0.284152 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:02.104844 0.286112 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:02.391318 0.153343 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:02.545090 0.169138 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:02.714579 0.255764 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:02.970721 0.235426 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:03.206500 0.287089 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:03.493959 0.151481 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:03.645839 0.154226 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:03.800429 0.155730 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:03.956534 0.159595 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:04.116525 0.176727 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:04.293552 0.404744 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:04.698649 0.156749 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:04.855717 0.308367 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:05.164473 0.158785 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:05.323602 0.000000 udp 10.0.2.19 1701 -> 5.178.147.12 8396 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 20:56:20.540237 0.159644 tcp 10.0.2.19 51226 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:56:20.700174 0.201077 tcp 10.0.2.19 51227 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:56:20.901777 0.000000 udp 10.0.2.19 1701 -> 94.43.33.13 15074 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 20:56:29.541816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 20:56:40.058474 0.171203 tcp 10.0.2.19 51228 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:56:40.230012 0.201582 tcp 10.0.2.19 51229 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 20:56:40.432149 0.507692 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:40.940174 0.156205 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:41.096741 0.213520 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:41.310608 0.264144 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:41.575178 0.272263 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 20:56:41.847827 0.469931 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:02:35.881019 3.002040 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 21:02:42.888703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:02:50.889968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:03:06.893360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:03:40.892299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:09:44.897344 3.002513 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 21:09:51.905774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:09:59.907024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:10:15.909732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:10:47.916460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:12:09.243190 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 21:12:09.243418 0.943934 tcp 10.0.2.19 51230 -> 82.211.141.181 5977 FSPA* 0 0 14 1677 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:16:51.921800 3.002226 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 21:16:58.929777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:17:06.930976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:17:22.933884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:17:54.939892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:23:58.955809 3.001924 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 21:24:05.963874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:24:13.964974 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:24:29.967893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:25:05.088229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:27:02.797714 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 21:27:02.797919 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:27:19.674521 0.160297 tcp 10.0.2.19 51231 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:27:19.835153 0.196348 tcp 10.0.2.19 51232 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:27:20.032152 0.000000 udp 10.0.2.19 1701 -> 97.116.228.60 8666 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:27:35.936269 0.161037 tcp 10.0.2.19 51233 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:27:36.097563 0.236752 tcp 10.0.2.19 51234 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:27:36.334889 0.000000 udp 10.0.2.19 1701 -> 5.178.147.12 8396 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:27:54.373534 0.170137 tcp 10.0.2.19 51235 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:27:54.543229 0.190049 tcp 10.0.2.19 51236 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:27:54.733842 0.000000 udp 10.0.2.19 1701 -> 94.43.33.13 15074 INT 0 1 88 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:28:13.611168 0.159935 tcp 10.0.2.19 51237 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:28:13.770868 0.196805 tcp 10.0.2.19 51238 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:28:13.968233 0.155115 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:14.123738 0.371131 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:14.495246 0.143911 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:14.639528 0.152042 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:14.791936 0.260602 udp 10.0.2.19 1701 <-> 117.198.174.226 13453 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:15.052937 0.098783 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:15.152118 0.143669 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:15.296171 0.285275 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:15.581849 0.152633 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:15.734830 0.270033 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:16.005251 0.165903 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:16.171563 0.213579 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:16.385498 0.153841 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:16.539744 0.146379 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:16.686531 0.240188 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:16.927127 0.264921 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:17.192482 0.171308 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:17.364158 0.427089 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:17.791633 0.222200 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:18.014231 0.437406 udp 10.0.2.19 1701 <-> 85.72.219.246 10197 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:18.452045 0.166985 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:18.619429 0.314972 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:18.934753 0.000000 udp 10.0.2.19 1701 -> 46.49.109.30 8649 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:28:36.824689 0.160009 tcp 10.0.2.19 51239 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:28:36.985009 0.198470 tcp 10.0.2.19 51240 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:28:37.184058 0.162818 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:37.347321 0.152429 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:37.500131 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:28:53.127234 0.213379 tcp 10.0.2.19 51241 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:28:53.340907 0.199830 tcp 10.0.2.19 51242 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:28:53.541292 0.590781 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:54.132438 0.278583 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:54.411408 0.278273 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:28:54.690136 0.473806 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:31:09.094181 3.002112 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 21:31:16.102298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:31:24.103441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:31:40.106191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:32:12.673659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:38:16.679197 3.002033 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 21:38:23.686591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:38:31.688098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:38:47.691122 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:39:19.697066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:42:11.965007 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 21:42:11.965110 0.898239 tcp 10.0.2.19 51243 -> 82.211.141.181 5977 FSPA* 0 0 14 1753 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:45:23.702555 3.002079 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 21:45:30.710783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:45:38.711859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:45:57.588942 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:46:30.596945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:52:36.755520 3.001770 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 21:52:43.763505 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:52:51.764460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:53:10.261352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:53:47.345660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 21:59:16.588037 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 21:59:16.588230 0.000000 udp 10.0.2.19 1701 -> 46.49.109.30 8649 INT 0 1 271 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:59:34.706774 0.160377 tcp 10.0.2.19 51244 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:59:34.866992 0.211386 tcp 10.0.2.19 51245 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:59:35.078923 0.226093 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:59:35.305396 0.385128 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:59:35.690890 0.129309 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:59:35.820648 0.143390 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:59:35.964440 0.088117 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:59:36.052908 0.000000 udp 10.0.2.19 1701 -> 79.132.4.58 2921 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 21:59:51.449851 0.158459 tcp 10.0.2.19 51246 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:59:51.608018 0.216300 tcp 10.0.2.19 51247 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 21:59:51.824877 0.294518 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 21:59:52.119821 0.000000 udp 10.0.2.19 1701 -> 117.198.174.226 13453 INT 0 1 166 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:00:03.417542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 1 146 flow=Background 1970/01/04 22:00:13.665552 1.979393 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/04 22:00:17.254479 0.160198 tcp 10.0.2.19 51248 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:00:17.414433 0.190904 tcp 10.0.2.19 51249 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:00:17.605912 0.169096 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:17.775391 0.164215 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:17.939967 0.168791 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:18.109141 0.151480 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:18.260981 0.261652 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:18.523039 0.274700 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:18.798180 0.170864 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:18.969466 0.150046 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:19.119992 0.257653 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:19.378208 0.236949 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:19.590195 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:00:19.615521 0.403419 udp 10.0.2.19 1701 <-> 112.208.40.220 10763 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:20.019342 0.166374 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:20.186144 0.000000 udp 10.0.2.19 1701 -> 85.72.219.246 10197 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:00:27.485980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:00:37.525220 0.160746 tcp 10.0.2.19 51250 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:00:37.685610 0.207461 tcp 10.0.2.19 51251 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:00:37.893661 0.180855 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:38.074893 0.306827 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:38.382177 0.171748 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:38.554468 0.141398 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:38.696299 0.593343 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:39.290065 0.261500 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:39.551963 0.269134 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:39.821537 0.475076 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:00:43.273091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:01:14.837071 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:07:13.545866 3.002440 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 22:07:20.554167 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:07:28.555788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:07:44.558679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:08:16.564381 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:12:21.356744 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 22:12:21.356934 1.033237 tcp 10.0.2.19 51252 -> 82.211.141.181 5977 FSPA* 0 0 14 1602 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:14:22.573289 3.001831 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 22:14:29.581054 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:14:37.582662 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:14:53.585257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:15:25.591232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:21:29.596658 3.002067 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 22:21:36.605036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:21:46.288786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:22:02.292023 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:22:34.297883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:28:49.309622 3.001523 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 22:28:56.316546 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:29:04.318352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:29:20.321501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:29:52.327452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:30:45.414139 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 22:30:45.414360 0.000000 udp 10.0.2.19 1701 -> 117.198.174.226 13453 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:31:02.110473 0.177197 tcp 10.0.2.19 51253 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:02.270723 0.190887 tcp 10.0.2.19 51254 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:02.462829 0.000000 udp 10.0.2.19 1701 -> 79.132.4.58 2921 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:31:17.921408 0.176640 tcp 10.0.2.19 51255 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:18.098398 0.192017 tcp 10.0.2.19 51256 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:18.291013 0.000000 udp 10.0.2.19 1701 -> 85.72.219.246 10197 INT 0 1 99 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:31:33.924801 0.160556 tcp 10.0.2.19 51257 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:34.085016 0.193624 tcp 10.0.2.19 51258 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:34.279206 0.229871 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:34.509523 0.136274 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:34.646205 0.494771 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 585 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:35.141373 0.146143 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:35.287910 0.093529 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:35.381806 0.281514 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:35.663711 0.164401 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:35.828469 0.163551 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:35.992349 0.193183 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:31:36.185886 0.000000 udp 10.0.2.19 1701 -> 2.117.252.6 26750 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:31:54.193728 0.158725 tcp 10.0.2.19 51259 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:54.352349 0.201318 tcp 10.0.2.19 51260 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:31:54.554246 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:32:12.219823 0.189232 tcp 10.0.2.19 51261 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:32:12.409384 0.234549 tcp 10.0.2.19 51262 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:32:12.644499 0.163703 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:12.808594 0.248571 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:13.057575 0.000000 udp 10.0.2.19 1701 -> 195.110.142.232 16163 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:32:28.923911 0.169840 tcp 10.0.2.19 51263 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:32:29.094039 0.207713 tcp 10.0.2.19 51264 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:32:29.302515 0.183219 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:29.486184 0.250853 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:29.737432 0.169602 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:29.907410 0.000000 udp 10.0.2.19 1701 -> 112.208.40.220 10763 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 22:32:47.821429 0.160049 tcp 10.0.2.19 51265 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:32:47.981902 0.190056 tcp 10.0.2.19 51266 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:32:48.172719 0.166883 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:48.340066 0.319933 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:48.660460 0.159161 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:48.820032 0.143658 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:48.964112 0.697022 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:49.661600 0.261756 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:49.923805 0.356635 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:32:50.280899 0.465915 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 22:35:57.334765 3.002098 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 22:36:04.342701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:36:12.343572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:36:28.346686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:37:00.352974 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:42:23.227122 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 22:42:23.227297 2.994350 tcp 10.0.2.19 51267 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 22:42:32.229762 0.000000 tcp 10.0.2.19 51267 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/04 22:42:38.981817 0.203027 tcp 10.0.2.19 51268 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:42:39.185038 0.208024 tcp 10.0.2.19 51269 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:42:39.826896 1.689035 tcp 10.0.2.19 51270 -> 90.156.118.144 5237 FSPA* 0 0 14 1655 flow=From-Botnet-V2-TCP-Established 1970/01/04 22:43:05.109718 3.002083 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 22:43:12.117224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:43:20.118607 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:43:36.122213 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:44:08.127991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:50:12.133937 3.001693 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 22:50:19.141589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:50:27.142906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:50:43.145981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:51:15.151761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:57:19.157758 3.001397 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 22:57:26.174931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:57:34.176919 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:57:50.179829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 22:58:22.186176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:03:18.983336 0.000151 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:03:18.983657 0.256723 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:19.240845 0.000000 udp 10.0.2.19 1701 -> 2.117.252.6 26750 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:03:35.509199 2.039995 tcp 10.0.2.19 51271 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:03:35.679565 0.209679 tcp 10.0.2.19 51272 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:03:35.890177 0.157545 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:36.048179 0.000000 udp 10.0.2.19 1701 -> 112.208.40.220 10763 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:03:52.161646 0.935982 tcp 10.0.2.19 51273 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:03:53.097313 0.208890 tcp 10.0.2.19 51274 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:03:53.306776 0.137559 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:53.444690 0.229021 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:53.674253 0.157886 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:53.832508 0.142767 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:53.975642 0.358047 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:54.334264 0.285348 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:54.619972 0.086902 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:54.707205 0.169502 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:54.877072 0.230845 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:55.108270 0.176483 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:55.285189 0.236405 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:55.521953 0.172665 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:55.695016 0.259135 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:55.954483 0.156183 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:56.111012 0.320306 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:56.431706 0.157658 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:56.589720 0.165172 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:56.755252 0.141441 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:56.897128 0.619627 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:57.517132 0.473490 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:57.991063 0.279718 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:58.271197 0.274105 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:58.615137 0.264970 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 775 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:58.880586 0.154850 udp 10.0.2.19 1701 <-> 195.110.142.232 16163 CON 0 0 2 736 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:59.035941 0.145719 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 788 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:59.182310 0.217233 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 675 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:59.400047 0.158382 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 803 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:59.558908 0.366899 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 764 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:03:59.926482 0.297764 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 793 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:00.224692 0.100708 udp 10.0.2.19 1701 <-> 77.70.40.131 2307 CON 0 0 2 835 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:00.325831 0.146471 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 729 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:00.472797 0.164486 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 815 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:00.637778 0.159844 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 710 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:00.798157 0.168060 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:00.966796 0.240280 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 745 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:01.207562 0.177320 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 762 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:01.385309 0.158121 udp 10.0.2.19 1701 <-> 188.129.248.221 1192 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:01.543998 0.000000 udp 10.0.2.19 1701 -> 66.226.34.247 4310 REQ 0 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:10.406922 0.164774 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 811 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:10.572142 0.257192 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:10.829824 0.166909 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 746 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:10.997282 0.173297 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 758 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:11.171056 0.642410 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 653 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:11.814005 0.276627 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 743 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:12.091141 0.478309 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:12.570047 0.279562 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 739 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:12.850406 0.000000 udp 10.0.2.19 1701 -> 66.237.226.20 1336 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:21.632760 0.239738 udp 10.0.2.19 1701 <-> 99.8.121.25 4727 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:22.013234 0.277621 udp 10.0.2.19 1701 <-> 178.91.64.56 24834 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:22.324818 0.220574 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 732 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:04:22.590275 0.000000 udp 10.0.2.19 1701 -> 79.129.53.83 24517 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:26.561979 3.002024 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 23:04:27.200234 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:04:28.162620 0.000000 udp 10.0.2.19 1701 -> 64.6.169.162 14876 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:33.569895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:04:36.834564 0.000000 udp 10.0.2.19 1701 -> 74.112.55.97 1398 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:41.571571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:04:42.533232 0.000000 udp 10.0.2.19 1701 -> 88.235.62.57 3820 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:49.242680 0.000000 udp 10.0.2.19 1701 -> 79.13.68.87 4516 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:54.580036 0.000000 udp 10.0.2.19 1701 -> 41.134.200.145 5746 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:04:57.574183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:05:02.711953 0.456966 udp 10.0.2.19 1701 <-> 186.95.17.106 4403 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:05:03.278743 0.000000 udp 10.0.2.19 1701 -> 93.223.117.163 16013 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:07.788634 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:05:10.122505 0.167629 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 778 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:05:10.355212 0.000000 udp 10.0.2.19 1701 -> 186.151.145.104 2648 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:17.622900 0.000000 udp 10.0.2.19 1701 -> 78.164.240.91 18769 INT 0 1 306 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:25.294382 0.000000 udp 10.0.2.19 1701 -> 24.242.160.242 1482 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:30.611586 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:05:33.285421 0.000000 udp 10.0.2.19 1701 -> 118.21.140.162 12216 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:39.794904 0.292046 udp 10.0.2.19 1701 <-> 98.20.5.95 4178 CON 0 0 2 734 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:05:40.178408 0.211829 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 704 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:05:40.463014 0.243351 udp 10.0.2.19 1701 -> 187.174.119.158 6747 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:40.706365 0.000000 icmp 201.117.45.105 0x0303 -> 10.0.2.19 0x5b1a URP 192 1 297 flow=Background 1970/01/04 23:05:44.732263 0.000066 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:05:47.686720 0.000000 udp 10.0.2.19 1701 -> 50.75.48.164 3660 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:52.743861 0.000000 udp 10.0.2.19 1701 -> 71.9.107.246 7690 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:05:59.864123 0.000000 udp 10.0.2.19 1701 -> 186.178.208.222 15656 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:08.355899 0.108759 udp 10.0.2.19 1701 <-> 84.151.242.149 4507 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:06:08.507691 0.000000 udp 10.0.2.19 1701 -> 62.174.80.114 7773 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:15.285845 0.000000 udp 10.0.2.19 1701 -> 189.128.198.24 20217 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:20.233146 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:06:23.998867 0.000000 udp 10.0.2.19 1701 -> 173.86.45.216 8590 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:31.760234 0.160229 udp 10.0.2.19 1701 <-> 95.104.67.50 9397 CON 0 0 2 724 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:06:32.008482 0.255738 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 758 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:06:32.373224 0.000000 udp 10.0.2.19 1701 -> 186.115.63.192 5509 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:39.861620 0.000000 udp 10.0.2.19 1701 -> 186.220.195.112 5851 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:45.049258 0.000000 udp 10.0.2.19 1701 -> 37.232.3.124 13912 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:51.928789 0.000000 udp 10.0.2.19 1701 -> 177.206.32.119 2285 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:06:56.735848 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:06:58.568431 0.000000 udp 10.0.2.19 1701 -> 80.14.30.94 4619 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:04.126419 0.288155 udp 10.0.2.19 1701 <-> 190.118.81.174 7353 CON 0 0 2 749 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:07:04.533004 0.000000 udp 10.0.2.19 1701 -> 81.37.182.77 11228 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:10.435205 0.000000 udp 10.0.2.19 1701 -> 173.217.224.134 5177 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:19.077930 0.000000 udp 10.0.2.19 1701 -> 78.237.68.37 6347 INT 0 1 300 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:24.155406 0.000000 udp 10.0.2.19 1701 -> 85.97.42.133 4990 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:32.126480 0.000000 udp 10.0.2.19 1701 -> 71.179.255.7 9897 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:36.733204 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:07:39.607653 0.000000 udp 10.0.2.19 1701 -> 90.25.116.35 5145 INT 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:47.859690 0.000000 udp 10.0.2.19 1701 -> 88.243.239.45 26997 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:07:53.197150 1.125899 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 753 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:07:55.484533 0.000000 udp 10.0.2.19 1701 -> 74.7.208.130 8232 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:03.872401 0.000000 udp 10.0.2.19 1701 -> 64.183.131.195 1949 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:12.194034 0.133084 udp 10.0.2.19 1701 -> 94.88.11.18 3441 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:12.327118 0.000000 icmp 94.82.7.146 0x0303 -> 10.0.2.19 0x710d URP 192 1 194 flow=Background 1970/01/04 23:08:16.730293 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:08:19.244281 0.236814 udp 10.0.2.19 1701 <-> 69.250.218.50 6179 CON 0 0 2 678 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:08:19.523287 0.343312 udp 10.0.2.19 1701 <-> 94.43.182.45 19593 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:08:19.967791 0.000000 udp 10.0.2.19 1701 -> 83.28.204.173 8842 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:28.718179 0.000000 udp 10.0.2.19 1701 -> 176.73.130.200 24915 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:34.335820 0.254310 udp 10.0.2.19 1701 <-> 190.56.105.225 1007 CON 0 0 2 737 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:08:34.691936 0.000000 udp 10.0.2.19 1701 -> 201.90.55.50 2860 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:41.997083 0.000000 udp 10.0.2.19 1701 -> 109.242.231.112 9055 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:48.096257 0.192118 udp 10.0.2.19 1701 <-> 2.84.26.82 28328 CON 0 0 2 696 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:08:48.347856 0.000000 udp 10.0.2.19 1701 -> 88.227.240.128 17786 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:08:52.732779 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:08:54.224685 0.128666 udp 10.0.2.19 1701 <-> 151.70.71.239 19928 CON 0 0 2 660 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:08:54.629316 0.000000 udp 10.0.2.19 1701 -> 95.231.149.46 1621 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:01.425356 0.000000 udp 10.0.2.19 1701 -> 65.242.167.2 2059 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:09.606753 0.000000 udp 10.0.2.19 1701 -> 87.8.125.94 9180 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:15.415128 0.000000 udp 10.0.2.19 1701 -> 75.147.74.118 1037 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:23.206344 0.000000 udp 10.0.2.19 1701 -> 195.208.48.140 5248 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:27.733039 0.000072 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:09:31.378011 0.000000 udp 10.0.2.19 1701 -> 31.192.14.191 4549 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:37.116377 0.000000 udp 10.0.2.19 1701 -> 204.214.40.200 12722 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:43.345153 0.000000 udp 10.0.2.19 1701 -> 199.58.148.23 26879 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:48.823081 0.000000 udp 10.0.2.19 1701 -> 95.111.56.170 1314 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:57.796300 0.393005 udp 10.0.2.19 1701 -> 202.130.129.114 2494 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:09:58.189305 0.000000 icmp 202.130.129.114 0x0303 -> 10.0.2.19 0xbe09 URP 192 1 312 flow=Background 1970/01/04 23:10:02.733197 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:10:05.687612 0.334241 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 791 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:06.108247 0.000000 udp 10.0.2.19 1701 -> 41.159.134.66 6363 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:10:11.135225 0.000000 udp 10.0.2.19 1701 -> 76.174.252.22 4503 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:10:17.153990 0.000000 udp 10.0.2.19 1701 -> 92.24.108.105 24040 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:10:23.653068 0.000000 udp 10.0.2.19 1701 -> 98.119.61.37 2880 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:10:34.138243 0.227676 udp 10.0.2.19 1701 <-> 178.89.116.82 16974 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:34.444802 0.000000 udp 10.0.2.19 1701 -> 67.189.172.113 4165 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:10:39.025051 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:10:40.887928 0.366839 udp 10.0.2.19 1701 <-> 190.174.206.51 13316 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:41.339381 0.484823 udp 10.0.2.19 1701 <-> 58.9.147.155 8157 CON 0 0 2 799 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:41.891508 0.283668 udp 10.0.2.19 1701 <-> 187.205.178.217 15479 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:42.248599 0.162001 udp 10.0.2.19 1701 <-> 94.71.146.85 6668 CON 0 0 2 829 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:42.503823 0.000000 udp 10.0.2.19 1701 -> 90.43.232.40 8168 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:10:48.679357 0.000000 udp 10.0.2.19 1701 -> 189.224.64.200 7897 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:10:56.130348 0.166194 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:57.157270 0.375351 udp 10.0.2.19 1701 <-> 187.158.2.78 8730 CON 0 0 2 673 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:10:57.623384 0.000000 udp 10.0.2.19 1701 -> 151.46.127.71 14352 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:05.703858 0.000000 udp 10.0.2.19 1701 -> 182.6.159.248 7797 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:13.014076 0.000000 udp 10.0.2.19 1701 -> 85.85.182.203 5885 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:17.530283 0.000043 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:11:21.246148 0.000000 udp 10.0.2.19 1701 -> 78.167.82.36 22637 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:27.584855 0.000000 udp 10.0.2.19 1701 -> 165.138.86.150 12849 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:33.523387 0.000000 udp 10.0.2.19 1701 -> 2.228.9.82 4205 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:37.912220 3.743332 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 23:11:38.750899 0.000000 udp 10.0.2.19 1701 -> 81.82.219.84 8873 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:45.661328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:11:48.245094 0.126532 udp 10.0.2.19 1701 -> 79.45.144.39 8458 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:11:48.371626 0.000000 icmp 79.45.144.39 0x0303 -> 10.0.2.19 0x0a21 URP 192 1 123 flow=Background 1970/01/04 23:11:52.961631 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:11:53.362432 0.330758 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 662 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:11:53.662541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:11:53.780576 0.557794 udp 10.0.2.19 1701 <-> 72.54.128.18 7478 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:11:54.395833 0.000000 udp 10.0.2.19 1701 -> 123.203.24.77 7236 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:02.775901 0.000000 udp 10.0.2.19 1701 -> 190.199.91.254 29770 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:08.364150 0.000000 udp 10.0.2.19 1701 -> 85.72.84.32 22408 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:09.665756 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:12:14.251936 0.000000 udp 10.0.2.19 1701 -> 61.15.33.124 3204 INT 0 1 296 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:22.474439 0.000000 udp 10.0.2.19 1701 -> 110.38.171.165 9812 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:28.812878 0.000000 udp 10.0.2.19 1701 -> 85.72.219.246 10197 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:33.660132 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:12:37.556119 0.000000 udp 10.0.2.19 1701 -> 79.33.110.250 4356 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:42.863787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:12:45.186428 0.000000 udp 10.0.2.19 1701 -> 2.117.252.6 26750 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:45.848213 0.687366 tcp 10.0.2.19 51275 -> 90.156.118.144 5237 FSPA* 0 0 14 1664 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:12:52.937885 0.642849 udp 10.0.2.19 1701 <-> 178.215.217.209 18069 CON 0 0 2 809 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:12:53.647870 0.000000 udp 10.0.2.19 1701 -> 66.117.255.170 2997 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:12:59.337433 0.000000 udp 10.0.2.19 1701 -> 176.237.15.33 9246 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:13:05.376357 0.000000 udp 10.0.2.19 1701 -> 72.66.45.163 13383 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:13:11.785388 0.000000 udp 10.0.2.19 1701 -> 151.50.102.109 7149 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:13:17.523437 0.000000 udp 10.0.2.19 1701 -> 63.165.181.124 7858 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:13:22.390274 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:13:23.101409 0.000000 udp 10.0.2.19 1701 -> 83.248.120.197 2772 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:13:29.260135 0.000000 udp 10.0.2.19 1701 -> 217.131.236.157 3552 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:13:37.071378 0.000000 udp 10.0.2.19 1701 -> 141.99.133.54 7708 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:13:42.329206 0.000000 udp 10.0.2.19 1701 -> 190.96.97.18 27552 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:18:47.099619 3.001665 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 23:18:54.107502 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:19:02.108561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:19:18.111244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:19:50.117913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:25:58.128810 3.001877 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 23:26:05.136517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:26:13.138725 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:26:29.140941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:27:01.147020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:33:08.157376 3.001875 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 23:33:15.164765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:33:23.406797 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:33:39.409638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:34:12.597894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:40:21.610800 3.001870 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 23:40:28.618247 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:40:36.619496 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:40:52.622534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:41:24.629237 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:42:47.458508 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:42:47.458757 2.028172 tcp 10.0.2.19 51276 -> 90.156.118.144 5237 FSPA* 0 0 14 1515 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:43:52.201001 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/04 23:43:52.201196 0.256295 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:43:52.457866 0.141800 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:43:52.600116 0.165344 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:43:52.765800 0.352273 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:43:53.118474 0.290078 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:43:53.408945 0.219567 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:43:53.628871 0.000000 udp 10.0.2.19 1701 -> 77.70.40.131 2307 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:44:12.202239 0.169958 tcp 10.0.2.19 51277 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:44:12.372491 0.204402 tcp 10.0.2.19 51278 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:44:12.577536 0.154893 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:12.732829 0.155657 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:12.888874 0.160098 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:13.049373 0.189090 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:13.238851 0.000000 udp 10.0.2.19 1701 -> 188.129.248.221 1192 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:44:31.879258 0.167663 tcp 10.0.2.19 51279 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:44:32.040722 0.196609 tcp 10.0.2.19 51280 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:44:32.237887 0.257653 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:32.495929 0.181784 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:32.678173 0.256713 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:32.935254 0.153501 udp 10.0.2.19 1701 <-> 176.73.169.112 4102 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:33.089094 0.168107 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:33.257583 0.000000 udp 10.0.2.19 1701 -> 113.105.8.141 8076 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:44:51.958188 0.164007 tcp 10.0.2.19 51281 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:44:52.122530 0.220101 tcp 10.0.2.19 51282 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:44:52.343190 0.142821 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:52.486526 0.260410 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:52.747284 0.285241 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:53.032945 0.482001 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:53.515288 0.218089 udp 10.0.2.19 1701 <-> 99.8.121.25 4727 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:44:53.733756 0.000000 udp 10.0.2.19 1701 -> 178.91.64.56 24834 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:45:12.557672 0.186156 tcp 10.0.2.19 51283 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:45:12.744041 0.192387 tcp 10.0.2.19 51284 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:45:12.937021 0.281531 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:13.218920 0.275713 udp 10.0.2.19 1701 <-> 186.95.17.106 4403 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:13.495029 0.169928 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:13.665336 0.284037 udp 10.0.2.19 1701 <-> 98.20.5.95 4178 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:13.949755 0.212444 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:14.162590 0.104733 udp 10.0.2.19 1701 <-> 84.151.242.149 4507 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:14.267735 0.000000 udp 10.0.2.19 1701 -> 95.104.67.50 9397 INT 0 1 108 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:45:31.695372 1.639318 tcp 10.0.2.19 51285 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:45:31.857700 0.217177 tcp 10.0.2.19 51286 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:45:32.075388 0.257573 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:32.333303 0.000000 udp 10.0.2.19 1701 -> 190.118.81.174 7353 INT 0 1 95 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:45:49.490596 0.161369 tcp 10.0.2.19 51287 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:45:49.651382 0.191721 tcp 10.0.2.19 51288 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:45:49.843652 0.657320 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:50.501368 0.190643 udp 10.0.2.19 1701 <-> 69.250.218.50 6179 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:50.692344 0.795082 udp 10.0.2.19 1701 <-> 94.43.182.45 19593 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:51.487807 0.243271 udp 10.0.2.19 1701 <-> 190.56.105.225 1007 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:51.731468 0.229318 udp 10.0.2.19 1701 <-> 2.84.26.82 28328 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:45:51.961186 0.000000 udp 10.0.2.19 1701 -> 151.70.71.239 19928 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:46:09.339388 0.162093 tcp 10.0.2.19 51289 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:46:09.501101 0.191802 tcp 10.0.2.19 51290 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:46:09.693463 0.354783 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:10.048609 0.202101 udp 10.0.2.19 1701 <-> 178.89.116.82 16974 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:10.251079 0.000000 udp 10.0.2.19 1701 -> 190.174.206.51 13316 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:46:28.416745 1.859392 tcp 10.0.2.19 51291 -> 173.194.70.99 80 FSPA* 0 0 11 1872 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:46:28.576042 0.198139 tcp 10.0.2.19 51292 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:46:28.774727 0.000000 udp 10.0.2.19 1701 -> 58.9.147.155 8157 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/04 23:46:46.622960 0.170404 tcp 10.0.2.19 51293 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:46:46.793619 0.211649 tcp 10.0.2.19 51294 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/04 23:46:47.005809 0.274098 udp 10.0.2.19 1701 <-> 187.205.178.217 15479 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:47.280330 0.158580 udp 10.0.2.19 1701 <-> 94.71.146.85 6668 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:47.439276 0.156237 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:47.595874 0.296304 udp 10.0.2.19 1701 <-> 187.158.2.78 8730 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:47.892590 0.359188 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:48.252150 0.307852 udp 10.0.2.19 1701 <-> 72.54.128.18 7478 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:46:48.560379 0.161783 udp 10.0.2.19 1701 <-> 178.215.217.209 18069 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/04 23:47:28.634668 3.001635 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/04 23:47:35.642383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:47:43.643993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:47:59.646971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:48:31.652659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:55:00.664524 3.001803 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/04 23:55:07.671920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:55:15.673639 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:55:31.676785 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/04 23:56:03.682921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:02:07.688259 3.002518 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 00:02:14.696064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:02:22.697793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:02:38.700903 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:03:10.706478 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:09:18.717762 3.002234 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 00:09:25.726238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:09:33.727027 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:09:49.730564 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:10:21.736391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:12:49.489440 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 00:12:49.489616 0.734235 tcp 10.0.2.19 51295 -> 90.156.118.144 5237 FSPA* 0 0 14 1712 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:16:25.742257 3.001959 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 00:16:32.750719 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:16:40.751541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:16:56.754332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:17:15.341372 0.000052 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 00:17:15.341488 0.000000 udp 10.0.2.19 1701 -> 77.70.40.131 2307 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:17:28.760434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:17:32.167564 0.161442 tcp 10.0.2.19 51296 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:17:32.328912 0.198489 tcp 10.0.2.19 51297 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:17:32.527963 0.000000 udp 10.0.2.19 1701 -> 188.129.248.221 1192 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:17:50.192864 0.210744 tcp 10.0.2.19 51298 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:17:50.403520 0.199639 tcp 10.0.2.19 51299 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:17:50.603727 0.687785 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:17:51.291906 0.000000 udp 10.0.2.19 1701 -> 178.91.64.56 24834 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:18:10.081363 0.162151 tcp 10.0.2.19 51300 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:18:10.243407 0.200987 tcp 10.0.2.19 51301 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:18:10.444972 0.000000 udp 10.0.2.19 1701 -> 95.104.67.50 9397 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:18:27.716587 0.186437 tcp 10.0.2.19 51302 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:18:27.903295 0.201888 tcp 10.0.2.19 51303 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:18:28.105814 0.000000 udp 10.0.2.19 1701 -> 190.118.81.174 7353 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:18:44.911292 0.159404 tcp 10.0.2.19 51304 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:18:45.071020 0.198983 tcp 10.0.2.19 51305 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:18:45.270605 0.000000 udp 10.0.2.19 1701 -> 151.70.71.239 19928 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:19:03.407500 0.160477 tcp 10.0.2.19 51306 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:19:03.567646 0.195683 tcp 10.0.2.19 51307 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:19:03.763892 0.000000 udp 10.0.2.19 1701 -> 190.174.206.51 13316 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:19:22.595962 0.159575 tcp 10.0.2.19 51308 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:19:22.755850 0.194626 tcp 10.0.2.19 51309 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:19:22.951053 0.000000 udp 10.0.2.19 1701 -> 58.9.147.155 8157 INT 0 1 92 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:19:41.021582 0.164557 tcp 10.0.2.19 51310 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:19:41.186406 0.191591 tcp 10.0.2.19 51311 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:19:41.378598 0.296563 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:19:41.675553 0.123320 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:19:41.799314 0.359654 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:19:42.159380 0.164610 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:19:42.324344 0.265285 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:19:42.590024 0.218918 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:19:42.809315 0.144120 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:19:42.953862 0.000000 udp 10.0.2.19 1701 -> 82.211.185.55 6210 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:20:00.089053 0.162922 tcp 10.0.2.19 51312 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:00.251687 0.204117 tcp 10.0.2.19 51313 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:00.456340 0.153849 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:00.610543 0.175053 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:00.786001 0.234683 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:01.021070 0.180175 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:01.201695 0.000000 udp 10.0.2.19 1701 -> 176.73.169.112 4102 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:20:16.653105 0.160067 tcp 10.0.2.19 51314 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:16.813086 0.193421 tcp 10.0.2.19 51315 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:17.007037 0.269410 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:17.276810 0.169771 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:17.446963 0.264533 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:17.711924 0.141021 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:17.853348 0.467232 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:18.320953 0.000000 udp 10.0.2.19 1701 -> 99.8.121.25 4727 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:20:35.461064 0.169953 tcp 10.0.2.19 51316 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:35.630926 0.204483 tcp 10.0.2.19 51317 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:35.835953 0.275920 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:36.112239 0.000000 udp 10.0.2.19 1701 -> 186.95.17.106 4403 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:20:53.355513 0.159604 tcp 10.0.2.19 51318 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:53.514772 0.194424 tcp 10.0.2.19 51319 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:20:53.709749 0.165772 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:53.875856 0.218201 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:54.094581 0.343343 udp 10.0.2.19 1701 <-> 98.20.5.95 4178 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:54.438319 0.101729 udp 10.0.2.19 1701 <-> 84.151.242.149 4507 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:54.540450 0.215278 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:54.756123 0.245380 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:55.001906 0.708948 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:55.711237 0.186955 udp 10.0.2.19 1701 <-> 69.250.218.50 6179 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:55.898571 0.806284 udp 10.0.2.19 1701 <-> 94.43.182.45 19593 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:56.705234 0.172996 udp 10.0.2.19 1701 <-> 2.84.26.82 28328 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:20:56.878570 0.000000 udp 10.0.2.19 1701 -> 190.56.105.225 1007 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:21:12.233274 0.159869 tcp 10.0.2.19 51320 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:21:12.393388 0.197459 tcp 10.0.2.19 51321 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:21:12.591411 0.340140 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:21:12.931903 0.000000 udp 10.0.2.19 1701 -> 178.89.116.82 16974 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:21:30.139027 0.161219 tcp 10.0.2.19 51322 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:21:30.300541 0.202734 tcp 10.0.2.19 51323 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:21:30.503826 0.000000 udp 10.0.2.19 1701 -> 187.205.178.217 15479 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:21:46.552216 0.160525 tcp 10.0.2.19 51324 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:21:46.712556 0.196665 tcp 10.0.2.19 51325 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:21:46.909773 0.000000 udp 10.0.2.19 1701 -> 94.71.146.85 6668 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:22:02.896077 0.163328 tcp 10.0.2.19 51326 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:22:03.059693 0.193536 tcp 10.0.2.19 51327 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:22:03.253753 0.162112 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:22:03.416212 0.294470 udp 10.0.2.19 1701 <-> 187.158.2.78 8730 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:22:03.711030 0.354432 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:22:04.065809 0.292046 udp 10.0.2.19 1701 <-> 72.54.128.18 7478 CON 0 0 2 208 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:22:04.358273 0.163240 udp 10.0.2.19 1701 <-> 178.215.217.209 18069 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:23:32.765757 3.002607 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 00:23:39.773890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:23:47.774925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:24:03.778836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:24:35.784121 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:30:39.790442 3.001737 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 00:30:46.797493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:30:54.799152 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:31:10.802330 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:31:42.808207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:37:46.814290 3.482626 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 00:37:54.302045 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:38:02.303950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:38:18.306607 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:38:50.312835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:42:50.469059 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 00:42:50.469222 2.430628 tcp 10.0.2.19 51328 -> 90.156.118.144 5237 FSPA* 0 0 14 1739 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:44:54.318922 3.001840 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 00:45:01.326670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:45:09.328086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:45:25.331113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:45:57.336786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:52:01.342699 3.001599 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 00:52:08.350237 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:52:16.351969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:52:23.732733 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 00:52:23.732839 0.000000 udp 10.0.2.19 1701 -> 82.211.185.55 6210 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:52:32.354642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:52:41.620973 0.169896 tcp 10.0.2.19 51329 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:52:41.784946 0.191339 tcp 10.0.2.19 51330 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:52:41.976877 0.000000 udp 10.0.2.19 1701 -> 176.73.169.112 4102 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:53:00.116032 0.160132 tcp 10.0.2.19 51331 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:00.275930 0.189990 tcp 10.0.2.19 51332 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:00.466605 0.000000 udp 10.0.2.19 1701 -> 99.8.121.25 4727 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:53:04.360981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:53:18.131950 0.339422 tcp 10.0.2.19 51333 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:18.471479 0.232707 tcp 10.0.2.19 51334 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:18.704736 0.000000 udp 10.0.2.19 1701 -> 186.95.17.106 4403 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:53:34.795721 0.163381 tcp 10.0.2.19 51335 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:34.959383 0.191396 tcp 10.0.2.19 51336 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:35.151324 0.000000 udp 10.0.2.19 1701 -> 190.56.105.225 1007 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:53:51.910933 0.159630 tcp 10.0.2.19 51337 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:52.070301 0.191272 tcp 10.0.2.19 51338 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:53:52.262135 0.000000 udp 10.0.2.19 1701 -> 178.89.116.82 16974 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:54:10.867819 0.161486 tcp 10.0.2.19 51339 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:54:11.029075 0.206163 tcp 10.0.2.19 51340 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:54:11.235810 0.000000 udp 10.0.2.19 1701 -> 187.205.178.217 15479 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:54:27.831826 0.172139 tcp 10.0.2.19 51341 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:54:28.003735 0.193708 tcp 10.0.2.19 51342 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:54:28.197992 0.000000 udp 10.0.2.19 1701 -> 94.71.146.85 6668 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:54:46.348644 1.102925 tcp 10.0.2.19 51343 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:54:47.451771 0.189723 tcp 10.0.2.19 51344 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:54:47.642098 0.481807 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:48.124253 0.143225 udp 10.0.2.19 1701 <-> 87.19.251.225 9616 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:48.267838 0.288566 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:48.556768 0.215839 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:48.773047 0.262249 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:49.035711 0.162122 udp 10.0.2.19 1701 <-> 176.73.51.253 5060 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:49.198304 0.344581 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:49.543267 0.145142 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:54:49.688803 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:55:06.097476 0.160859 tcp 10.0.2.19 51345 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:55:06.258585 0.196854 tcp 10.0.2.19 51346 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:55:06.455996 0.176325 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:06.632689 0.170277 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:06.803350 0.233028 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:07.036759 0.000000 udp 10.0.2.19 1701 -> 85.72.34.37 1112 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:55:25.525111 0.159936 tcp 10.0.2.19 51347 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:55:25.685276 0.190728 tcp 10.0.2.19 51348 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:55:25.876572 0.272397 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:26.149408 0.138119 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:26.287862 0.263655 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:26.551916 0.468509 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:27.020848 0.274131 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:27.295357 0.170813 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:27.466531 0.000000 udp 10.0.2.19 1701 -> 84.151.242.149 4507 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:55:42.530804 0.159874 tcp 10.0.2.19 51349 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:55:42.690835 0.203691 tcp 10.0.2.19 51350 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:55:42.895064 0.338021 udp 10.0.2.19 1701 <-> 98.20.5.95 4178 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:43.233427 0.206688 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:43.440469 0.217848 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:43.658707 0.726494 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:44.385619 0.193782 udp 10.0.2.19 1701 <-> 69.250.218.50 6179 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:44.579762 0.262667 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:44.842857 0.218036 udp 10.0.2.19 1701 <-> 94.43.182.45 19593 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:45.061276 0.191527 udp 10.0.2.19 1701 <-> 2.84.26.82 28328 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:45.253189 0.346013 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:45.599573 0.159215 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:45.759141 0.300031 udp 10.0.2.19 1701 <-> 187.158.2.78 8730 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:55:46.059543 0.000000 udp 10.0.2.19 1701 -> 178.215.217.209 18069 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 00:56:03.870072 0.185068 tcp 10.0.2.19 51351 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:56:04.048596 0.191336 tcp 10.0.2.19 51352 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 00:56:04.240464 0.342730 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:56:04.583581 0.295102 udp 10.0.2.19 1701 <-> 72.54.128.18 7478 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 00:59:09.107920 3.001760 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 00:59:16.115295 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:59:24.117216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 00:59:40.120040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:00:12.125568 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:06:20.137680 3.001659 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 01:06:27.144748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:06:35.146888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:06:51.149257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:07:23.155269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:12:53.530930 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 01:12:53.531121 1.326150 tcp 10.0.2.19 51353 -> 90.156.118.144 5237 FSPA* 0 0 14 1574 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:13:27.160974 3.002671 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 01:13:34.168713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:13:42.170971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:13:58.173678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:14:30.179539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:20:34.185535 3.001660 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 01:20:41.192873 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:20:49.194639 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:21:05.197356 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:21:37.203756 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:26:13.531330 0.000109 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 01:26:13.531546 0.168195 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:26:13.700117 0.222084 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:26:13.922575 0.000000 udp 10.0.2.19 1701 -> 84.151.242.149 4507 INT 0 1 92 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:26:31.729250 0.164321 tcp 10.0.2.19 51354 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:26:31.893229 0.199164 tcp 10.0.2.19 51355 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:26:32.092972 0.178367 udp 10.0.2.19 1701 <-> 178.215.217.209 18069 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:26:32.271707 0.000000 udp 10.0.2.19 1701 -> 87.19.251.225 9616 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:26:50.935554 0.175201 tcp 10.0.2.19 51356 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:26:51.110471 0.193470 tcp 10.0.2.19 51357 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:26:51.304475 0.665984 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:26:51.970859 0.261495 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:26:52.232698 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 110 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:27:10.624029 0.165773 tcp 10.0.2.19 51358 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:27:10.790126 0.204604 tcp 10.0.2.19 51359 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:27:10.995282 0.000000 udp 10.0.2.19 1701 -> 176.73.51.253 5060 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:27:29.141068 0.164518 tcp 10.0.2.19 51360 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:27:29.305824 0.201705 tcp 10.0.2.19 51361 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:27:29.508538 0.308660 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:29.817618 0.415210 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:30.233241 0.204347 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:30.437950 0.247363 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:30.685661 0.223860 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:30.909891 0.171884 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:31.082179 0.296328 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:31.378869 0.141993 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:31.521236 0.267985 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:31.789620 0.274239 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:32.064238 0.469740 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:32.534349 0.166351 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:32.701115 0.352700 udp 10.0.2.19 1701 <-> 98.20.5.95 4178 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:33.054177 0.212135 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:33.266694 0.217144 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:33.484208 0.795655 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:34.280280 0.191104 udp 10.0.2.19 1701 <-> 69.250.218.50 6179 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:34.471735 0.180682 udp 10.0.2.19 1701 <-> 2.84.26.82 28328 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:34.652772 0.221886 udp 10.0.2.19 1701 <-> 94.43.182.45 19593 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:34.875072 0.253725 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:35.129152 0.376631 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:35.506337 0.158088 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:35.664810 0.000000 udp 10.0.2.19 1701 -> 187.158.2.78 8730 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:27:41.209070 3.002070 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 01:27:48.217002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:27:51.593499 0.320463 tcp 10.0.2.19 51362 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:27:51.913626 0.719279 tcp 10.0.2.19 51363 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:27:52.633500 0.660950 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:53.294827 0.691009 udp 10.0.2.19 1701 <-> 72.54.128.18 7478 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:27:56.218326 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:28:12.221335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:28:44.227591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:34:48.743820 3.002045 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 01:34:55.751787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:35:03.753259 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:35:19.756431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:35:51.762298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:41:55.767560 3.002637 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 01:42:02.775681 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:42:10.777532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:42:26.780482 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:42:55.101365 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 01:42:55.101462 2.358925 tcp 10.0.2.19 51364 -> 90.156.118.144 5237 FSPA* 0 0 14 1558 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:42:58.786232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:49:11.795566 3.041548 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 01:49:18.842293 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:49:26.844448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:49:42.847442 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:50:18.789082 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:56:22.794350 3.001790 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 01:56:29.802120 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:56:37.803992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:56:53.806610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:57:25.812435 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 01:58:13.171085 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 01:58:13.171311 0.000000 udp 10.0.2.19 1701 -> 87.19.251.225 9616 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:58:30.019035 0.770239 tcp 10.0.2.19 51365 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:58:30.789466 0.198903 tcp 10.0.2.19 51366 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:58:30.988938 0.220804 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:58:31.210331 0.000000 udp 10.0.2.19 1701 -> 176.73.51.253 5060 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:58:49.514436 0.166138 tcp 10.0.2.19 51367 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:58:49.680778 0.191477 tcp 10.0.2.19 51368 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:58:49.872818 0.000000 udp 10.0.2.19 1701 -> 187.158.2.78 8730 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:59:08.151365 0.163735 tcp 10.0.2.19 51369 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:59:08.315271 0.202505 tcp 10.0.2.19 51370 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:59:08.518549 0.166161 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:08.685034 0.000000 udp 10.0.2.19 1701 -> 85.72.34.37 1112 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:59:24.545103 0.164432 tcp 10.0.2.19 51371 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:59:24.709272 0.194942 tcp 10.0.2.19 51372 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:59:24.904757 0.000000 udp 10.0.2.19 1701 -> 178.215.217.209 18069 INT 0 1 106 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 01:59:41.038372 0.163995 tcp 10.0.2.19 51373 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:59:41.201970 0.206510 tcp 10.0.2.19 51374 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 01:59:41.409028 0.659556 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:42.069000 0.270634 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:42.340013 0.289262 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:42.629658 0.235455 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:42.865498 0.219736 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:43.085587 0.172984 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:43.258915 0.457401 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:43.716699 0.193041 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:44.856514 0.255552 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:45.112486 0.301339 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:45.414218 0.175720 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:45.590333 0.281454 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:45.872163 0.560797 udp 10.0.2.19 1701 <-> 98.20.5.95 4178 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:46.433356 0.474323 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:46.908035 0.168506 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:47.076908 0.243893 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:47.321178 0.209749 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:47.531291 0.196382 udp 10.0.2.19 1701 <-> 2.84.26.82 28328 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:47.728037 0.212741 udp 10.0.2.19 1701 <-> 94.43.182.45 19593 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:47.941131 1.023060 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:48.964590 0.190617 udp 10.0.2.19 1701 <-> 69.250.218.50 6179 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:49.155531 0.286562 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:49.442415 0.372506 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:49.815269 0.154738 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:49.970383 0.348082 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 01:59:50.318876 0.307718 udp 10.0.2.19 1701 <-> 72.54.128.18 7478 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:03:30.119447 3.001688 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 02:03:37.126812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:03:45.128292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:04:01.130992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:04:33.137166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:10:37.142716 3.002075 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 02:10:44.150717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:10:52.152097 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:11:08.155321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:11:40.161062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:12:59.665814 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 02:12:59.666035 0.793123 tcp 10.0.2.19 51375 -> 90.156.118.144 5237 FSPA* 0 0 14 1616 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:17:44.166649 3.002064 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 02:17:51.174195 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:17:59.176059 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:18:15.178890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:18:47.185678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:24:51.190511 3.002368 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 02:24:58.198494 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:25:06.199912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:25:22.203070 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:25:54.209408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:29:57.189014 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 02:29:57.189113 0.157507 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:29:57.347007 0.000000 udp 10.0.2.19 1701 -> 178.215.217.209 18069 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 02:30:14.426120 0.209702 tcp 10.0.2.19 51376 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:30:14.636121 0.205297 tcp 10.0.2.19 51377 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:30:14.841980 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 02:30:31.502609 0.165322 tcp 10.0.2.19 51378 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:30:31.668222 0.204997 tcp 10.0.2.19 51379 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:30:31.873761 0.164458 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:32.038586 0.292522 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:32.331503 0.731247 udp 10.0.2.19 1701 <-> 113.105.8.141 8076 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:33.063168 0.260059 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:33.323608 0.244614 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:33.568637 0.158255 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:33.727273 0.174416 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:33.902049 0.450320 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:34.352752 0.275179 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:34.628316 0.323281 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:34.951976 0.150207 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:35.102535 0.265554 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:35.368523 0.291236 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:35.660103 0.000000 udp 10.0.2.19 1701 -> 98.20.5.95 4178 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 02:30:53.931086 0.175704 tcp 10.0.2.19 51380 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:30:54.106615 0.205008 tcp 10.0.2.19 51381 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:30:54.312175 0.222489 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:54.535087 0.213030 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:30:54.748474 0.000000 udp 10.0.2.19 1701 -> 2.84.26.82 28328 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 02:31:10.495460 0.228519 tcp 10.0.2.19 51382 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:31:10.724236 0.199193 tcp 10.0.2.19 51383 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:31:10.923971 0.484502 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:31:11.408847 0.000000 udp 10.0.2.19 1701 -> 176.73.199.176 3735 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 02:31:27.940623 0.165318 tcp 10.0.2.19 51384 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:31:28.106175 0.195668 tcp 10.0.2.19 51385 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:31:28.302453 0.000000 udp 10.0.2.19 1701 -> 94.43.182.45 19593 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 02:31:43.973063 0.164332 tcp 10.0.2.19 51386 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:31:44.137173 0.193907 tcp 10.0.2.19 51387 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:31:44.331634 0.887460 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:31:45.219477 0.192319 udp 10.0.2.19 1701 <-> 69.250.218.50 6179 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:31:45.412185 0.254246 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:31:45.666824 0.337315 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:31:46.004530 0.000000 udp 10.0.2.19 1701 -> 72.54.128.18 7478 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 02:31:58.214457 3.002033 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 02:32:04.673354 0.164195 tcp 10.0.2.19 51388 -> 173.194.70.99 80 FSPA* 0 0 10 1818 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:32:04.837862 0.196754 tcp 10.0.2.19 51389 -> 173.194.70.94 80 SRPA* 0 0 7 1994 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:32:05.035159 0.372070 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:32:05.222911 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:32:05.407636 0.159165 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 02:32:13.223878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:32:29.227003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:33:01.233020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:39:05.238745 3.001872 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 02:39:12.246341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:39:20.247703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:39:36.251133 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:40:13.031811 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:43:02.558559 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 02:43:02.558782 0.680066 tcp 10.0.2.19 51390 -> 90.156.118.144 5237 FSPA* 0 0 12 1487 flow=From-Botnet-V2-TCP-Established 1970/01/05 02:46:19.373841 3.001311 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 02:46:26.381075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:46:34.381807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:46:50.385308 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:47:22.391539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:53:27.398404 3.002174 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 02:53:34.406166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:53:42.407681 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:53:58.410503 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 02:54:30.416515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:00:38.427870 3.001996 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 03:00:45.435595 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:00:53.437638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:01:09.440012 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:01:41.446794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:02:24.588490 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:02:24.588706 0.220007 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:02:24.809064 0.000000 udp 10.0.2.19 1701 -> 98.20.5.95 4178 INT 0 1 97 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:02:40.383646 0.165497 tcp 10.0.2.19 51391 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:02:40.549467 0.199991 tcp 10.0.2.19 51392 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:02:40.750216 0.000000 udp 10.0.2.19 1701 -> 176.73.199.176 3735 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:02:57.506962 0.167221 tcp 10.0.2.19 51393 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:02:57.674330 0.198138 tcp 10.0.2.19 51394 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:02:57.873011 0.000000 udp 10.0.2.19 1701 -> 2.84.26.82 28328 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:03:16.174494 0.164117 tcp 10.0.2.19 51395 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:03:16.338358 0.193527 tcp 10.0.2.19 51396 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:03:16.532692 0.000000 udp 10.0.2.19 1701 -> 94.43.182.45 19593 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:03:34.219965 0.164029 tcp 10.0.2.19 51397 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:03:34.383686 0.205673 tcp 10.0.2.19 51398 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:03:34.589902 0.000000 udp 10.0.2.19 1701 -> 72.54.128.18 7478 INT 0 1 100 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:03:52.395959 0.167112 tcp 10.0.2.19 51399 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:03:52.563326 0.193639 tcp 10.0.2.19 51400 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:03:52.757493 0.168214 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:03:52.926159 0.162195 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:03:53.088730 0.286197 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:03:53.375303 0.240068 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:03:53.615780 0.151959 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:03:53.768096 0.268759 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:03:54.037229 0.000000 udp 10.0.2.19 1701 -> 113.105.8.141 8076 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:04:09.520426 0.164825 tcp 10.0.2.19 51401 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:04:09.685494 0.200812 tcp 10.0.2.19 51402 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:04:09.886866 0.171432 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:10.058690 0.273590 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:10.332655 0.410262 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:10.743270 0.138606 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:10.882360 0.259636 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:11.142359 0.277106 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:11.419873 0.153330 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:11.573570 0.227945 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:11.801873 0.206767 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:12.009033 0.471841 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:12.481252 0.000000 udp 10.0.2.19 1701 -> 69.250.218.50 6179 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:04:30.700838 0.165986 tcp 10.0.2.19 51403 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:04:30.866687 0.197496 tcp 10.0.2.19 51404 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:04:31.064728 0.879576 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:31.944719 0.258165 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:32.203259 0.339068 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:32.542711 0.353545 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:32.896656 0.158524 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:33.157321 0.000000 udp 10.0.2.19 1701 -> 113.105.8.141 8076 REQ 0 1 288 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:04:40.904765 0.000000 udp 10.0.2.19 1701 -> 69.250.218.50 6179 REQ 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:04:49.477160 0.217039 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:49.694715 0.242429 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:49.937665 0.169210 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 798 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:50.107520 0.183877 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 674 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:50.291955 0.159799 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 690 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:50.452239 0.292259 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 763 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:50.745043 0.271315 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:51.016823 0.283226 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 723 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:51.300584 0.388174 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 781 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:51.689262 0.182688 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 659 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:51.872427 0.278704 udp 10.0.2.19 1701 <-> 174.7.220.125 4786 CON 0 0 2 835 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:52.151652 0.149833 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:52.301993 0.216904 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 858 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:52.519416 0.286325 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 676 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:52.806252 0.317863 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 782 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:53.124592 0.214895 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 722 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:53.339987 0.480945 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 780 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:53.821454 0.262303 udp 10.0.2.19 1701 <-> 72.22.146.222 16179 CON 0 0 2 771 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:54.084252 0.340118 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 780 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:54.424862 0.730668 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 789 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:55.156024 0.206996 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 726 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:55.363483 0.366925 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 818 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:04:55.730942 0.000000 udp 10.0.2.19 1701 -> 66.237.226.20 1336 INT 0 1 313 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:02.965913 0.166298 udp 10.0.2.19 1701 -> 5.178.141.12 26297 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:03.132211 0.000000 icmp 5.178.141.12 0x0303 -> 10.0.2.19 0xb966 URP 192 1 146 flow=Background 1970/01/05 03:05:07.622802 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:05:08.364124 0.000000 udp 10.0.2.19 1701 -> 74.7.241.110 4100 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:14.392274 0.000000 udp 10.0.2.19 1701 -> 93.223.117.163 16013 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:21.913712 0.000000 udp 10.0.2.19 1701 -> 62.174.80.114 7773 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:29.013612 0.248747 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:05:29.442044 0.000000 udp 10.0.2.19 1701 -> 190.234.151.247 17607 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:34.751984 0.000000 udp 10.0.2.19 1701 -> 92.241.71.26 9362 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:43.183680 0.000000 udp 10.0.2.19 1701 -> 221.189.200.166 9950 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:48.121151 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:05:50.244196 0.000000 udp 10.0.2.19 1701 -> 82.245.5.17 8871 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:05:59.087011 0.000000 udp 10.0.2.19 1701 -> 189.128.198.24 20217 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:07.168899 0.000000 udp 10.0.2.19 1701 -> 50.74.153.34 3885 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:14.439128 0.000000 udp 10.0.2.19 1701 -> 69.244.46.205 8868 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:22.270477 0.000000 udp 10.0.2.19 1701 -> 41.201.116.249 9329 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:27.126905 3.582902 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:06:32.194691 0.000000 udp 10.0.2.19 1701 -> 94.88.11.18 3441 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:39.084714 0.000000 udp 10.0.2.19 1701 -> 50.20.182.29 3684 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:44.712474 0.000000 udp 10.0.2.19 1701 -> 216.130.51.106 15759 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:53.445059 0.000000 udp 10.0.2.19 1701 -> 188.141.85.234 7313 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:06:59.704201 0.000000 udp 10.0.2.19 1701 -> 190.186.201.138 8288 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:04.360474 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:07:06.614321 0.000000 udp 10.0.2.19 1701 -> 75.217.176.193 7682 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:14.275167 0.000000 udp 10.0.2.19 1701 -> 62.219.238.163 4055 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:19.702582 0.290132 udp 10.0.2.19 1701 <-> 190.75.245.104 7494 CON 0 0 2 671 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:07:20.986319 0.000000 udp 10.0.2.19 1701 -> 180.183.219.169 27598 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:28.605234 0.000000 udp 10.0.2.19 1701 -> 203.176.96.110 2469 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:35.635679 0.000000 udp 10.0.2.19 1701 -> 94.59.252.18 2153 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:40.362415 0.077282 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:07:43.096829 0.000000 udp 10.0.2.19 1701 -> 95.231.149.46 1621 INT 0 1 312 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:48.336876 3.001011 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 03:07:51.489129 0.483564 udp 10.0.2.19 1701 <-> 180.183.68.61 23507 CON 0 0 2 794 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:07:52.019597 0.301645 udp 10.0.2.19 1701 <-> 97.116.195.1 8666 CON 0 0 2 853 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:07:52.444018 0.000000 udp 10.0.2.19 1701 -> 41.133.189.129 7239 INT 0 1 308 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:07:55.344053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:07:59.189875 0.269810 udp 10.0.2.19 1701 <-> 1.23.68.2 8721 CON 0 0 2 848 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:07:59.529862 0.157870 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 720 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:07:59.732909 0.000000 udp 10.0.2.19 1701 -> 173.219.71.161 4278 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:08:03.345332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:08:05.948928 0.287216 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 725 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:08:06.336417 0.000000 udp 10.0.2.19 1701 -> 116.246.37.19 2750 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:08:14.822060 0.182296 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:08:15.045679 0.000000 udp 10.0.2.19 1701 -> 190.237.255.99 24892 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:08:19.558876 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:08:20.830399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:08:21.341352 0.000000 udp 10.0.2.19 1701 -> 99.227.139.14 8319 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:08:29.002428 0.000000 udp 10.0.2.19 1701 -> 203.153.236.79 1806 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:08:35.081325 0.000000 udp 10.0.2.19 1701 -> 195.24.211.146 3797 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:08:42.121000 0.312883 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 736 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:08:48.931905 0.000000 udp 10.0.2.19 1701 -> 173.217.224.134 5177 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:08:52.836549 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:08:53.557272 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:08:54.569096 0.000000 udp 10.0.2.19 1701 -> 64.146.168.101 6821 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:09:02.961452 0.240009 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 726 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:09:03.235582 0.465537 udp 10.0.2.19 1701 <-> 190.56.254.24 26222 CON 0 0 2 746 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:09:05.161349 0.000000 udp 10.0.2.19 1701 -> 95.111.56.170 1314 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:09:13.486217 0.000000 udp 10.0.2.19 1701 -> 108.12.140.18 8628 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:09:31.125009 0.318350 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 672 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:09:31.499443 0.000000 udp 10.0.2.19 1701 -> 82.91.101.29 9467 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:09:36.319656 0.000052 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:09:40.301305 0.000000 udp 10.0.2.19 1701 -> 180.248.71.232 20242 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:09:45.473887 0.000000 udp 10.0.2.19 1701 -> 195.208.48.140 5248 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:09:51.016683 0.000000 udp 10.0.2.19 1701 -> 116.15.24.101 2514 INT 0 1 300 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:09:58.758394 0.000000 udp 10.0.2.19 1701 -> 186.109.94.100 1037 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:03.696290 0.000000 udp 10.0.2.19 1701 -> 203.45.241.223 9502 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:09.571501 0.000000 udp 10.0.2.19 1701 -> 83.185.145.255 4271 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:14.319424 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:10:17.262092 0.000000 udp 10.0.2.19 1701 -> 112.207.149.93 1024 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:24.949884 0.000000 udp 10.0.2.19 1701 -> 68.92.72.189 16049 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:30.599155 0.221571 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 796 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:10:30.867319 0.000000 udp 10.0.2.19 1701 -> 109.165.170.202 16979 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:36.761888 0.000000 udp 10.0.2.19 1701 -> 110.171.87.44 2814 INT 0 1 313 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:45.412408 0.000000 udp 10.0.2.19 1701 -> 95.56.10.160 4894 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:10:50.315841 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:10:51.773280 0.000000 udp 10.0.2.19 1701 -> 85.72.112.141 19137 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:00.101786 0.000000 udp 10.0.2.19 1701 -> 182.178.57.91 7938 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:07.433022 0.000000 udp 10.0.2.19 1701 -> 31.146.70.178 23311 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:17.680435 0.000000 udp 10.0.2.19 1701 -> 112.205.77.27 23539 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:24.624540 0.000000 udp 10.0.2.19 1701 -> 180.249.120.151 12765 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:29.233707 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:11:32.736265 0.000000 udp 10.0.2.19 1701 -> 74.221.159.35 1603 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:40.981048 0.000000 udp 10.0.2.19 1701 -> 142.129.134.157 5054 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:48.547952 0.198327 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:11:48.798957 0.000000 udp 10.0.2.19 1701 -> 173.251.79.138 5463 INT 0 1 295 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:11:54.816849 0.000000 udp 10.0.2.19 1701 -> 93.186.210.63 8735 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:01.122039 0.000000 udp 10.0.2.19 1701 -> 174.1.58.147 1267 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:05.725231 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:12:09.143259 0.000000 udp 10.0.2.19 1701 -> 70.28.94.198 7920 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:16.479200 0.000000 udp 10.0.2.19 1701 -> 175.139.191.162 7904 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:21.583768 0.000000 udp 10.0.2.19 1701 <- 175.139.191.162 7904 RSP 0 0 1 545 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:21.750679 0.000000 udp 10.0.2.19 1701 -> 41.133.177.109 3804 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:28.683263 0.000000 udp 10.0.2.19 1701 -> 76.75.123.26 2870 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:36.778518 0.000000 udp 10.0.2.19 1701 -> 4.28.39.222 7509 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:46.011951 0.340025 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 795 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:12:46.446669 0.000000 udp 10.0.2.19 1701 -> 112.204.29.198 1515 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:50.644868 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:12:51.891699 0.000000 udp 10.0.2.19 1701 -> 69.199.133.213 9416 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:12:57.909115 0.000000 udp 10.0.2.19 1701 -> 142.54.108.18 1282 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:06.559897 0.000000 udp 10.0.2.19 1701 -> 64.105.109.234 1318 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:14.276874 0.313326 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 687 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:13:14.664961 0.229088 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 743 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:13:14.983937 0.000000 udp 10.0.2.19 1701 -> 206.53.94.14 6510 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:22.191215 0.694042 tcp 10.0.2.19 51405 -> 90.156.118.144 5237 FSPA* 0 0 14 1532 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:13:23.088720 0.000000 udp 10.0.2.19 1701 -> 95.254.20.213 3559 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:30.004810 0.000000 udp 10.0.2.19 1701 -> 105.236.104.33 3250 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:37.776557 0.000000 udp 10.0.2.19 1701 -> 187.162.1.2 9027 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:44.873770 0.208431 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 657 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:13:45.142550 0.000000 udp 10.0.2.19 1701 -> 24.37.115.46 8758 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:51.580446 0.000000 udp 10.0.2.19 1701 -> 72.24.30.40 13549 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:13:59.188256 0.156857 udp 10.0.2.19 1701 <-> 93.177.185.85 6952 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:13:59.658900 0.000000 udp 10.0.2.19 1701 -> 173.161.119.149 8958 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:03.837817 0.000072 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:14:05.774771 0.000000 udp 10.0.2.19 1701 -> 99.32.165.211 18955 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:14.402332 0.000000 udp 10.0.2.19 1701 -> 110.92.120.168 3366 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:20.291153 0.000000 udp 10.0.2.19 1701 -> 97.103.36.68 3961 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:26.732324 0.000000 udp 10.0.2.19 1701 -> 115.64.28.251 5148 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:33.099769 0.302436 udp 10.0.2.19 1701 -> 216.244.153.2 2022 INT 0 1 314 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:33.402205 0.000000 icmp 216.244.153.2 0x0303 -> 10.0.2.19 0xe607 URP 192 1 342 flow=Background 1970/01/05 03:14:37.857949 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:14:41.137730 0.000000 udp 10.0.2.19 1701 -> 194.236.15.146 7986 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:49.679703 0.000000 udp 10.0.2.19 1701 -> 64.206.193.194 6700 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:14:56.837304 0.000000 udp 10.0.2.19 1701 -> 68.100.61.139 4690 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:02.970968 0.000000 udp 10.0.2.19 1701 -> 120.151.139.117 3964 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:11.772710 0.268912 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 815 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:15:12.090529 0.495393 udp 10.0.2.19 1701 <-> 189.224.58.24 26073 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:15:12.801209 0.000000 udp 10.0.2.19 1701 -> 174.7.113.11 5300 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:13.664116 2.955924 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 03:15:16.332383 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:15:17.750468 0.000000 udp 10.0.2.19 1701 -> 74.11.63.141 7657 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:20.579645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:15:22.939305 0.000000 udp 10.0.2.19 1701 -> 190.16.165.50 5634 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:28.473366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:15:32.883968 0.000000 udp 10.0.2.19 1701 -> 68.115.194.21 2479 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:39.810622 0.000000 udp 10.0.2.19 1701 -> 79.17.25.1 2815 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:46.062388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:15:47.865195 0.000000 udp 10.0.2.19 1701 -> 79.39.73.164 5553 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:52.661532 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:15:53.533943 0.308797 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 742 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:15:53.932549 0.000000 udp 10.0.2.19 1701 -> 190.116.40.1 1551 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:15:58.989070 0.000000 udp 10.0.2.19 1701 -> 186.82.106.153 4462 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:16:06.330629 0.000000 udp 10.0.2.19 1701 -> 2.88.44.12 7834 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:16:14.894256 0.000000 udp 10.0.2.19 1701 -> 187.28.170.103 8401 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:16:17.642303 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:16:23.589414 0.237812 udp 10.0.2.19 1701 -> 190.166.33.7 5083 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:16:23.827226 0.000000 icmp 190.166.33.7 0x0303 -> 10.0.2.19 0xdb13 URP 192 1 129 flow=Background 1970/01/05 03:16:28.177656 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:16:32.378739 0.297783 udp 10.0.2.19 1701 <-> 190.198.255.149 9891 CON 0 0 2 751 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:16:32.766519 0.000000 udp 10.0.2.19 1701 -> 12.43.232.11 3642 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:16:39.630035 0.000000 udp 10.0.2.19 1701 -> 12.235.118.178 6853 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:16:46.365566 0.000000 udp 10.0.2.19 1701 -> 190.149.88.131 6302 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:16:54.254132 0.000000 udp 10.0.2.19 1701 -> 71.110.134.47 2883 INT 0 1 166 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:17:02.696401 0.000000 udp 10.0.2.19 1701 -> 2.5.22.15 1834 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:17:07.634463 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:17:09.956940 0.000000 udp 10.0.2.19 1701 -> 190.179.193.243 2998 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:17:14.903041 0.224443 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 790 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:17:15.186781 0.255061 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 827 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:17:15.479593 0.000000 udp 10.0.2.19 1701 -> 98.218.26.31 9738 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:17:23.589309 0.222099 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:22:21.667036 2.952928 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 03:22:28.576230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:22:36.471176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:22:52.265285 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:23:23.849382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:29:25.904314 2.957194 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 03:29:32.815766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:29:40.706634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:29:56.483920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:30:28.065597 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:36:28.038866 3.001921 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 03:36:35.046475 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:36:43.047833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:36:59.051281 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:37:31.057310 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:43:09.784473 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:43:09.784728 0.684858 tcp 10.0.2.19 51406 -> 90.156.118.144 5237 FSPA* 0 0 14 1642 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:43:37.376429 3.001302 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 03:43:44.383371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:43:52.385316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:44:08.388556 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:44:40.394372 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:47:32.772803 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 03:47:32.773004 0.226376 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:32.999768 0.242967 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:33.243141 0.152355 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:33.395867 0.161212 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:33.557415 0.161703 udp 10.0.2.19 1701 <-> 46.49.74.62 9279 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:33.719471 0.304291 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:34.024139 0.265640 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:34.290184 0.282204 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:34.572769 0.388094 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:34.961229 0.173663 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:35.135312 0.000000 udp 10.0.2.19 1701 -> 174.7.220.125 4786 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:47:54.095229 0.165552 tcp 10.0.2.19 51407 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:47:54.261030 0.195773 tcp 10.0.2.19 51408 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:47:54.457352 0.173162 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:54.630870 0.220761 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:54.851971 0.260293 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:55.112611 0.207893 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:55.320856 0.461090 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:55.782334 0.404174 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:56.186906 0.356970 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:47:56.544240 0.000000 udp 10.0.2.19 1701 -> 72.22.146.222 16179 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:48:13.321422 1.484811 tcp 10.0.2.19 51409 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:48:14.806462 0.207154 tcp 10.0.2.19 51410 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:48:15.014176 1.046164 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:16.060687 0.208935 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:16.269974 0.346599 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:16.616924 0.242784 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 205 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:16.860092 0.277784 udp 10.0.2.19 1701 <-> 190.75.245.104 7494 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:17.138260 0.000000 udp 10.0.2.19 1701 -> 97.116.195.1 8666 INT 0 1 111 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:48:34.932758 0.167700 tcp 10.0.2.19 51411 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:48:35.100555 0.196120 tcp 10.0.2.19 51412 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:48:35.297237 0.487901 udp 10.0.2.19 1701 <-> 180.183.68.61 23507 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:35.785512 0.000000 udp 10.0.2.19 1701 -> 1.23.68.2 8721 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:48:51.166569 0.846475 tcp 10.0.2.19 51413 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:48:52.013289 0.194570 tcp 10.0.2.19 51414 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:48:52.208405 0.301538 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:52.510456 0.429372 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:52.940178 0.164141 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:53.104653 0.310881 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:53.415913 0.255515 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:53.671822 0.355564 udp 10.0.2.19 1701 <-> 190.56.254.24 26222 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:54.027763 0.309891 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:54.338064 0.215601 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:54.554107 0.198378 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:54.752869 0.436280 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:55.189504 0.308868 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:55.498799 0.262520 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:55.761777 0.223955 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:55.986093 0.216465 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:48:56.202886 0.000000 udp 10.0.2.19 1701 -> 93.177.185.85 6952 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 03:49:11.445246 0.164900 tcp 10.0.2.19 51415 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:49:11.610445 0.192829 tcp 10.0.2.19 51416 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 03:49:11.803802 0.270533 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:49:12.074723 0.271439 udp 10.0.2.19 1701 <-> 189.224.58.24 26073 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:49:12.346559 0.297677 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:49:12.644631 0.291215 udp 10.0.2.19 1701 <-> 190.198.255.149 9891 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:49:12.936214 0.212502 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:49:13.149124 0.250195 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:49:13.399709 0.252658 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 03:50:45.481577 3.002240 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 03:50:52.489222 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:51:00.490879 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:51:16.494087 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:51:48.499511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:57:52.936605 3.001322 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 03:57:59.943534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:58:07.945656 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:58:23.948336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 03:58:55.954888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:04:59.960127 3.002081 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 04:05:06.967760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:05:14.969397 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:05:31.483111 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:06:03.488831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:12:07.494527 3.002591 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 04:12:14.502743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:12:22.504002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:12:38.507019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:13:10.513089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:13:12.015369 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 04:13:12.015555 0.734362 tcp 10.0.2.19 51417 -> 90.156.118.144 5237 FSPA* 0 0 14 1579 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:19:14.519072 3.001502 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 04:19:21.526876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:19:24.560812 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 04:19:24.560999 0.000000 udp 10.0.2.19 1701 -> 174.7.220.125 4786 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:19:29.527600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:19:42.649259 0.176725 tcp 10.0.2.19 51418 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:19:42.825455 0.194075 tcp 10.0.2.19 51419 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:19:43.020081 0.000000 udp 10.0.2.19 1701 -> 72.22.146.222 16179 INT 0 1 88 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:19:45.530917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:20:00.003076 0.165156 tcp 10.0.2.19 51420 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:00.168523 0.200402 tcp 10.0.2.19 51421 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:00.369487 0.000000 udp 10.0.2.19 1701 -> 97.116.195.1 8666 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:20:17.536728 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:20:18.880281 1.698771 tcp 10.0.2.19 51422 -> 173.194.70.99 80 FSPA* 0 0 11 1892 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:19.047367 0.221249 tcp 10.0.2.19 51423 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:19.269181 0.308158 udp 10.0.2.19 1701 <-> 1.23.68.2 8721 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:19.577653 0.000000 udp 10.0.2.19 1701 -> 93.177.185.85 6952 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:20:36.265067 0.165874 tcp 10.0.2.19 51424 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:36.431204 0.215446 tcp 10.0.2.19 51425 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:36.647192 0.243506 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:36.891120 0.153840 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:37.045395 0.169307 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:37.215029 0.220538 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:37.435906 0.273781 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:37.710175 0.289648 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:38.000238 0.266154 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:38.266749 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:20:55.893412 0.187681 tcp 10.0.2.19 51426 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:56.081330 0.205792 tcp 10.0.2.19 51427 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:20:56.287660 0.342497 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:56.630531 0.172833 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:56.803816 0.146813 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:56.951032 0.257935 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:57.209339 0.212101 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:57.421848 0.205605 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:57.627851 0.346801 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:57.974992 0.160603 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:58.135950 0.465318 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:58.601700 0.740487 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 209 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:59.342565 0.152684 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:59.495628 0.365037 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:20:59.861030 0.277497 udp 10.0.2.19 1701 <-> 190.75.245.104 7494 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:00.138918 0.244687 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:00.384013 0.472859 udp 10.0.2.19 1701 <-> 180.183.68.61 23507 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:00.857258 0.154078 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:01.011693 0.304252 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:01.316341 0.231280 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:01.547982 0.155068 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:01.703419 0.258865 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:01.962619 0.218507 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:02.181485 0.189932 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:02.372367 0.356777 udp 10.0.2.19 1701 <-> 190.56.254.24 26222 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:02.729533 0.316912 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:03.046807 0.261229 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:03.308453 0.430378 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:03.739192 0.294291 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:04.033852 0.223749 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:04.258003 0.207215 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:04.465612 0.255435 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:04.721396 0.275766 udp 10.0.2.19 1701 <-> 189.224.58.24 26073 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:04.997538 0.304601 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:05.302526 0.252516 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:05.555488 0.000000 udp 10.0.2.19 1701 -> 190.198.255.149 9891 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:21:22.932589 0.166176 tcp 10.0.2.19 51428 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:21:23.099048 0.194949 tcp 10.0.2.19 51429 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:21:23.294588 0.253897 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:21:23.548876 0.228592 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:26:21.542541 3.002472 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 04:26:28.550165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:26:36.552077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:26:52.555231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:27:24.560952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:33:28.566267 3.002378 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 04:33:35.574089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:33:43.575864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:33:59.578954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:34:31.585400 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:40:35.590812 3.001738 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 04:40:42.598206 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:40:50.599685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:41:06.602980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:41:38.608587 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:43:12.755030 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 04:43:12.755205 1.853758 tcp 10.0.2.19 51430 -> 90.156.118.144 5237 FSPA* 0 0 14 1609 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:47:42.614464 3.002015 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 04:47:49.622479 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:47:57.624067 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:48:13.627188 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:48:45.632906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:51:34.466176 1.168240 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/05 04:51:35.634391 0.000000 udp 10.0.2.19 1701 -> 46.49.74.62 9279 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:51:53.515658 0.165068 tcp 10.0.2.19 51431 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:51:53.681038 0.202225 tcp 10.0.2.19 51432 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:51:53.883885 0.000000 udp 10.0.2.19 1701 -> 190.198.255.149 9891 INT 0 1 110 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:52:10.448415 0.163877 tcp 10.0.2.19 51433 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:52:10.611970 0.207381 tcp 10.0.2.19 51434 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:52:10.819934 0.284009 udp 10.0.2.19 1701 <-> 1.23.68.2 8721 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:11.104327 0.159328 udp 10.0.2.19 1701 <-> 85.72.34.37 1112 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:11.264074 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:52:28.564706 0.164682 tcp 10.0.2.19 51435 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:52:28.729583 0.195118 tcp 10.0.2.19 51436 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:52:28.925224 0.277468 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:29.203055 0.154124 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:29.357505 0.238846 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:29.596744 0.258055 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:29.855221 0.284777 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:30.140353 0.173380 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:30.314059 0.305602 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:30.620059 0.208299 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:30.828738 0.207037 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:31.036241 0.258584 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:31.295165 0.148773 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:31.444272 0.128921 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:31.573510 0.458186 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:32.032075 0.335940 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:32.368406 0.416972 udp 10.0.2.19 1701 <-> 181.165.82.66 7252 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:32.785832 0.150613 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:32.936842 0.727559 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:33.664806 0.581959 udp 10.0.2.19 1701 <-> 180.183.68.61 23507 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:34.247144 0.233537 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:34.481123 0.281207 udp 10.0.2.19 1701 <-> 190.75.245.104 7494 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:34.762733 0.231461 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:34.994551 0.160360 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:35.155287 0.329107 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:35.484799 0.299456 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:35.784640 0.000000 udp 10.0.2.19 1701 -> 190.56.254.24 26222 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 04:52:50.876914 0.165320 tcp 10.0.2.19 51437 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:52:51.042527 0.209701 tcp 10.0.2.19 51438 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 04:52:51.252799 0.278939 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:51.532080 0.219305 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:51.751732 0.188532 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:51.940609 0.253135 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:52.194157 0.448297 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:52.642845 0.295795 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:52.939037 0.255374 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:53.194813 0.223651 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:53.418869 0.285186 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:53.704411 0.227074 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:53.931888 0.252192 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:54.184468 0.268146 udp 10.0.2.19 1701 <-> 189.224.58.24 26073 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:54.452968 0.300717 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:54.754197 0.213756 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:52:54.968405 0.212837 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 04:54:50.209665 3.001976 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 04:54:57.216940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:55:05.218889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:55:21.221496 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 04:55:53.638260 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:01:57.644263 3.001680 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:02:04.651382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:02:12.653405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:02:28.656153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:03:00.662105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:09:04.668422 3.001352 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:09:11.675618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:09:19.676801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:09:35.679855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:10:07.686401 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:13:15.376163 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 05:13:15.376343 0.704963 tcp 10.0.2.19 51439 -> 90.156.118.144 5237 FSPA* 0 0 14 1514 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:16:11.692416 3.001718 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:16:18.699476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:16:26.701230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:16:42.704089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:17:14.710593 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:22:56.401481 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 05:22:56.401697 0.232823 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:22:56.634968 0.000000 udp 10.0.2.19 1701 -> 190.56.254.24 26222 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:23:12.987550 0.164909 tcp 10.0.2.19 51440 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:23:13.152582 0.194351 tcp 10.0.2.19 51441 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:23:13.347492 0.286348 udp 10.0.2.19 1701 <-> 1.23.68.2 8721 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:13.634248 0.000000 udp 10.0.2.19 1701 -> 85.72.34.37 1112 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:23:18.715987 3.001781 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:23:25.723804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:23:32.304449 0.164819 tcp 10.0.2.19 51442 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:23:32.469157 0.202125 tcp 10.0.2.19 51443 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:23:32.671847 0.000000 udp 10.0.2.19 1701 -> 99.103.236.242 1625 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:23:33.724766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:23:49.278769 0.164030 tcp 10.0.2.19 51444 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:23:49.443131 0.193295 tcp 10.0.2.19 51445 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:23:49.636956 0.303195 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:49.728402 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:23:49.940487 0.237749 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:50.178629 0.156658 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:50.335606 0.263215 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:50.599162 0.208619 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:50.808151 0.324381 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:51.132920 0.174059 udp 10.0.2.19 1701 <-> 94.66.186.110 15516 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:51.307366 0.216882 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:51.524692 0.120120 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:51.645222 0.467520 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:52.113123 0.149876 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:52.263436 0.258872 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:23:52.522680 0.000000 udp 10.0.2.19 1701 -> 181.165.82.66 7252 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:24:07.805707 0.165281 tcp 10.0.2.19 51446 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:24:07.971250 0.219998 tcp 10.0.2.19 51447 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:24:08.191777 0.358023 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:08.550242 0.683744 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:09.234359 0.156397 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:09.391124 0.238716 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:09.630211 0.470855 udp 10.0.2.19 1701 <-> 180.183.68.61 23507 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:10.101468 0.153222 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:10.255004 0.000000 udp 10.0.2.19 1701 -> 190.75.245.104 7494 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:24:21.733990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:24:27.323804 1.868644 tcp 10.0.2.19 51448 -> 173.194.70.99 80 FSPA* 0 0 11 1892 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:24:27.492174 0.197815 tcp 10.0.2.19 51449 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:24:27.690563 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:24:43.896944 0.175770 tcp 10.0.2.19 51450 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:24:44.072839 0.193749 tcp 10.0.2.19 51451 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:24:44.267188 0.302610 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:44.570277 0.233731 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:44.804390 0.262359 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:45.067134 0.260095 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:45.327631 0.214459 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:45.542474 0.192366 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:45.735247 0.432407 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:46.168042 0.208632 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:46.377067 0.254670 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:46.632124 0.234476 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:46.866956 0.253605 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:47.120996 2.061187 udp 10.0.2.19 1701 <-> 189.224.58.24 26073 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:49.182549 0.223884 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:49.406797 0.218705 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:49.625845 0.223832 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:49.850105 0.308100 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:24:50.158557 0.226629 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:30:25.740010 3.001430 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:30:32.747424 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:30:40.749303 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:30:56.752059 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:31:28.758103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:37:32.763822 3.001646 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:37:42.725468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:37:50.727341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:38:06.730042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:38:38.736598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:43:17.537639 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 05:43:17.537759 0.863963 tcp 10.0.2.19 51452 -> 90.156.118.144 5237 FSPA* 0 0 14 1681 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:44:46.747368 3.002231 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:44:53.755762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:45:01.757257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:45:17.759745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:45:49.765950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:51:53.772009 3.001646 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 05:52:00.779877 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:52:08.781420 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:52:24.784077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:52:56.790184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:54:56.492102 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 05:54:56.492275 0.000000 udp 10.0.2.19 1701 -> 85.72.34.37 1112 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:55:14.440574 0.175181 tcp 10.0.2.19 51453 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:55:14.615580 0.203973 tcp 10.0.2.19 51454 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:55:14.820090 0.000000 udp 10.0.2.19 1701 -> 99.103.236.242 1625 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:55:31.253319 0.166348 tcp 10.0.2.19 51455 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:55:31.419254 0.194806 tcp 10.0.2.19 51456 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:55:31.614636 0.000000 udp 10.0.2.19 1701 -> 181.165.82.66 7252 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:55:49.029078 0.164501 tcp 10.0.2.19 51457 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:55:49.193749 0.213218 tcp 10.0.2.19 51458 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:55:49.407547 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:56:04.901348 0.165641 tcp 10.0.2.19 51459 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:56:05.066896 0.194761 tcp 10.0.2.19 51460 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:56:05.262334 0.000000 udp 10.0.2.19 1701 -> 190.75.245.104 7494 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:56:21.656269 0.163294 tcp 10.0.2.19 51461 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:56:21.819830 0.196529 tcp 10.0.2.19 51462 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:56:22.016952 0.219783 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:22.237125 0.283047 udp 10.0.2.19 1701 <-> 1.23.68.2 8721 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:22.520577 0.258176 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:22.779111 0.154753 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:22.934265 0.238386 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:23.173012 0.287978 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:23.461337 0.319869 udp 10.0.2.19 1701 <-> 190.206.29.96 13874 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:23.781569 0.211196 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:23.993127 0.000000 udp 10.0.2.19 1701 -> 94.66.186.110 15516 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 05:56:41.624659 0.164913 tcp 10.0.2.19 51463 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:56:41.789692 0.205472 tcp 10.0.2.19 51464 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 05:56:41.996350 0.216744 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:42.213497 0.119393 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:42.333250 0.465774 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:42.799417 0.272778 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:43.072561 0.148447 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:43.221379 0.374472 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:43.596194 0.240128 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:43.836742 0.900086 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:44.737232 0.159277 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:44.896845 0.493884 udp 10.0.2.19 1701 <-> 180.183.68.61 23507 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:45.391084 0.170855 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:45.562494 0.270116 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:45.832993 0.287845 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:46.121193 0.217870 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:46.339443 0.192334 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:46.532178 0.217519 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:46.750233 0.252515 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:47.003167 0.431712 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:47.435277 0.225279 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:47.660956 0.261528 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:47.922860 0.226647 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:48.149881 0.252080 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:48.402350 0.215554 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:48.618275 0.270354 udp 10.0.2.19 1701 <-> 189.224.58.24 26073 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:48.889021 0.202950 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:49.092372 0.214418 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:49.307192 0.222783 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:56:49.530353 0.302240 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 05:59:00.796029 3.001421 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 05:59:07.803281 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:59:15.804694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 05:59:31.807554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:00:03.814162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:06:07.819554 3.001807 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:06:14.827033 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:06:22.828628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:06:38.831988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:07:10.837975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:13:14.844012 3.001898 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:13:18.406884 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 06:13:18.406989 0.931017 tcp 10.0.2.19 51465 -> 90.156.118.144 5237 FSPA* 0 0 14 1604 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:13:21.851512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:13:29.853204 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:13:45.855552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:14:17.861559 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:20:21.867424 3.002072 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:20:28.875175 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:20:36.877000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:20:52.879920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:21:24.885661 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:27:01.880992 0.000053 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 06:27:01.881100 0.000000 udp 10.0.2.19 1701 -> 94.66.186.110 15516 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:27:19.728672 0.178518 tcp 10.0.2.19 51466 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:27:19.907376 0.191597 tcp 10.0.2.19 51467 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:27:20.099544 0.261834 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:20.361770 0.222272 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:20.584414 0.000000 udp 10.0.2.19 1701 -> 1.23.68.2 8721 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:27:28.892462 3.000859 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:27:35.899616 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:27:38.174324 0.164111 tcp 10.0.2.19 51468 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:27:38.338531 0.207467 tcp 10.0.2.19 51469 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:27:38.546631 0.000000 udp 10.0.2.19 1701 -> 190.206.29.96 13874 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:27:43.900880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:27:55.117808 0.164083 tcp 10.0.2.19 51470 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:27:55.282247 0.200384 tcp 10.0.2.19 51471 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:27:55.483180 0.182420 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:55.665945 0.242146 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:55.908458 0.285789 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:56.194645 0.206575 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:56.401615 0.122850 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:56.524858 0.468211 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:56.993456 0.219856 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:57.213708 0.359892 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:57.574001 0.235308 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:57.809686 0.258107 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:58.068138 0.145669 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:58.220895 1.267606 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:59.488863 0.166157 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:27:59.655447 0.000000 udp 10.0.2.19 1701 -> 180.183.68.61 23507 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:27:59.904014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:28:15.547224 0.167371 tcp 10.0.2.19 51472 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:28:15.714781 0.212095 tcp 10.0.2.19 51473 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:28:15.927431 0.160024 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:16.087833 0.267077 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:16.355283 0.196843 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:16.552508 0.219332 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:16.772241 0.258135 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:17.030729 0.275533 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:17.306619 0.209269 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:17.516288 0.753463 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:18.270135 0.445106 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:18.715614 0.256550 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:18.972539 0.227298 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:19.200235 0.266218 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:19.466866 0.215517 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:19.682752 0.218802 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:19.901965 0.225307 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:20.127650 0.315930 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:20.443961 0.452447 udp 10.0.2.19 1701 <-> 189.224.58.24 26073 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:20.896786 0.204546 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:28:31.910216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:34:35.915644 3.001678 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:34:42.923086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:34:50.924939 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:35:06.927846 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:35:38.933543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:41:42.939417 3.001966 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:41:49.947059 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:41:57.948652 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:42:13.951888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:42:45.957783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:43:19.346148 0.036770 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 06:43:19.383112 1.567379 tcp 10.0.2.19 51474 -> 90.156.118.144 5237 FSPA* 0 0 14 1525 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:48:49.963293 3.002049 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:48:56.970908 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:49:04.972441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:49:20.976019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:49:54.353747 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:56:02.365592 3.001519 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 06:56:09.372645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:56:17.374230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:56:33.377702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:57:05.383127 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 06:58:39.168607 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 06:58:39.168777 0.000000 udp 10.0.2.19 1701 -> 1.23.68.2 8721 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:58:56.185141 0.164279 tcp 10.0.2.19 51475 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:58:56.349798 0.209095 tcp 10.0.2.19 51476 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:58:56.559624 0.000000 udp 10.0.2.19 1701 -> 190.206.29.96 13874 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:59:15.481482 0.163951 tcp 10.0.2.19 51477 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:59:15.645028 0.196306 tcp 10.0.2.19 51478 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:59:15.841969 0.000000 udp 10.0.2.19 1701 -> 180.183.68.61 23507 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:59:33.889387 0.189430 tcp 10.0.2.19 51479 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:59:34.079163 0.196503 tcp 10.0.2.19 51480 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:59:34.276252 0.266221 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:34.543005 0.223586 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:34.767069 0.159876 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:34.927536 0.205248 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:35.133165 0.121513 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:35.255326 0.292132 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:35.548052 0.234114 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:35.782520 0.358315 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:36.141249 0.249496 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:36.391105 0.465295 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:36.856860 0.218570 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:37.075787 0.263341 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:37.339519 0.170896 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:37.510804 0.802472 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:38.313623 0.157383 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:38.471429 0.153820 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:38.625599 0.226560 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:38.852526 0.187954 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:39.040828 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 06:59:57.442294 0.170381 tcp 10.0.2.19 51481 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:59:57.613028 0.203503 tcp 10.0.2.19 51482 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 06:59:57.817076 0.227230 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:58.044689 0.252012 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:58.297090 0.222619 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:58.520061 0.259374 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:58.779830 0.433016 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:59.213291 0.254677 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:59.468336 0.227576 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:59.696282 0.248538 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 06:59:59.945208 0.220601 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:00:00.166297 0.305251 udp 10.0.2.19 1701 <-> 201.214.0.19 8159 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:00:00.471903 0.212387 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:00:00.684673 0.219059 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:00:00.904115 0.000000 udp 10.0.2.19 1701 -> 189.224.58.24 26073 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 07:00:17.350945 0.175309 tcp 10.0.2.19 51483 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:00:17.525925 0.196421 tcp 10.0.2.19 51484 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:00:17.722923 0.201936 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:03:10.390437 3.001807 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 07:03:17.398209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:03:25.399690 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:03:41.402770 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:04:13.408964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:10:42.422824 2.999319 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 07:10:49.428496 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:10:57.429808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:11:13.432529 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:11:45.438702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:13:21.627702 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 07:13:21.627916 0.741643 tcp 10.0.2.19 51485 -> 90.156.118.144 5237 FSPA* 0 0 14 1561 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:17:49.444786 3.001240 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 07:17:56.451997 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:18:04.453579 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:18:20.456565 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:18:52.462776 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:24:56.468449 3.001951 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 07:25:03.475990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:25:11.477859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:25:27.480833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:25:59.486799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:30:35.553614 0.000139 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 07:30:35.553869 0.229145 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:35.783377 0.000000 udp 10.0.2.19 1701 -> 189.224.58.24 26073 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 07:30:54.303299 0.165900 tcp 10.0.2.19 51486 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:30:54.468960 0.196977 tcp 10.0.2.19 51487 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:30:54.666527 0.216196 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:54.883071 0.122455 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:55.005854 0.294656 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:55.300885 0.155577 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:55.456853 0.237774 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:55.695009 0.260820 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:55.956222 0.349822 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:56.306403 0.236055 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:56.542858 0.234810 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:56.778084 0.266761 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:57.045222 0.464370 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:57.509974 0.213616 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:57.724011 0.146880 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:57.871316 0.267206 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:58.138892 0.204798 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:58.344092 0.973960 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:59.318417 0.160804 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:59.479625 0.150149 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:59.630173 0.214088 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:30:59.844662 0.263373 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:00.108489 0.424621 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:00.533492 0.258788 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:00.792672 0.252531 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:01.045553 0.274896 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:01.320906 0.214803 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:01.536089 0.000000 udp 10.0.2.19 1701 -> 201.214.0.19 8159 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 07:31:18.647457 0.164912 tcp 10.0.2.19 51488 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:31:18.811941 0.203638 tcp 10.0.2.19 51489 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:31:19.016157 0.224195 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:19.240690 0.219512 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:19.460553 0.259634 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:19.720607 0.228009 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:31:19.948961 0.204229 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 07:32:03.492538 3.001588 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 07:32:10.500251 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:32:18.501216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:32:34.504381 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:33:06.510262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:39:10.516438 3.002061 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 07:39:17.524319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:39:25.525796 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:39:41.528224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:40:13.534415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:43:22.376183 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 07:43:22.376420 1.523803 tcp 10.0.2.19 51490 -> 90.156.118.144 5237 FSPA* 0 0 14 1610 flow=From-Botnet-V2-TCP-Established 1970/01/05 07:46:17.539940 3.002046 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 07:46:24.547990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:46:32.549467 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:46:48.552675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:47:21.299917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:53:25.305024 3.002087 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 07:53:32.312712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:53:40.314227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:53:56.317349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 07:54:28.323701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:00:33.560660 3.002639 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:00:44.024057 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:00:52.025580 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:01:08.028741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:01:25.003169 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 08:01:25.003368 0.000000 udp 10.0.2.19 1701 -> 201.214.0.19 8159 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 08:01:40.034423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:01:40.166638 0.186250 tcp 10.0.2.19 51491 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 08:01:40.352565 0.200763 tcp 10.0.2.19 51492 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 08:01:40.553901 0.253775 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:40.808048 0.275277 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:41.083694 0.156125 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:41.240164 0.209503 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:41.450035 0.129133 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:41.579515 0.355578 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:41.935465 0.244307 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:42.180185 0.260860 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:42.441409 0.223949 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:42.665781 0.474207 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:43.140333 0.256113 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:43.396866 0.235503 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:43.632754 0.246675 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:43.879949 0.193708 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:44.074246 0.147708 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:44.222522 0.226459 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:44.449394 0.162341 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:44.612133 1.074054 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:45.686552 0.152283 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:45.839218 0.439368 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:46.278957 0.216244 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:46.495566 0.266150 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 588 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:46.762258 0.229338 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:46.991991 0.208796 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:47.201197 0.280630 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:47.482348 0.261161 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:47.743898 0.224561 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:47.968842 0.235110 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:48.204307 0.229832 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:48.434533 0.260622 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 573 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:01:48.780180 0.229986 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:07:47.044114 3.002419 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:07:54.052413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:08:02.053868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:08:18.056300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:08:50.063034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:13:26.550980 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 08:13:26.551192 0.853709 tcp 10.0.2.19 51493 -> 90.156.118.144 5237 FSPA* 0 0 14 1509 flow=From-Botnet-V2-TCP-Established 1970/01/05 08:14:54.068115 3.002579 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:15:01.076342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:15:09.077409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:15:25.080431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:15:57.427330 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:22:01.432474 3.002407 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:22:08.440616 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:22:16.442235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:22:32.444822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:23:04.451014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:29:08.456702 3.001950 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:29:15.464723 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:29:23.465550 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:29:39.468748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:30:11.474882 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:32:05.359003 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 08:32:05.359223 0.157171 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:05.516858 0.208271 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:05.725586 0.126489 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:05.852523 0.339203 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:06.192170 0.226806 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:06.419429 0.286126 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:06.705978 0.242041 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:06.948367 0.255920 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:07.204665 0.224835 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:07.429906 0.480555 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:07.910819 0.281079 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:08.192247 0.191405 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:08.383983 0.146208 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:08.530570 0.262783 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:08.793774 0.236138 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:09.030331 0.320319 udp 10.0.2.19 1701 <-> 188.169.30.5 14298 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:09.351010 0.158645 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:09.510009 0.441398 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:09.951811 0.214806 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:10.166948 1.029964 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:11.197344 0.161264 udp 10.0.2.19 1701 <-> 109.242.6.156 19662 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:11.358959 0.267431 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:11.626793 0.230472 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:11.857638 0.227278 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:12.085278 0.259454 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:12.345133 0.262650 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:12.608158 0.202965 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:12.811521 0.270136 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:13.082032 0.256175 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:13.338611 0.237452 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:32:13.576442 0.229443 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 08:36:15.480531 3.002049 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:36:22.488288 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:36:30.490452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:36:46.492888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:37:18.498844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:43:22.504991 3.001610 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:43:27.580035 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 08:43:27.580198 3.463958 tcp 10.0.2.19 51494 -> 90.156.118.144 5237 FSPA* 0 0 14 1711 flow=From-Botnet-V2-TCP-Established 1970/01/05 08:43:29.512044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:43:37.513761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:43:53.516700 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:44:25.523024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:50:29.528450 3.002430 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:50:36.536443 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:50:44.537532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:51:00.540657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:51:32.546704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:57:36.553037 3.001767 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 08:57:43.560491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:57:51.562272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:58:07.565014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 08:58:39.571002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:02:20.618613 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 09:02:20.618796 0.154749 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:20.773937 0.371953 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 575 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:21.146286 0.228290 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:21.374949 0.209826 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:21.585164 0.113428 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:21.698924 0.284587 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:21.983930 0.239168 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:22.223468 0.255961 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:22.479836 0.226136 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:22.706336 0.192011 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:22.898703 0.148555 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:23.047661 0.486833 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:23.534848 0.137895 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:23.673147 0.263434 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:23.936960 0.237364 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:24.174755 0.000000 udp 10.0.2.19 1701 -> 188.169.30.5 14298 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 09:02:39.587053 0.163720 tcp 10.0.2.19 51495 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:02:39.750612 0.196867 tcp 10.0.2.19 51496 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:02:39.948055 0.173865 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:40.122305 0.426615 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:40.549271 0.000000 udp 10.0.2.19 1701 -> 66.226.34.247 4310 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 09:02:57.042561 0.164583 tcp 10.0.2.19 51497 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:02:57.207419 0.197624 tcp 10.0.2.19 51498 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:02:57.405582 0.277309 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:57.683264 0.928831 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:02:58.612466 0.000000 udp 10.0.2.19 1701 -> 109.242.6.156 19662 INT 0 1 103 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 09:03:15.769428 0.165351 tcp 10.0.2.19 51499 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:03:15.934680 0.206942 tcp 10.0.2.19 51500 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:03:16.142256 0.226408 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:16.369062 0.204826 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:16.574344 0.261437 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:16.836155 0.223819 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:17.060348 0.252656 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:17.313427 0.245211 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:17.559045 0.199548 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:17.758964 0.256852 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:03:18.016160 0.224934 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:04:43.576268 3.001968 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 09:04:50.584040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:04:58.585431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:05:14.588799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:05:46.594689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:11:50.600369 3.002595 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 09:11:57.607838 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:12:05.610100 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:12:21.612947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:12:53.618411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:13:31.053031 0.000109 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 09:13:31.053236 0.106975 tcp 10.0.2.19 51501 -> 90.156.118.144 5237 SPA_* 0 0 9 1218 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:01.158415 0.164158 tcp 10.0.2.19 51502 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:01.262055 0.275936 tcp 10.0.2.19 51501 -> 90.156.118.144 5237 FA_FA 0 0 4 216 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:01.322739 0.195079 tcp 10.0.2.19 51503 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:01.538178 3.002161 tcp 10.0.2.19 51504 -> 190.60.50.180 4059 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:14:10.539233 0.000000 tcp 10.0.2.19 51504 -> 190.60.50.180 4059 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:14:16.539560 2.062965 tcp 10.0.2.19 51505 -> 173.194.70.99 80 FSPA* 0 0 11 1892 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:16.704418 0.216214 tcp 10.0.2.19 51506 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:16.931712 0.168993 tcp 10.0.2.19 51507 -> 77.50.112.98 27555 SPA_* 0 0 9 1218 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:32.909372 0.369727 tcp 10.0.2.19 51507 -> 77.50.112.98 27555 FA_FA 0 0 4 216 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:32.910971 0.164543 tcp 10.0.2.19 51508 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:33.075323 0.193942 tcp 10.0.2.19 51509 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:33.279325 1.825609 tcp 10.0.2.19 51510 -> 46.48.220.55 23394 FSPA* 0 0 13 1434 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:34.719783 0.165782 tcp 10.0.2.19 51511 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:34.885870 0.202052 tcp 10.0.2.19 51512 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:35.105154 3.003536 tcp 10.0.2.19 51513 -> 176.62.240.159 19094 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:14:44.107544 0.000000 tcp 10.0.2.19 51513 -> 176.62.240.159 19094 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:14:50.107236 0.560388 tcp 10.0.2.19 51514 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:50.667354 0.203314 tcp 10.0.2.19 51515 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:14:51.086609 2.995294 tcp 10.0.2.19 51516 -> 31.192.42.213 2390 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:15:00.090798 0.000000 tcp 10.0.2.19 51516 -> 31.192.42.213 2390 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:15:06.080612 0.171727 tcp 10.0.2.19 51517 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:15:06.252289 0.196834 tcp 10.0.2.19 51518 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:15:06.499020 2.995018 tcp 10.0.2.19 51519 -> 190.255.3.74 5982 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:15:15.492492 0.000000 tcp 10.0.2.19 51519 -> 190.255.3.74 5982 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 09:15:21.492467 0.165926 tcp 10.0.2.19 51520 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:15:21.658208 0.210950 tcp 10.0.2.19 51521 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:15:21.975911 1.184580 tcp 10.0.2.19 51522 -> 85.67.124.167 6761 FSPA* 0 0 15 1779 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:18:57.824843 3.002039 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 09:19:04.832396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:19:12.834355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:19:28.836976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:20:00.843105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:26:04.848946 3.001869 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 09:26:11.856405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:26:19.857704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:26:35.861216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:27:07.866902 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:33:11.872422 3.002044 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 09:33:18.880782 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:33:26.882329 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:33:42.884897 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:33:44.287119 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 09:33:44.287347 0.000000 udp 10.0.2.19 1701 -> 188.169.30.5 14298 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 09:34:00.753395 0.164321 tcp 10.0.2.19 51523 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:34:00.917987 0.195857 tcp 10.0.2.19 51524 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:34:01.114620 0.226370 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 573 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:01.341342 0.000000 udp 10.0.2.19 1701 -> 109.242.6.156 19662 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 09:34:14.891069 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:34:19.899129 0.176077 tcp 10.0.2.19 51525 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:34:20.075390 0.204282 tcp 10.0.2.19 51526 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:34:20.280226 0.225945 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:20.506573 0.338455 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:20.845416 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 09:34:38.145953 0.166026 tcp 10.0.2.19 51527 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:34:38.312302 0.206406 tcp 10.0.2.19 51528 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:34:38.519249 0.219308 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:38.738960 0.261335 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:39.000679 0.274347 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:39.275380 0.236620 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:39.512401 0.287792 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:39.800558 0.192425 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:39.993332 0.146565 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:40.140265 0.473004 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:40.613649 0.271779 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:40.885783 0.237195 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:41.123347 0.256892 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:41.380631 0.361010 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:41.742067 0.434449 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:42.176885 0.162302 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:42.339576 0.257935 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:42.597909 0.923015 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:43.521296 0.221221 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:43.742848 0.218424 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:43.961667 0.255361 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:44.217442 0.211534 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:44.429331 0.250762 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:44.680441 0.221187 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:44.902140 0.229416 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:45.131984 0.206328 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:34:45.338679 0.258377 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 09:40:18.896287 3.002516 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 09:40:25.903990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:40:33.906114 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:40:49.908760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:41:21.914569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:45:23.162070 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 09:45:23.162184 0.736474 tcp 10.0.2.19 51529 -> 85.67.124.167 6761 FSPA* 0 0 14 1510 flow=From-Botnet-V2-TCP-Established 1970/01/05 09:47:25.920690 3.001509 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 09:47:32.928230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:47:40.929697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:47:56.932729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:48:33.488440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:54:37.050975 3.001647 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 09:54:44.058470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:54:52.059970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:55:08.062900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 09:55:40.069105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:01:46.077560 3.001583 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:01:53.084941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:02:01.086773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:02:17.089861 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:02:50.928190 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:04:54.566628 0.000161 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 10:04:54.566919 0.165737 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:54.733071 0.214390 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:54.947831 0.218588 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:55.166794 0.359260 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:55.526456 0.214590 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:55.741411 0.256211 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:55.997998 0.275372 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:56.273727 0.236104 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:56.510202 0.119647 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:56.630189 0.466938 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:57.097466 0.197077 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:57.294902 0.148128 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 219 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:04:57.443430 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 10:05:12.674458 0.164695 tcp 10.0.2.19 51530 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 10:05:12.839289 0.196961 tcp 10.0.2.19 51531 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 10:05:13.036823 0.255974 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:13.293202 0.258165 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:13.551739 0.299485 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:13.851618 0.260308 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:14.112324 0.424701 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:14.537385 0.194301 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:14.732028 0.755931 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:15.488316 0.239758 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:15.728500 0.223073 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:15.951946 0.257642 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:16.210164 0.212373 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:16.422894 0.251323 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:16.674583 0.193281 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:16.868216 0.252426 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:17.120990 0.218980 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:05:17.340346 0.228488 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:08:54.933698 3.002550 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:09:01.941660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:09:09.943298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:09:25.945943 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:09:57.952447 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:15:28.036909 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 10:15:28.037079 0.824585 tcp 10.0.2.19 51532 -> 85.67.124.167 6761 FSPA* 0 0 14 1627 flow=From-Botnet-V2-TCP-Established 1970/01/05 10:16:04.311479 3.001585 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:16:11.319288 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:16:19.320764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:16:35.323840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:17:07.329449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:23:11.335476 4.504044 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:23:19.845324 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:23:27.846605 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:23:43.849496 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:24:15.855955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:30:19.861533 3.001495 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:30:26.869341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:30:34.870902 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:30:50.873905 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:31:23.740764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:39:46.140376 0.000187 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 10:39:46.140754 0.237679 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:39:46.379078 0.155953 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:39:46.535630 0.220118 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:39:46.756144 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 10:40:02.646257 0.164736 tcp 10.0.2.19 51533 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 10:40:02.810901 0.212880 tcp 10.0.2.19 51534 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 10:40:03.024382 0.345923 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:03.370686 0.207274 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:03.578345 0.240755 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:03.819441 0.112174 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:03.931934 1.100436 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:05.032713 0.280042 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:05.313099 0.480028 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:05.793535 0.185643 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:05.979507 0.147349 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:06.127200 0.235657 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:06.363207 0.260768 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:06.624323 0.151156 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:06.775835 0.267599 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:07.043800 0.438842 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:07.483066 0.166017 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:07.649415 1.002047 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:08.651867 0.238503 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:08.890742 0.203951 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:09.095040 0.265923 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:09.361349 0.218666 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:09.580431 0.255025 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:09.835818 0.248352 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:10.084556 0.199987 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:10.284916 0.215049 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:40:10.500315 0.228349 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 10:41:50.190197 3.002393 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:41:57.198309 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:42:05.199520 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:42:21.202374 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:42:53.208491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:48:57.214364 3.001741 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:49:11.250270 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:49:19.150425 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:49:34.946044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:49:56.785041 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 10:49:56.785219 0.913382 tcp 10.0.2.19 51535 -> 85.67.124.167 6761 FSPA* 0 0 15 1626 flow=From-Botnet-V2-TCP-Established 1970/01/05 10:50:06.518773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:56:06.361908 3.001662 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 10:56:13.369241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:56:21.370802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:56:40.428209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 10:57:12.433676 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:03:19.444078 3.001909 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:03:26.451589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:03:34.453103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:03:50.456422 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:04:22.892870 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:10:26.898554 3.002416 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:10:31.543572 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 11:10:31.543681 0.247067 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:31.791127 0.153944 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:31.945434 0.289741 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:32.235571 0.304420 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:32.540356 0.342967 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:32.883680 0.206939 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:33.090995 0.238026 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:33.329448 0.113523 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:33.443334 0.258722 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:33.702445 0.271870 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:33.906740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:10:33.974693 0.150151 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:34.125232 0.472796 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:34.598386 0.190270 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:34.789032 0.233677 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:35.023064 0.266285 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:35.289741 0.150415 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:35.440573 0.156148 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:35.597114 0.268777 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:35.866408 0.425239 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:36.292014 0.203913 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:36.496333 0.910992 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:37.407654 0.272741 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:37.680787 0.264557 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:37.945746 0.214131 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:38.160245 0.254919 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:38.415577 0.217220 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:38.633219 0.262966 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:38.896552 0.196305 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:39.093250 0.227291 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:10:41.907631 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:10:57.911261 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:11:29.916703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:17:33.922984 3.002056 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:17:40.930620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:17:48.931774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:18:07.028147 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:18:39.033825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:19:57.216450 0.580766 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/05 11:19:57.797356 0.840388 tcp 10.0.2.19 51536 -> 85.67.124.167 6761 FSPA* 0 0 15 1639 flow=From-Botnet-V2-TCP-Established 1970/01/05 11:24:43.320484 3.001480 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:24:50.327654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:24:58.329127 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:25:14.332092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:25:46.338146 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:31:50.344286 3.001565 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:31:57.351837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:32:05.353210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:32:21.356005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:32:53.361950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:39:01.633749 3.002388 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:39:08.641571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:39:16.643218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:39:32.646130 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:40:04.652407 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:41:03.276708 0.000128 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 11:41:03.276943 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 11:41:18.551522 0.165548 tcp 10.0.2.19 51537 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 11:41:18.717369 0.205942 tcp 10.0.2.19 51538 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 11:41:18.923881 0.232064 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:19.156339 0.154100 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:19.310809 0.220058 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:19.531219 0.341155 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:19.872751 0.220710 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:20.093923 0.242798 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:20.337138 0.116158 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:20.453677 0.152484 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:20.606523 0.260217 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:20.867252 0.266729 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:21.134369 0.244967 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:21.379711 0.472445 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:21.852573 0.187951 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:22.040922 0.258447 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:22.316075 0.152203 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:22.468634 0.152761 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:22.621811 0.258227 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:22.880384 0.434538 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:23.315290 0.221556 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:23.537286 0.935271 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:24.472915 0.218024 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:24.691361 0.257830 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:24.949609 0.213372 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:25.163378 0.262014 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:25.425778 0.256136 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:25.682312 0.226576 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:25.909383 0.199790 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:41:26.109561 0.227763 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 11:46:13.665236 3.001865 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:46:20.673226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:46:28.674091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:46:44.677785 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:47:16.683366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:50:00.720162 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 11:50:00.720346 1.181711 tcp 10.0.2.19 51539 -> 85.67.124.167 6761 FSPA* 0 0 15 1783 flow=From-Botnet-V2-TCP-Established 1970/01/05 11:53:20.689302 3.002113 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 11:53:27.696838 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:53:35.698435 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:53:51.701532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 11:54:23.978079 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:00:28.624531 3.001814 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 12:00:35.632211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:00:43.634157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:00:59.636906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:01:32.243847 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:11:02.255298 3.001962 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 12:11:09.263178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:11:17.264901 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:11:29.111875 0.000054 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 12:11:29.111990 0.222091 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:29.334512 0.212939 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:29.547856 0.219855 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:29.768095 0.156360 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:29.924825 0.356465 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:30.281664 0.203633 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:30.485719 0.243952 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:30.730239 0.142306 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:30.872990 0.220816 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:31.094235 0.258289 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:31.352943 0.266329 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:31.619712 0.240216 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:31.860302 0.473545 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:32.334240 0.189479 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:32.524108 0.265508 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:32.790007 0.259353 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:33.049724 0.241484 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:33.267592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:11:33.291571 0.164659 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:33.456682 0.435558 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:33.892680 0.219148 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:34.112206 0.829661 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:34.942350 0.216076 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:35.158826 0.260651 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:35.419909 0.224287 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:35.644611 0.223691 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:35.868673 0.204818 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:36.073920 0.274345 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:36.348641 0.254409 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:11:36.603439 0.248099 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:12:05.273697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:18:09.279568 3.001871 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 12:18:16.287098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:18:24.288762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:18:40.292119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:19:12.297727 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:20:02.650660 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 12:20:02.650865 0.776612 tcp 10.0.2.19 51540 -> 85.67.124.167 6761 FSPA* 0 0 14 1734 flow=From-Botnet-V2-TCP-Established 1970/01/05 12:25:16.303539 3.001627 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 12:25:23.311039 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:25:31.312937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:25:47.315857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:26:19.322154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:32:23.327125 3.002267 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 12:32:30.334873 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:32:38.336928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:32:54.340056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:33:26.345926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:39:30.351991 3.001476 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 12:39:37.359390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:39:45.360250 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:40:01.363522 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:40:33.369446 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:41:39.124695 0.000077 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 12:41:39.124878 0.217504 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:39.342805 0.228511 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:39.571684 0.214195 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:39.786259 0.216810 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:40.003438 0.176429 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:40.180217 0.356116 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:40.536696 0.267304 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:40.804429 0.111713 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:40.916592 0.145889 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:41.062851 0.289275 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:41.352508 0.257360 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:41.610265 0.271432 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:41.882068 0.468380 udp 10.0.2.19 1701 <-> 223.207.22.66 25906 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:42.350821 0.214265 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:42.565520 0.264042 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:42.830002 0.265073 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:43.095501 0.155910 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:43.251774 0.150890 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:43.403076 0.437996 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:43.841480 0.215291 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:44.057194 0.607673 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:44.665228 0.215623 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:44.881316 0.261144 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:45.142835 0.224888 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:45.368175 0.225706 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:45.594356 0.205863 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:45.800609 0.261801 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:46.062798 0.302533 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:41:46.365693 0.240742 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 12:46:37.375570 4.483938 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/05 12:46:43.862142 4.005718 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/05 12:46:55.869325 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:47:11.872778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:47:43.938599 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:50:05.112772 0.000063 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 12:50:05.113020 0.813866 tcp 10.0.2.19 51541 -> 85.67.124.167 6761 FSPA* 0 0 15 1729 flow=From-Botnet-V2-TCP-Established 1970/01/05 12:53:50.948685 3.002332 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 12:53:57.956038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:54:05.957685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:54:21.960830 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 12:54:53.967297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:00:57.972774 3.001477 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 13:01:04.980393 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:01:12.982347 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:01:28.984779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:02:00.990999 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:11:13.998012 3.002048 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 13:11:21.006035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:11:29.007823 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:11:45.010865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:11:52.011156 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 13:11:52.011381 0.220017 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:11:52.231786 0.225835 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:11:52.458073 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 94 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 13:12:10.961077 0.168753 tcp 10.0.2.19 51542 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:12:11.129198 0.205825 tcp 10.0.2.19 51543 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:12:11.335771 0.350736 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:11.686902 0.225530 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:11.912846 0.210289 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:12.123557 0.237360 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:12.361310 0.134194 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:12.495881 0.147503 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:12.643756 0.243014 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:12.887140 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 13:12:17.016874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:12:31.328130 0.177987 tcp 10.0.2.19 51544 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:12:31.506393 0.211939 tcp 10.0.2.19 51545 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:12:31.718895 0.203571 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:31.922829 0.271703 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:32.194947 0.000000 udp 10.0.2.19 1701 -> 223.207.22.66 25906 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 13:12:47.812130 0.167113 tcp 10.0.2.19 51546 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:12:47.979506 0.203250 tcp 10.0.2.19 51547 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:12:48.183278 0.263915 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:48.447573 0.256835 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:48.704771 0.142033 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:48.847179 0.162801 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:49.010379 0.961486 udp 10.0.2.19 1701 <-> 190.175.199.126 4258 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:49.972206 0.436053 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:50.408660 0.207576 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:50.616628 0.221848 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:50.838854 0.258938 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:51.098195 0.214626 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:51.313174 0.215014 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:51.528632 0.254554 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:51.783610 0.239838 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:52.023868 0.205561 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:12:52.229829 0.287656 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:18:21.022223 3.001710 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 13:18:28.029884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:18:36.031620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:18:52.034446 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:19:24.040612 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:20:05.930984 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 13:20:05.931158 0.776641 tcp 10.0.2.19 51548 -> 85.67.124.167 6761 FSPA* 0 0 15 1646 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:25:28.046436 3.002029 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 13:25:35.054003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:25:43.055241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:25:59.058553 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:26:31.064823 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:32:35.070310 3.002251 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 13:32:42.077803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:32:50.079341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:33:06.082523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:33:38.088290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:39:42.095188 3.001107 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 13:39:49.102268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:39:57.103084 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:40:13.106678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:40:45.112828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:43:20.616849 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 13:43:20.617036 0.153795 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:20.771243 0.255418 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:21.027096 0.000000 udp 10.0.2.19 1701 -> 223.207.22.66 25906 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 13:43:39.015522 0.164698 tcp 10.0.2.19 51549 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:43:39.180461 0.906143 tcp 10.0.2.19 51550 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:43:40.087536 0.225336 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:40.313213 0.283755 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:40.597345 0.360177 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:40.957898 0.208228 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:41.166513 0.148145 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:41.315056 0.110459 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:41.425959 0.235761 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:41.662224 0.223967 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:41.886612 0.236409 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:42.123400 0.193012 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:42.316808 0.265865 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:42.583076 0.265981 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:42.849475 0.496786 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:43.346708 0.381041 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:43.728138 0.155497 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:43:43.884004 0.000000 udp 10.0.2.19 1701 -> 190.175.199.126 4258 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 13:44:02.247105 0.174206 tcp 10.0.2.19 51551 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:44:02.421204 0.206122 tcp 10.0.2.19 51552 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:44:02.627905 0.443508 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:03.071805 0.213639 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:03.285797 0.000000 udp 10.0.2.19 1701 -> 99.111.237.222 7154 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 13:44:22.135545 0.168296 tcp 10.0.2.19 51553 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:44:22.304097 0.208792 tcp 10.0.2.19 51554 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:44:22.513574 0.278108 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:22.792034 0.229845 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:23.022303 0.240979 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:23.263663 0.217710 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:23.481804 0.255768 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:23.737966 0.196560 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:44:23.934877 0.270368 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 13:46:49.438608 3.001911 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 13:46:56.446326 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:47:04.447998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:47:20.451156 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:47:52.456916 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:50:07.030823 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 13:50:07.031116 0.687622 tcp 10.0.2.19 51555 -> 85.67.124.167 6761 FSPA* 0 0 15 1689 flow=From-Botnet-V2-TCP-Established 1970/01/05 13:53:56.462801 3.001593 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 13:54:03.470477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:54:11.472001 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:54:27.474872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 13:54:59.480923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:01:03.486537 3.002302 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:01:10.494029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:01:18.495592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:01:34.498779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:02:06.505162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:11:16.517807 3.001953 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:11:23.526271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:11:31.527409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:11:47.530754 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:12:19.536539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:14:39.187036 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 14:14:39.187140 0.000000 udp 10.0.2.19 1701 -> 190.175.199.126 4258 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 14:14:56.434873 0.169423 tcp 10.0.2.19 51556 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 14:14:56.604613 0.205796 tcp 10.0.2.19 51557 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 14:14:56.810971 0.234783 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:57.046224 0.200210 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:57.246786 0.254386 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:57.501609 0.365180 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:57.867182 0.231567 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:58.099132 0.240314 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:58.339819 0.211812 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:58.552009 0.209683 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:58.762192 0.243340 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:59.005929 0.148008 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:59.154327 0.241293 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:59.396009 0.259427 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:14:59.655814 0.707863 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:00.364054 0.196746 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:00.561151 0.284104 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:00.845625 0.254363 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:01.100375 0.365115 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:01.465919 0.158019 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:01.624321 0.429115 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:02.053779 0.207775 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:02.261945 0.253086 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:02.515425 0.228511 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:02.744325 0.227326 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:02.972080 0.199659 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:03.172105 0.263783 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:03.436270 0.227479 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:15:03.664220 0.255154 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:18:23.541793 3.002223 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:18:30.550199 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:18:38.551497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:18:54.553930 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:19:26.559888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:20:07.720056 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 14:20:07.720247 0.846401 tcp 10.0.2.19 51558 -> 85.67.124.167 6761 FSPA* 0 0 15 1718 flow=From-Botnet-V2-TCP-Established 1970/01/05 14:25:30.565723 3.002121 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:25:37.573690 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:25:45.575330 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:26:01.578550 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:26:33.584003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:32:37.589532 3.001940 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:32:44.597234 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:32:52.598738 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:33:08.601836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:33:40.608271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:39:44.614143 3.001633 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:39:51.621618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:39:59.622763 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:40:15.625762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:40:47.631816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:45:08.447234 0.439819 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 14:45:08.888037 0.254349 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:09.142786 0.214151 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:09.357341 0.155382 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:09.513138 0.356410 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:09.869974 0.217203 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:10.087612 0.221259 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:10.309311 0.222711 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:10.532451 0.146645 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:10.679532 0.252236 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:10.932172 0.274202 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:11.206724 0.214684 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:11.421787 0.114325 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:11.536493 0.249620 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:11.786512 0.189099 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:11.976058 0.152286 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:12.128711 0.270382 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:12.399482 0.255787 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:12.655677 0.161366 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:12.817435 0.418650 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:13.236484 0.216962 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:13.453894 0.254742 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:13.709009 0.200455 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:13.910022 0.254082 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:14.164454 0.234176 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:14.399042 0.235542 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:14.634981 0.234212 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:45:14.869623 0.255196 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 14:46:51.847678 3.002089 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:46:58.855661 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:47:06.857159 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:47:27.969776 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:47:59.552980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:50:10.892064 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 14:50:10.892233 1.574166 tcp 10.0.2.19 51559 -> 85.67.124.167 6761 FSPA* 0 0 15 1567 flow=From-Botnet-V2-TCP-Established 1970/01/05 14:54:06.002181 3.002472 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 14:54:13.009910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:54:21.011883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:54:37.014468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 14:55:09.020456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:01:14.028250 3.001533 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:01:21.035863 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:01:29.036761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:01:45.039621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:02:17.045799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:08:23.054474 3.002067 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:08:30.062093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:08:38.064359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:08:54.066501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:09:26.072864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:15:30.078443 3.002034 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:15:32.229818 0.000072 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 15:15:32.229980 0.162555 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:32.392951 0.357314 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:32.750670 0.259169 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:33.010396 0.217144 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:33.227954 0.216433 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:33.444782 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 15:15:37.085894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:15:45.087801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:15:52.100661 0.166966 tcp 10.0.2.19 51560 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 15:15:52.267783 0.207062 tcp 10.0.2.19 51561 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 15:15:52.475516 0.211715 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:52.687639 0.146212 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:52.834405 0.241157 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:53.075992 0.119579 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:53.195898 0.242420 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:53.438728 0.260284 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:53.699403 0.209619 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:53.909469 0.188913 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:54.098863 0.152906 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:54.252141 0.295929 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:54.548506 0.261340 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:54.810240 0.163045 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:54.973661 0.267385 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:55.241478 0.437645 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:55.679525 0.208735 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:55.888668 0.200852 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:56.089927 0.250377 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:56.340712 0.214291 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:56.555436 0.235496 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:56.791344 0.215680 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 578 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:15:57.007406 0.253082 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:16:01.090573 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:16:33.096780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:20:12.472975 0.000077 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 15:20:12.473150 0.786942 tcp 10.0.2.19 51562 -> 85.67.124.167 6761 FSPA* 0 0 15 1757 flow=From-Botnet-V2-TCP-Established 1970/01/05 15:22:37.102805 3.001997 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:22:44.110367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:22:52.111817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:23:08.115072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:23:40.120480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:29:44.126757 3.001906 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:29:51.134337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:29:59.135481 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:30:15.138696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:30:47.145059 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:36:51.150369 3.001727 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:36:58.157885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:37:06.159551 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:37:22.162619 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:37:54.168517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:43:58.174531 3.001693 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:44:05.182319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:44:13.183932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:44:29.186603 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:45:01.192966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:46:12.796255 0.000154 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 15:46:12.796549 0.223429 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:13.020351 0.161541 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:13.182296 0.345442 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:13.528137 0.216861 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:13.745424 0.266418 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:14.012203 0.217751 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:14.230458 0.215169 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:14.446171 0.158141 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:14.604658 0.241950 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:14.846965 0.267674 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:15.115032 0.240192 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:15.355651 0.117643 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:15.473717 0.222757 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:15.696851 0.187925 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:15.885122 0.137612 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:16.023121 0.285315 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 580 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:16.308857 0.250814 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:16.560054 0.420643 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:16.981132 0.207355 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:17.188880 0.164122 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:17.353384 0.260045 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:17.613852 0.196979 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:17.811234 0.250260 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:18.061843 0.213172 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:18.275364 0.249052 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:18.524819 0.219592 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:46:18.744786 0.255812 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 15:50:13.572231 0.000068 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 15:50:13.572429 1.335668 tcp 10.0.2.19 51563 -> 85.67.124.167 6761 FSPA* 0 0 14 1544 flow=From-Botnet-V2-TCP-Established 1970/01/05 15:51:05.819446 3.001844 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 15:51:12.826667 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:51:20.828551 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:51:36.831382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:52:08.837336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:58:12.843054 3.343238 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 15:58:20.191377 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:58:28.192773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:58:44.195874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 15:59:16.201653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:05:20.208302 3.001665 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 16:05:27.215385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:05:35.217257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:05:51.219793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:06:23.225591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:12:27.231621 3.001878 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 16:12:34.239047 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:12:42.241182 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:12:58.244105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:13:30.530375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:16:40.133597 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 16:16:40.133711 0.367851 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:40.501968 0.217612 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:40.719955 0.228544 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:40.948864 0.148181 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:41.097459 0.268733 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 572 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:41.366567 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 16:16:56.689759 0.168588 tcp 10.0.2.19 51564 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:16:56.858539 0.229511 tcp 10.0.2.19 51565 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:16:57.088607 0.219943 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:57.308936 0.172388 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:57.481709 0.237169 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:57.719301 0.132808 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:57.852489 0.223110 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:58.076078 0.256537 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:58.333047 0.280294 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:58.613747 0.198010 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:58.812135 0.151795 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:58.964270 0.307566 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:59.272210 0.272667 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:59.545255 0.174978 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:16:59.720633 0.278025 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:00.179950 0.206318 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:00.386647 0.471470 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:00.858505 0.227524 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:01.086417 0.280434 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:01.367285 0.210676 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:01.578347 0.230870 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:01.809641 0.287967 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:17:02.097957 0.255520 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:19:36.639669 3.001173 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 16:19:43.646618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:19:51.648687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:20:07.651617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:20:17.315656 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 16:20:17.315875 3.169550 tcp 10.0.2.19 51566 -> 85.67.124.167 6761 FSPA* 0 0 15 1764 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:20:39.657473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:26:43.663329 3.002005 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 16:26:50.840757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:26:58.842147 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:27:14.845490 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:27:46.921822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:33:50.927495 3.001920 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 16:33:57.934766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:34:05.936848 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:34:21.939431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:34:53.945687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:40:57.951881 3.001680 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 16:41:04.959045 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:41:12.960177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:41:28.963416 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:42:01.270298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:47:31.004670 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 16:47:31.004769 0.223707 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:47:31.228834 0.375154 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:47:31.604392 0.215489 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:47:31.820250 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 16:47:49.984046 0.166079 tcp 10.0.2.19 51567 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:47:50.150380 0.206224 tcp 10.0.2.19 51568 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:47:50.357203 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 16:48:05.635281 0.201289 tcp 10.0.2.19 51569 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:48:05.836066 0.199688 tcp 10.0.2.19 51570 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:48:06.036309 0.265812 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:06.302527 0.218678 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:06.521603 0.146254 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:06.668286 0.218996 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:06.887692 0.235959 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:07.124015 0.241871 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:07.366370 0.116787 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:07.483541 0.263924 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:07.747859 0.192202 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:07.940411 0.136874 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:08.077717 0.177055 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:08.255179 0.285672 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:08.541265 0.254642 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:08.796269 0.435032 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:09.231682 0.266620 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:09.498677 0.204409 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:09.703485 0.214654 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:09.918558 0.252664 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:10.171684 0.210940 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:10.383012 0.260353 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:10.413306 3.001602 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 16:48:10.643743 0.228796 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:10.872880 0.213313 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 16:48:17.420448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:48:25.421939 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:48:41.425489 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:49:13.431660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:50:23.352546 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 16:50:23.352727 0.869881 tcp 10.0.2.19 51571 -> 85.67.124.167 6761 FSPA* 0 0 15 1743 flow=From-Botnet-V2-TCP-Established 1970/01/05 16:55:19.510456 3.001670 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 16:55:26.517615 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:55:34.519159 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:55:50.522376 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 16:56:22.528208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:02:26.534083 3.001657 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 17:02:33.541925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:02:41.543253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:02:57.546358 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:03:29.551876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:12:05.566917 3.001389 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 17:12:12.574301 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:12:20.575749 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:12:36.578732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:13:08.854981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:18:31.829683 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 17:18:31.829867 1.069403 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:32.899720 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 17:18:50.869482 0.364166 tcp 10.0.2.19 51572 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 17:18:51.233449 0.391370 tcp 10.0.2.19 51573 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 17:18:51.625399 0.434404 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:52.060161 0.413048 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:52.473599 0.387364 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:52.861314 0.312437 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:53.174181 0.428762 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:53.603340 0.538661 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:54.142463 0.550597 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:54.693429 0.652506 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:55.346339 0.770829 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:56.117586 0.853236 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:56.971225 1.299611 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:58.271289 1.245312 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:18:59.516960 0.933250 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:00.450568 1.038298 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:01.489356 0.790054 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:02.279768 0.677949 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:02.958073 0.937308 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:03.895796 0.726231 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:04.622456 0.560406 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:05.183218 0.634492 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:05.818270 0.744143 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:06.562801 0.632347 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:07.195586 0.687808 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:07.883758 0.680616 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:08.564786 0.733907 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:19:12.861305 3.001944 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 17:19:19.868354 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:19:27.870183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:19:43.873357 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:20:15.879304 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:20:24.342123 0.000054 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 17:20:24.342242 1.460502 tcp 10.0.2.19 51574 -> 85.67.124.167 6761 FSPA* 0 0 14 1664 flow=From-Botnet-V2-TCP-Established 1970/01/05 17:26:19.885266 3.001289 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 17:26:26.892377 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:26:34.893783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:26:50.897288 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:27:22.903480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:33:26.908681 3.002439 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 17:33:33.916547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:33:41.918169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:33:57.920886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:34:29.927476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:40:33.932851 3.001691 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 17:40:40.940263 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:40:48.941619 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:41:04.944935 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:41:36.951494 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:47:40.957336 3.001757 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 17:47:47.964612 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:47:55.966339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:48:11.968725 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:48:43.975243 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:49:10.483586 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 17:49:10.483788 0.288337 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:10.772510 0.219434 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:10.992402 0.336034 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:11.328851 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 17:49:30.144009 0.178475 tcp 10.0.2.19 51575 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 17:49:30.322303 0.202681 tcp 10.0.2.19 51576 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 17:49:30.525558 0.155993 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:30.681928 0.214288 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:30.896611 0.265907 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:31.162967 0.212600 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:31.375968 0.237226 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:31.613595 0.242525 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:31.856528 0.125425 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:31.982359 0.279702 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:32.262427 0.190837 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:32.453713 0.283664 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 581 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:32.737746 0.871743 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:33.609918 0.154520 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:33.764827 0.165956 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:33.931189 0.522776 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:34.454313 0.313640 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:34.768317 0.199132 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:34.967846 0.227059 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:35.195322 0.256269 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:35.451977 0.231472 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:35.683822 0.250149 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:35.934329 0.224730 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:49:36.159499 0.235768 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 17:50:26.422573 1.021504 tcp 10.0.2.19 51577 -> 85.67.124.167 6761 FSPA* 0 0 15 1580 flow=From-Botnet-V2-TCP-Established 1970/01/05 17:54:51.235179 3.002003 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 17:54:58.243197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:55:06.244396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:55:22.247485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 17:55:54.253272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:01:58.259671 3.001489 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:02:05.267423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:02:22.700909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:02:38.483683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:03:10.052810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:09:15.387826 3.002245 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:09:22.395815 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:09:31.278021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:09:47.281686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:10:19.287555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:16:42.300775 3.001265 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:16:49.308336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:16:57.309957 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:17:13.312726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:17:48.362809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:19:41.105593 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 18:19:41.105801 0.275396 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:41.381581 0.248388 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:41.630364 0.251374 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:41.882223 0.339977 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:42.222573 1.340865 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:43.563853 0.263450 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:43.827697 0.276291 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:44.104384 0.285564 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:44.390363 0.115056 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:44.505838 0.284487 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:44.790708 0.252569 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:45.043667 0.239483 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:45.283548 0.199489 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:45.483449 0.284546 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:45.768365 0.166673 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:45.935465 0.260228 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:47.188149 0.161219 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:47.349777 0.268754 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:47.618967 0.444232 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:48.063610 0.266409 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:48.330407 0.233634 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:48.564530 0.258683 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:48.823657 0.231435 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:49.055468 0.256828 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:49.312707 0.216571 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:19:49.529644 0.233469 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:20:31.467717 1.585935 tcp 10.0.2.19 51578 -> 85.67.124.167 6761 FSPA* 0 0 15 1667 flow=From-Botnet-V2-TCP-Established 1970/01/05 18:23:52.369069 3.001310 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 18:23:59.376654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:24:07.378345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:24:23.380651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:24:56.158329 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:31:00.164208 3.001998 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:31:07.171614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:31:15.173064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:31:32.327859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:32:04.333558 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:38:08.339540 3.001520 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:38:15.347038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:38:23.348528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:38:39.351422 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:39:11.357842 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:45:18.147099 3.002293 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:45:25.154746 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:45:33.156606 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:45:49.159412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:46:22.246924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:50:12.008013 0.000064 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 18:50:12.008222 0.237304 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:12.245942 0.225084 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:12.471441 0.245249 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:12.717066 0.360918 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:13.078520 0.147290 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:13.226207 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 18:50:29.295546 0.164469 tcp 10.0.2.19 51579 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 18:50:29.460313 0.204409 tcp 10.0.2.19 51580 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 18:50:29.665268 0.297823 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:29.963492 0.219876 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:30.183755 0.117293 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:30.301449 0.239273 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:30.541098 0.192472 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:30.733989 0.262282 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:30.996655 0.247822 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:31.244885 0.299329 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:31.544598 0.152217 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:31.697200 0.208143 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:31.905712 0.393337 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:32.299509 0.157048 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:32.456923 0.436403 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:33.712577 0.267915 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:33.980898 0.206225 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:34.187524 0.254838 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:34.442782 0.222006 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:34.665204 0.253920 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:34.919485 0.225968 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 206 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:35.145823 0.211075 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 18:50:36.282567 0.904012 tcp 10.0.2.19 51581 -> 85.67.124.167 6761 FSPA* 0 0 14 1634 flow=From-Botnet-V2-TCP-Established 1970/01/05 18:52:27.054046 3.001626 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:52:34.061835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:52:42.063106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:52:58.066176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:53:30.072085 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:59:34.078418 3.001747 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 18:59:41.086226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 18:59:49.087176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:00:05.090119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:00:37.096411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:10:40.105655 3.001772 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 19:10:47.113210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:10:55.115011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:11:11.117510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:11:43.123704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:17:47.129352 3.002334 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 19:17:54.137244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:18:02.139119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:18:18.141702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:18:50.147843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:20:36.922227 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:20:36.922383 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:20:37.192228 0.859740 tcp 10.0.2.19 51582 -> 85.67.124.167 6761 FSPA* 0 0 15 1711 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:20:55.821163 0.176742 tcp 10.0.2.19 51583 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:20:55.997568 0.198164 tcp 10.0.2.19 51584 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:20:56.196305 0.239845 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:20:56.436524 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 179 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:21:11.572521 0.170664 tcp 10.0.2.19 51585 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:21:11.742951 0.209818 tcp 10.0.2.19 51586 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:21:11.953352 0.155266 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:12.109009 0.219394 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:12.328743 0.357172 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:12.686318 0.114076 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:12.800767 0.239317 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:13.040482 0.273920 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:13.314774 0.241112 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:13.556325 0.190602 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:13.747278 0.260534 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:14.008194 0.233996 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:14.242538 0.477284 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:14.720188 0.253195 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:14.973810 0.149104 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:15.123302 0.161192 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 588 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:15.284854 0.223077 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:15.508312 0.436695 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:15.945462 0.261632 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:16.207496 0.207294 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:16.415131 0.260472 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:16.675996 0.232315 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:16.908666 0.231919 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:17.140947 0.225245 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:21:17.366590 0.264173 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:24:54.153624 3.001668 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 19:25:01.160894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:25:09.163014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:25:25.166075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:25:57.171555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:32:01.177827 3.001957 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 19:32:08.184987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:32:16.186847 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:32:32.189670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:33:04.195769 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:39:08.201316 3.182616 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 19:39:15.389310 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:39:23.391002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:39:39.393862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:40:11.399994 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:46:15.405549 3.002148 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 19:46:22.413331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:46:30.415174 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:46:46.417937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:47:18.423624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:50:38.141779 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:50:38.141879 0.935637 tcp 10.0.2.19 51587 -> 85.67.124.167 6761 FSPA* 0 0 14 1697 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:51:18.769570 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 90 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:51:23.385741 0.000046 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:51:35.306010 0.176659 tcp 10.0.2.19 51588 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:51:35.482936 0.210275 tcp 10.0.2.19 51589 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 19:51:35.693821 0.249016 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:35.943177 0.148544 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:36.092090 0.217858 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:36.310541 0.345314 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:36.656194 0.115261 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:36.771861 0.243074 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:37.015306 0.282762 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:37.298459 0.249945 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:37.548732 0.236478 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:37.785619 0.202255 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:37.988239 0.260110 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:38.248698 0.289308 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:38.538354 0.264193 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:38.802890 0.147745 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:38.951014 0.149090 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:39.100442 0.235210 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:39.336013 0.233357 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:39.569763 0.450329 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:40.020471 0.266941 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:40.287794 0.227128 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:40.515271 0.216650 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:40.732270 0.255291 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:40.987917 0.252814 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:41.241109 0.234724 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:41.556992 0.150676 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 807 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:41.708173 0.219302 udp 10.0.2.19 1701 <-> 99.111.237.222 7154 CON 0 0 2 782 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:41.928177 0.343501 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 857 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:42.272212 0.249208 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:42.521908 0.122968 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:42.645455 0.245574 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:42.891543 0.343425 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 662 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:43.235498 0.257931 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 663 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:43.493939 0.202690 udp 10.0.2.19 1701 <-> 75.138.163.107 3713 CON 0 0 2 798 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:43.697105 0.255745 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:43.953337 0.287390 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:44.241260 0.247262 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 844 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:44.488984 0.322653 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 739 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:44.812148 0.167231 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 822 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:44.979856 0.165167 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 825 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:45.145468 0.227981 udp 10.0.2.19 1701 <-> 24.112.233.128 2848 CON 0 0 2 731 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:45.373887 0.236651 udp 10.0.2.19 1701 <-> 74.208.73.146 4587 CON 0 0 2 704 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:45.611032 0.278033 udp 10.0.2.19 1701 <-> 75.28.73.174 8564 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:45.889551 0.227235 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 695 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:46.117319 0.214516 udp 10.0.2.19 1701 <-> 107.222.48.200 6099 CON 0 0 2 760 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:46.332302 0.449930 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 784 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:46.782727 0.262866 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 857 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:47.046046 0.228385 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 667 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:47.274996 0.254104 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 784 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:51:47.529703 0.000000 udp 10.0.2.19 1701 -> 66.237.226.20 1336 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:51:54.321040 0.000000 udp 10.0.2.19 1701 -> 188.169.55.26 26317 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:00.329136 0.000000 udp 10.0.2.19 1701 -> 68.143.9.54 6303 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:05.766880 0.623483 udp 10.0.2.19 1701 <-> 180.251.175.49 27014 CON 0 0 2 809 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:52:06.514411 0.000000 udp 10.0.2.19 1701 -> 93.223.109.218 16013 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:10.414031 0.000201 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:52:13.027860 0.000000 udp 10.0.2.19 1701 -> 64.234.251.167 3530 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:18.194900 0.000000 udp 10.0.2.19 1701 -> 71.176.250.91 1915 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:25.134978 0.000000 udp 10.0.2.19 1701 -> 68.157.126.49 7924 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:31.073729 0.000000 udp 10.0.2.19 1701 -> 207.47.88.6 9006 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:38.383780 0.000000 udp 10.0.2.19 1701 -> 80.14.171.25 8871 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:46.816106 0.000000 udp 10.0.2.19 1701 -> 98.228.154.5 6748 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:51.412619 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:52:54.517040 0.000000 udp 10.0.2.19 1701 -> 50.20.182.29 3684 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:52:59.834791 0.000000 udp 10.0.2.19 1701 -> 158.82.202.5 7677 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:08.016690 0.000000 udp 10.0.2.19 1701 -> 75.130.73.198 1194 INT 0 1 156 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:13.204209 4.356498 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 681 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:53:17.786228 0.000000 udp 10.0.2.19 1701 -> 76.166.193.152 5550 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:23.609481 0.000000 udp 10.0.2.19 1701 -> 50.157.234.166 3203 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:24.522892 3.001907 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 19:53:28.475850 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:53:30.238928 0.000000 udp 10.0.2.19 1701 -> 81.214.147.255 1043 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:31.530031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:53:36.747704 0.000000 udp 10.0.2.19 1701 -> 78.138.249.239 16119 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:39.531892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:53:43.968633 0.000000 udp 10.0.2.19 1701 -> 190.76.5.252 5188 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:50.207566 0.000000 udp 10.0.2.19 1701 -> 94.132.120.17 4272 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:53:55.534817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:53:58.860116 0.422228 udp 10.0.2.19 1701 <-> 180.244.90.42 13676 CON 0 0 2 751 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:53:59.628615 0.267006 udp 10.0.2.19 1701 <-> 117.198.166.22 12372 CON 0 0 2 813 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:53:59.959795 0.000000 udp 10.0.2.19 1701 -> 50.74.153.34 3885 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:03.475957 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:54:07.952688 0.169811 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 679 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:54:08.217794 0.217204 udp 10.0.2.19 1701 <-> 41.201.91.219 9329 CON 0 0 2 733 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:54:08.532710 0.270466 udp 10.0.2.19 1701 <-> 172.5.194.234 7682 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:54:08.907645 0.363059 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 828 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:54:09.336512 0.000000 udp 10.0.2.19 1701 -> 87.245.43.241 9388 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:16.655502 0.000000 udp 10.0.2.19 1701 -> 5.178.141.12 26297 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:22.623693 0.255001 udp 10.0.2.19 1701 <-> 199.7.114.218 12251 CON 0 0 2 676 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:54:22.957922 0.000000 udp 10.0.2.19 1701 -> 99.196.162.114 5767 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:27.541091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 19:54:31.416496 0.209203 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 834 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:54:31.657160 0.000000 udp 10.0.2.19 1701 -> 99.109.41.48 5683 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:37.515468 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 291 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:42.512264 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:54:44.044849 0.000000 udp 10.0.2.19 1701 -> 72.45.240.226 29184 INT 0 1 303 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:49.322209 0.000000 udp 10.0.2.19 1701 -> 71.105.49.245 3179 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:54:57.484034 0.000000 udp 10.0.2.19 1701 -> 92.24.108.105 28560 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:04.424273 0.163021 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 828 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:55:04.651659 0.000000 udp 10.0.2.19 1701 -> 75.147.74.118 1037 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:12.936419 0.000000 udp 10.0.2.19 1701 -> 79.20.232.79 3060 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:17.512358 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:55:19.886488 0.271179 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 775 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:55:20.230762 0.000000 udp 10.0.2.19 1701 -> 79.129.53.83 21956 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:26.015725 0.000000 udp 10.0.2.19 1701 -> 78.45.221.63 2032 INT 0 1 154 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:33.866073 0.211279 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:55:34.175053 0.235200 udp 10.0.2.19 1701 <-> 188.169.184.175 15362 CON 0 0 2 701 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:55:34.509030 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 10332 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:42.929741 2.077918 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 716 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:55:45.066450 0.336810 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 758 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:55:47.173821 0.000000 udp 10.0.2.19 1701 -> 23.24.76.117 3168 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:53.454260 0.000000 udp 10.0.2.19 1701 -> 75.146.14.21 8859 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:55:58.461745 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:55:59.192782 0.000000 udp 10.0.2.19 1701 -> 94.43.51.31 14995 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:05.141401 0.000000 udp 10.0.2.19 1701 -> 220.245.237.118 2840 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:12.141708 0.000000 udp 10.0.2.19 1701 -> 69.70.246.210 2614 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:18.590524 0.000000 udp 10.0.2.19 1701 -> 83.97.28.139 12545 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:25.740826 0.000000 udp 10.0.2.19 1701 -> 94.54.223.139 2902 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:31.208928 0.392450 udp 10.0.2.19 1701 -> 187.174.119.158 6747 INT 0 1 147 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:31.601378 0.000000 icmp 201.117.45.105 0x0303 -> 10.0.2.19 0x5b1a URP 192 1 147 flow=Background 1970/01/05 19:56:35.814973 0.000040 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:56:38.759675 0.000000 udp 10.0.2.19 1701 -> 101.78.165.38 1818 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:44.237805 0.000000 udp 10.0.2.19 1701 -> 207.170.238.204 7848 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:50.707144 0.000000 udp 10.0.2.19 1701 -> 98.193.148.144 1562 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:56:57.696988 0.000000 udp 10.0.2.19 1701 -> 68.34.76.162 6299 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:03.475091 0.000000 udp 10.0.2.19 1701 -> 195.208.48.140 5248 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:08.903512 0.000000 udp 10.0.2.19 1701 -> 64.37.17.195 8922 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:13.519613 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:57:17.324845 0.000000 udp 10.0.2.19 1701 -> 181.67.14.221 15908 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:25.126539 0.000000 udp 10.0.2.19 1701 -> 83.235.22.116 10034 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:32.416552 0.740308 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 717 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:57:33.266723 0.177015 udp 10.0.2.19 1701 <-> 46.49.50.155 6367 CON 0 0 2 667 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:57:34.223236 0.317517 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 719 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:57:34.623304 0.000000 udp 10.0.2.19 1701 -> 186.115.172.168 19229 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:41.840764 0.000000 udp 10.0.2.19 1701 -> 67.80.99.25 28906 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:48.450071 0.000000 udp 10.0.2.19 1701 -> 41.203.192.142 1528 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:53.016661 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:57:54.067792 0.163056 udp 10.0.2.19 1701 <-> 176.73.150.59 5237 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:57:54.307107 0.000000 udp 10.0.2.19 1701 -> 83.29.147.203 7351 INT 0 1 298 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:57:59.956496 1.432334 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 689 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:58:01.398626 0.000000 udp 10.0.2.19 1701 -> 94.68.41.115 2968 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:10.151162 0.000000 udp 10.0.2.19 1701 -> 188.95.62.18 1025 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:15.539154 0.000000 udp 10.0.2.19 1701 -> 5.98.103.145 8115 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:20.856762 0.000000 udp 10.0.2.19 1701 -> 75.151.227.134 9714 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:26.444552 0.164896 udp 10.0.2.19 1701 -> 93.64.9.66 1024 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:26.609448 0.000000 icmp 93.64.9.66 0x0303 -> 10.0.2.19 0x0004 URP 192 1 338 flow=Background 1970/01/05 19:58:31.161283 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:58:32.443240 0.000000 udp 10.0.2.19 1701 -> 94.43.26.3 21389 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:39.994139 0.000000 udp 10.0.2.19 1701 -> 76.29.210.40 5142 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:47.494706 0.256367 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 834 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:58:47.958123 0.000000 udp 10.0.2.19 1701 -> 64.168.172.46 2057 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:58:53.763513 0.000000 udp 10.0.2.19 1701 -> 81.136.130.125 9318 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:01.104275 0.000000 udp 10.0.2.19 1701 -> 188.169.130.241 8410 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:05.660819 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:59:09.135851 0.000000 udp 10.0.2.19 1701 -> 37.142.172.63 9831 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:18.108933 0.000000 udp 10.0.2.19 1701 -> 216.38.35.229 2990 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:25.459148 0.000000 udp 10.0.2.19 1701 -> 75.66.184.240 1711 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:31.107822 0.138849 udp 10.0.2.19 1701 <-> 109.200.232.125 1197 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:59:31.379563 0.000000 udp 10.0.2.19 1701 -> 41.200.204.37 3503 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:36.585700 0.000000 udp 10.0.2.19 1701 -> 108.185.46.132 2704 INT 0 1 303 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:41.162015 0.000046 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 19:59:44.076314 0.123396 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 743 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:59:44.208816 0.127283 udp 10.0.2.19 1701 <-> 88.135.199.117 9820 CON 0 0 2 742 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 19:59:44.345185 0.000000 udp 10.0.2.19 1701 -> 94.200.62.2 4228 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:51.106147 0.000000 udp 10.0.2.19 1701 -> 99.166.170.48 4866 INT 0 1 308 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 19:59:58.186931 0.000000 udp 10.0.2.19 1701 -> 76.3.80.98 17517 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:04.956560 0.000000 udp 10.0.2.19 1701 -> 190.43.242.41 16965 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:13.799327 0.380022 udp 10.0.2.19 1701 -> 31.167.175.79 9750 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:14.179349 0.000000 icmp 31.167.175.79 0x0303 -> 10.0.2.19 0x1626 URP 192 1 242 flow=Background 1970/01/05 20:00:18.675707 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:00:22.331342 0.293271 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 819 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:00:22.754004 0.164370 udp 10.0.2.19 1701 <-> 85.75.97.132 26707 CON 0 0 2 677 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:00:22.969803 0.000000 udp 10.0.2.19 1701 -> 202.91.81.212 8036 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:31.354370 0.383058 udp 10.0.2.19 1701 <-> 189.75.176.98 14576 CON 0 0 2 818 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:00:31.746487 0.000000 udp 10.0.2.19 1701 -> 37.105.247.235 8174 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:39.297909 3.001822 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 20:00:39.876523 0.000000 udp 10.0.2.19 1701 -> 46.44.21.6 4958 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:46.305522 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:00:47.577695 0.000000 udp 10.0.2.19 1701 -> 176.122.80.132 28040 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:53.215693 0.000000 udp 10.0.2.19 1701 -> 79.5.179.11 9800 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:00:54.306678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:00:58.182888 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:01:00.886393 0.000000 udp 10.0.2.19 1701 -> 62.212.62.135 7546 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:06.885164 0.000000 udp 10.0.2.19 1701 -> 184.7.100.23 2315 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:10.310396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:01:15.447232 0.000000 udp 10.0.2.19 1701 -> 96.31.232.218 5579 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:22.006790 0.308750 udp 10.0.2.19 1701 <-> 187.233.248.248 29927 CON 0 0 2 779 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:01:22.360768 0.000000 udp 10.0.2.19 1701 -> 71.76.242.49 4122 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:28.126247 0.000000 udp 10.0.2.19 1701 -> 190.92.77.113 12605 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:32.682357 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:01:34.715684 0.000000 udp 10.0.2.19 1701 -> 213.131.58.186 9815 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:42.315989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:01:43.467483 0.000000 udp 10.0.2.19 1701 -> 86.148.199.6 3148 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:51.179194 0.000000 udp 10.0.2.19 1701 -> 41.132.10.168 5154 INT 0 1 169 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:01:59.501219 0.000000 udp 10.0.2.19 1701 -> 175.45.14.10 6996 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:02:07.412061 0.000000 udp 10.0.2.19 1701 -> 94.71.178.166 6977 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:02:12.179141 0.000109 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:02:13.671685 0.000000 udp 10.0.2.19 1701 -> 89.145.249.220 8859 INT 0 1 302 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:02:22.564261 0.000000 udp 10.0.2.19 1701 -> 201.153.227.64 29587 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:02:30.054623 0.196205 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 783 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:02:30.374254 0.000000 udp 10.0.2.19 1701 -> 83.238.172.134 5543 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:02:36.414191 0.240937 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 846 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:02:36.716422 0.000000 udp 10.0.2.19 1701 -> 78.173.255.40 17452 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:02:43.203373 0.157604 udp 10.0.2.19 1701 <-> 5.178.196.83 3712 CON 0 0 2 664 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:02:48.180970 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:11:16.324108 3.001596 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 20:11:23.331316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:11:31.332934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:11:47.335963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:12:19.341849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:18:23.347943 3.001986 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 20:18:30.355006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:18:38.356623 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:18:54.359891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:19:26.366218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:20:43.877852 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:20:43.878111 0.821670 tcp 10.0.2.19 51590 -> 85.67.124.167 6761 FSPA* 0 0 15 1594 flow=From-Botnet-V2-TCP-Established 1970/01/05 20:25:30.372000 3.001814 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 20:25:37.379217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:25:45.380698 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:26:01.383568 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:26:33.389530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:32:38.396928 3.002416 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 20:32:45.404724 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:32:47.778774 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:32:47.778988 0.144042 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:47.923422 0.115596 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:48.039360 0.363871 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:48.403619 0.311187 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:48.715182 0.310631 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:49.026214 0.248799 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:49.275441 0.310158 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:49.586022 0.238099 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:49.824493 0.259055 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:50.083906 0.295140 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:50.379458 0.157226 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:50.537077 0.150511 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:50.687932 0.268079 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:50.956399 0.226086 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:51.182856 0.238530 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:51.421811 0.431949 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:51.854275 0.252008 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:52.106753 0.260022 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:52.367250 0.565105 udp 10.0.2.19 1701 <-> 180.251.175.49 27014 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:52.932736 0.161270 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:53.094347 0.256277 udp 10.0.2.19 1701 <-> 117.198.166.22 12372 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:53.351031 0.418628 udp 10.0.2.19 1701 <-> 180.244.90.42 13676 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:32:53.406165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:32:53.770274 0.000000 udp 10.0.2.19 1701 -> 172.5.194.234 7682 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:33:09.409593 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:33:09.803717 0.165163 tcp 10.0.2.19 51591 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 20:33:09.969230 0.198666 tcp 10.0.2.19 51592 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 20:33:10.168489 0.172452 udp 10.0.2.19 1701 <-> 41.201.91.219 9329 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:10.341299 0.152914 udp 10.0.2.19 1701 <-> 79.132.4.58 2921 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:10.494607 0.348451 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:10.843424 0.251406 udp 10.0.2.19 1701 <-> 199.7.114.218 12251 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:11.209820 0.201702 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:11.411888 0.159870 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:11.572197 0.170303 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:11.742843 0.238906 udp 10.0.2.19 1701 <-> 188.169.184.175 15362 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:11.982115 0.208405 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:12.190893 0.356586 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:12.547832 0.158958 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:12.707200 0.309505 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:13.017077 0.157710 udp 10.0.2.19 1701 <-> 46.49.50.155 6367 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:13.175122 0.309612 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:13.485054 0.167141 udp 10.0.2.19 1701 <-> 176.73.150.59 5237 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:13.652576 0.118381 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:13.771303 0.196777 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:13.968466 0.135353 udp 10.0.2.19 1701 <-> 109.200.232.125 1197 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:14.104216 0.120760 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:14.225300 0.128216 udp 10.0.2.19 1701 <-> 88.135.199.117 9820 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:14.353854 0.268610 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:14.622841 0.154534 udp 10.0.2.19 1701 <-> 85.75.97.132 26707 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:14.777770 0.346646 udp 10.0.2.19 1701 <-> 189.75.176.98 14576 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:15.124807 0.291394 udp 10.0.2.19 1701 <-> 187.233.248.248 29927 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:15.416578 0.220291 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:15.637245 0.293409 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 20:33:15.931005 0.000000 udp 10.0.2.19 1701 -> 5.178.196.83 3712 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 20:33:33.084972 0.164251 tcp 10.0.2.19 51593 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 20:33:33.249354 0.197290 tcp 10.0.2.19 51594 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 20:33:41.415434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:39:45.421005 3.002166 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 20:39:52.429146 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:40:00.429850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:40:16.433064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:40:48.439258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:46:52.444617 3.403352 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/05 20:46:57.850678 4.005763 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/05 20:47:09.857877 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:47:25.860672 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:47:57.866473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:50:45.848561 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 20:50:45.848653 1.230537 tcp 10.0.2.19 51595 -> 85.67.124.167 6761 FSPA* 0 0 14 1735 flow=From-Botnet-V2-TCP-Established 1970/01/05 20:54:01.872460 3.001518 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 20:54:08.879773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:54:16.881604 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:54:32.884612 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 20:55:04.890778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:01:08.896425 3.002224 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 21:01:15.904406 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:01:27.390648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:01:43.393335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:02:15.399514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:03:48.052866 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 21:03:48.053059 0.000000 udp 10.0.2.19 1701 -> 172.5.194.234 7682 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:04:03.197076 0.164059 tcp 10.0.2.19 51596 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:04:03.360728 0.199899 tcp 10.0.2.19 51597 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:04:03.561158 0.000000 udp 10.0.2.19 1701 -> 5.178.196.83 3712 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:04:21.231907 0.862095 tcp 10.0.2.19 51598 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:04:22.094360 0.213576 tcp 10.0.2.19 51599 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:04:22.308465 0.321776 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:22.630644 0.156134 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:22.787113 0.332631 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:23.120147 0.111871 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:23.232344 0.234957 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:23.467686 0.313325 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:23.781416 0.265070 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:24.046823 0.291801 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:24.339022 0.154515 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:24.493929 0.152629 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:24.646928 0.264861 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:24.912134 0.235718 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:25.148206 0.261347 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:25.409921 0.220747 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:25.631055 0.229067 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:25.860486 0.251862 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:26.112685 0.388086 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:26.501113 0.258098 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:26.759589 0.567214 udp 10.0.2.19 1701 <-> 180.251.175.49 27014 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:27.327161 0.257308 udp 10.0.2.19 1701 <-> 117.198.166.22 12372 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:27.584831 0.149160 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:27.734421 0.408108 udp 10.0.2.19 1701 <-> 180.244.90.42 13676 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:04:28.142892 0.000000 udp 10.0.2.19 1701 -> 79.132.4.58 2921 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:04:44.505154 0.164617 tcp 10.0.2.19 51600 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:04:44.669918 0.202251 tcp 10.0.2.19 51601 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:04:44.872724 0.000000 udp 10.0.2.19 1701 -> 41.201.91.219 9329 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:05:02.291337 0.164183 tcp 10.0.2.19 51602 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:02.455711 0.203585 tcp 10.0.2.19 51603 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:02.659842 0.000000 udp 10.0.2.19 1701 -> 199.7.114.218 12251 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:05:20.877727 0.175711 tcp 10.0.2.19 51604 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:21.053214 0.197135 tcp 10.0.2.19 51605 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:21.250896 0.219057 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:21.470315 0.159009 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:21.629667 0.167219 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:21.797284 0.352461 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:22.150267 0.330288 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:22.480951 0.155340 udp 10.0.2.19 1701 <-> 188.129.163.108 5824 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:22.636639 0.668708 udp 10.0.2.19 1701 <-> 188.169.184.175 15362 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:23.305714 0.206833 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:23.512935 0.306802 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:23.820084 0.154637 udp 10.0.2.19 1701 <-> 176.73.150.59 5237 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:23.975092 0.124159 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:24.099634 0.298941 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:24.398963 0.000000 udp 10.0.2.19 1701 -> 46.49.50.155 6367 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:05:39.654726 0.218311 tcp 10.0.2.19 51606 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:39.872636 0.197758 tcp 10.0.2.19 51607 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:40.070933 0.134830 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:40.206188 0.000000 udp 10.0.2.19 1701 -> 88.135.199.117 9820 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:05:58.341063 0.164986 tcp 10.0.2.19 51608 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:58.506335 0.209343 tcp 10.0.2.19 51609 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:05:58.716248 0.233973 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:58.950577 0.140651 udp 10.0.2.19 1701 <-> 109.200.232.125 1197 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:59.091570 0.229904 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:59.321871 0.291594 udp 10.0.2.19 1701 <-> 187.233.248.248 29927 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:59.613830 0.187086 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:05:59.801283 0.348459 udp 10.0.2.19 1701 <-> 189.75.176.98 14576 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:06:00.150135 0.000000 udp 10.0.2.19 1701 -> 85.75.97.132 26707 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:06:18.760723 0.165236 tcp 10.0.2.19 51610 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:06:18.926252 0.205832 tcp 10.0.2.19 51611 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:06:19.132615 0.229559 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:08:19.746220 3.001675 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 21:08:26.753153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:08:34.755168 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:08:50.758225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:09:22.763938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:15:26.769971 3.001957 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 21:15:33.777641 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:15:41.778844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:15:57.781761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:16:29.958317 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:20:49.211710 0.000053 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 21:20:49.211805 0.846342 tcp 10.0.2.19 51612 -> 85.67.124.167 6761 FSPA* 0 0 15 1571 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:22:33.963869 3.002049 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 21:22:40.972215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:22:48.973414 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:23:04.976484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:23:36.981919 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:29:42.990859 3.002102 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 21:29:49.998790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:29:57.999765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:30:14.003139 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:30:46.009004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:36:20.981301 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 21:36:20.981488 0.000000 udp 10.0.2.19 1701 -> 79.132.4.58 2921 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:36:36.034868 0.180371 tcp 10.0.2.19 51613 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:36:36.215421 0.248419 tcp 10.0.2.19 51614 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:36:36.464402 0.000000 udp 10.0.2.19 1701 -> 41.201.91.219 9329 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:36:50.014747 3.001763 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 21:36:51.605719 0.169317 tcp 10.0.2.19 51615 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:36:51.774813 0.211707 tcp 10.0.2.19 51616 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:36:51.987066 0.000000 udp 10.0.2.19 1701 -> 199.7.114.218 12251 INT 0 1 121 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:36:57.022792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:37:05.023720 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:37:10.002840 3.894179 tcp 10.0.2.19 51617 -> 173.194.70.99 80 FSPA* 0 0 11 1904 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:37:13.896715 0.206280 tcp 10.0.2.19 51618 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:37:14.103573 0.000000 udp 10.0.2.19 1701 -> 46.49.50.155 6367 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:37:22.849887 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:37:30.111296 0.755732 tcp 10.0.2.19 51619 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:37:30.867282 0.348027 tcp 10.0.2.19 51620 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:37:31.215855 0.000000 udp 10.0.2.19 1701 -> 88.135.199.117 9820 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:37:49.969904 2.227425 tcp 10.0.2.19 51621 -> 173.194.70.99 80 FSPA* 0 0 11 2913 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:37:52.197667 0.220334 tcp 10.0.2.19 51622 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:37:52.418579 0.000000 udp 10.0.2.19 1701 -> 85.75.97.132 26707 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:37:55.135944 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:38:07.865510 0.184123 tcp 10.0.2.19 51623 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:38:08.049894 0.201558 tcp 10.0.2.19 51624 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:38:08.251997 0.320795 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:08.573219 0.364273 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:08.937848 0.146149 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:09.084465 0.264531 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:09.349339 0.130198 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:09.479929 0.243080 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:09.723388 0.307550 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:10.031293 0.241279 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:10.272946 0.264037 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:10.537378 0.285460 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:10.823200 0.155062 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:10.978726 0.140468 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:11.119592 0.262331 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:11.382310 0.230320 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:11.612986 0.218276 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:11.831638 0.248013 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:12.080007 0.536914 udp 10.0.2.19 1701 <-> 180.251.175.49 27014 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:12.617297 0.259478 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:12.877106 0.392479 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:13.270235 0.169553 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:13.440117 0.415817 udp 10.0.2.19 1701 <-> 180.244.90.42 13676 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:13.856293 0.000000 udp 10.0.2.19 1701 -> 117.198.166.22 12372 INT 0 1 251 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:38:31.980124 0.607827 tcp 10.0.2.19 51625 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:38:32.587767 0.207681 tcp 10.0.2.19 51626 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:38:32.796013 0.219454 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:33.015785 0.167989 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:33.184138 0.172510 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:33.356990 0.350127 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:33.707475 0.000000 udp 10.0.2.19 1701 -> 188.129.163.108 5824 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:38:52.690387 0.181159 tcp 10.0.2.19 51627 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:38:52.871680 0.204696 tcp 10.0.2.19 51628 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:38:53.076916 0.352512 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:53.429780 0.215508 udp 10.0.2.19 1701 <-> 188.169.184.175 15362 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:53.645631 0.379639 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:54.025651 0.165855 udp 10.0.2.19 1701 <-> 176.73.150.59 5237 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:54.191867 0.212516 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:54.404761 0.123718 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:54.528872 0.304960 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:54.834232 0.125759 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:54.960415 0.224243 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:38:55.184995 0.000000 udp 10.0.2.19 1701 -> 187.233.248.248 29927 INT 0 1 279 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 21:39:12.047968 0.165679 tcp 10.0.2.19 51629 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:39:12.213537 0.201841 tcp 10.0.2.19 51630 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:39:12.415910 0.220801 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:39:12.637048 0.357728 udp 10.0.2.19 1701 <-> 189.75.176.98 14576 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:39:12.995113 0.135618 udp 10.0.2.19 1701 <-> 109.200.232.125 1197 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:39:13.131062 0.218983 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:39:13.350501 0.217428 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 21:43:59.352532 3.001455 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 21:44:06.360132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:44:14.361014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:44:30.364367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:45:04.382928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:50:53.365232 0.000059 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 21:50:53.365450 1.563275 tcp 10.0.2.19 51631 -> 85.67.124.167 6761 FSPA* 0 0 15 1701 flow=From-Botnet-V2-TCP-Established 1970/01/05 21:51:10.392284 3.001729 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 21:51:17.399743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:51:25.401383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:51:41.403763 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:52:13.410151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:58:17.416027 3.002087 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 21:58:24.423457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:58:32.425449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:58:48.427677 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 21:59:20.433972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:05:48.444356 3.001950 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 22:05:55.452104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:06:03.453340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:06:19.707279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:06:51.712740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:09:17.682736 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 22:09:17.682923 0.000000 udp 10.0.2.19 1701 -> 117.198.166.22 12372 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:09:33.087517 0.167766 tcp 10.0.2.19 51632 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:09:33.255653 0.208380 tcp 10.0.2.19 51633 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:09:33.464605 0.000000 udp 10.0.2.19 1701 -> 188.129.163.108 5824 INT 0 1 181 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:09:50.170661 1.879601 tcp 10.0.2.19 51634 -> 173.194.70.99 80 FSPA* 0 0 11 1892 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:09:50.336813 0.211430 tcp 10.0.2.19 51635 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:09:50.548786 0.000000 udp 10.0.2.19 1701 -> 187.233.248.248 29927 INT 0 1 118 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:10:07.095264 0.166404 tcp 10.0.2.19 51636 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:10:07.261894 0.210327 tcp 10.0.2.19 51637 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:10:07.472792 0.335284 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:07.808485 0.314712 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:08.123540 0.145197 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:08.269055 0.309565 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:08.579016 0.236784 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:08.816229 0.113709 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:08.930323 0.000000 udp 10.0.2.19 1701 -> 99.42.113.147 7090 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:10:27.885380 0.169385 tcp 10.0.2.19 51638 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:10:28.054979 0.198595 tcp 10.0.2.19 51639 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:10:28.254112 0.288243 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:28.542748 0.141406 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:28.684549 0.256575 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:28.941554 0.291513 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:29.233459 0.159821 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:29.393722 0.258173 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:29.652239 0.000000 udp 10.0.2.19 1701 -> 180.251.175.49 27014 INT 0 1 108 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:10:48.344164 0.453651 tcp 10.0.2.19 51640 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:10:48.798003 0.214920 tcp 10.0.2.19 51641 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:10:49.013486 0.225149 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:49.239006 0.254346 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:49.493726 0.213893 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:49.707994 0.407437 udp 10.0.2.19 1701 <-> 180.244.90.42 13676 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:50.115773 0.170573 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:50.286709 0.428609 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:50.715719 0.251819 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:50.967885 0.213936 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:10:51.182223 0.000000 udp 10.0.2.19 1701 -> 176.73.161.181 4759 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:11:09.434638 0.166899 tcp 10.0.2.19 51642 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:11:09.601209 0.198617 tcp 10.0.2.19 51643 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:11:09.800362 0.186968 udp 10.0.2.19 1701 <-> 82.211.185.55 6210 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:09.987691 0.365230 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:10.353275 0.407550 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:10.761173 0.000000 udp 10.0.2.19 1701 -> 176.73.150.59 5237 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:11:26.859440 0.423519 tcp 10.0.2.19 51644 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:11:27.282567 0.237103 tcp 10.0.2.19 51645 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:11:27.520254 0.344961 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:27.865634 0.238068 udp 10.0.2.19 1701 <-> 188.169.184.175 15362 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:28.104094 0.568036 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:28.672513 0.139078 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:28.811939 0.124177 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:28.936520 0.000000 udp 10.0.2.19 1701 -> 71.197.43.156 1877 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:11:45.597092 0.169765 tcp 10.0.2.19 51646 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:11:45.767141 0.246747 tcp 10.0.2.19 51647 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:11:46.014448 0.332973 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:46.347762 0.185363 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:46.533507 0.361218 udp 10.0.2.19 1701 <-> 189.75.176.98 14576 CON 0 0 2 568 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:46.895119 0.221442 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:47.116920 0.154046 udp 10.0.2.19 1701 <-> 109.200.232.125 1197 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:11:47.271361 0.261792 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:12:57.991944 3.001766 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 22:13:04.999375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:13:13.111125 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:13:29.114332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:14:01.119939 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:20:05.126448 3.001211 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 22:20:12.134080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:20:20.135535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:20:36.138008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:20:55.376169 0.000000 arp 10.0.2.19 who 10.0.2.2 INT 1 42 flow=Background-ARP 1970/01/05 22:21:01.026009 0.000000 arp 10.0.2.19 who 10.0.2.2 RSP 1 42 flow=Background-ARP 1970/01/05 22:21:01.026131 0.766714 tcp 10.0.2.19 51648 -> 85.67.124.167 6761 FSPA* 0 0 15 1775 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:21:13.608163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:27:14.212809 3.001932 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 22:27:21.220728 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:27:29.222019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:27:45.225576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:28:17.231750 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:34:21.236760 3.001767 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 22:34:28.244290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:34:36.246075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:34:52.248833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:35:24.254872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:41:31.265271 3.002263 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 22:41:38.273256 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:41:46.274323 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:42:02.277470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:42:02.688167 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 22:42:02.688346 0.000000 udp 10.0.2.19 1701 -> 99.42.113.147 7090 INT 0 1 266 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:42:21.517964 0.172280 tcp 10.0.2.19 51649 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:42:21.690011 0.207037 tcp 10.0.2.19 51650 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:42:21.897609 0.000000 udp 10.0.2.19 1701 -> 180.251.175.49 27014 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:42:34.283514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:42:40.273082 0.176746 tcp 10.0.2.19 51651 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:42:40.450229 0.203130 tcp 10.0.2.19 51652 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:42:40.653917 0.165736 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:42:40.820038 0.000000 udp 10.0.2.19 1701 -> 176.73.150.59 5237 INT 0 1 101 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:42:58.139081 0.177190 tcp 10.0.2.19 51653 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:42:58.316180 0.267764 tcp 10.0.2.19 51654 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:42:58.584500 0.218196 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:42:58.803078 0.309380 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:42:59.112801 0.218871 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:42:59.332017 0.322047 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:42:59.654424 0.353538 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:00.008306 0.113264 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:00.121932 0.234267 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:00.356532 0.280670 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:00.637573 0.163046 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:00.800961 0.293029 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:01.094391 0.261733 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:01.356470 0.167779 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:01.524591 0.252741 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:01.777683 0.226180 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:02.004242 0.253028 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:02.257607 0.221794 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:02.479744 0.156780 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:02.636911 0.000000 udp 10.0.2.19 1701 -> 180.244.90.42 13676 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:43:19.980228 0.173524 tcp 10.0.2.19 51655 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:43:20.153505 0.195570 tcp 10.0.2.19 51656 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:43:20.349637 0.440753 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:20.790760 0.255085 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:21.046414 0.258749 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:21.305585 0.353380 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:21.659314 0.000000 udp 10.0.2.19 1701 -> 82.211.185.55 6210 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:43:37.365563 0.166677 tcp 10.0.2.19 51657 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:43:37.532396 0.201011 tcp 10.0.2.19 51658 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:43:37.733961 0.413235 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:38.147536 0.329730 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:38.477689 0.121649 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:38.599666 0.123491 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:38.723499 0.236201 udp 10.0.2.19 1701 <-> 188.169.184.175 15362 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:38.960076 0.307870 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:39.268314 0.000000 udp 10.0.2.19 1701 -> 189.75.176.98 14576 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 22:43:58.125123 0.175642 tcp 10.0.2.19 51659 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:43:58.300983 0.215982 tcp 10.0.2.19 51660 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:43:58.517528 0.214932 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:58.732900 0.192296 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:58.925549 0.251244 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:59.177137 0.285152 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:43:59.462667 0.155002 udp 10.0.2.19 1701 <-> 109.200.232.125 1197 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 22:48:38.289028 3.002066 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 22:48:45.297134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:48:53.298477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:49:09.301438 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:49:41.307108 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:50:58.228420 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 22:50:58.228634 0.839569 tcp 10.0.2.19 51661 -> 85.67.124.167 6761 FSPA* 0 0 14 1586 flow=From-Botnet-V2-TCP-Established 1970/01/05 22:55:45.313289 3.002019 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 22:55:52.320987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:56:00.322598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:56:16.325364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 22:56:48.331155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:02:52.337337 3.001630 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 23:02:59.344909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:03:07.346056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:03:23.349178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:03:58.950465 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:10:02.956237 3.002144 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 23:10:09.963981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:10:17.965526 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:10:33.968548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:11:05.974741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:14:16.248470 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 23:14:16.248655 0.000000 udp 10.0.2.19 1701 -> 180.244.90.42 13676 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:14:31.332522 0.165266 tcp 10.0.2.19 51662 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:14:31.498287 0.219042 tcp 10.0.2.19 51663 -> 173.194.70.94 80 SRPA* 0 0 10 3506 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:14:31.718356 0.000000 udp 10.0.2.19 1701 -> 82.211.185.55 6210 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:14:46.813402 0.168037 tcp 10.0.2.19 51664 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:14:46.981245 0.215960 tcp 10.0.2.19 51665 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:14:47.197792 0.000000 udp 10.0.2.19 1701 -> 189.75.176.98 14576 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:15:05.029084 0.175767 tcp 10.0.2.19 51666 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:15:05.205055 0.215442 tcp 10.0.2.19 51667 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:15:05.421088 0.000000 udp 10.0.2.19 1701 -> 176.73.161.181 4759 INT 0 1 148 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:15:24.056837 0.193889 tcp 10.0.2.19 51668 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:15:24.222461 0.212292 tcp 10.0.2.19 51669 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:15:24.435328 0.218946 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:24.654689 0.201980 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:24.857057 0.318731 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:25.176177 0.312392 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:25.488936 0.262857 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:25.752188 0.152182 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:25.904730 0.124790 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:26.029903 0.237525 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:26.267775 0.346614 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:26.614783 0.255677 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:26.870848 0.290425 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:27.161641 0.160516 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:27.322499 0.264486 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:27.587371 0.206813 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:27.794553 0.223938 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:28.018879 0.261196 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:28.280439 0.217366 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:28.498435 0.387766 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:28.886591 0.258308 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:29.145288 0.201986 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:29.347644 0.510341 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:29.858398 0.334623 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:30.193406 0.164017 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:30.357783 0.123996 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:30.482144 0.447484 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:30.930009 0.305637 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:31.236099 0.653724 udp 10.0.2.19 1701 <-> 188.169.184.175 15362 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:31.890226 0.379683 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:32.270279 0.329861 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:32.600524 0.146465 udp 10.0.2.19 1701 <-> 109.200.232.125 1197 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:32.747380 0.187301 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:15:32.935090 0.246368 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:17:09.980202 3.002444 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 23:17:16.987610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:17:24.989493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:17:40.992685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:18:12.998497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:21:00.800539 0.000116 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 23:21:00.800737 1.027361 tcp 10.0.2.19 51670 -> 85.67.124.167 6761 FSPA* 0 0 15 1624 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:24:17.004583 3.001606 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 23:24:24.011886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:24:32.013440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:24:48.016020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:25:20.022636 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:31:24.028165 3.001696 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 23:31:31.035613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:31:39.037211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:31:55.040680 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:32:27.046435 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:38:31.052318 3.051467 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 23:38:38.110376 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:38:46.111424 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:39:02.114470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:39:34.120523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:45:38.125926 3.001784 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/05 23:45:45.133771 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:45:53.135334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:46:03.710633 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 23:46:03.710849 0.000000 udp 10.0.2.19 1701 -> 176.73.161.181 4759 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:46:10.259977 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:46:21.077972 0.167424 tcp 10.0.2.19 51671 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:46:21.244994 0.239082 tcp 10.0.2.19 51672 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:46:21.484638 0.224249 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:21.709264 0.326772 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:22.036407 0.267377 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:22.304180 0.147907 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:22.452477 0.313089 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:22.765918 0.143677 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:22.909933 0.113179 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:23.023444 0.234533 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:23.258343 0.370744 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:23.629514 0.211478 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:23.841338 0.255204 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:24.096949 0.171704 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:24.269002 0.265379 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:24.534800 0.295793 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:24.830950 0.224890 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:25.056206 0.257724 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:25.314357 0.215574 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:25.530387 0.200308 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:25.731036 0.382911 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:26.114359 0.441441 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:26.556147 0.122463 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:26.678981 0.131644 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:26.811006 0.368436 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:46:27.179819 0.000000 udp 10.0.2.19 1701 -> 105.228.46.98 1563 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:46:42.266276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:46:44.490687 0.166001 tcp 10.0.2.19 51673 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:46:44.656892 0.201545 tcp 10.0.2.19 51674 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:46:44.859018 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:47:00.944042 0.165493 tcp 10.0.2.19 51675 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:47:01.109706 0.197229 tcp 10.0.2.19 51676 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:47:01.307502 0.637370 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:47:01.945290 0.220310 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:47:02.165954 0.000000 udp 10.0.2.19 1701 -> 109.200.232.125 1197 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:47:17.207403 0.261084 tcp 10.0.2.19 51677 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:47:17.468747 0.216019 tcp 10.0.2.19 51678 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:47:17.685313 0.000000 udp 10.0.2.19 1701 -> 188.169.184.175 15362 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/05 23:47:33.260643 0.983493 tcp 10.0.2.19 51679 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:47:34.244407 0.197347 tcp 10.0.2.19 51680 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:47:34.442304 0.230338 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:47:34.673045 0.204300 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:47:34.877722 0.263279 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/05 23:51:02.400306 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/05 23:51:02.400492 3.003458 tcp 10.0.2.19 51681 -> 85.67.124.167 6761 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 23:51:11.402521 0.000000 tcp 10.0.2.19 51681 -> 85.67.124.167 6761 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 23:51:17.403791 0.171231 tcp 10.0.2.19 51682 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:51:17.574416 0.199059 tcp 10.0.2.19 51683 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:51:17.944160 3.002797 tcp 10.0.2.19 51684 -> 176.73.143.18 5326 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 23:51:26.945449 0.000000 tcp 10.0.2.19 51684 -> 176.73.143.18 5326 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 23:51:32.945048 0.220124 tcp 10.0.2.19 51685 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:51:33.164785 0.214056 tcp 10.0.2.19 51686 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:51:33.426915 3.001861 tcp 10.0.2.19 51687 -> 82.211.141.181 5977 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 23:51:42.437487 0.000000 tcp 10.0.2.19 51687 -> 82.211.141.181 5977 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/05 23:51:48.427776 0.177006 tcp 10.0.2.19 51688 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:51:48.604565 0.198018 tcp 10.0.2.19 51689 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:51:48.852447 0.695817 tcp 10.0.2.19 51690 -> 90.156.118.144 5237 FSPA* 0 0 14 1603 flow=From-Botnet-V2-TCP-Established 1970/01/05 23:52:47.273410 3.001468 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/05 23:52:54.280816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:53:02.282158 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:53:18.285704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/05 23:53:50.291461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:00:00.305498 3.001871 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 00:00:07.313119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:00:15.315157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:00:31.317637 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:01:03.324113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:07:31.334013 3.002025 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 00:07:38.341978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:07:46.343394 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:08:02.346081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:08:34.352089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:14:38.358629 3.001298 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 00:14:45.366095 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:14:53.367668 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:15:09.370907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:15:41.376253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:17:41.749746 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 00:17:41.749925 0.616702 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:17:42.367053 0.617259 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:17:42.984710 0.000000 udp 10.0.2.19 1701 -> 188.169.184.175 15362 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 00:18:01.189952 0.184425 tcp 10.0.2.19 51691 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:18:01.374653 0.213051 tcp 10.0.2.19 51692 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:18:01.588304 0.000000 udp 10.0.2.19 1701 -> 109.200.232.125 1197 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 00:18:19.444916 0.170490 tcp 10.0.2.19 51693 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:18:19.615319 0.196309 tcp 10.0.2.19 51694 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:18:19.812249 0.166593 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:19.979233 0.281769 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:20.261414 0.311536 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:20.573336 0.209058 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:20.782758 0.162913 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:20.946066 0.138961 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:21.085403 0.238640 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:21.324425 0.312233 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:21.637076 0.122627 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:21.760031 0.338620 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:22.098994 0.155968 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:22.255309 0.261242 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:22.516900 0.285956 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:22.803280 0.273084 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 573 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:23.076719 0.220503 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:23.297612 0.219868 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:23.523036 0.257747 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:23.781187 0.383683 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:24.165208 0.201728 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:24.367296 0.349976 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:24.717674 0.130671 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:24.848725 0.255543 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:25.104654 0.126203 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:25.231167 0.303639 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:25.535211 0.219552 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:25.755151 0.263540 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:26.019072 0.219327 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:18:26.238771 0.206306 udp 10.0.2.19 1701 <-> 69.248.108.82 6713 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:21:45.381900 3.002245 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 00:21:49.556045 0.000134 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 00:21:49.556282 0.690368 tcp 10.0.2.19 51695 -> 90.156.118.144 5237 FSPA* 0 0 14 1631 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:21:52.390018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:22:00.391476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:22:16.394620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:22:48.400051 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:28:55.410197 3.002422 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 00:29:02.418318 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:29:10.419631 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:29:26.423110 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:29:58.428757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:36:02.434486 3.001992 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 00:36:09.442229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:36:17.443256 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:36:33.446542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:37:05.452480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:43:09.458379 3.001635 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 00:43:16.466333 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:43:24.467544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:43:40.470959 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:44:12.476831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:48:38.529123 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 00:48:38.529280 0.342665 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:38.872298 0.798614 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:39.671240 0.151485 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:39.823080 0.263528 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:40.087006 0.313251 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:40.902645 0.246982 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:41.150007 0.249414 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:41.399769 0.343552 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:41.743670 0.122482 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:41.866517 0.164306 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:42.031178 0.150931 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:42.182455 0.367055 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:48:42.549874 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 1024 INT 0 1 183 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 00:48:59.772168 0.165404 tcp 10.0.2.19 51696 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:48:59.937871 0.206787 tcp 10.0.2.19 51697 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:49:00.145224 0.260614 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:00.406404 0.281724 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:00.688488 0.256593 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:00.945437 0.258266 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:01.204101 0.386172 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:01.590658 0.215542 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:01.806569 0.216424 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:02.023416 0.206820 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:02.230574 0.355288 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:02.586213 0.130866 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:02.717467 0.260050 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:02.977868 0.119705 udp 10.0.2.19 1701 <-> 212.231.214.106 3015 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:03.097892 0.212994 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:03.311239 0.222031 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:03.533624 0.000000 udp 10.0.2.19 1701 -> 69.248.108.82 6713 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 00:49:20.410571 0.167708 tcp 10.0.2.19 51698 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:49:20.577921 0.198580 tcp 10.0.2.19 51699 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:49:20.777049 0.640066 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 00:49:21.417470 0.000000 udp 10.0.2.19 1701 -> 99.95.196.161 2218 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 00:49:38.946965 0.169779 tcp 10.0.2.19 51700 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:49:39.116350 0.200778 tcp 10.0.2.19 51701 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:50:16.482579 3.001910 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 00:50:23.490275 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:50:31.491264 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:50:47.494378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:51:19.500491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:51:50.245032 1.020818 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/06 00:51:51.265871 2.992936 tcp 10.0.2.19 51702 -> 90.156.118.144 5237 FSPA* 0 0 14 1571 flow=From-Botnet-V2-TCP-Established 1970/01/06 00:57:23.997084 3.001622 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 00:57:31.004450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:57:39.006419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:57:57.522627 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 00:58:29.528871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:04:36.538712 3.002422 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 01:04:43.546515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:04:51.547847 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:05:07.551556 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:05:40.337916 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:11:44.343690 3.002280 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 01:11:51.351820 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:12:00.044375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:12:16.047291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:12:48.053467 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:18:52.058727 3.002310 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 01:18:59.066936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:19:07.068152 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:19:23.070937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:19:55.076836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:20:06.092976 0.000039 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 01:20:06.093069 0.160833 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:06.254271 0.221859 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:06.476499 0.000000 udp 10.0.2.19 1701 -> 69.248.108.82 6713 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 01:20:22.159119 0.175431 tcp 10.0.2.19 51703 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:20:22.334185 0.206110 tcp 10.0.2.19 51704 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:20:22.540882 0.617898 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:23.159227 0.326666 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:23.486258 0.146449 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:23.633062 0.262349 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:23.895750 0.313941 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:24.210054 0.239557 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:24.449985 0.312077 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:24.762453 0.209274 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:24.972134 0.157515 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:25.129995 0.117016 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:25.247426 0.152067 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:25.399852 0.355752 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:25.787207 0.293221 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:26.080774 0.922710 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:27.003861 0.262505 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:27.266755 0.278885 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:27.546037 0.386920 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:27.933323 0.212118 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:28.145818 0.356155 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:28.502391 0.129335 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:28.632108 0.216786 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:28.849286 0.224609 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:29.074441 0.255943 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:29.330754 0.000000 udp 10.0.2.19 1701 -> 212.231.214.106 3015 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 01:20:46.532247 0.165763 tcp 10.0.2.19 51705 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:20:46.698306 0.207480 tcp 10.0.2.19 51706 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:20:46.906495 0.229046 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:47.135900 0.226782 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:20:47.363074 0.308349 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:21:56.241899 0.000287 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 01:21:56.242279 0.633905 tcp 10.0.2.19 51707 -> 90.156.118.144 5237 FSPA* 0 0 14 1698 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:25:59.082698 3.002443 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 01:26:06.090611 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:26:14.092083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:26:30.095262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:27:02.100788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:33:06.106880 3.001617 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 01:33:13.114872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:33:21.115764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:33:37.119227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:34:09.125205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:40:13.130718 3.002173 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 01:40:20.138408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:40:28.139736 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:40:44.142713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:41:16.148812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:47:20.154784 3.001877 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 01:47:27.162168 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:47:35.163814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:47:51.167064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:48:39.544163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:51:09.799149 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 01:51:09.799335 0.000000 udp 10.0.2.19 1701 -> 212.231.214.106 3015 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 01:51:27.476541 0.165201 tcp 10.0.2.19 51708 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:51:27.641956 0.209328 tcp 10.0.2.19 51709 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:51:27.851842 0.166029 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:28.018432 0.226042 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:28.244868 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 01:51:44.810694 0.166560 tcp 10.0.2.19 51710 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:51:44.976886 0.197169 tcp 10.0.2.19 51711 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:51:45.174647 0.342823 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:45.517849 0.147379 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:45.665638 0.237267 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:45.903333 0.320267 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:46.224019 0.281666 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:46.506141 0.163867 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:46.670457 0.115084 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:46.785926 0.150555 udp 10.0.2.19 1701 <-> 2.117.252.6 26750 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:46.936900 0.320437 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:47.257738 0.214105 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:47.472235 0.297201 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:47.769847 0.373851 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:48.144100 0.262161 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:48.406647 0.261888 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:48.668963 0.252502 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:48.921947 0.356739 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:49.279084 0.393276 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:51:49.672776 0.000000 udp 10.0.2.19 1701 -> 31.43.102.110 8272 INT 0 1 215 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 01:52:07.528116 4.220465 tcp 10.0.2.19 51712 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:52:11.748246 0.202105 tcp 10.0.2.19 51713 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:52:11.951430 0.245541 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:52:12.197374 0.214674 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:52:12.412393 0.227648 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:52:12.640483 0.262296 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:52:12.903149 0.314063 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:52:13.217657 0.254901 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:52:13.472890 0.889857 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 01:52:16.703140 0.848561 tcp 10.0.2.19 51714 -> 90.156.118.144 5237 FSPA* 0 0 14 1537 flow=From-Botnet-V2-TCP-Established 1970/01/06 01:54:45.192029 2.958745 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 01:54:52.106569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:55:00.002349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:55:15.791022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 01:55:47.367687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:01:46.438655 2.957484 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 02:01:53.348272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:02:01.235383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:02:17.035450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:02:49.798413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:11:56.321727 2.955919 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 02:12:03.231004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:12:11.120880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:12:26.902675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:12:56.341309 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:19:00.347181 3.001549 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 02:19:07.354849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:19:15.355699 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:19:31.359041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:20:03.365384 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:21:59.613481 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 02:21:59.613665 0.681098 tcp 10.0.2.19 51715 -> 90.156.118.144 5237 FSPA* 0 0 14 1754 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:22:09.076345 0.699113 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:09.775814 0.124961 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:09.901173 0.177399 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:10.078917 0.214867 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:10.294302 0.147232 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:10.441894 0.334401 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:10.776647 0.156081 rtcp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:10.933124 0.317268 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:11.250766 0.240081 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:11.491234 0.116311 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:11.607916 0.281426 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:11.889667 0.211583 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:12.101666 0.286757 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:12.388802 0.000000 udp 10.0.2.19 1701 -> 2.117.252.6 26750 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 02:22:30.529153 0.208398 tcp 10.0.2.19 51716 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:22:30.737821 0.200516 tcp 10.0.2.19 51717 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:22:30.938874 0.325151 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:31.264405 0.262921 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:31.527741 0.365813 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:31.893912 0.261174 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:32.155478 0.262649 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:32.418534 0.352690 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:32.771604 0.401573 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:33.173545 0.221918 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:33.395827 0.206172 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:33.602368 0.253785 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:33.856521 0.309924 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:34.166808 0.260746 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:34.427928 0.215798 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:22:34.644083 0.220652 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:26:07.381050 4.494099 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 02:26:15.880678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:26:23.882450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:26:39.885207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:27:11.891190 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:33:15.897057 3.001846 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 02:33:22.904285 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:33:30.905956 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:33:46.909439 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:34:19.235920 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:40:23.241518 3.001634 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 02:40:30.248779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:40:38.250267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:40:54.253947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:41:26.259251 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:47:30.265267 3.001878 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 02:47:37.272777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:47:45.274379 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:48:01.277707 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:48:33.283806 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:52:01.202948 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 02:52:01.203142 0.660494 tcp 10.0.2.19 51718 -> 90.156.118.144 5237 FSPA* 0 0 14 1686 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:52:56.582363 0.000000 udp 10.0.2.19 1701 -> 2.117.252.6 26750 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 02:53:01.499191 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 02:53:13.338880 0.166573 tcp 10.0.2.19 51719 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:53:13.505697 0.194791 tcp 10.0.2.19 51720 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:53:13.701045 0.179423 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:13.880847 0.863540 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:14.744762 0.125528 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:14.870653 0.147191 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:15.018226 0.309372 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:15.328015 0.159434 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:15.487840 0.227722 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:15.715965 0.314955 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:16.031277 0.207830 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:16.239478 0.281800 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:16.521885 0.114778 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:16.637113 0.245712 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:16.883171 0.260547 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:17.144061 0.311277 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:17.455707 0.000000 udp 10.0.2.19 1701 -> 108.199.165.214 9919 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 02:53:35.428956 0.166744 tcp 10.0.2.19 51721 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:53:35.595944 0.204806 tcp 10.0.2.19 51722 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 02:53:35.801311 0.260336 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:36.062040 0.362104 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:36.424511 0.386299 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:36.811177 0.344379 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:37.155935 0.254262 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:37.410568 0.219271 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:37.630321 0.212836 udp 10.0.2.19 1701 <-> 37.232.7.128 11186 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:37.843528 0.254247 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:38.098313 0.309315 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:38.408047 0.264719 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:38.673159 0.219544 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:53:38.893130 0.217981 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 02:54:37.289254 3.002212 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 02:54:44.297056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:54:52.298621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:55:08.301936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 02:55:40.307988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:01:44.314432 3.000995 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 03:01:51.321193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:01:59.322118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:02:15.325710 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:02:47.331781 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:11:58.345995 3.001908 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 03:12:05.353822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:12:13.355372 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:12:29.358675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:13:01.364419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:19:05.370295 3.001420 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 03:19:12.377611 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:19:20.379166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:19:36.382738 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:20:08.388521 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:22:01.872374 0.000068 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 03:22:01.872588 1.528993 tcp 10.0.2.19 51723 -> 90.156.118.144 5237 FSPA* 0 0 14 1660 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:24:02.174560 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 03:24:02.174737 0.000000 udp 10.0.2.19 1701 -> 108.199.165.214 9919 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 03:24:18.891106 0.167634 tcp 10.0.2.19 51724 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:24:19.058398 0.212456 tcp 10.0.2.19 51725 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:24:19.271610 0.139477 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:19.411484 0.164689 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:19.576538 0.866600 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:20.443529 0.154453 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:20.598354 0.215846 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:20.814602 0.147429 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:20.962533 0.329542 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:21.292428 0.305324 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:21.598324 0.111599 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:21.710298 0.310228 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:22.020877 0.208783 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:22.230110 0.314820 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:22.545306 0.270028 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:22.815709 0.237775 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:23.053897 0.391127 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:23.445447 0.257182 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:23.703138 0.352929 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:24.056460 0.347964 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:24.404831 0.263692 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:24.668911 0.216898 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:24.886282 0.000000 udp 10.0.2.19 1701 -> 37.232.7.128 11186 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 03:24:40.060092 0.168168 tcp 10.0.2.19 51726 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:24:40.228467 0.215493 tcp 10.0.2.19 51727 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:24:40.444479 0.269237 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:40.714233 0.256721 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:40.971333 0.320312 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:41.292018 0.218707 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:24:41.511099 0.743150 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:26:12.394527 3.001501 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 03:26:19.401693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:26:27.403561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:26:43.406392 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:27:15.412545 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:33:19.418286 3.001443 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 03:33:26.426023 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:33:34.427109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:33:50.429878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:34:22.435945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:40:26.442219 3.001409 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 03:40:33.450171 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:40:41.450921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:40:57.454666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:41:29.460737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:47:33.466381 3.001784 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 03:47:42.587461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:47:50.587972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:48:06.591459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:48:38.597310 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:52:04.433812 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 03:52:04.433919 1.616197 tcp 10.0.2.19 51728 -> 90.156.118.144 5237 FSPA* 0 0 14 1619 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:54:42.603099 3.001425 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 03:54:49.611020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:54:57.612269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:54:58.783776 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 03:54:58.784066 0.000000 udp 10.0.2.19 1701 -> 37.232.7.128 11186 INT 0 1 100 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 03:55:13.615139 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 03:55:16.271585 0.176860 tcp 10.0.2.19 51729 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:55:16.447427 1.173685 tcp 10.0.2.19 51730 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 03:55:17.621677 0.136491 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:17.758510 0.160065 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:17.918939 0.216161 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:18.135463 0.884028 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:19.019932 0.159273 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:19.179600 0.323482 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:19.503473 0.145861 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:19.649684 0.119171 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:19.769239 0.296474 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:20.066125 0.322835 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:20.389356 0.279081 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:20.668828 0.212349 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:20.881569 0.311096 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:21.193020 0.383514 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:21.576942 0.241533 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:21.818865 0.260507 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:22.079774 0.865218 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:22.945343 0.219541 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:23.165265 0.346792 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:23.512406 0.357571 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:23.870369 0.281563 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:24.152307 0.221916 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:24.374638 0.257695 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:24.632730 0.297731 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:24.930866 0.240595 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 03:55:45.620837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:01:49.626561 3.001965 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:01:56.634587 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:02:04.636052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:02:20.639313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:02:53.076164 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:08:59.335054 3.001961 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:09:06.342367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:09:14.343886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:09:30.347234 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:10:02.352904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:16:07.200014 3.001758 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:16:14.207689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:16:22.209457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:16:38.212299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:17:13.632898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:22:09.429069 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 04:22:09.429174 0.645845 tcp 10.0.2.19 51731 -> 90.156.118.144 5237 FSPA* 0 0 14 1552 flow=From-Botnet-V2-TCP-Established 1970/01/06 04:23:17.641042 3.000009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:23:24.646934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:23:32.647737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:23:48.650843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:24:27.292893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:25:48.992832 0.000046 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 04:25:48.992938 0.123604 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:25:49.116947 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 1024 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 04:26:07.121516 0.166763 tcp 10.0.2.19 51732 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 04:26:07.288044 0.198690 tcp 10.0.2.19 51733 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 04:26:07.487338 0.227943 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:07.715687 0.303393 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:08.019539 0.159164 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:08.179113 0.331211 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:08.510710 0.147299 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:08.658393 0.115588 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:08.774446 0.274410 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:09.049239 0.237265 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:09.286888 0.278738 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:09.566022 0.280168 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:09.846575 0.289175 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:10.136135 0.384013 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:10.520608 0.240694 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:10.761771 0.257559 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:11.019772 0.362237 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:11.382442 0.331869 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:11.714736 0.702025 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:12.417215 0.218616 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:12.636303 0.249244 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:12.885935 0.220932 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:13.107291 0.259850 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:13.367536 0.278323 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:26:13.646286 0.241442 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:30:26.796320 0.998492 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/06 04:30:32.692232 4.005596 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/06 04:30:44.699258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:31:00.702496 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:31:32.748215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:37:37.685608 3.001891 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:37:44.693226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:37:52.694626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:38:08.697193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:38:40.703589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:44:45.710477 3.001869 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:44:52.718146 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:45:00.719842 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:45:17.724167 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:45:49.730283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:51:53.736531 3.001313 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:52:00.743600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:52:08.745762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:52:14.593965 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 04:52:14.594070 0.655065 tcp 10.0.2.19 51734 -> 90.156.118.144 5237 FSPA* 0 0 14 1693 flow=From-Botnet-V2-TCP-Established 1970/01/06 04:52:24.748104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:52:56.754096 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:56:16.111460 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 04:56:16.111645 0.177997 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:16.290001 0.127134 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:16.417485 0.216600 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:16.634450 0.297762 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:16.932612 0.157395 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:17.090410 0.320948 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:17.411714 0.147748 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:17.559817 0.114357 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:17.674511 0.285473 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:17.960328 0.213417 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:18.174088 0.266961 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:18.441440 0.210097 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:18.651930 0.216111 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:18.868421 0.401064 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:19.269842 0.249968 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:19.520160 0.350076 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:19.870629 0.248321 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:20.119301 0.357361 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:20.477004 0.254741 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:20.732095 0.218436 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:20.950936 0.253395 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:21.204674 0.217636 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:21.422680 0.262288 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:21.685376 0.216193 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:56:21.901938 0.262811 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 04:59:07.770429 3.001638 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 04:59:14.777874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:59:22.779162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 04:59:38.782315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:00:10.788554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:06:27.883024 3.001709 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 05:06:34.890971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:06:42.892018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:06:58.895499 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:07:30.900868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:13:38.912305 3.002523 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 05:13:45.920713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:13:53.921721 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:14:09.925211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:14:41.930730 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:20:46.767496 3.002282 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 05:20:53.775849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:21:01.776801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:21:17.779705 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:21:49.786463 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:22:16.645296 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 05:22:16.645470 0.716758 tcp 10.0.2.19 51735 -> 90.156.118.144 5237 FSPA* 0 0 14 1597 flow=From-Botnet-V2-TCP-Established 1970/01/06 05:26:32.843656 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 05:26:32.843840 0.213752 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:33.058191 0.130271 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:33.188860 0.222949 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:33.412232 0.305320 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:33.717951 0.176256 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:33.894604 0.118678 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:34.013667 0.281159 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:34.295235 0.360551 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:34.656155 0.148300 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:34.804797 0.218462 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:35.023658 0.267047 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:35.291128 0.213093 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:35.504613 0.213410 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:35.718425 0.340924 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:36.059733 0.422359 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:36.482467 0.236019 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:36.718892 0.502947 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:37.222349 0.255917 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:37.478633 1.025308 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:38.504296 0.222055 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:38.726695 0.229439 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:38.956539 0.215699 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:39.172638 0.252223 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:39.425210 0.211916 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:26:39.637485 0.632468 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:27:53.791875 3.002026 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 05:28:00.799171 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:28:08.800948 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:28:24.803995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:28:56.810258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:35:00.815781 3.002389 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 05:35:07.823597 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:35:15.825289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:35:31.827882 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:36:03.833864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:42:07.839909 3.002302 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 05:42:14.847484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:42:22.848647 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:42:42.036530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:43:14.042625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:49:20.051302 3.002002 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 05:49:27.059310 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:49:35.060111 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:49:51.063574 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:50:25.312711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:52:20.008119 0.000137 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 05:52:20.008346 1.531563 tcp 10.0.2.19 51736 -> 90.156.118.144 5237 FSPA* 0 0 14 1675 flow=From-Botnet-V2-TCP-Established 1970/01/06 05:56:29.318384 3.002139 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 05:56:36.325887 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:56:44.528174 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:56:52.108796 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 05:56:52.108962 0.470261 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:52.579586 0.157864 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:52.737855 0.125379 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:52.863595 0.327124 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:53.191103 0.163905 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:53.355382 0.114124 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:53.469882 0.292721 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:53.762982 0.319695 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:54.083051 0.146754 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:54.230208 0.214797 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:54.445428 0.274329 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:54.720116 0.217801 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:54.938324 0.239128 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:55.177875 0.238439 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:55.416655 0.345184 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:55.762315 0.381645 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:56.144335 0.259330 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:56.404065 0.255911 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:56.660381 1.205815 udp 10.0.2.19 1701 <-> 190.9.171.230 19873 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:57.866576 0.245601 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:58.112544 0.207243 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:58.320170 0.219298 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:58.539869 0.279713 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:58.819938 0.255992 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:56:59.076324 0.204529 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 05:57:04.606659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 05:57:37.243303 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:03:41.800297 3.002061 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 06:03:48.807976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:03:56.809405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:04:12.812747 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:04:44.818408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:13:01.825054 3.002168 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 06:13:08.833203 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:13:16.835020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:13:32.837602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:14:04.843473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:20:08.849074 3.002110 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 06:20:15.856941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:20:23.858889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:20:39.861620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:21:11.867726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:22:24.242568 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 06:22:24.242748 1.407485 tcp 10.0.2.19 51737 -> 90.156.118.144 5237 FSPA* 0 0 14 1528 flow=From-Botnet-V2-TCP-Established 1970/01/06 06:27:14.108457 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 06:27:14.108641 0.221280 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:14.330310 0.157015 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:14.487676 0.126659 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 575 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:14.614771 0.306750 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:14.921934 0.176662 rtcp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:15.098945 0.113887 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:15.213233 0.185990 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:15.399594 0.294612 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:15.694540 0.310655 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:16.005547 0.219665 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:16.225616 0.267470 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:16.493450 0.214882 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:16.708685 0.220454 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:16.929533 0.244777 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:17.174721 0.362055 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:17.537172 0.254745 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:17.792354 0.379937 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:18.172654 0.570755 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:18.743821 0.000000 udp 10.0.2.19 1701 -> 190.9.171.230 19873 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:27:20.880403 3.001723 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 06:27:27.888093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:27:35.411740 0.986765 tcp 10.0.2.19 51738 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 06:27:36.290145 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:27:36.398127 0.194647 tcp 10.0.2.19 51739 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 06:27:36.593364 0.217228 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:36.810964 0.196531 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:37.007864 0.217405 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:37.225676 0.205377 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:37.431409 0.253333 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:37.685063 0.249291 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:27:52.293648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:28:24.299674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:34:32.310782 3.001967 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 06:34:39.318875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:34:47.319683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:35:03.323154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:35:35.329183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:41:41.337844 3.002038 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 06:41:48.345699 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:41:56.347092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:42:12.349746 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:42:44.355848 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:48:48.361384 3.432483 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 06:48:55.800073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:49:03.801305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:49:19.804487 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:49:51.810300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:52:26.252621 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 06:52:26.252812 0.672721 tcp 10.0.2.19 51740 -> 90.156.118.144 5237 SPA_* 0 0 12 1566 flow=From-Botnet-V2-TCP-Established 1970/01/06 06:52:45.397379 0.000058 tcp 10.0.2.19 51740 -> 90.156.118.144 5237 FA_A 0 0 2 108 flow=From-Botnet-V2-TCP-Established 1970/01/06 06:55:55.815991 3.002022 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 06:56:02.824117 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:56:10.825196 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:56:26.828462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:56:58.834303 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 06:57:44.660278 0.000041 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 06:57:44.660370 0.000000 udp 10.0.2.19 1701 -> 190.9.171.230 19873 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:58:00.164925 0.167893 tcp 10.0.2.19 51741 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 06:58:00.332765 0.238627 tcp 10.0.2.19 51742 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 06:58:00.571968 0.177251 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:00.749590 0.131593 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:00.881524 0.295936 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 210 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:01.177882 0.153773 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:01.332059 0.218726 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:01.551146 0.113552 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:01.665072 0.313857 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:01.979281 0.302731 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:02.282362 0.146396 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:02.429117 0.256770 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:02.686446 0.223531 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:02.910363 0.242534 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:03.153246 0.266764 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 572 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:03.420404 0.211751 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:03.632541 0.336649 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:03.969533 0.256470 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:04.226354 0.394957 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:04.621682 0.312909 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:04.934944 0.224883 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:05.160193 0.372559 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:05.533095 0.781529 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:06.314975 0.253265 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:06.568590 0.217394 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:06.786335 0.209443 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:07.402921 0.174094 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 820 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:07.577441 0.133045 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 689 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:07.710965 0.302474 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 726 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:08.013921 0.166025 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 796 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:08.180426 0.216327 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 661 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:08.397279 0.238692 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 789 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:08.636398 0.288564 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:08.925387 0.158176 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 670 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:09.084049 0.210944 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 708 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:09.295432 0.333599 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 859 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:09.629489 0.222572 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 656 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:09.852498 0.242891 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 830 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:10.095872 0.266014 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:10.362317 0.213259 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 829 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:10.576028 0.254712 udp 10.0.2.19 1701 <-> 68.6.169.122 9099 CON 0 0 2 831 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:10.831141 0.394170 udp 10.0.2.19 1701 <-> 175.139.191.162 7904 CON 0 0 2 757 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:11.225759 0.338453 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:11.564718 0.290620 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 709 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:11.855768 0.218929 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 684 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:12.075158 0.218359 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 777 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:12.293964 0.252577 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 697 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:12.546966 0.702186 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 834 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:13.249612 0.209289 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 725 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:13.459369 0.217851 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 838 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:13.677781 0.000000 udp 10.0.2.19 1701 -> 66.237.226.20 1336 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:58:19.370575 2.650839 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 804 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:22.097964 0.000000 udp 10.0.2.19 1701 -> 75.53.147.81 1024 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:58:28.313071 0.000000 udp 10.0.2.19 1701 -> 68.143.9.54 6303 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:58:33.991324 0.000000 udp 10.0.2.19 1701 -> 74.7.241.110 4100 INT 0 1 153 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:58:38.958004 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 06:58:39.319369 0.252813 udp 10.0.2.19 1701 <-> 188.169.30.5 24770 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:40.029804 0.491158 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 763 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:40.779560 0.000000 udp 10.0.2.19 1701 -> 68.157.126.49 7924 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:58:46.349093 0.133653 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 710 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:46.580566 0.000000 udp 10.0.2.19 1701 -> 188.169.55.26 14061 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:58:55.121810 0.306092 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:58:55.506555 0.000000 udp 10.0.2.19 1701 -> 94.88.11.18 3441 INT 0 1 228 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:01.591393 0.960489 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 729 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:59:02.997485 0.000000 udp 10.0.2.19 1701 -> 75.130.73.198 1194 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:09.141824 0.316021 udp 10.0.2.19 1701 -> 72.172.62.31 4178 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:09.457845 0.000000 icmp 72.172.62.31 0x0303 -> 10.0.2.19 0x5210 URP 192 1 199 flow=Background 1970/01/06 06:59:13.958716 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 06:59:15.370680 0.218827 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 778 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:59:15.665326 0.000000 udp 10.0.2.19 1701 -> 92.24.108.105 18436 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:22.391551 0.000000 udp 10.0.2.19 1701 -> 200.60.76.38 3686 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:27.738567 0.275408 udp 10.0.2.19 1701 <-> 68.72.218.141 8624 CON 0 0 2 687 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 06:59:28.190579 0.000000 udp 10.0.2.19 1701 -> 219.130.112.172 2189 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:36.311253 0.000000 udp 10.0.2.19 1701 -> 124.120.24.167 9325 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:42.299734 0.000000 udp 10.0.2.19 1701 -> 24.173.221.146 9605 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:52.443883 0.000000 udp 10.0.2.19 1701 -> 85.37.144.9 21799 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 06:59:57.150874 0.000072 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 06:59:58.553294 0.000000 udp 10.0.2.19 1701 -> 2.133.62.246 24388 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:04.611803 0.000000 udp 10.0.2.19 1701 -> 80.14.30.94 4619 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:13.083682 0.000000 udp 10.0.2.19 1701 -> 79.15.14.142 1661 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:18.881916 0.000000 udp 10.0.2.19 1701 -> 121.128.195.71 5561 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:24.630300 0.000000 udp 10.0.2.19 1701 -> 68.13.194.197 8226 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:33.252854 0.371232 udp 10.0.2.19 1701 <-> 122.214.58.197 9683 CON 0 0 2 807 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:00:33.760659 0.000000 udp 10.0.2.19 1701 -> 50.74.142.90 5806 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:38.149846 0.000041 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:00:39.361848 0.000000 udp 10.0.2.19 1701 -> 101.161.50.176 2718 INT 0 1 299 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:46.822543 0.286960 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 673 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:00:47.385975 0.000000 udp 10.0.2.19 1701 -> 99.242.20.25 7067 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:00:53.011676 0.232128 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 837 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:00:53.286207 0.216844 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 778 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:00:53.555294 0.435462 udp 10.0.2.19 1701 <-> 125.166.194.69 10635 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:00:54.070970 0.000000 udp 10.0.2.19 1701 -> 151.226.159.77 4214 INT 0 1 143 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:02.695221 0.000000 udp 10.0.2.19 1701 -> 184.20.156.222 8447 INT 0 1 176 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:09.174175 0.000000 udp 10.0.2.19 1701 -> 204.120.192.86 6457 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:14.151625 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:01:17.626646 0.000000 udp 10.0.2.19 1701 -> 69.231.42.234 8252 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:25.618600 0.000000 udp 10.0.2.19 1701 -> 216.249.225.199 10385 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:34.540728 0.000000 udp 10.0.2.19 1701 -> 162.198.54.128 3260 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:43.514127 0.000000 udp 10.0.2.19 1701 -> 189.224.71.93 7897 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:48.150565 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:01:51.155257 0.000000 udp 10.0.2.19 1701 -> 216.254.242.62 4886 INT 0 1 257 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:01:56.772733 0.000000 udp 10.0.2.19 1701 -> 173.166.169.3 5539 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:04.373632 0.000000 udp 10.0.2.19 1701 -> 190.235.93.6 28194 INT 0 1 189 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:12.194898 0.000000 udp 10.0.2.19 1701 -> 76.174.252.22 26334 INT 0 1 292 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:17.242518 0.935081 udp 10.0.2.19 1701 <-> 110.138.249.237 13355 CON 0 0 2 786 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:02:18.255434 0.000000 udp 10.0.2.19 1701 -> 203.188.248.3 3727 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:22.148945 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:02:26.655834 0.000000 udp 10.0.2.19 1701 -> 2.228.163.130 6040 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:34.677269 0.000000 udp 10.0.2.19 1701 -> 76.29.210.40 5142 INT 0 1 132 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:42.268099 0.000000 udp 10.0.2.19 1701 -> 71.166.164.52 5178 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:48.467398 0.000000 udp 10.0.2.19 1701 -> 105.227.12.60 2932 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:54.425535 0.000000 udp 10.0.2.19 1701 -> 81.136.130.125 9318 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:02:59.152535 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:03:01.265665 0.000000 udp 10.0.2.19 1701 -> 75.66.184.240 1711 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:03:04.732664 3.002148 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 07:03:10.078484 0.000000 udp 10.0.2.19 1701 -> 27.54.51.115 2657 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:03:11.740298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:03:15.616006 0.000000 udp 10.0.2.19 1701 -> 85.96.72.60 4926 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:03:19.742150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:03:24.609151 0.000000 udp 10.0.2.19 1701 -> 41.225.238.247 7770 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:03:33.612031 0.000000 udp 10.0.2.19 1701 -> 81.137.209.94 3207 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:03:35.745074 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:03:38.148722 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:03:40.852628 0.000000 udp 10.0.2.19 1701 -> 69.4.124.235 24053 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:03:48.102992 0.000000 udp 10.0.2.19 1701 -> 171.98.145.136 7044 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:03:53.270410 0.000000 udp 10.0.2.19 1701 -> 67.217.130.83 9483 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:00.460481 0.000000 udp 10.0.2.19 1701 -> 83.27.195.133 2618 INT 0 1 296 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:11.297793 0.000000 udp 10.0.2.19 1701 -> 195.208.48.140 5248 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:12.312905 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 1 146 flow=Background 1970/01/06 07:04:16.562840 0.276650 udp 10.0.2.19 1701 -> 65.103.206.134 6446 INT 0 1 308 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:16.839490 0.000000 icmp 65.103.206.134 0x0303 -> 10.0.2.19 0x2e19 URP 192 1 308 flow=Background 1970/01/06 07:04:21.090730 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:04:22.386852 0.481473 udp 10.0.2.19 1701 <-> 125.164.33.173 28478 CON 0 0 2 792 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:04:23.053410 0.000000 udp 10.0.2.19 1701 -> 213.98.108.145 7899 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:28.171447 0.000000 udp 10.0.2.19 1701 -> 71.76.242.49 4122 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:31.675711 0.492971 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 802 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:04:32.397231 0.000000 udp 10.0.2.19 1701 -> 184.74.14.220 4115 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:39.006578 0.000000 udp 10.0.2.19 1701 -> 171.100.74.17 4963 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:45.275307 0.000000 udp 10.0.2.19 1701 -> 180.57.179.61 5687 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:53.577493 0.475243 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:04:54.245094 0.000000 udp 10.0.2.19 1701 -> 36.76.70.113 15008 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:04:58.654544 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:05:02.339585 0.000000 udp 10.0.2.19 1701 -> 178.91.153.245 20353 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:10.441164 0.422506 udp 10.0.2.19 1701 <-> 175.142.75.253 12777 CON 0 0 2 688 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:05:10.908023 0.209838 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 757 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:05:11.357407 0.221417 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 766 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:05:11.606302 0.000000 udp 10.0.2.19 1701 -> 50.20.182.29 3684 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:18.883257 0.000000 udp 10.0.2.19 1701 -> 2.178.43.207 6365 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:23.970640 0.000000 udp 10.0.2.19 1701 -> 212.46.165.141 19860 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:27.549245 0.000000 udp 10.0.2.19 1701 <- 175.142.75.253 12777 RSP 0 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:30.259622 0.000000 udp 10.0.2.19 1701 -> 82.91.101.29 9467 INT 0 1 289 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:35.156372 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:05:36.078022 0.000000 udp 10.0.2.19 1701 -> 68.114.245.252 5007 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:41.475686 0.000000 udp 10.0.2.19 1701 -> 94.200.62.2 4228 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:47.505019 0.000000 udp 10.0.2.19 1701 -> 46.44.21.6 4958 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:05:54.544721 0.000000 udp 10.0.2.19 1701 -> 76.90.163.104 5098 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:00.964163 0.000000 udp 10.0.2.19 1701 -> 218.111.217.219 27244 INT 0 1 191 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:06.522259 0.000000 udp 10.0.2.19 1701 -> 76.100.192.99 4322 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:11.158679 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:06:15.485109 0.000000 udp 10.0.2.19 1701 -> 65.46.208.198 8231 INT 0 1 295 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:24.437919 0.000000 udp 10.0.2.19 1701 -> 83.238.172.134 5543 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:32.419530 0.530683 udp 10.0.2.19 1701 <-> 180.241.169.218 13801 CON 0 0 2 699 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:06:32.960432 0.000000 udp 10.0.2.19 1701 -> 82.107.16.215 1949 INT 0 1 175 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:40.430894 0.182137 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 825 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:06:40.621655 0.302199 udp 10.0.2.19 1701 <-> 181.64.166.201 15739 CON 0 0 2 729 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:06:40.933766 0.000000 udp 10.0.2.19 1701 -> 74.92.34.65 4525 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:45.157497 0.000043 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:06:48.802822 0.000000 udp 10.0.2.19 1701 -> 203.111.232.214 4379 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:06:54.481223 0.000000 udp 10.0.2.19 1701 -> 173.12.235.173 5112 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:03.253728 0.257884 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 832 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:07:03.645688 0.000000 udp 10.0.2.19 1701 -> 76.3.80.98 18484 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:10.814683 0.000000 udp 10.0.2.19 1701 -> 80.179.199.81 20802 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:19.256495 0.000000 udp 10.0.2.19 1701 -> 36.76.117.214 29543 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:24.153346 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:07:27.868851 0.000000 udp 10.0.2.19 1701 -> 71.165.149.239 4157 INT 0 1 170 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:33.907888 0.000000 udp 10.0.2.19 1701 -> 212.131.201.146 29392 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:41.949218 0.000000 udp 10.0.2.19 1701 -> 202.163.69.33 1267 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:49.790731 0.000000 udp 10.0.2.19 1701 -> 69.114.0.197 9920 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:07:57.892500 0.000000 udp 10.0.2.19 1701 -> 173.172.120.192 7717 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:02.658832 0.000158 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:08:04.891918 0.000000 udp 10.0.2.19 1701 -> 68.143.95.30 3089 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:10.139614 0.275980 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 733 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:08:10.459457 0.000000 udp 10.0.2.19 1701 -> 189.187.127.225 14178 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:17.119695 0.000000 udp 10.0.2.19 1701 -> 216.230.228.174 3571 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:23.188146 0.460555 udp 10.0.2.19 1701 <-> 36.74.96.108 14433 CON 0 0 2 655 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:08:23.688855 0.000000 udp 10.0.2.19 1701 -> 63.172.252.79 1743 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:32.141677 0.000000 udp 10.0.2.19 1701 -> 46.49.32.69 4208 INT 0 1 307 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:36.658013 0.000166 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:08:38.269902 0.000000 udp 10.0.2.19 1701 -> 78.189.48.189 27189 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:47.013089 0.000000 udp 10.0.2.19 1701 -> 113.160.131.3 4612 INT 0 1 297 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:53.932763 0.590323 udp 10.0.2.19 1701 <-> 186.95.34.99 2810 CON 0 0 2 721 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:08:54.533327 0.000000 udp 10.0.2.19 1701 -> 121.1.53.24 10853 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:08:59.630724 0.000000 udp 10.0.2.19 1701 -> 193.248.160.37 8162 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:09:04.818267 0.000000 udp 10.0.2.19 1701 -> 46.49.120.58 1069 INT 0 1 204 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:09:10.646646 0.000000 udp 10.0.2.19 1701 -> 180.183.208.97 14611 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:09:15.162963 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:09:19.519482 0.000000 udp 10.0.2.19 1701 -> 178.91.41.40 7161 INT 0 1 299 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:09:24.957565 0.253568 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 675 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:09:25.337336 0.000000 udp 10.0.2.19 1701 -> 186.22.206.204 4251 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:09:31.086117 0.000000 udp 10.0.2.19 1701 -> 201.184.233.131 23620 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:09:36.093375 0.000000 udp 10.0.2.19 1701 -> 5.98.103.145 8115 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:09:43.233471 0.000000 udp 10.0.2.19 1701 -> 12.185.247.82 8581 INT 0 1 194 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:10:15.262413 3.001266 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 07:10:22.269590 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:10:30.271183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:10:46.274314 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:11:18.279926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:17:25.290541 3.001582 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 07:17:32.297537 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:17:40.299014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:17:56.302664 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:18:28.308115 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:22:50.796061 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:22:50.796170 0.742215 tcp 10.0.2.19 51743 -> 90.156.118.144 5237 FSPA* 0 0 14 1542 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:24:32.313946 3.002158 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 07:24:39.321904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:24:47.322993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:25:03.326162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:25:35.332312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:31:39.338112 3.001711 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 07:31:46.345753 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:31:54.347563 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:32:10.350092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:32:42.356335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:38:46.362167 3.001833 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 07:38:53.370171 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:39:01.371481 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:39:17.374436 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:39:49.380657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:40:10.741105 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:40:10.741216 0.158882 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:10.900479 0.125728 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:11.026580 0.143766 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:11.170716 1.186320 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:12.357424 0.154598 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:12.512377 0.225716 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:12.738516 0.315048 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:13.053933 0.289925 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:13.344256 0.146421 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:13.491021 0.207907 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:13.699337 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:40:32.655090 0.166724 tcp 10.0.2.19 51744 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:40:32.821644 0.202298 tcp 10.0.2.19 51745 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:40:33.024507 0.223063 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:33.247929 0.216437 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:33.464816 0.239298 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:33.704527 0.339807 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:34.044687 0.260057 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:34.305120 0.258548 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:34.564061 0.217557 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:34.782016 0.222440 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:35.004836 0.219538 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:35.224749 0.772809 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:35.997918 0.311362 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:36.309628 0.133834 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:36.443899 0.368444 udp 10.0.2.19 1701 <-> 188.169.30.5 24770 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:36.812710 0.478559 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:37.291668 0.680695 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:37.972771 0.263861 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:38.236988 1.073215 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:39.310569 0.214547 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:39.525521 0.257115 udp 10.0.2.19 1701 <-> 68.72.218.141 8624 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:39.783081 0.000000 udp 10.0.2.19 1701 -> 122.214.58.197 9683 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:40:56.889020 0.166706 tcp 10.0.2.19 51746 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:40:57.055985 0.213112 tcp 10.0.2.19 51747 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:40:57.269655 0.289635 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:57.559679 0.227169 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:57.787220 0.215794 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:58.003353 0.422120 udp 10.0.2.19 1701 <-> 125.166.194.69 10635 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:58.427064 0.535453 udp 10.0.2.19 1701 <-> 110.138.249.237 13355 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:40:58.962864 0.000000 udp 10.0.2.19 1701 -> 125.164.33.173 28478 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:41:17.077918 0.168239 tcp 10.0.2.19 51748 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:41:17.245921 0.208560 tcp 10.0.2.19 51749 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:41:17.455013 1.623900 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:19.079326 0.246569 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:19.326302 0.163567 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:19.490233 0.412588 udp 10.0.2.19 1701 <-> 175.142.75.253 12777 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:19.903241 0.217070 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:20.120702 0.497923 udp 10.0.2.19 1701 <-> 180.241.169.218 13801 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:20.619035 0.171215 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:20.790586 0.000000 udp 10.0.2.19 1701 -> 181.64.166.201 15739 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 07:41:39.369916 0.296557 tcp 10.0.2.19 51750 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:41:39.666804 0.280903 tcp 10.0.2.19 51751 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:41:39.948227 0.311327 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:40.259942 0.255953 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:40.516273 0.423772 udp 10.0.2.19 1701 <-> 36.74.96.108 14433 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:40.940412 0.498848 udp 10.0.2.19 1701 <-> 186.95.34.99 2810 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:41:41.439589 0.496600 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 07:45:53.386402 3.001437 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 07:46:00.393375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:46:08.394880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:46:24.398078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:46:56.404569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:52:51.544952 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 07:52:51.545105 2.999627 tcp 10.0.2.19 51752 -> 90.156.118.144 5237 FSPA* 0 0 14 1622 flow=From-Botnet-V2-TCP-Established 1970/01/06 07:53:00.409976 3.001681 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 07:53:07.417696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:53:15.990095 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:53:31.993296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 07:54:03.999095 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:00:08.004483 3.002188 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 08:00:15.012879 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:00:23.014252 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:00:39.017051 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:01:12.084790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:11:21.833426 3.002250 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 08:11:28.841639 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:11:36.842979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:11:52.846040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:12:07.557239 0.605833 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/06 08:12:08.163141 0.263709 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:12:08.427202 0.354128 udp 10.0.2.19 1701 <-> 122.214.58.197 9683 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:12:08.781679 0.000000 udp 10.0.2.19 1701 -> 125.164.33.173 28478 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 08:12:25.142423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:12:26.817503 0.167411 tcp 10.0.2.19 51753 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:12:26.984548 0.199129 tcp 10.0.2.19 51754 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:12:27.184235 0.000000 udp 10.0.2.19 1701 -> 181.64.166.201 15739 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 08:12:42.328291 0.166923 tcp 10.0.2.19 51755 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:12:42.494850 0.214039 tcp 10.0.2.19 51756 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:12:42.709428 0.170147 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:12:42.879939 0.000000 udp 10.0.2.19 1701 -> 31.43.102.110 8272 INT 0 1 90 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 08:12:59.072563 0.177346 tcp 10.0.2.19 51757 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:12:59.249473 0.209032 tcp 10.0.2.19 51758 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:12:59.459074 0.123315 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:12:59.582759 0.672026 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 585 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:00.255189 0.157187 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:00.412766 0.219535 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:00.632662 0.322137 udp 10.0.2.19 1701 <-> 105.228.46.98 1563 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:00.955165 0.207245 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:01.162809 0.145821 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:01.308974 0.288317 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:01.597631 0.212848 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:01.810834 0.243848 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:02.055164 0.217870 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:02.273434 0.251925 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:02.525796 0.262808 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:02.789038 0.331268 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:03.120706 0.218438 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:03.339485 0.217343 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:03.557200 0.220586 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:03.778261 0.136348 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:03.914977 0.336634 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:04.251949 0.215786 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:04.468149 0.287727 udp 10.0.2.19 1701 <-> 188.169.30.5 24770 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:04.756274 0.522285 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:05.278920 0.263586 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:05.542932 0.233670 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:05.777017 0.954552 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:06.731949 0.217102 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:06.949451 0.259319 udp 10.0.2.19 1701 <-> 68.72.218.141 8624 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:07.209138 0.279211 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:07.488827 0.241108 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:07.730339 0.208355 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:07.939037 0.427404 udp 10.0.2.19 1701 <-> 125.166.194.69 10635 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:08.366794 0.000000 udp 10.0.2.19 1701 -> 110.138.249.237 13355 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 08:13:26.742360 0.176026 tcp 10.0.2.19 51759 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:13:26.918692 0.194855 tcp 10.0.2.19 51760 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:13:27.114106 0.245723 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:27.360174 0.165531 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:27.526061 0.874855 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:28.401304 0.211354 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:28.613021 0.412092 udp 10.0.2.19 1701 <-> 175.142.75.253 12777 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:29.025475 0.495398 udp 10.0.2.19 1701 <-> 180.241.169.218 13801 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:29.521286 0.169323 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:29.691043 0.258667 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:29.950215 0.254328 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:30.204926 0.435118 udp 10.0.2.19 1701 <-> 36.74.96.108 14433 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:30.640395 0.435649 udp 10.0.2.19 1701 <-> 186.95.34.99 2810 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:13:31.076444 0.249370 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:18:29.548548 3.002304 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 08:18:36.556079 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:18:44.557701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:19:00.560450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:19:32.566872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:22:57.962413 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 08:22:57.962611 1.752499 tcp 10.0.2.19 51761 -> 90.156.118.144 5237 FSPA* 0 0 14 1635 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:25:39.196450 3.001531 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 08:25:46.203765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:25:54.245573 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:26:10.249056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:26:42.414865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:32:46.420425 3.001836 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 08:32:53.428151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:33:01.430068 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:33:17.432937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:33:49.458700 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:39:53.464250 3.001892 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 08:40:00.471952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:40:08.473988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:40:24.476445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:40:56.482859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:43:46.587596 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 08:43:46.587761 0.131714 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:43:46.719864 0.000000 udp 10.0.2.19 1701 -> 110.138.249.237 13355 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 08:44:03.023692 4.068051 tcp 10.0.2.19 51762 -> 173.194.70.99 80 FSPA* 0 0 10 1850 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:44:07.091957 0.200510 tcp 10.0.2.19 51763 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:44:07.293038 0.279053 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:07.572442 0.000000 udp 10.0.2.19 1701 -> 122.214.58.197 9683 INT 0 1 167 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 08:44:09.073666 0.000133 tcp 10.0.2.19 51762 -> 173.194.70.99 80 A_FA 0 0 2 108 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:44:25.754708 0.177236 tcp 10.0.2.19 51764 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:44:25.931859 0.197288 tcp 10.0.2.19 51765 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:44:26.129687 0.168214 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:26.298303 0.113879 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:26.412534 0.162757 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:26.575636 0.318147 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:26.894247 0.227870 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:27.122474 0.255622 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:27.378475 0.146053 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:27.524919 0.000000 udp 10.0.2.19 1701 -> 105.228.46.98 1563 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 08:44:46.264191 0.169358 tcp 10.0.2.19 51766 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:44:46.433878 0.214833 tcp 10.0.2.19 51767 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:44:46.649250 0.290113 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:46.939731 0.218026 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:47.158321 0.253771 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:47.412486 0.240455 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:47.653278 0.219222 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:47.872901 0.361638 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:48.234946 0.254815 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:48.490337 0.218775 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:48.709455 0.133532 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:48.843330 0.217907 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:49.061597 0.225293 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:49.287277 0.227125 udp 10.0.2.19 1701 <-> 92.54.197.77 13102 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:49.514761 0.217582 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:49.732729 0.208488 udp 10.0.2.19 1701 <-> 188.169.30.5 24770 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:49.941598 0.471835 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:50.413802 0.262915 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:50.677092 0.159650 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:50.837101 0.271995 udp 10.0.2.19 1701 <-> 68.72.218.141 8624 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:51.109439 0.979963 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:52.089757 0.209951 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:52.300089 0.275538 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:52.576034 0.229777 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:52.806241 0.212600 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:53.019221 0.404611 udp 10.0.2.19 1701 <-> 125.166.194.69 10635 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:53.424232 0.234285 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:53.658876 0.177398 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:53.836689 0.542863 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:54.379936 0.215915 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:54.596192 0.417218 udp 10.0.2.19 1701 <-> 175.142.75.253 12777 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:55.013822 0.497800 udp 10.0.2.19 1701 <-> 180.241.169.218 13801 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:55.512043 0.178358 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:55.690814 0.249651 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:55.940917 0.263859 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:56.205162 0.444365 udp 10.0.2.19 1701 <-> 36.74.96.108 14433 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:56.649882 0.352575 udp 10.0.2.19 1701 <-> 186.95.34.99 2810 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:44:57.002821 0.228927 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 08:47:03.222184 3.002103 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 08:47:10.230073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:47:19.824014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:47:35.826940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:48:07.832629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:53:02.287207 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 08:53:02.287396 2.214780 tcp 10.0.2.19 51768 -> 90.156.118.144 5237 FSPA* 0 0 14 1577 flow=From-Botnet-V2-TCP-Established 1970/01/06 08:54:13.841248 3.002287 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 08:54:24.695004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:54:32.695960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:54:48.699221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 08:55:21.967351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:01:25.973106 3.001363 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:01:32.980422 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:01:40.981793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:01:56.985503 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:02:29.602499 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:08:38.614704 3.001943 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:08:45.622665 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:08:53.623774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:09:09.627205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:09:41.633410 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:15:22.202998 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 09:15:22.203211 0.000000 udp 10.0.2.19 1701 -> 122.214.58.197 9683 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:15:38.018606 0.179308 tcp 10.0.2.19 51769 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:15:38.197581 0.198304 tcp 10.0.2.19 51770 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:15:38.396457 0.000000 udp 10.0.2.19 1701 -> 105.228.46.98 1563 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:15:45.639070 3.001401 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:15:52.646292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:15:56.242993 0.170698 tcp 10.0.2.19 51771 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:15:56.413928 0.202756 tcp 10.0.2.19 51772 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:15:56.617225 0.128575 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:56.746308 0.266444 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:57.013118 0.162637 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:57.176216 0.176335 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:57.352925 0.115495 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:57.468813 0.223100 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:57.692288 0.145424 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:57.838276 0.215275 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:58.053964 0.391069 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:58.445438 0.254001 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:58.699797 0.244031 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:58.944232 0.287879 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:59.232569 0.212741 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:59.445682 0.259292 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:59.705374 0.220791 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:15:59.926519 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 227 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:16:01.609273 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:16:15.961444 0.185481 tcp 10.0.2.19 51773 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:16:16.146585 0.190815 tcp 10.0.2.19 51774 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:16:16.337956 0.364856 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:16.703164 0.136147 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:16.839698 0.261607 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:17.101653 0.217136 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:17.319172 0.000000 udp 10.0.2.19 1701 -> 92.54.197.77 13102 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:16:17.612476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:16:33.997330 0.166615 tcp 10.0.2.19 51775 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:16:34.163527 0.200464 tcp 10.0.2.19 51776 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:16:34.364548 0.223051 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:34.587946 0.254324 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:34.842682 0.186976 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:35.030023 0.000000 udp 10.0.2.19 1701 -> 188.169.30.5 24770 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:16:49.618801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:16:50.231039 0.170325 tcp 10.0.2.19 51777 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:16:50.401460 0.200336 tcp 10.0.2.19 51778 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:16:50.602508 0.472918 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:51.075755 0.272130 udp 10.0.2.19 1701 <-> 68.72.218.141 8624 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:51.348206 1.054476 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:52.973296 0.233406 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:53.207068 0.214569 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:53.422240 0.215902 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:53.638488 0.272574 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:53.911404 0.421651 udp 10.0.2.19 1701 <-> 125.166.194.69 10635 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:54.333415 0.241639 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:54.575463 0.179360 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:54.755189 0.571123 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:55.326720 0.489301 udp 10.0.2.19 1701 <-> 180.241.169.218 13801 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:55.816363 0.212543 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:56.029269 0.419313 udp 10.0.2.19 1701 <-> 175.142.75.253 12777 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:56.448938 0.200892 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:56.650314 0.249195 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:56.899875 0.251740 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:57.151981 0.441733 udp 10.0.2.19 1701 <-> 36.74.96.108 14433 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:57.594088 0.582960 udp 10.0.2.19 1701 <-> 186.95.34.99 2810 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:16:58.177450 1.869885 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:22:53.624532 3.001982 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:23:00.632104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:23:07.812581 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 09:23:07.812753 0.763051 tcp 10.0.2.19 51779 -> 90.156.118.144 5237 FSPA* 0 0 14 1627 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:23:08.633530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:23:24.636517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:23:57.103184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:30:01.108920 3.001518 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:30:08.116637 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:30:16.117710 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:30:32.120975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:31:04.127704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:37:08.132822 3.002007 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:37:15.140666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:37:23.141919 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:37:39.145423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:38:11.151292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:44:15.156410 4.254037 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:44:23.416176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:44:31.417616 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:44:47.420483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:45:19.427010 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:47:09.325397 0.000052 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 09:47:09.325494 0.219483 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:09.545350 0.000000 udp 10.0.2.19 1701 -> 92.54.197.77 13102 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:47:26.001009 0.166414 tcp 10.0.2.19 51780 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:47:26.167122 0.201059 tcp 10.0.2.19 51781 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:47:26.368779 0.000000 udp 10.0.2.19 1701 -> 188.169.30.5 24770 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:47:42.794249 3.627496 tcp 10.0.2.19 51782 -> 173.194.70.99 80 FSPA* 0 0 11 1904 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:47:46.422079 0.198284 tcp 10.0.2.19 51783 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:47:46.620886 0.140920 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:46.762294 0.116510 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:46.879192 0.202097 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:47.081664 0.269804 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:47.351856 0.163765 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:47.515988 0.273896 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:47.790258 0.477669 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:48.268324 0.217221 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:48.485897 0.147693 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:48.633955 0.224128 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:48.858469 0.239186 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:49.098037 0.253771 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:49.352186 0.295161 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:49.647751 0.270021 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:49.918338 0.228327 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:50.147052 0.138089 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:50.285517 0.369893 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:50.655765 0.219106 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:50.875254 0.215735 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:51.091341 0.180980 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:51.272647 0.260635 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:51.533620 0.209759 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:51.743720 0.480397 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:52.224499 0.263462 udp 10.0.2.19 1701 <-> 68.72.218.141 8624 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:52.488348 0.980482 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:53.469233 0.291363 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:53.760990 0.213501 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:53.974888 0.209516 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:54.184797 0.249141 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:54.434320 0.160617 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:54.595303 0.274093 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:54.869761 0.401500 udp 10.0.2.19 1701 <-> 125.166.194.69 10635 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:55.271635 0.615182 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:47:55.887193 0.000000 udp 10.0.2.19 1701 -> 175.142.75.253 12777 INT 0 1 112 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 09:48:14.499770 0.168785 tcp 10.0.2.19 51784 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:48:14.668096 0.200878 tcp 10.0.2.19 51785 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:48:14.869579 0.207917 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:48:15.077843 0.509437 udp 10.0.2.19 1701 <-> 180.241.169.218 13801 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:48:15.587687 0.216288 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:48:15.804366 0.267544 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:48:16.072313 0.254646 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:48:16.327339 0.434297 udp 10.0.2.19 1701 <-> 36.74.96.108 14433 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:48:16.762178 0.317809 udp 10.0.2.19 1701 <-> 186.95.34.99 2810 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:48:17.080377 0.505389 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 09:51:25.155301 3.001875 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 09:51:32.222967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:51:40.224634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:51:56.227067 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:52:28.233309 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:53:11.155625 0.000041 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 09:53:11.155724 0.653832 tcp 10.0.2.19 51786 -> 90.156.118.144 5237 FSPA* 0 0 14 1505 flow=From-Botnet-V2-TCP-Established 1970/01/06 09:58:32.239226 3.001630 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 09:58:39.246719 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:58:47.248282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:59:03.251594 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 09:59:35.257691 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:05:39.263400 3.001772 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 10:05:46.271096 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:05:54.272093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:06:10.275482 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:06:45.686312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:12:49.882778 3.001146 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 10:12:56.889750 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:13:04.891078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:13:20.894217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:13:52.900456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:18:45.431506 0.000072 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 10:18:45.431710 0.000000 udp 10.0.2.19 1701 -> 175.142.75.253 12777 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:19:04.000111 0.373435 tcp 10.0.2.19 51787 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:19:04.373214 0.203420 tcp 10.0.2.19 51788 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:19:04.577235 0.229316 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:04.806923 0.221173 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:05.028496 0.205015 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:05.233836 0.268210 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:05.502405 0.148713 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:05.651482 0.400572 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:06.052444 0.159076 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:06.211890 0.163388 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:06.375684 0.214335 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:06.590430 0.251150 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:06.841948 0.148555 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:06.990916 0.221922 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:07.213174 0.264672 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:07.478246 0.220073 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:07.698748 0.254357 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:07.953503 0.498758 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:08.452659 0.217626 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:08.670652 0.330993 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:09.002005 0.134822 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:09.137196 0.229329 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:09.366890 0.207909 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:09.575185 0.257336 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:09.832860 0.799011 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:10.632226 0.482650 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:11.115280 0.260999 udp 10.0.2.19 1701 <-> 68.72.218.141 8624 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:11.376623 0.226269 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:11.603272 0.987648 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:12.591282 0.211227 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:12.802896 0.167403 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:12.970637 0.248665 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:13.219636 0.212591 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 204 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:13.432593 0.000000 udp 10.0.2.19 1701 -> 125.166.194.69 10635 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:19:30.496967 0.164708 tcp 10.0.2.19 51789 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:19:30.662032 0.194776 tcp 10.0.2.19 51790 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:19:30.857370 0.277014 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:31.134747 0.485606 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:31.620728 0.181581 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:31.802647 0.498350 udp 10.0.2.19 1701 <-> 180.241.169.218 13801 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:32.301351 0.265258 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:32.567027 0.255500 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:32.822867 0.221688 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:19:33.044941 0.000000 udp 10.0.2.19 1701 -> 36.74.96.108 14433 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:19:51.818019 0.166666 tcp 10.0.2.19 51791 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:19:51.984180 3.259169 tcp 10.0.2.19 51792 -> 173.194.70.94 80 SRPA* 0 0 22 12674 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:19:55.244045 0.000000 udp 10.0.2.19 1701 -> 186.95.34.99 2810 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:19:56.906268 3.001898 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 10:20:03.913518 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:20:11.915360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:20:12.938562 0.173309 tcp 10.0.2.19 51793 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:20:13.105827 0.202091 tcp 10.0.2.19 51794 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:20:13.308441 0.245972 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:20:27.918653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:20:59.924348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:23:14.368024 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 10:23:14.368176 0.717638 tcp 10.0.2.19 51795 -> 90.156.118.144 5237 FSPA* 0 0 14 1684 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:27:05.552474 3.001844 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 10:27:12.560010 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:27:20.561731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:27:36.565016 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:28:08.570843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:34:12.576318 3.002008 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 10:34:19.584702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:34:27.586672 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:34:43.589357 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:35:15.594383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:41:19.600507 3.002116 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 10:41:26.607836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:41:34.609585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:41:50.612530 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:42:22.619060 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:48:26.623943 3.002488 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 10:48:33.632434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:48:41.633644 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:48:57.636778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:49:29.642871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:50:33.234175 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 10:50:33.234421 0.000000 udp 10.0.2.19 1701 -> 125.166.194.69 10635 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:50:51.132498 3.555167 tcp 10.0.2.19 51796 -> 173.194.70.99 80 FSPA* 0 0 11 1904 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:50:54.687543 0.202564 tcp 10.0.2.19 51797 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:50:54.890651 0.000000 udp 10.0.2.19 1701 -> 36.74.96.108 14433 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:51:13.343162 0.241747 tcp 10.0.2.19 51798 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:51:13.584596 0.376807 tcp 10.0.2.19 51799 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:51:13.961959 0.000000 udp 10.0.2.19 1701 -> 186.95.34.99 2810 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:51:29.606797 0.166754 tcp 10.0.2.19 51800 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:51:29.773874 0.206272 tcp 10.0.2.19 51801 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:51:29.981202 0.241997 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:30.223596 0.117220 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:30.341218 0.266153 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:30.607730 0.207023 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:30.815162 0.132682 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:30.948240 0.297048 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:31.245633 0.319961 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:31.565957 0.201989 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:31.768356 0.594487 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:32.363213 0.247956 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:32.611562 0.220966 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:32.832915 0.154578 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:32.987893 0.223995 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:33.212270 0.267252 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:33.479978 0.219792 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:33.700167 0.253511 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:33.954055 0.288878 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:34.243361 0.341528 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:34.585224 0.284609 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:34.870396 0.314948 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:35.185683 0.141639 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:35.327685 0.347100 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:51:35.675114 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:51:51.488071 0.319644 tcp 10.0.2.19 51802 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:51:51.807497 0.200532 tcp 10.0.2.19 51803 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:51:52.008585 0.000000 udp 10.0.2.19 1701 -> 68.72.218.141 8624 INT 0 1 113 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:52:07.490824 2.147188 tcp 10.0.2.19 51804 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:52:09.638192 0.200884 tcp 10.0.2.19 51805 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:52:09.839617 0.832064 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:10.672050 0.238443 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:10.910865 1.073803 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:11.984992 0.207715 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:12.193100 0.444774 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:12.638353 0.209531 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:12.848364 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 168 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:52:28.160594 0.165850 tcp 10.0.2.19 51806 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:52:28.326241 0.206796 tcp 10.0.2.19 51807 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:52:28.533571 0.278697 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:28.812669 0.167772 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:28.980804 0.570981 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:29.552135 0.274898 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:29.827424 0.254533 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:30.082449 0.000000 udp 10.0.2.19 1701 -> 180.241.169.218 13801 INT 0 1 276 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 10:52:46.717510 0.165998 tcp 10.0.2.19 51808 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:52:46.883158 0.215285 tcp 10.0.2.19 51809 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:52:47.099005 0.234504 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 582 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:52:47.333886 0.233858 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 10:53:17.681093 0.969321 tcp 10.0.2.19 51810 -> 90.156.118.144 5237 FSPA* 0 0 14 1665 flow=From-Botnet-V2-TCP-Established 1970/01/06 10:55:36.251962 3.001964 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 10:55:43.259613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:55:51.261371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:56:07.263966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 10:56:44.238916 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:02:45.379169 3.002062 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 11:02:52.386394 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:03:00.387984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:03:16.391269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:03:48.397659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:12:47.404275 3.002405 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 11:12:54.412224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:13:02.433579 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:13:18.436717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:13:50.442628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:19:54.448285 3.002273 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 11:20:01.456541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:20:09.458119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:20:25.460885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:20:57.467309 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:23:12.310920 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 11:23:12.311087 0.928199 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:23:13.239668 0.000000 udp 10.0.2.19 1701 -> 68.72.218.141 8624 INT 0 1 105 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:23:20.743261 1.231364 tcp 10.0.2.19 51811 -> 90.156.118.144 5237 FSPA* 0 0 12 1509 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:23:31.100252 0.176872 tcp 10.0.2.19 51812 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:23:31.277420 0.199242 tcp 10.0.2.19 51813 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:23:31.477198 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:23:48.734207 0.170719 tcp 10.0.2.19 51814 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:23:48.905126 0.210449 tcp 10.0.2.19 51815 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:23:49.116123 0.000000 udp 10.0.2.19 1701 -> 180.241.169.218 13801 INT 0 1 89 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:24:06.620431 0.176355 tcp 10.0.2.19 51816 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:24:06.796456 0.199384 tcp 10.0.2.19 51817 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:24:06.996362 0.219280 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:07.215994 0.117322 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:07.333665 0.214975 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:07.549004 0.207517 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:07.756876 0.263068 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:08.020294 0.124550 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:08.145193 0.401851 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:08.547468 0.240505 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:08.788323 0.161297 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:08.949961 0.220068 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:09.170429 0.164997 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:09.335769 0.149369 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:09.485565 0.223724 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:09.709694 0.811792 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:10.521906 0.217655 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:10.739900 0.293610 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:11.033906 0.261630 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:11.295905 0.135400 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:11.431656 0.217902 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:11.649922 0.214861 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:11.865126 0.301166 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:12.166691 0.343785 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:12.510865 0.227533 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:12.738810 0.483687 udp 10.0.2.19 1701 <-> 223.206.109.47 18496 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:13.222900 0.999327 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:14.222586 0.217646 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:14.440609 0.210650 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:14.651621 0.175822 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:14.827805 0.278446 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:15.106650 0.172430 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:15.279439 0.297146 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:15.577007 0.502713 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:16.080089 0.250941 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:16.331413 0.205045 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:24:16.536821 0.389614 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 211 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:27:01.472231 3.002418 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 11:27:08.479934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:27:16.482063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:27:32.485063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:28:04.490671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:34:08.497065 3.001103 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 11:34:15.504231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:34:23.505828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:34:39.509083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:35:11.514915 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:41:15.520197 3.002559 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 11:41:22.528567 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:41:30.529968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:41:46.532723 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:42:18.539071 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:48:22.544613 3.001920 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 11:48:29.552394 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:48:37.553835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:48:53.556965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:49:25.813138 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:53:22.093248 0.000128 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 11:53:22.093476 2.194003 tcp 10.0.2.19 51818 -> 90.156.118.144 5237 FSPA* 0 0 14 1753 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:54:34.297451 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 11:54:34.297655 0.637554 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:34.935606 0.216719 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:35.152744 0.214716 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:35.367836 0.137810 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:35.506003 0.213033 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:35.719398 0.265735 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:35.985510 0.125608 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:36.111575 0.405156 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:36.517098 0.220739 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:36.738223 0.167342 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:36.905968 0.250075 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:37.156432 0.219271 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:37.376043 0.237678 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:37.614150 0.164702 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:37.779252 0.259712 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:38.039360 0.219764 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:38.259444 0.306035 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:38.565863 0.259611 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:38.825857 0.137740 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:38.963979 0.212018 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:39.176333 0.354627 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:39.531361 0.207814 rtcp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:39.739524 0.276087 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:40.016032 4.941266 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 3 915 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:40.241181 4.716008 udp 10.0.2.19 1701 -> 223.206.109.47 18496 INT 0 2 589 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.922224 0.033696 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 998 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:44.954719 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 REQ 0 0 1 530 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.954826 0.000000 udp 10.0.2.19 1701 -> 78.6.164.6 2928 REQ 0 0 1 492 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.954946 0.000000 udp 10.0.2.19 1701 -> 66.226.34.247 4310 REQ 0 0 1 503 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955056 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 REQ 0 0 1 521 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955168 0.000000 udp 10.0.2.19 1701 -> 71.197.43.156 1877 REQ 0 0 1 547 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955276 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 REQ 0 0 1 520 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955383 0.000000 udp 10.0.2.19 1701 -> 31.43.102.110 8272 REQ 0 0 1 418 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955504 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 REQ 0 0 1 403 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955607 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 1024 REQ 0 0 1 490 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955710 0.000000 udp 10.0.2.19 1701 -> 76.187.41.194 9753 REQ 0 0 1 444 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.955816 0.000000 udp 10.0.2.19 1701 -> 2.85.52.234 2179 REQ 0 0 1 439 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956026 0.000000 udp 10.0.2.19 1701 -> 99.95.196.161 2218 REQ 0 0 1 528 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956135 0.000000 udp 10.0.2.19 1701 -> 75.1.149.150 9432 REQ 0 0 1 516 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956239 0.000000 udp 10.0.2.19 1701 -> 69.232.68.87 7399 REQ 0 0 1 521 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956340 0.000000 udp 10.0.2.19 1701 -> 92.98.14.8 6553 REQ 0 0 1 514 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956450 0.000000 udp 10.0.2.19 1701 -> 189.177.101.124 8150 REQ 0 0 1 463 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956561 0.000000 udp 10.0.2.19 1701 -> 108.86.251.63 2573 REQ 0 0 1 479 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956672 0.000000 udp 10.0.2.19 1701 -> 147.163.75.36 3026 REQ 0 0 1 393 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956769 0.000000 udp 10.0.2.19 1701 -> 188.54.61.128 10047 REQ 0 0 1 467 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956873 0.000000 udp 10.0.2.19 1701 -> 76.191.140.101 9551 REQ 0 0 1 523 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.956979 0.000000 udp 10.0.2.19 1701 -> 223.17.69.28 8575 REQ 0 0 1 398 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.957082 0.000000 rtcp 10.0.2.19 1701 -> 50.101.238.77 5571 REQ 0 0 1 533 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.957414 0.000000 udp 10.0.2.19 1701 -> 216.38.35.229 2990 INT 0 1 436 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.957525 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 448 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.957642 0.000000 udp 10.0.2.19 1701 -> 175.176.144.253 7296 INT 0 1 473 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.957750 0.000000 udp 10.0.2.19 1701 -> 85.107.40.140 6049 INT 0 1 457 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.957858 0.000000 udp 10.0.2.19 1701 -> 99.103.236.242 1625 INT 0 1 508 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.957966 0.000000 udp 10.0.2.19 1701 -> 88.254.66.253 18973 INT 0 1 425 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.958093 0.000000 udp 10.0.2.19 1701 -> 123.237.162.38 5473 INT 0 1 492 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.958201 0.000000 udp 10.0.2.19 1701 -> 70.96.145.133 4307 INT 0 1 540 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.958310 0.000000 udp 10.0.2.19 1701 -> 50.42.61.212 6860 INT 0 1 505 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.958422 0.000000 udp 10.0.2.19 1701 -> 125.167.115.164 16478 INT 0 1 470 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:44.958554 0.000000 udp 10.0.2.19 1701 -> 69.154.77.2 5820 INT 0 1 505 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 11:54:57.172414 0.174098 tcp 10.0.2.19 51819 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:54:57.346901 0.204930 tcp 10.0.2.19 51820 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 11:54:57.552385 0.221259 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:57.861536 1.698950 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:59.560849 0.214130 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:59.775365 0.165874 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:54:59.941571 0.276954 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:55:00.218898 0.197782 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:55:00.417024 0.251701 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:55:00.669057 0.226719 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:55:00.896230 0.483337 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:55:01.379942 0.269011 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:55:01.649289 0.698400 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 11:55:29.848683 3.002392 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 11:55:36.856274 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:55:44.858044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:56:00.860704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 11:56:32.867700 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:02:36.872906 3.002401 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:02:51.145052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:02:59.036173 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:03:14.829807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:03:46.395644 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:09:48.022483 3.002164 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:09:55.030269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:10:03.031673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:10:19.195312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:10:52.833524 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:16:57.841283 3.001037 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:17:04.848272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:17:12.850341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:17:28.853064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:18:00.859238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:23:27.258679 0.000118 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 12:23:27.258913 3.374689 tcp 10.0.2.19 51821 -> 90.156.118.144 5237 FSPA* 0 0 14 1698 flow=From-Botnet-V2-TCP-Established 1970/01/06 12:24:04.864766 3.001496 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:24:11.872425 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:24:19.873711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:24:35.876587 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:25:07.882820 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:25:34.942237 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 12:25:34.942402 0.000000 udp 10.0.2.19 1701 -> 223.206.109.47 18496 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 12:25:53.340728 0.195061 tcp 10.0.2.19 51822 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 12:25:53.536078 0.232515 tcp 10.0.2.19 51823 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 12:25:53.769193 0.225617 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:53.995146 0.124017 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:54.119524 0.242153 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:54.362074 0.336715 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:54.699177 0.245082 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:54.944600 0.448579 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:55.393572 0.261533 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:55.655493 0.303249 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:55.959114 0.135478 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:56.094972 0.189054 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:56.284390 0.315149 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:56.599917 0.163392 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:56.763661 0.226735 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:56.990801 0.146226 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:57.137416 0.436495 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:57.574455 0.275752 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:57.850582 0.277294 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:58.128296 0.245691 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:58.374331 0.222835 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:58.597526 0.231407 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:58.829299 0.141214 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:58.970874 0.349934 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:59.321140 0.253168 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:59.574725 0.299808 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:25:59.874902 0.264578 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:00.139829 0.217032 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:00.357275 1.115445 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:01.473092 0.362006 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:01.835506 0.175851 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:02.011705 2.482329 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:04.494439 0.165407 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:04.660183 0.254279 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:04.914856 0.213468 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:05.128717 0.557260 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:26:05.686439 0.226245 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:31:16.895835 3.002023 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 12:31:23.903438 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:31:31.905236 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:31:47.908052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:32:19.913724 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:38:23.919769 3.001674 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:38:30.927387 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:38:38.928779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:38:54.932269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:39:26.937932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:45:30.944103 3.001539 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:45:37.951355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:45:45.953565 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:46:01.955744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:46:33.961708 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:52:37.967873 3.001835 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:52:44.975671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:52:52.976687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:53:08.980080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:53:30.641883 0.984139 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/06 12:53:31.625995 0.705253 tcp 10.0.2.19 51824 -> 90.156.118.144 5237 SPA_* 0 0 10 1437 flow=From-Botnet-V2-TCP-Established 1970/01/06 12:53:36.923876 0.251401 tcp 10.0.2.19 51824 -> 90.156.118.144 5237 FA_F* 0 0 7 852 flow=From-Botnet-V2-TCP-Established 1970/01/06 12:53:41.466793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 12:56:35.116822 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 12:56:35.116994 0.210228 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:35.327597 0.124997 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:35.452960 0.220068 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:35.673394 0.113435 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:35.787271 0.220743 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:36.008408 0.226601 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:36.235417 0.438954 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:36.674738 0.261824 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:36.936984 0.000000 udp 10.0.2.19 1701 -> 31.43.102.110 8272 INT 0 1 129 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 12:56:53.154412 0.166794 tcp 10.0.2.19 51825 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 12:56:53.321002 0.255153 tcp 10.0.2.19 51826 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 12:56:53.576704 0.165923 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:53.742923 0.248719 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:53.992013 0.149267 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:54.141629 0.159986 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:54.301960 0.216992 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:54.519325 0.290872 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:54.810549 0.258299 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:55.069233 0.259269 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:55.328886 0.222539 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:55.551781 0.135584 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:55.687770 0.215820 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:55.903962 0.209638 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:56.113994 0.343824 rtcp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:56.458309 0.221064 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:56.679761 0.373267 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:57.053414 0.227200 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:57.281009 0.213371 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:57.494745 0.997259 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:58.492370 0.267937 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:58.760659 0.184057 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:58.945107 0.297312 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:59.242816 0.161948 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:59.405127 0.562007 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:56:59.967473 0.253180 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:57:00.221073 0.213627 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:57:00.435060 0.849620 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 12:59:45.472047 3.002301 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 12:59:52.480180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:00:00.481633 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:00:16.484909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:00:48.490571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:11:09.506015 3.001717 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 13:11:16.513769 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:11:24.515398 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:11:40.518237 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:12:12.524128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:18:16.530189 3.001639 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 13:18:23.537195 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:18:31.538949 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:18:47.542073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:19:19.548517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:23:37.178724 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 13:23:37.178921 0.645594 tcp 10.0.2.19 51827 -> 90.156.118.144 5237 FSPA* 0 0 14 1742 flow=From-Botnet-V2-TCP-Established 1970/01/06 13:25:27.559881 3.001482 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 13:25:34.567267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:25:42.568837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:25:58.661713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:26:30.667673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:27:04.006214 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 13:27:04.006433 0.130661 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:04.137500 0.212431 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:04.350347 0.210881 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:04.561646 0.127506 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:04.689526 0.228889 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:04.918823 0.418779 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:05.337929 0.218302 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:05.556571 0.133856 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:05.690792 0.267901 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:05.959080 0.170730 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:06.130334 0.161115 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:06.291793 0.220173 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:06.512339 0.243211 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:06.755929 0.146730 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:06.903026 0.288880 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:07.192284 0.257997 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:07.450708 0.259725 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:07.710827 0.214059 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:07.925295 0.142877 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:08.068553 0.270206 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:08.339132 0.212766 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:08.552343 0.211217 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:08.763939 0.193538 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:08.957841 0.214404 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:09.172599 0.353364 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:09.526538 0.229792 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 582 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:09.756712 0.977210 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:10.734314 0.276887 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:11.011583 0.173187 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:11.185153 0.170987 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:11.356547 0.252174 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:11.609087 0.215799 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:11.825243 0.491705 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:12.317309 0.261432 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:27:12.579130 0.234028 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:32:34.673698 3.001891 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 13:32:41.681380 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:32:50.413875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:33:06.416642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:33:38.423010 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:39:42.428374 3.002568 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 13:39:49.436722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:39:57.437709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:40:13.440829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:40:45.446820 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:46:49.452660 3.002134 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 13:46:56.460498 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:47:04.461939 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:47:20.464833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:47:52.470899 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:53:38.238215 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 13:53:38.238371 0.653939 tcp 10.0.2.19 51828 -> 90.156.118.144 5237 FSPA* 0 0 14 1690 flow=From-Botnet-V2-TCP-Established 1970/01/06 13:53:56.476500 3.903661 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 13:54:04.386131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:54:12.387250 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:54:28.390307 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:55:00.396427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 13:57:43.030472 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 13:57:43.030653 0.573993 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:43.605048 0.270474 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:43.875871 0.249727 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:44.126030 0.216618 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:44.343030 0.224732 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:44.568156 0.117833 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:44.686446 0.223374 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:44.910210 0.417236 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:45.327788 0.269543 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:45.597674 0.164994 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:45.763020 0.162779 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:45.926175 0.237124 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:46.163695 0.246239 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:46.410326 0.254832 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:46.665554 0.262283 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:46.928192 0.147610 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:47.076222 0.287848 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:47.364466 0.231013 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:47.595908 0.136896 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:47.733212 0.335834 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:48.069443 0.212180 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:48.281989 0.309672 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:48.591999 0.330194 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:48.922585 0.232808 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:49.155836 0.202942 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:49.359213 0.212165 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:49.571800 0.946167 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:50.518451 0.276689 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:50.795482 0.179906 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:50.975803 0.182907 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:51.159060 0.255016 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:51.414441 0.537000 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:51.951854 0.225418 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:52.177641 0.512012 udp 10.0.2.19 1701 <-> 125.167.115.164 16478 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 13:57:52.690215 0.258011 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:01:04.401668 3.001941 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:01:12.220729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:01:20.222006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:01:36.225163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:02:15.306635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:08:14.349927 3.002187 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:08:21.357366 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:08:29.358889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:08:45.362168 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:09:17.368041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:15:25.379760 3.001728 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:15:32.387851 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:15:40.388725 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:15:56.391887 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:16:29.970084 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:22:33.975829 3.002144 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:22:40.984030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:22:48.985392 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:23:04.987889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:23:36.994463 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:23:42.602740 3.306893 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/06 14:23:45.909756 0.684597 tcp 10.0.2.19 51829 -> 90.156.118.144 5237 FSPA* 0 0 15 1644 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:28:13.692626 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 14:28:13.692874 0.209542 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 580 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:13.902809 0.216674 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:14.119882 0.222215 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:14.342465 0.213300 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:14.556144 0.129747 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:14.686417 0.135123 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:14.821870 0.218566 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:15.040712 0.440696 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:15.481732 0.262820 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:15.744967 0.161395 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:15.906681 0.238852 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:16.145872 0.257634 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:16.403860 0.162956 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:16.567203 0.218125 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:16.785682 0.914496 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:20.230606 0.148374 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:20.379335 0.295229 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:20.674939 0.226135 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:20.901461 0.134401 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:21.036228 0.219537 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:21.256125 0.265818 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:21.522405 0.220199 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:21.522899 3.004666 tcp 10.0.2.19 51830 -> 76.191.140.101 3854 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 14:28:21.742971 0.207332 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:21.950693 0.218915 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:22.169962 0.363632 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:22.533947 0.236135 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:22.770457 0.956675 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:23.727535 0.300067 udp 10.0.2.19 1701 <-> 99.103.236.242 1625 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:24.027985 0.284895 udp 10.0.2.19 1701 <-> 123.237.162.38 5473 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:24.313283 0.169346 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:24.483028 0.179031 udp 10.0.2.19 1701 <-> 88.254.66.253 18973 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:24.662435 0.000000 udp 10.0.2.19 1701 -> 125.167.115.164 16478 INT 0 1 174 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 14:28:30.525898 0.000000 tcp 10.0.2.19 51830 -> 76.191.140.101 3854 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 14:28:41.084187 0.177428 tcp 10.0.2.19 51831 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:28:41.261855 0.208771 tcp 10.0.2.19 51832 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:28:41.471191 0.770726 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 559 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:42.242349 0.231433 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:28:42.474165 0.257633 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:29:42.582012 3.001782 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 14:29:49.589581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:29:57.591095 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:30:13.594740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:30:45.600960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:36:51.609092 3.002172 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:36:58.616722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:37:06.618408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:37:22.621319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:37:54.627364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:43:58.633559 3.001691 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:44:05.640422 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:44:13.642557 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:44:29.644928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:45:01.651620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:51:05.657416 3.001656 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:51:12.664816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:51:20.665946 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:51:36.669542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:52:08.675548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:53:48.689456 0.000120 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 14:53:48.689661 0.681818 tcp 10.0.2.19 51833 -> 90.156.118.144 5237 FSPA* 0 0 14 1688 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:58:17.788284 3.001825 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 14:58:24.796560 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:58:32.797499 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:58:48.800456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:59:00.858225 0.000108 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 14:59:00.858438 0.000000 udp 10.0.2.19 1701 -> 125.167.115.164 16478 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 14:59:16.843606 0.166819 tcp 10.0.2.19 51834 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:59:17.010686 0.202069 tcp 10.0.2.19 51835 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:59:17.213307 0.231665 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:17.445349 0.211476 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:17.657181 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 268 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 14:59:20.806354 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 14:59:35.428534 0.167362 tcp 10.0.2.19 51836 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:59:35.595710 0.202007 tcp 10.0.2.19 51837 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:59:35.798297 0.222461 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:36.021162 0.247617 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 570 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:36.269153 0.502036 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:36.771552 0.135012 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:36.906964 0.265209 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:37.172554 0.410381 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:37.583292 0.251420 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:37.835101 0.234338 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:38.069775 0.159096 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:38.229217 0.219889 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:38.449485 0.160390 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:38.610308 0.289756 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:38.900471 0.147014 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:39.047837 0.136735 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:39.184931 0.000000 udp 10.0.2.19 1701 -> 92.98.14.8 6553 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 14:59:55.678293 0.170707 tcp 10.0.2.19 51838 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:59:55.843287 0.207506 tcp 10.0.2.19 51839 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 14:59:56.051340 0.309182 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:56.360917 0.211865 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:56.573117 0.208397 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:56.781827 0.281599 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:57.063907 0.212280 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:57.064266 2.998634 tcp 10.0.2.19 51840 -> 76.191.140.101 3854 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 14:59:57.276585 0.206037 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:57.482953 0.385689 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:57.869007 0.236187 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:58.105612 0.977507 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 14:59:59.083492 0.000000 udp 10.0.2.19 1701 -> 88.254.66.253 18973 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 15:00:06.061289 0.000000 tcp 10.0.2.19 51840 -> 76.191.140.101 3854 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 15:00:15.446439 1.957279 tcp 10.0.2.19 51841 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:00:17.403603 0.207489 tcp 10.0.2.19 51842 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:00:17.611635 0.000000 udp 10.0.2.19 1701 -> 99.103.236.242 1625 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 15:00:35.705797 0.166557 tcp 10.0.2.19 51843 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:00:35.872025 0.201604 tcp 10.0.2.19 51844 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:00:36.074236 0.000000 udp 10.0.2.19 1701 -> 123.237.162.38 5473 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 15:00:53.451409 0.169728 tcp 10.0.2.19 51845 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:00:53.621377 0.197555 tcp 10.0.2.19 51846 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:00:53.819475 0.190710 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:00:54.010539 0.255593 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:00:54.266541 0.212288 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:00:54.479194 0.227202 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:05:25.833396 3.002220 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 15:05:32.841439 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:05:40.843213 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:05:56.845925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:06:28.852024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:12:38.865980 3.002425 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 15:12:45.874207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:12:53.875722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:13:09.878876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:13:41.884933 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:19:45.890957 3.001501 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 15:19:52.898009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:20:00.899675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:20:16.902411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:20:48.908885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:23:52.372557 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 15:23:52.372725 1.285449 tcp 10.0.2.19 51847 -> 90.156.118.144 5237 FSPA* 0 0 14 1727 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:26:56.960303 3.001477 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 15:27:03.967984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:27:11.969244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:27:27.972523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:27:59.978166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:31:23.271351 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 15:31:23.271481 0.214738 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:31:23.486610 0.217748 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:31:23.704742 0.000000 udp 10.0.2.19 1701 -> 88.254.66.253 18973 INT 0 1 96 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 15:31:42.250648 0.169867 tcp 10.0.2.19 51848 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:31:42.420776 0.206857 tcp 10.0.2.19 51849 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:31:42.628409 0.000000 udp 10.0.2.19 1701 -> 123.237.162.38 5473 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 15:32:00.625351 0.172256 tcp 10.0.2.19 51850 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:32:00.797850 0.202698 tcp 10.0.2.19 51851 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:32:01.001113 0.000000 udp 10.0.2.19 1701 -> 99.103.236.242 1625 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 15:32:16.758863 0.222949 tcp 10.0.2.19 51852 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:32:16.982141 0.213221 tcp 10.0.2.19 51853 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:32:17.195903 0.238557 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:17.434793 0.207831 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:17.642989 0.115926 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:17.759334 0.221065 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:17.980754 0.264730 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:18.245901 0.814644 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:19.060971 0.129887 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:19.061333 3.003778 tcp 10.0.2.19 51854 -> 217.41.32.90 2943 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 15:32:19.191211 0.423584 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:19.615129 0.264736 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:19.880227 0.221890 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:20.102520 0.249014 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:20.351976 0.161862 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:20.514273 0.253646 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:20.768299 0.176158 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:20.944811 0.136502 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:21.081698 0.146996 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:21.229060 0.290832 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:21.520288 0.225629 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:21.746328 0.274369 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:22.021153 0.211304 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:22.232879 0.234813 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:22.468091 0.211059 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:22.679575 0.353483 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:23.033396 0.200525 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:23.234339 0.982900 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:24.217641 0.165760 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:24.383812 0.233793 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:24.618008 0.257702 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:24.876105 0.213754 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 15:32:28.063384 0.000000 tcp 10.0.2.19 51854 -> 217.41.32.90 2943 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 15:34:05.977122 3.001756 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 15:34:12.984645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:34:20.985807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:34:36.988804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:35:09.475767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:41:13.481561 3.002306 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 15:41:20.488965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:41:28.490453 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:41:44.494160 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:42:16.620092 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:48:20.625720 3.002382 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 15:48:27.633044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:48:35.635148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:48:51.637697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:49:23.643978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:53:54.944306 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 15:53:54.944468 0.661095 tcp 10.0.2.19 51855 -> 90.156.118.144 5237 FSPA* 0 0 14 1568 flow=From-Botnet-V2-TCP-Established 1970/01/06 15:55:27.649391 3.002421 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 15:55:34.657684 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:55:42.659322 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:55:58.661625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 15:56:30.667950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:02:27.561248 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 16:02:27.561430 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 16:02:34.673435 3.002467 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:02:41.681004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:02:42.865653 0.191397 tcp 10.0.2.19 51856 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:02:43.056795 0.213822 tcp 10.0.2.19 51857 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:02:43.271177 0.218028 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:02:43.489583 0.164769 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:02:43.654772 0.268055 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:02:43.923241 0.000000 udp 10.0.2.19 1701 -> 71.197.43.156 1877 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 16:02:49.682786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:02:59.708225 0.197497 tcp 10.0.2.19 51858 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:02:59.905853 0.209358 tcp 10.0.2.19 51859 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:03:00.115800 0.232008 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:00.348209 0.263341 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:00.611984 0.356558 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:00.969030 0.125636 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:00.969436 3.003646 tcp 10.0.2.19 51860 -> 217.41.32.90 2943 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 16:03:01.095030 0.418133 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:01.513608 0.240142 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:01.754161 0.156342 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:01.910862 0.257738 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:02.168978 0.392713 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:02.562092 0.239894 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:02.802360 0.183650 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:02.986439 0.131773 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:03.118553 0.146491 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:03.265419 0.298432 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:03.564189 0.219323 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:03.783856 0.249207 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:04.033425 0.218106 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:04.251880 0.358189 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:04.610484 0.212601 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:04.823477 0.363496 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:05.187382 0.263409 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:05.451138 0.224432 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:05.675985 1.024577 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:05.685705 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:03:06.700962 0.172165 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:06.873542 0.255765 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:07.129674 0.213854 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:03:09.971926 0.000000 tcp 10.0.2.19 51860 -> 217.41.32.90 2943 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/06 16:03:37.691784 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:12:47.705165 3.001593 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:12:54.712867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:13:02.714487 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:13:18.717279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:13:50.723238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:19:54.729108 3.001860 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:20:01.737094 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:20:09.738558 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:20:25.741371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:20:57.747169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:23:55.613733 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 16:23:55.613934 0.659023 tcp 10.0.2.19 51861 -> 90.156.118.144 5237 FSPA* 0 0 14 1619 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:27:01.753387 3.001362 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:27:08.760554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:27:16.762312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:27:32.764923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:28:04.771035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:33:36.218242 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 16:33:36.218416 0.224171 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:36.442973 0.314026 udp 10.0.2.19 1701 <-> 71.197.43.156 1877 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:36.757500 0.221278 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:36.757897 4.857525 tcp 10.0.2.19 51862 -> 71.197.43.156 1142 SPA_* 0 0 230 166316 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:33:36.979105 0.113534 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:37.093033 0.216226 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:37.309616 0.213277 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:37.523291 0.266587 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:37.790251 0.151688 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:37.942420 0.129906 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:38.072733 0.398855 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:38.471947 0.254930 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:38.727265 0.260213 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:38.987857 0.233463 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:39.221691 0.149920 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:39.371967 0.229153 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:39.601458 0.182432 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:39.784238 0.134797 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:39.919390 0.150008 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:40.069817 0.282740 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:40.352928 0.215979 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:40.569296 0.261760 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:40.831437 0.209664 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:41.041467 0.228432 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:41.270304 0.212300 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:41.482946 0.350810 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:41.793817 4.999672 tcp 10.0.2.19 51862 -> 71.197.43.156 1142 A_PA 0 0 265 194534 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:33:41.834133 0.211870 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:42.046465 0.239852 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:42.286622 0.992165 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:43.279114 0.238583 rtcp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:43.518072 0.186291 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:43.704686 0.256557 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 16:33:46.962256 1.746508 tcp 10.0.2.19 51862 -> 71.197.43.156 1142 FPA_* 0 0 85 58137 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:34:08.776634 3.002525 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:34:16.416130 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:34:24.417188 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:34:40.420052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:35:12.426155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:41:16.432366 3.001064 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:41:23.439296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:41:31.441314 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:41:47.444057 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:42:19.450201 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:48:23.456104 3.001775 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:48:30.463386 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:48:38.465198 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:48:54.468161 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:49:26.473825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:53:56.593139 0.000140 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 16:53:56.593387 4.195916 tcp 10.0.2.19 51863 -> 90.156.118.144 5237 FSPA* 0 0 14 1536 flow=From-Botnet-V2-TCP-Established 1970/01/06 16:55:30.479734 3.001597 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 16:55:37.487634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:55:45.488771 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:56:01.492122 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 16:56:34.919974 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:02:42.931910 4.974292 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 17:02:51.912345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:02:59.914314 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:03:15.916740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:03:48.002685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:04:02.613910 4.514943 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 17:04:07.128944 0.225461 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:07.354808 0.000000 udp 10.0.2.19 1701 -> 71.197.43.156 1877 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 17:04:22.374747 0.166533 tcp 10.0.2.19 51864 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:04:22.541576 0.212317 tcp 10.0.2.19 51865 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:04:22.754466 0.221389 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:22.976235 0.145347 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:23.122177 0.227097 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:23.349675 0.213452 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:23.563583 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 17:04:40.860309 2.880084 tcp 10.0.2.19 51866 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:04:43.740670 0.201672 tcp 10.0.2.19 51867 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:04:43.942896 0.404116 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:44.347360 0.254583 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:44.602477 0.162109 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:44.764941 0.134397 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:44.899698 0.254467 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:45.154569 0.245980 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:45.400925 0.158653 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:45.559996 0.238066 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:45.798420 0.164669 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:45.963527 0.288789 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:46.252701 0.212382 udp 10.0.2.19 1701 <-> 216.38.35.229 2990 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:46.465459 0.274968 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:46.740819 0.133038 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:46.874275 0.147843 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:47.022465 0.222667 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:47.245544 0.229049 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:47.474984 0.203426 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:47.678856 0.359509 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:48.038776 0.250969 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:48.290167 0.284402 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:48.574932 0.163332 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:48.738697 0.960071 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:49.699185 0.219999 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:04:49.919550 0.256457 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:09:55.423974 3.001368 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 17:10:02.430962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:10:10.432253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:10:26.435377 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:10:58.441678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:17:06.452891 3.001758 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 17:17:13.460465 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:17:21.461929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:17:37.465290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:18:09.471548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:24:05.894360 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 17:24:05.894527 2.139911 tcp 10.0.2.19 51868 -> 90.156.118.144 5237 FSPA* 0 0 14 1693 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:24:13.477183 3.001763 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 17:24:20.485076 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:24:28.486241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:24:44.488981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:25:16.495436 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:31:26.509965 3.001305 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 17:31:33.517779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:31:41.519344 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:31:57.522010 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:32:29.528041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:34:56.209276 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 17:34:56.209365 0.000000 udp 10.0.2.19 1701 -> 71.197.43.156 1877 INT 0 1 90 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 17:35:14.046617 0.168319 tcp 10.0.2.19 51869 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:35:14.215190 0.211264 tcp 10.0.2.19 51870 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:35:14.426997 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 17:35:30.459156 0.173925 tcp 10.0.2.19 51871 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:35:30.633413 0.197714 tcp 10.0.2.19 51872 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:35:30.831676 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 103 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 17:35:47.082912 0.170640 tcp 10.0.2.19 51873 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:35:47.253007 0.199395 tcp 10.0.2.19 51874 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:35:47.453007 0.226273 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:47.679650 0.146282 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:47.826304 0.217165 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:48.043826 0.225532 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:48.269718 0.305527 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:48.575590 0.254223 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:48.830260 0.175185 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:49.005834 0.249847 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:49.256067 0.166380 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:49.422864 0.221904 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:49.645129 0.124664 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:49.770179 0.266740 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:50.037334 0.161542 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:50.199251 0.286964 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:35:50.486644 0.000000 udp 10.0.2.19 1701 -> 216.38.35.229 2990 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 17:36:08.022974 0.167960 tcp 10.0.2.19 51875 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:36:08.190794 0.206592 tcp 10.0.2.19 51876 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:36:08.398172 0.268762 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:08.691075 0.138811 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:08.830432 0.234240 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:09.065072 0.201927 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:09.267388 0.360103 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:09.627857 0.146949 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:09.784198 0.238505 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:10.023112 0.208299 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:10.231797 0.231406 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:10.463553 0.173660 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:10.637540 1.002199 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:11.640120 0.279321 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:36:11.919804 0.255586 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 17:38:36.538294 3.001414 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 17:38:43.545459 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:38:51.547120 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:39:07.549795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:39:39.556353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:45:43.561515 3.002274 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 17:45:50.569227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:45:58.571408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:46:14.573752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:46:46.580353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:52:50.585992 3.001479 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 17:52:57.593232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:53:05.595431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:53:21.598423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:53:53.603847 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 17:54:08.105676 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 17:54:08.105876 1.028815 tcp 10.0.2.19 51877 -> 90.156.118.144 5237 FSPA* 0 0 14 1750 flow=From-Botnet-V2-TCP-Established 1970/01/06 17:59:58.791872 3.002036 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:00:05.799262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:00:13.800687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:00:29.804054 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:01:01.809462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:06:38.323997 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 18:06:38.324170 0.214893 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:38.539424 0.000000 udp 10.0.2.19 1701 -> 216.38.35.229 2990 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 18:06:54.259358 0.177057 tcp 10.0.2.19 51878 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:06:54.436101 0.196466 tcp 10.0.2.19 51879 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:06:54.633123 0.226581 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:54.860093 0.225301 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:55.085785 0.216296 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:55.302471 0.113686 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:55.416529 0.258486 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:55.675487 0.300463 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:55.976344 0.151001 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:56.127716 0.238609 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:56.366682 0.229388 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:56.596450 0.274623 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:56.871472 0.161102 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:57.032943 0.291961 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:57.325266 0.125458 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:57.451115 0.217156 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:57.668692 0.334133 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 592 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:58.003244 0.134981 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:58.138600 0.228497 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:58.367429 0.209624 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:06:58.577440 0.000000 udp 10.0.2.19 1701 -> 223.17.69.28 8575 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 18:07:05.815701 3.001425 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:07:12.823280 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:07:13.815606 0.176301 tcp 10.0.2.19 51880 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:07:13.992235 0.202234 tcp 10.0.2.19 51881 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:07:14.195022 0.156090 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:14.351513 0.219046 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:14.570951 0.172419 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:14.743756 0.194766 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:14.938904 0.229014 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:15.168269 0.255340 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:15.424034 0.964006 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:16.388984 0.210375 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:07:20.824388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:07:36.827471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:08:12.368892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:14:16.374813 3.001530 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:14:23.382008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:14:31.384078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:14:47.387219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:15:19.392890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:21:42.406309 3.001725 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:21:49.413512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:21:57.414696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:22:13.418258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:22:45.424355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:24:10.837193 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 18:24:10.837294 0.810487 tcp 10.0.2.19 51882 -> 90.156.118.144 5237 FSPA* 0 0 14 1584 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:28:51.432586 3.001686 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:28:58.440191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:29:06.442209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:29:22.444677 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:29:54.450617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:35:58.456335 3.002123 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:36:05.464317 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:36:13.465752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:36:29.469101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:37:01.474997 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:37:34.292953 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 18:37:34.293119 0.350580 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:34.644090 0.145875 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:34.790443 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 18:37:53.572615 0.166851 tcp 10.0.2.19 51883 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:37:53.739192 0.202407 tcp 10.0.2.19 51884 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:37:53.942169 0.229922 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:54.172487 0.576914 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:54.749793 0.345168 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:55.095343 0.266788 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:55.362517 0.978214 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:56.341107 0.250872 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:56.592371 0.224789 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:56.817548 0.220084 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:57.037998 0.123220 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:57.161612 0.220047 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:57.382137 0.256113 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:57.638631 0.214798 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:57.853822 0.397730 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:58.251908 0.156694 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:58.408941 0.189119 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:58.598464 0.237029 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:58.835857 0.259179 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:59.095443 0.163581 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:59.259391 0.291039 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:59.550829 0.113073 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:59.664264 0.304790 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:37:59.969466 0.271747 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:38:00.241586 0.233855 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:38:00.475810 0.209070 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:38:00.685270 0.135901 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 18:43:05.480266 3.002193 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:43:12.488621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:43:20.489460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:43:36.493080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:44:08.498697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:50:12.505039 3.001695 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:50:19.512029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:50:27.514206 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:50:43.847601 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:51:15.853469 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:54:11.796720 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 18:54:11.796952 2.660051 tcp 10.0.2.19 51885 -> 90.156.118.144 5237 FSPA* 0 0 14 1578 flow=From-Botnet-V2-TCP-Established 1970/01/06 18:57:19.859098 3.001522 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 18:57:26.866476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:57:34.868076 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:57:50.871512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 18:58:22.877573 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:04:30.218212 3.001165 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 19:04:37.225172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:04:48.512107 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:05:04.515063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:05:36.520796 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:08:24.642690 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 19:08:24.642879 0.211150 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:24.854419 0.350317 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:25.205124 0.147240 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:25.352739 0.260161 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:25.613282 0.186760 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:25.800418 0.558321 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:26.359163 0.255590 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:26.615129 0.221269 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:26.836763 0.961222 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:27.798427 0.221086 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:28.019883 0.228182 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:28.248439 0.113990 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:28.362777 0.215308 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:28.578415 0.258151 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:28.836904 0.228408 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:29.065655 0.193595 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:29.259636 0.239100 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:29.499098 0.413486 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:29.912968 0.161271 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:30.074583 0.256504 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:30.331472 0.164409 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:30.496266 0.289093 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:30.785765 0.000000 udp 10.0.2.19 1701 -> 31.43.102.110 8272 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 19:08:46.646295 3.965616 tcp 10.0.2.19 51886 -> 173.194.70.99 80 FSPA* 0 0 11 1904 flow=From-Botnet-V2-TCP-Established 1970/01/06 19:08:50.611417 0.200427 tcp 10.0.2.19 51887 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 19:08:50.812399 0.226565 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:51.039313 0.205989 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:51.245710 0.137780 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:51.383905 0.215179 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:08:51.599470 0.265906 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:11:42.529672 3.001327 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 19:11:49.536709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:11:57.538873 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:12:13.541288 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:12:45.547554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:18:49.553266 4.294148 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/06 19:18:55.850063 4.005469 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/06 19:19:07.857086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:19:23.859972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:19:55.866412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:24:20.266910 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 19:24:20.267022 0.684076 tcp 10.0.2.19 51888 -> 90.156.118.144 5237 FSPA* 0 0 14 1711 flow=From-Botnet-V2-TCP-Established 1970/01/06 19:26:03.878697 3.001383 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 19:26:10.885762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:26:18.887125 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:26:34.889798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:27:06.896071 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:33:10.901596 3.001856 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 19:33:17.909411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:33:25.910826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:33:46.618893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:34:18.891667 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:39:06.511367 0.000123 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 19:39:06.511615 0.126201 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:06.638310 0.226241 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:06.864948 0.346691 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:07.212061 0.171813 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:07.384221 0.228521 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:07.613128 0.158034 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:07.771562 0.245835 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:08.017810 0.254909 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:08.273103 0.218045 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:08.491492 0.219323 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:08.711191 0.120705 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:08.832272 0.969580 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:09.802334 0.210431 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:10.013132 0.215977 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:10.229502 0.123660 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:10.353597 0.261287 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:10.615268 0.221410 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:10.837042 0.156394 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:10.993793 0.254282 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:11.248442 0.246078 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:11.494920 0.410494 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:11.905811 0.166826 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:12.073017 0.288562 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 212 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:12.361963 0.232538 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:12.594901 0.219340 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:12.814579 0.363916 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:13.178882 0.209558 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:39:13.388803 0.136631 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 19:40:20.058570 3.001800 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 19:40:27.066104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:40:35.067890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:40:51.071029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:41:23.077113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:47:27.082964 3.002041 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 19:47:34.090265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:47:42.091855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:47:58.094877 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:48:32.163791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:54:25.111658 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 19:54:25.111833 1.116763 tcp 10.0.2.19 51889 -> 90.156.118.144 5237 FSPA* 0 0 14 1721 flow=From-Botnet-V2-TCP-Established 1970/01/06 19:54:36.169653 3.672586 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 19:54:43.848177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:54:51.850293 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:55:07.852495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 19:55:39.858841 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:01:43.864619 3.002165 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:01:50.872042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:01:58.873977 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:02:14.876437 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:02:46.882706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:09:32.977276 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 20:09:32.977375 0.129394 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 210 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:33.107183 0.176549 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:33.284121 0.567159 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:33.851656 0.147815 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:33.999831 0.207571 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:34.207779 0.357915 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:34.566119 0.349259 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:34.915769 0.256838 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:35.173013 0.220238 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:35.393662 0.221056 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:35.615101 0.112459 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:35.727918 0.981381 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:36.709716 0.225594 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:36.935674 0.215413 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:37.151473 0.127417 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:37.279255 0.252335 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:37.531935 0.211083 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:37.743384 0.149466 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:37.893220 4.949480 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:42.843072 0.173382 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:43.016833 0.257331 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:43.274551 0.238944 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:43.513931 0.286055 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:43.800371 0.225810 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:44.026530 0.229164 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:44.256052 0.349755 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:44.606251 0.211519 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:09:44.818349 0.133130 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:12:39.997869 3.001752 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:12:47.005501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:12:55.007438 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:13:11.010352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:13:43.016017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:19:47.022193 3.001617 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:19:54.030218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:20:02.031109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:20:18.034217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:20:50.039980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:24:28.654873 0.000128 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 20:24:28.655091 1.508177 tcp 10.0.2.19 51890 -> 90.156.118.144 5237 FSPA* 0 0 14 1661 flow=From-Botnet-V2-TCP-Established 1970/01/06 20:26:54.045625 3.002215 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:27:01.053219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:27:09.054975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:27:25.057928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:27:57.063821 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:34:05.076353 3.001596 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:34:12.084018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:34:20.084746 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:34:36.088122 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:35:08.093937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:40:12.702432 0.000124 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 20:40:12.702654 0.131660 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:12.834655 0.180518 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:13.015550 3.037204 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:16.053101 0.227848 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:16.281292 0.146616 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:16.428316 0.348488 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:16.777208 0.228090 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:17.005659 0.229829 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:17.235850 0.269547 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:17.505801 0.222062 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:17.728252 0.114999 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:17.843605 0.940951 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:18.784956 0.206491 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:18.991864 0.225658 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:19.217922 0.128596 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:19.346879 0.254632 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:19.601946 0.225869 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:19.828185 0.354991 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:20.183526 0.349286 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:20.533252 0.439499 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:20.973151 0.161712 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:21.135203 0.242085 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:21.377624 0.301920 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:21.679958 0.229745 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:21.910306 0.226388 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:22.137099 0.270508 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:22.408006 0.217854 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:40:22.626261 0.136190 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 20:41:13.491428 3.002399 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:41:20.499271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:41:28.500752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:41:44.503439 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:42:16.509911 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:48:20.515665 3.001705 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:48:27.523200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:48:35.524541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:48:51.527580 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:49:23.533799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:54:31.556919 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 20:54:31.557071 1.203625 tcp 10.0.2.19 51891 -> 90.156.118.144 5237 FSPA* 0 0 14 1532 flow=From-Botnet-V2-TCP-Established 1970/01/06 20:55:27.539910 3.001310 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 20:55:34.546992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:55:42.548995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:55:58.551376 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 20:56:30.557923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:02:34.563360 3.002415 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:02:41.571390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:02:49.572345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:03:05.576008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:03:37.581490 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:10:30.515821 0.000093 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 21:10:30.516002 0.130502 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:30.646903 0.178639 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:30.825938 0.207081 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:31.033386 0.634730 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:31.668536 0.147473 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:31.816401 0.373117 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:32.189894 0.209358 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:32.399598 0.236137 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:32.636078 0.112433 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:32.748952 0.269374 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:33.019288 0.216016 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:33.235695 0.220101 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:33.456133 1.017145 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:34.473659 0.205124 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:34.679154 0.153244 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:34.832788 0.264910 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:35.098224 0.219991 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:35.318619 0.162616 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:35.481572 0.163509 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:35.645448 0.267744 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:35.913536 0.403029 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:36.316971 0.235341 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:36.552679 0.286083 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:36.839142 0.224696 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:37.064185 0.220318 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:37.284831 0.157592 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:37.442822 0.330878 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:10:37.774211 0.213987 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:12:59.592620 3.001340 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:13:06.600038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:13:14.601311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:13:30.604199 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:14:02.610049 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:20:06.615842 3.001867 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:20:13.623441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:20:21.624997 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:20:37.939116 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:21:09.945219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:24:32.907083 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 21:24:32.907184 0.652200 tcp 10.0.2.19 51892 -> 90.156.118.144 5237 FSPA* 0 0 14 1574 flow=From-Botnet-V2-TCP-Established 1970/01/06 21:27:13.950349 3.002326 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:27:20.958370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:27:28.960389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:27:44.962987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:28:16.968492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:34:21.976148 3.001390 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:34:28.983385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:34:36.984898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:34:52.988074 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:35:24.993995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:41:02.059167 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 21:41:02.059364 0.136868 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:02.196638 0.184755 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:02.381802 0.207295 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:02.589462 0.374514 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:02.964361 0.240359 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:03.205107 0.148042 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:03.353553 0.247599 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:03.601519 0.220374 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:03.822272 0.113864 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:03.936534 0.215138 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:04.152108 0.254761 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:04.407273 0.217357 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:04.624980 0.955009 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:05.580391 0.667500 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:06.248317 0.303283 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:06.552002 0.159943 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:06.712349 0.166420 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:06.879129 0.254518 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:07.134047 0.213709 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:07.348118 0.260018 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:07.608500 0.927973 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:08.536838 0.240746 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:08.777943 0.285546 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:09.063858 0.133755 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:09.197979 0.226725 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:09.425082 0.218274 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:09.643707 0.263182 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:09.907273 0.214032 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 21:41:29.000161 3.001586 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:41:36.007723 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:41:47.394166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:42:03.397193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:42:35.403371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:48:42.412676 3.002310 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:48:49.420554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:48:57.422406 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:49:13.425584 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:49:45.431063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:54:35.198055 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 21:54:35.198207 0.805334 tcp 10.0.2.19 51893 -> 90.156.118.144 5237 FSPA* 0 0 14 1652 flow=From-Botnet-V2-TCP-Established 1970/01/06 21:55:49.437002 3.002257 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 21:55:56.445040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:56:05.137404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:56:21.139910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 21:56:53.146587 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:02:57.151591 3.002189 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:03:04.159832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:03:12.291315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:03:28.294784 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:04:00.300651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:10:07.390802 3.001441 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:10:14.398428 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:10:22.600124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:10:38.602731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:11:10.609055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:11:39.390531 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 22:11:39.390782 0.218048 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:39.609284 0.124486 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:39.734266 0.167648 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:39.902415 0.351288 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:40.254062 0.228972 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:40.483368 0.160085 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:40.643799 0.250875 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:40.895026 0.221461 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:41.116859 0.256394 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:41.373639 0.223043 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:41.597076 0.175026 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:41.772460 0.215355 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:41.988161 0.977715 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:42.966247 0.206093 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:43.172715 0.162596 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:43.335673 0.153531 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:43.489543 0.165602 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:43.655532 0.261058 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:47.397107 0.259541 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:47.657005 0.213617 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:47.871009 0.412257 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:48.283608 0.239888 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:48.523901 0.288767 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:48.813111 0.137671 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:48.951189 0.238202 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:49.189773 0.218884 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:49.409041 0.285608 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:11:49.695025 0.216847 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:17:17.319264 3.002001 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:17:24.326826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:17:32.327711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:17:48.331101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:18:32.173570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:24:31.248965 2.956959 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:24:38.159057 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:24:46.019146 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 22:24:46.019308 1.061823 tcp 10.0.2.19 51894 -> 90.156.118.144 5237 FSPA* 0 0 14 1725 flow=From-Botnet-V2-TCP-Established 1970/01/06 22:24:46.048307 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:25:01.829295 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:25:33.400744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:31:33.509767 3.002016 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:31:40.517648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:31:48.519143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:32:04.521723 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:32:36.858086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:38:49.867028 3.002181 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:38:56.875113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:39:04.876398 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:39:20.879607 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:39:52.885454 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:42:17.463745 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 22:42:17.463905 0.169083 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:17.633339 0.211618 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:17.845309 0.124639 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:17.970359 0.344829 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:18.315580 0.233469 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:18.549477 0.149076 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:18.698948 0.308887 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:19.008204 0.291361 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:19.299978 0.203544 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:19.503867 0.222653 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:19.726879 0.255940 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:19.983215 0.231022 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:20.214598 0.945191 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:21.160204 0.466715 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:21.627332 0.705722 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:22.333413 0.345693 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:22.679478 0.165217 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:22.845108 0.299614 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:23.145106 0.398455 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:23.543965 0.263758 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:23.808079 0.265458 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:24.073900 0.235840 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:24.310265 0.287245 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:24.597870 0.135461 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:24.733788 0.228320 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:24.962503 0.298177 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:25.261067 0.232492 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:42:25.493897 0.264204 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 22:45:56.890783 3.002198 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:46:03.898702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:46:11.900061 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:46:27.903276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:47:03.864898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:53:27.879767 3.001697 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 22:53:34.887274 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:53:42.888582 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:53:58.892056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:54:30.897838 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 22:54:44.608251 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 22:54:44.608427 0.673857 tcp 10.0.2.19 51895 -> 90.156.118.144 5237 FSPA* 0 0 14 1731 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:00:34.903319 3.002216 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:00:41.910933 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:00:49.912765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:01:05.915814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:01:38.642970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:07:45.812958 3.002222 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:07:52.820365 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:08:00.822129 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:08:16.824971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:08:48.830886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:12:53.953664 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 23:12:53.953879 0.123977 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:54.078285 0.225686 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:54.304311 0.210996 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:54.515681 0.147688 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:54.663750 0.372928 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:55.037056 0.230721 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:55.268153 0.264008 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:55.532519 0.251175 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:55.784097 1.114145 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:56.898615 0.221739 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:57.120734 0.218961 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:57.340074 0.255164 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:57.595612 0.990906 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:58.586863 0.210130 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:58.797323 0.128642 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:58.926356 0.162265 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:59.088966 0.251199 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:59.340504 0.267705 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:59.608558 0.275730 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:12:59.884672 0.415494 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:00.300534 0.250917 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:00.551786 0.241012 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:00.793157 0.294021 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:01.087538 0.152232 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:01.240120 0.219353 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:01.459869 0.267709 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:01.727939 0.229897 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:13:01.958213 0.241819 udp 10.0.2.19 1701 <-> 50.101.238.77 5571 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:14:52.837111 3.252360 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:15:00.095566 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:15:08.096319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:15:24.099516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:15:57.137270 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:22:01.143024 3.001942 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:22:08.150148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:22:16.151883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:22:32.155389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:23:04.161315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:24:47.810482 0.000119 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 23:24:47.810692 1.710964 tcp 10.0.2.19 51896 -> 90.156.118.144 5237 FSPA* 0 0 14 1680 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:29:20.173815 3.001813 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:29:27.181742 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:29:35.183271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:29:51.186078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:30:23.192199 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:36:43.201168 3.001612 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:36:50.208426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:36:58.210523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:37:14.213353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:37:46.219073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:43:11.116348 0.000077 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 23:43:11.116513 0.211824 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:11.328700 0.151546 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:11.480646 0.124115 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:11.605107 0.175834 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:11.781328 0.348227 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:12.129964 0.233337 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:12.363655 0.249642 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:12.613714 0.273766 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:12.887851 0.216139 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:13.104394 0.256489 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:13.364087 0.120496 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:13.484907 0.236452 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:13.721716 0.967819 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:14.689901 0.210308 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:14.900607 0.125293 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:15.026271 0.153033 rtcp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:15.179703 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 1024 INT 0 1 113 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 23:43:31.338147 0.218501 tcp 10.0.2.19 51897 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:43:31.556417 0.194531 tcp 10.0.2.19 51898 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:43:31.751520 0.269945 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:32.021833 0.259941 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:32.282174 0.236561 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:32.519103 0.263664 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 579 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:32.783131 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 23:43:50.033735 0.164837 tcp 10.0.2.19 51899 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:43:50.198828 0.232823 tcp 10.0.2.19 51900 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:43:50.224758 3.753086 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/06 23:43:50.432205 0.357434 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:51.984386 0.134953 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:52.119758 0.221920 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:52.342210 0.308715 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:52.651315 0.227443 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/06 23:43:52.879132 0.000000 udp 10.0.2.19 1701 -> 50.101.238.77 5571 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/06 23:43:57.983973 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:44:05.985375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:44:08.139266 0.165934 tcp 10.0.2.19 51901 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:44:08.305521 0.194409 tcp 10.0.2.19 51902 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:44:21.988048 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:44:53.994016 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:50:58.000134 3.001779 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:51:05.007931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:51:13.009445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:51:33.007872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:52:05.404185 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:54:52.786004 0.000163 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/06 23:54:52.786311 0.675773 tcp 10.0.2.19 51903 -> 90.156.118.144 5237 FSPA* 0 0 14 1515 flow=From-Botnet-V2-TCP-Established 1970/01/06 23:58:11.052661 3.001652 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/06 23:58:18.060328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:58:26.062272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:58:42.064895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/06 23:59:15.322543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:05:21.441528 3.001672 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:05:29.600982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:05:37.602628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:05:53.605207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:06:25.611279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:12:29.617430 3.001883 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:12:36.625074 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:12:44.625875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:13:00.629343 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:13:32.635696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:14:39.441392 0.000123 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 00:14:39.441633 0.364725 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:39.806786 0.631577 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:40.438736 0.000000 udp 10.0.2.19 1701 -> 50.101.238.77 5571 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 00:14:56.738907 1.133385 tcp 10.0.2.19 51904 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 00:14:57.872126 0.197622 tcp 10.0.2.19 51905 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 00:14:58.070326 0.341989 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:58.412669 0.179172 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:58.592296 0.131438 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:58.724091 0.147659 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:58.872181 0.206604 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:59.079155 0.252172 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:59.331701 0.255550 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:59.587607 0.297695 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:14:59.885652 0.219583 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:00.105592 0.218108 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:00.324048 0.370793 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:00.695189 0.257822 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:00.953357 0.995372 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:01.949112 0.155944 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:02.105455 0.129528 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 589 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:02.235314 0.210232 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:02.445948 0.256101 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:02.702415 0.255884 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:02.958676 0.307273 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:03.266368 0.253630 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:03.520392 0.271145 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:03.791884 0.223055 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:04.015316 0.133488 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:04.149171 0.281376 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:15:04.430921 0.233035 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:19:48.648712 3.001362 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:19:55.655757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:20:03.657194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:20:19.660329 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:20:51.666829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:24:56.819335 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 00:24:56.819512 1.300253 tcp 10.0.2.19 51906 -> 90.156.118.144 5237 FSPA* 0 0 14 1630 flow=From-Botnet-V2-TCP-Established 1970/01/07 00:27:12.676872 3.001901 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:27:23.319915 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:27:31.320774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:27:47.323864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:28:19.330298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:34:23.335432 3.002155 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:34:30.343626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:34:38.345270 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:34:54.348172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:35:26.354211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:41:30.360067 3.001891 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:41:37.367382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:41:45.369030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:42:01.371804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:42:34.880090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:45:16.492709 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 00:45:16.492912 0.387178 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:16.880503 0.751302 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:17.632205 0.128528 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:17.761102 0.146851 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:17.908326 0.335291 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:18.243987 0.178348 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:18.422739 0.206763 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:18.629890 0.256736 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:18.887054 0.234010 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:19.121498 0.310949 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:19.432832 0.124746 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:19.557966 0.230794 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:19.789122 0.220358 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:20.009839 0.255594 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:20.265794 0.125218 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:20.391450 0.207255 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:20.599143 1.008156 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:21.607691 0.151531 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:21.759572 0.263477 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:22.023432 0.260610 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:22.284447 0.318111 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:22.602894 0.249196 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:22.852491 0.134213 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:22.987051 0.270412 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:23.257852 0.229184 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:23.487397 0.286714 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:45:23.774497 0.219160 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 00:48:43.892860 3.002586 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:48:50.900712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:48:58.902055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:49:14.905151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:49:47.612311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:55:00.993212 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 00:55:00.993370 0.700372 tcp 10.0.2.19 51907 -> 90.156.118.144 5237 FSPA* 0 0 14 1640 flow=From-Botnet-V2-TCP-Established 1970/01/07 00:55:51.617757 3.001949 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 00:55:58.625922 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:56:06.627715 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:56:22.630359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 00:56:54.636701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:02:58.641826 3.001947 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 01:03:05.649568 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:03:13.650970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:03:29.654064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:04:01.660416 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:13:25.674095 3.001764 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 01:13:32.681402 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:13:40.682507 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:13:56.686205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:14:28.692179 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:15:28.027808 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 01:15:28.028006 0.129409 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:28.157815 0.146400 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:28.304592 0.295213 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:28.600171 0.683252 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:29.283798 0.347303 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:29.631445 0.323321 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:29.955132 0.212438 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:30.167950 0.258559 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:30.426904 0.235816 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:30.663077 0.311740 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:30.975190 0.115343 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:31.090924 0.211938 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:31.303210 0.222838 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:31.526444 0.255418 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:31.782261 0.127500 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:31.910167 0.206930 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:32.117509 0.256210 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:32.374186 0.396667 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:32.771178 0.308880 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:33.080392 0.976061 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:34.056838 0.160241 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:34.217465 0.234769 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:34.452613 0.139530 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:34.592486 0.265200 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:34.858206 0.230044 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:35.088593 0.292910 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:15:35.381923 0.215713 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:20:32.697085 3.002319 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 01:20:39.705537 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:20:47.707045 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:21:03.709695 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:21:35.715954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:25:01.692254 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 01:25:01.692499 0.652773 tcp 10.0.2.19 51908 -> 90.156.118.144 5237 FSPA* 0 0 14 1689 flow=From-Botnet-V2-TCP-Established 1970/01/07 01:27:39.721208 3.002149 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 01:27:46.729119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:27:54.730726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:28:11.024027 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:28:43.030209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:34:47.035601 3.001927 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 01:34:54.043505 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:35:02.045283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:35:18.048405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:35:50.053839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:41:54.060137 3.001344 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 01:42:01.067694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:42:09.069161 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:42:25.072093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:42:57.078042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:46:03.195704 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 01:46:03.195803 0.125663 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:03.321833 0.148747 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:03.470921 0.206251 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:03.677573 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 01:46:19.531906 0.167567 tcp 10.0.2.19 51909 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 01:46:19.699683 0.219731 tcp 10.0.2.19 51910 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 01:46:19.920074 0.371543 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:20.292018 0.403529 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:20.695930 0.209602 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:20.905874 0.000000 udp 10.0.2.19 1701 -> 188.54.61.128 10047 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 01:46:36.955233 0.165524 tcp 10.0.2.19 51911 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 01:46:37.121097 0.196219 tcp 10.0.2.19 51912 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 01:46:37.317922 0.124694 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:37.442979 0.444016 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:37.887370 0.308502 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:38.196284 0.221319 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:38.417980 0.222438 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:38.640825 0.256527 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:38.897754 0.257844 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:39.155999 0.125098 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:39.281462 0.217117 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:39.498962 0.907620 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:40.406944 0.310658 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:40.717954 0.965990 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:41.684300 0.149021 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:41.833693 0.245064 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:42.079135 0.226250 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:42.305786 0.135967 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:42.442247 0.270746 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:42.713389 0.310664 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:46:43.024406 0.211888 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 01:49:01.083933 3.002030 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 01:49:08.091677 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:49:16.093227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:49:32.096413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:50:04.101931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:55:02.512199 0.000142 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 01:55:02.512454 0.694515 tcp 10.0.2.19 51913 -> 90.156.118.144 5237 FSPA* 0 0 14 1645 flow=From-Botnet-V2-TCP-Established 1970/01/07 01:56:08.107865 3.001579 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 01:56:15.115967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:56:23.117005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:56:39.120178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 01:57:11.126192 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:03:15.131959 3.002216 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 02:03:22.139693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:03:30.141143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:03:46.143704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:04:19.121673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:13:35.133177 3.001936 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 02:13:42.140579 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:13:50.142090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:14:06.145313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:14:38.151418 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:17:03.691205 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 02:17:03.691385 0.702380 udp 10.0.2.19 1701 <-> 89.165.72.230 8354 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:04.394224 0.244876 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:04.639509 0.151148 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:04.791038 0.159632 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:04.951072 0.169208 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:05.120684 0.353746 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:05.474780 0.207107 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:05.682293 0.178502 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:05.861148 0.118876 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:05.980359 0.211136 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:06.191880 0.337774 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:06.530074 0.312426 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:06.842905 0.245775 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:07.089037 0.254239 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:07.343651 0.252863 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:07.596851 0.126424 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:07.723653 0.211739 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:08.732393 0.607893 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:09.340672 0.316235 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:09.657233 1.001437 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:10.659041 0.154555 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:10.813970 0.237275 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:11.051638 0.222001 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:11.273975 0.142911 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:11.417240 0.538980 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:11.956640 0.280055 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 575 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:17:12.237035 0.292059 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:20:42.158335 3.000863 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 02:20:49.165718 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:20:57.166679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:21:13.169862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:21:45.175552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:25:04.792618 0.000110 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 02:25:04.792824 0.711323 tcp 10.0.2.19 51914 -> 90.156.118.144 5237 FSPA* 0 0 14 1757 flow=From-Botnet-V2-TCP-Established 1970/01/07 02:27:51.414194 3.903775 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 02:27:59.323452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:28:07.325061 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:28:23.328046 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:28:55.333850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:34:59.339899 3.001826 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 02:35:06.347277 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:35:14.349007 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:35:33.015323 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:36:05.021543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:42:10.779586 3.002205 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 02:42:17.787615 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:42:25.789354 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:42:41.792572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:43:15.841378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:47:23.968292 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 02:47:23.968443 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 109 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 02:47:40.634802 0.252560 tcp 10.0.2.19 51915 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 02:47:40.887671 0.259085 tcp 10.0.2.19 51916 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 02:47:41.147311 0.285144 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:41.432825 0.188817 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:41.652045 0.372982 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:42.025444 0.147726 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:42.173511 0.178167 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:42.352052 0.284299 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:42.636758 0.192745 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:42.829841 0.138547 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:42.968729 0.253082 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:43.222354 0.230160 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:43.452915 0.447025 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:47:43.900332 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 250 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 02:48:01.082286 0.261384 tcp 10.0.2.19 51917 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 02:48:01.343467 0.212732 tcp 10.0.2.19 51918 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 02:48:01.556736 0.319596 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:01.876656 0.315418 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:02.192439 0.166635 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:02.359409 0.251144 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:02.610915 0.296752 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:02.908040 0.313443 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:03.221862 1.007367 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:06.388044 0.160117 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:06.548511 0.260017 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:06.808887 0.277513 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:07.086766 0.205957 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:07.293124 0.252459 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:07.545978 0.323124 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:48:07.869458 0.299399 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 02:49:19.846751 3.002291 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 02:49:26.854427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:49:34.856002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:49:50.858693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:50:25.378953 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:55:10.329237 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 02:55:10.329383 0.748327 tcp 10.0.2.19 51919 -> 90.156.118.144 5237 FSPA* 0 0 14 1653 flow=From-Botnet-V2-TCP-Established 1970/01/07 02:56:29.384480 3.001806 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 02:56:36.392363 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:56:44.393802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:57:00.397117 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 02:57:32.402466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:03:36.408765 3.001619 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:03:43.415978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:03:51.417649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:04:07.420483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:04:39.426588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:13:43.441224 3.002198 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:13:50.449066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:13:58.450489 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:14:19.713127 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:14:51.280418 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:18:34.027026 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 03:18:34.027188 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 03:18:49.251115 0.248685 tcp 10.0.2.19 51920 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 03:18:49.500017 0.247570 tcp 10.0.2.19 51921 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 03:18:49.748146 0.349385 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:50.097868 0.407831 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:50.506268 0.150464 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:50.657142 0.154426 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:50.811915 0.359263 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:51.171547 0.185598 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:51.357654 0.149520 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:51.507595 0.218484 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:51.726454 0.251600 udp 10.0.2.19 1701 <-> 76.187.41.194 9753 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:51.978439 0.213932 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:52.192779 0.179291 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:52.372466 0.267821 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:52.640678 0.284822 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:52.925935 0.251617 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:53.177905 0.138123 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:53.316388 0.230872 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:53.547641 0.324036 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:53.872053 0.339765 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:54.212228 1.017764 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:55.230364 0.206295 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:55.437028 0.268619 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:55.705983 0.265583 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:55.971985 0.143137 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:56.115492 0.256043 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:56.371962 0.331385 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:18:56.703689 0.336401 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:20:52.608710 3.001238 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:20:59.616263 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:21:07.617490 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:21:23.620570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:21:55.626267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:25:15.274380 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 03:25:15.274484 0.793122 tcp 10.0.2.19 51922 -> 90.156.118.144 5237 FSPA* 0 0 15 1795 flow=From-Botnet-V2-TCP-Established 1970/01/07 03:28:08.715583 3.001294 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:28:15.722903 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:28:23.724204 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:28:39.727835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:29:12.575229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:35:24.421409 3.002282 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:35:31.429190 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:35:39.431027 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:35:55.433996 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:36:27.440267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:42:31.445934 3.001389 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:42:38.453040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:42:46.455170 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:43:02.457893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:43:34.464091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:49:16.265910 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 03:49:16.266015 0.315301 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:16.581721 0.260592 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:16.842691 0.135740 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:16.978812 0.145764 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:17.124918 0.361239 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:17.486530 0.187766 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:17.674668 0.000000 udp 10.0.2.19 1701 -> 76.187.41.194 9753 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 03:49:34.413855 0.176469 tcp 10.0.2.19 51923 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 03:49:34.590158 0.196460 tcp 10.0.2.19 51924 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 03:49:34.787184 0.227168 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:35.014738 0.176576 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:35.191702 0.114923 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:35.307011 0.232274 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:35.539632 0.227825 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:35.767832 0.257247 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:36.025439 0.255864 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:36.281659 0.127150 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:36.409180 0.204899 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:36.614528 0.268002 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:36.882921 0.301393 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:37.184693 0.989562 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:38.174649 0.159218 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:38.334260 0.237956 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:38.469527 3.002334 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:49:38.572649 0.242212 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:38.815266 0.131620 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:38.947308 0.222189 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:39.169862 0.280979 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:39.451240 0.293870 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 03:49:45.477058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:49:53.478673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:50:09.481768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:50:41.487892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:55:17.395072 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 03:55:17.395255 0.708974 tcp 10.0.2.19 51925 -> 90.156.118.144 5237 FSPA* 0 0 14 1744 flow=From-Botnet-V2-TCP-Established 1970/01/07 03:56:45.493390 3.002290 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 03:56:52.500982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:57:01.824535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:57:17.827624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 03:57:50.144358 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:03:54.150070 3.001436 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:04:01.157628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:04:09.158811 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:04:26.103324 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:04:58.109143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:11:02.115561 3.001878 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:11:09.122578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:11:17.124682 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:11:33.127568 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:12:05.133103 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:18:09.138936 3.001816 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:18:16.147108 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:18:24.148458 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:18:40.151864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:19:12.157125 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:20:10.431579 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 04:20:10.431786 10.906920 udp 10.0.2.19 1701 -> 76.187.41.194 9753 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 04:20:21.338706 0.000000 icmp 70.125.216.154 0x0103 -> 10.0.2.19 0x4cbb URH 192 1 231 flow=Background 1970/01/07 04:20:27.958792 0.166348 tcp 10.0.2.19 51926 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 04:20:28.125279 0.219566 tcp 10.0.2.19 51927 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 04:20:28.345430 0.294845 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:28.640693 0.148668 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:28.789737 0.351674 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:29.141766 0.163562 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:29.305695 0.130165 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:29.436265 0.258165 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:29.694783 0.113671 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:29.808886 0.219658 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:30.028921 0.212186 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:30.241491 0.173498 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:30.415364 0.229433 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:30.645170 0.254867 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:30.900425 0.254090 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:31.154916 0.125800 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:31.281089 0.211958 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:31.493444 0.261820 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:31.755670 0.282887 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:32.038933 0.242328 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:32.281615 1.029982 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:33.311992 0.161978 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:33.474373 0.240172 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:33.714917 0.132388 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:33.847675 0.214385 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:34.062410 0.303549 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:20:34.366493 0.289078 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:25:16.163243 3.002186 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:25:19.366223 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 04:25:19.366384 0.760857 tcp 10.0.2.19 51928 -> 90.156.118.144 5237 FSPA* 0 0 14 1552 flow=From-Botnet-V2-TCP-Established 1970/01/07 04:25:23.171034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:25:31.172244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:25:47.175517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:26:19.181128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:32:23.187174 3.001790 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:32:30.195049 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:32:38.196511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:32:54.199698 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:33:26.205350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:39:30.211480 3.001573 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:39:37.218935 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:39:45.220492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:40:01.223292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:40:33.229532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:46:37.235364 3.001424 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:46:44.242961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:46:52.244608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:47:08.247345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:47:40.253287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:51:03.395845 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 04:51:03.395987 0.332360 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:03.728757 0.164852 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:03.893961 0.130004 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:04.024370 0.217952 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:04.242724 0.233266 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:04.476385 0.254273 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:04.731021 0.155309 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:04.886720 0.228571 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:05.115693 0.215983 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:05.332049 0.171709 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:05.504119 0.371373 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:05.875866 0.255060 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:06.131301 0.255600 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:06.387297 0.646107 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:07.033789 0.217026 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:07.251201 0.239987 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:07.491568 0.258819 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:07.750760 0.216052 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:07.967213 1.026101 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:08.993705 0.192913 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:09.187045 0.226877 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:09.414334 0.133698 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:09.548449 0.219149 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:09.768014 0.315489 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:51:10.083887 0.281229 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 04:53:44.259121 3.001941 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 04:53:51.266801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:53:59.268017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:54:15.271037 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:54:50.591886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 04:55:28.572417 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 04:55:28.572588 2.246320 tcp 10.0.2.19 51929 -> 90.156.118.144 5237 FSPA* 0 0 14 1595 flow=From-Botnet-V2-TCP-Established 1970/01/07 05:00:56.700754 3.002173 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 05:01:03.708649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:01:11.710374 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:01:27.713349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:01:59.719137 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:08:03.724858 3.001473 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 05:08:10.732330 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:08:18.733868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:08:34.737015 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:09:06.743267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:15:21.754832 3.001932 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 05:15:28.762446 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:15:36.763849 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:15:52.766468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:16:24.772889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:21:35.109574 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 05:21:35.109793 0.000000 udp 10.0.2.19 1701 -> 31.43.102.110 8272 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 05:21:51.765848 0.167016 tcp 10.0.2.19 51930 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 05:21:51.933166 0.202891 tcp 10.0.2.19 51931 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 05:21:52.136593 0.225274 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:21:52.362273 0.157284 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:21:52.519965 0.349569 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:21:52.869960 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 1024 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 05:22:08.528799 1.758591 tcp 10.0.2.19 51932 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 05:22:10.287219 0.207412 tcp 10.0.2.19 51933 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 05:22:10.495204 0.411291 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:10.906959 0.114069 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:11.021453 0.230657 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:11.252511 0.215436 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:11.468363 0.169491 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:11.638354 0.231841 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:11.870551 0.254883 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:12.125789 0.263124 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:12.389314 0.236956 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:12.626627 0.131140 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:12.758137 0.217766 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:12.976253 0.256955 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:13.233600 0.217236 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:13.451200 1.033106 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:14.484701 0.157049 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:14.642145 0.225903 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:14.868422 0.137818 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:15.006602 0.303092 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:15.310250 0.223710 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:15.534335 0.267351 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:22:29.529242 3.001967 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 05:22:36.536894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:22:44.538735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:23:00.542191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:23:32.908483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:25:28.044633 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 05:25:28.044734 0.742811 tcp 10.0.2.19 51934 -> 90.156.118.144 5237 FSPA* 0 0 14 1505 flow=From-Botnet-V2-TCP-Established 1970/01/07 05:29:40.368914 3.002156 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 05:29:47.377215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:29:55.378226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:30:11.381528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:30:48.908970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:36:49.526070 3.001657 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 05:36:56.533839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:37:04.535691 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:37:20.538382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:37:52.544327 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:43:56.550116 3.001752 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 05:44:03.557735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:44:16.025797 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:44:29.665483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:45:01.671128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:51:05.677323 3.001614 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 05:51:12.685005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:51:20.686244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:51:36.689351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:52:08.695601 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:52:29.035001 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 05:52:29.035160 0.123519 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:29.159085 0.163911 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:29.323419 0.148090 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:29.471965 0.212165 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:29.684492 0.332451 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:30.017383 0.252077 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:30.269825 0.114017 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:30.384200 0.213157 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:30.597723 0.204745 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:30.802849 0.159071 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:30.962341 0.236565 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:31.199274 0.256296 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:31.455941 0.255062 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:31.711367 0.247454 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:31.959213 0.811499 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:32.771119 0.214384 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:32.985921 0.128193 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:33.114483 0.350865 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:33.465689 1.085476 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:34.551543 0.150688 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:34.702672 0.286730 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:34.989754 0.217126 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:35.207306 0.235787 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:35.443485 0.135780 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:52:35.579633 0.268558 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 05:55:32.999298 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 05:55:32.999397 0.704485 tcp 10.0.2.19 51935 -> 90.156.118.144 5237 FSPA* 0 0 14 1575 flow=From-Botnet-V2-TCP-Established 1970/01/07 05:58:12.701134 3.002040 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 05:58:19.708678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:58:27.710058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:58:43.713318 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 05:59:15.719220 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:05:19.724958 3.001938 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 06:05:26.732697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:05:34.733859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:05:50.737590 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:06:22.743162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:14:47.751563 3.001994 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 06:14:54.759479 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:15:02.760594 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:15:18.763906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:15:50.770359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:21:54.775551 3.002084 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 06:22:01.782930 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:22:09.784448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:22:25.788086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:22:55.871819 0.000155 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 06:22:55.872130 0.126119 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:55.998669 0.164140 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:56.163219 0.145647 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:56.309280 0.217467 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:56.527099 0.363264 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:56.890729 0.232507 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:57.123615 0.113782 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:57.237743 0.166333 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:57.404449 0.230110 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:57.634963 0.253977 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:57.793585 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:22:57.889336 0.230727 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:58.120478 0.208345 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:58.329172 0.270078 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:58.599638 0.241846 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:58.841860 0.417628 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:59.259910 0.227904 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:59.488171 0.215934 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:59.704492 0.125848 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:22:59.830678 1.005356 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:23:00.836401 0.158425 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:23:00.995234 0.281195 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:23:01.276776 0.221648 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:23:01.498786 0.237094 rtcp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:23:01.736303 0.136226 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:23:01.872884 0.266239 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:25:33.708306 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 06:25:33.708506 1.781475 tcp 10.0.2.19 51936 -> 90.156.118.144 5237 FSPA* 0 0 14 1522 flow=From-Botnet-V2-TCP-Established 1970/01/07 06:29:01.799965 3.001417 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 06:29:08.807689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:29:16.809088 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:29:32.812002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:30:04.818030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:36:08.823643 3.002074 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 06:36:15.831335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:36:23.832736 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:36:39.835732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:37:11.841542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:43:15.847324 3.412934 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 06:43:23.265713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:43:31.267650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:43:47.270220 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:44:19.276572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:50:23.282000 3.002213 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 06:50:30.289916 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:50:38.291228 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:50:54.293955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:51:36.561987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:53:28.777515 0.000054 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 06:53:28.777620 0.147140 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:28.925163 0.226475 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:29.152042 0.124356 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:29.276799 0.163113 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:29.440303 0.343474 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:29.784214 0.197234 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:29.981878 0.112765 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:30.095056 0.177404 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:30.272827 0.955845 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:31.229096 0.289338 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:31.518895 0.223886 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:31.743233 0.205410 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:31.949094 0.254965 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:32.204479 0.515907 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:32.720825 0.214321 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:32.935639 0.234975 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:33.171051 0.261935 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:33.433464 0.126109 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:33.559967 0.981752 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:34.542137 0.158244 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:34.700747 0.290242 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:34.991417 0.229242 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:35.221058 0.274877 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:35.496366 0.223371 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 211 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:53:35.720173 0.137443 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 06:55:42.577997 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 06:55:42.578162 0.968273 tcp 10.0.2.19 51937 -> 90.156.118.144 5237 FSPA* 0 0 14 1589 flow=From-Botnet-V2-TCP-Established 1970/01/07 06:57:35.633997 2.964720 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 06:57:42.548896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:57:50.446992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:58:06.238613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 06:58:38.825393 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:04:39.443509 3.001644 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 07:04:46.450801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:04:54.452564 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:05:10.454884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:05:42.461031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:11:46.467090 3.001836 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 07:11:53.474757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:12:01.476067 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:12:17.478873 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:12:49.485132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:18:57.496389 3.002158 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 07:19:04.504200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:19:12.505650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:19:28.508774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:20:00.515348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:23:37.016217 0.000130 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 07:23:37.016437 0.124483 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:37.141263 0.163999 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:37.305655 0.147148 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:37.453176 0.221247 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:37.674792 0.357525 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:38.032697 0.208032 udp 10.0.2.19 1701 <-> 188.54.61.128 10047 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:38.241112 0.137465 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:38.378946 0.165211 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:38.544585 0.231853 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:38.776775 0.254993 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:39.032155 0.232675 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:39.272478 0.210822 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:39.483695 0.256459 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:39.740486 0.248299 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:39.989150 0.266802 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:40.256330 0.209198 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:40.465923 0.207781 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:40.674091 0.139233 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:40.813697 0.986493 udp 10.0.2.19 1701 <-> 175.176.144.253 7296 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:41.800625 0.159285 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:41.960309 0.290626 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:42.251298 0.219955 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:42.471640 0.133565 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:42.605553 0.266878 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:23:42.872807 0.239448 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:25:38.771825 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 07:25:38.772010 0.861515 tcp 10.0.2.19 51938 -> 90.156.118.144 5237 FSPA* 0 0 14 1617 flow=From-Botnet-V2-TCP-Established 1970/01/07 07:26:04.520805 3.001749 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 07:26:11.527999 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:26:19.530063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:26:35.533069 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:27:07.538708 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:33:11.544943 3.001863 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 07:33:18.552064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:33:26.553734 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:33:42.556685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:34:14.562734 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:40:18.568414 3.002183 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 07:40:25.576119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:40:33.577817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:40:49.580638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:41:21.586831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:47:25.592722 3.002321 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 07:47:32.600378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:47:40.602002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:47:56.604486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:49:01.373405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:54:18.856126 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 07:54:18.856368 0.156101 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:19.012858 0.217239 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:19.230512 0.130804 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:19.361719 0.163130 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:19.525309 0.356717 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:19.882585 0.000000 udp 10.0.2.19 1701 -> 188.54.61.128 10047 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 07:54:35.032327 0.170544 tcp 10.0.2.19 51939 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 07:54:35.202603 0.198239 tcp 10.0.2.19 51940 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 07:54:35.401407 0.123445 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:35.525281 0.168543 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:35.694238 0.989480 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:36.684108 0.255327 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:36.939833 0.217575 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:37.157823 0.214035 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:37.372240 0.260221 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:37.632868 0.249408 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:37.882688 0.218996 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:38.102069 0.413299 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:38.515853 0.240260 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:38.756547 0.262092 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:39.019041 0.000000 udp 10.0.2.19 1701 -> 175.176.144.253 7296 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 07:54:54.886772 0.184388 tcp 10.0.2.19 51941 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 07:54:55.071399 0.208871 tcp 10.0.2.19 51942 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 07:54:55.280839 0.176311 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:55.457650 0.291422 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:55.749520 0.226036 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:55.975969 0.149870 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:56.126244 0.264769 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:54:56.391434 0.243517 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 07:55:00.068703 2.962435 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 07:55:06.976729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:55:14.864620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:55:30.639478 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:56:02.172793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 07:56:06.111798 0.000040 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 07:56:06.111898 0.698360 tcp 10.0.2.19 51943 -> 90.156.118.144 5237 FSPA* 0 0 14 1605 flow=From-Botnet-V2-TCP-Established 1970/01/07 08:02:00.847370 2.953374 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 08:02:07.750268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:02:15.629519 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:02:31.402761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:03:09.676859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:13:16.676929 2.961181 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 08:13:23.580651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:13:31.467017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:13:47.235385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:14:19.893400 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:20:18.557518 2.956000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 08:20:25.465238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:20:33.350941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:20:49.124254 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:21:20.672954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:24:58.496234 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:24:58.496415 0.000000 udp 10.0.2.19 1701 -> 188.54.61.128 10047 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:25:14.605937 0.177790 tcp 10.0.2.19 51944 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 08:25:14.782766 0.196166 tcp 10.0.2.19 51945 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 08:25:14.979600 0.000000 udp 10.0.2.19 1701 -> 175.176.144.253 7296 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:25:31.165508 0.168415 tcp 10.0.2.19 51946 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 08:25:31.334286 0.199325 tcp 10.0.2.19 51947 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 08:25:31.534376 0.167472 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:31.702411 0.349494 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:32.052370 0.123679 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:32.176471 0.217883 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:32.394775 0.145755 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:32.540948 0.113378 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:32.654718 0.177903 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:32.833034 0.264900 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:33.098339 0.244646 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:33.343410 0.205195 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:33.549070 0.220794 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:33.770402 0.465973 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:34.236807 0.249702 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:34.486888 0.210637 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:34.697937 0.209085 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:34.907472 0.897186 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:35.805124 0.239407 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:36.044922 0.294843 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:36.340156 0.222898 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:36.711282 0.146084 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:36.857770 0.161491 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:37.019636 0.278985 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:37.299022 0.236567 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:37.987769 0.172157 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 667 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:38.160463 0.352599 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 695 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:38.513666 0.125501 udp 10.0.2.19 1701 <-> 31.43.102.110 8272 CON 0 0 2 730 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:38.639723 0.218073 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 797 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:38.858401 0.148423 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 755 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:39.007398 0.120313 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 764 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:39.128223 0.432866 udp 10.0.2.19 1701 <-> 85.107.40.140 6049 CON 0 0 2 707 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:39.561630 0.221873 udp 10.0.2.19 1701 <-> 92.98.14.8 6553 CON 0 0 2 830 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:39.784024 0.208721 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 862 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:39.993243 0.264966 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 718 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:40.258755 0.257419 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 745 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:40.517182 0.531455 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 662 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:41.049195 0.247708 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 768 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:41.297440 0.219432 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 674 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:43.841953 0.218894 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 752 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:44.061405 0.234658 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 823 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:44.296590 0.284457 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:44.581617 0.512608 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 810 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:45.094737 0.134882 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 678 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:45.230149 0.170232 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 688 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:45.400881 0.272076 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 727 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:45.673532 0.238048 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 716 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:45.912158 0.234371 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:46.147146 0.157262 udp 10.0.2.19 1701 <-> 79.20.148.198 6975 CON 0 0 2 845 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:25:46.456182 0.000000 udp 10.0.2.19 1701 -> 12.145.164.234 3722 INT 0 1 275 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:25:48.323736 1.624917 tcp 10.0.2.19 51948 -> 90.156.118.144 5237 FSPA* 0 0 14 1525 flow=From-Botnet-V2-TCP-Established 1970/01/07 08:25:51.627139 0.000000 udp 10.0.2.19 1701 -> 68.39.67.168 8222 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:25:59.022873 0.000000 udp 10.0.2.19 1701 -> 159.213.140.53 26854 INT 0 1 311 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:26:16.145863 0.000000 udp 10.0.2.19 1701 -> 68.143.9.54 6303 INT 0 1 127 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:26:23.134260 0.000000 udp 10.0.2.19 1701 -> 77.92.163.74 6914 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:26:29.143016 0.357023 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 711 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:26:29.583630 0.245742 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 786 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:26:29.944554 0.000000 udp 10.0.2.19 1701 -> 81.7.66.226 1853 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:26:33.860187 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:26:35.597157 0.214705 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 711 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:26:35.887552 0.000000 udp 10.0.2.19 1701 -> 23.24.76.117 3168 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:26:44.649962 0.000000 udp 10.0.2.19 1701 -> 117.216.210.52 9584 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:26:50.096344 0.000000 udp 10.0.2.19 1701 -> 70.78.12.24 4453 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:26:58.064905 0.000000 udp 10.0.2.19 1701 -> 68.157.126.49 7924 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:05.655432 0.156578 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 834 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:27:05.913832 0.000000 udp 10.0.2.19 1701 -> 66.49.17.214 7145 INT 0 1 256 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:10.494016 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:27:13.520816 0.148525 udp 10.0.2.19 1701 <-> 87.17.251.64 5248 CON 0 0 2 732 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:27:13.736598 0.000000 udp 10.0.2.19 1701 -> 69.244.46.205 8868 INT 0 1 124 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:20.080608 0.115644 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 711 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:27:20.293462 0.000000 udp 10.0.2.19 1701 -> 79.2.71.76 5187 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:25.563012 0.000000 udp 10.0.2.19 1701 -> 174.89.251.57 1510 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:32.805526 0.000000 udp 10.0.2.19 1701 -> 140.247.230.102 4598 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:35.450207 3.228014 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 08:27:39.686974 0.240860 udp 10.0.2.19 1701 <-> 172.13.164.195 6491 CON 0 0 2 744 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:27:40.009965 3.174583 udp 10.0.2.19 1701 -> 194.90.217.151 3160 INT 0 1 270 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:42.626231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:27:43.184548 0.000000 icmp 194.90.217.151 0x0103 -> 10.0.2.19 0xc25a URH 192 1 298 flow=Background 1970/01/07 08:27:44.254246 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:27:45.613491 0.000000 udp 10.0.2.19 1701 -> 78.87.217.145 9467 INT 0 1 248 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:50.505212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:27:51.875443 0.000000 udp 10.0.2.19 1701 -> 75.127.220.186 6633 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:27:58.211404 0.000000 udp 10.0.2.19 1701 -> 24.0.232.228 4911 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:06.193287 0.190672 udp 10.0.2.19 1701 <-> 69.250.218.50 3691 CON 0 0 2 723 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:28:06.272369 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:28:06.426257 0.107355 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 668 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:28:06.579175 0.000000 udp 10.0.2.19 1701 -> 206.255.25.194 8226 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:12.056395 0.000000 udp 10.0.2.19 1701 -> 87.181.179.142 6618 INT 0 1 293 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:17.725502 0.000000 udp 10.0.2.19 1701 -> 207.250.82.102 8275 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:22.198843 0.000068 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:28:25.965339 0.000000 udp 10.0.2.19 1701 -> 79.23.121.108 1024 INT 0 1 117 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:33.963951 0.000000 udp 10.0.2.19 1701 -> 174.141.117.232 3271 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:37.821098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:28:40.320999 0.163264 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 725 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:28:40.529491 0.270448 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 787 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:28:40.946855 0.000000 udp 10.0.2.19 1701 -> 86.98.52.56 1039 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:48.497166 0.000000 udp 10.0.2.19 1701 -> 162.202.76.209 8613 INT 0 1 136 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:28:58.425798 0.000000 udp 10.0.2.19 1701 -> 118.21.140.162 11364 INT 0 1 117 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:03.228059 0.000042 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:29:05.955074 0.000000 udp 10.0.2.19 1701 -> 75.130.73.198 1194 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:12.555192 0.000000 udp 10.0.2.19 1701 -> 24.237.171.29 5123 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:20.628454 0.000000 udp 10.0.2.19 1701 -> 87.28.24.185 6678 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:28.663484 0.000000 udp 10.0.2.19 1701 -> 203.206.220.184 8629 INT 0 1 207 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:34.824622 0.000000 udp 10.0.2.19 1701 -> 75.19.159.160 8624 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:39.647255 0.341179 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:29:40.325732 0.000000 udp 10.0.2.19 1701 -> 24.167.102.135 3146 INT 0 1 308 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:48.001152 0.000000 udp 10.0.2.19 1701 -> 77.209.71.84 9350 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:29:56.098478 0.154604 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 849 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:29:56.333345 0.000000 udp 10.0.2.19 1701 -> 41.190.132.228 4585 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:01.594311 0.000000 udp 10.0.2.19 1701 -> 188.14.124.198 5233 INT 0 1 158 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:08.410556 0.374783 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 747 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:30:08.887597 0.000000 udp 10.0.2.19 1701 -> 204.120.192.86 6457 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:13.469800 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:30:15.958440 0.000000 udp 10.0.2.19 1701 -> 69.193.16.198 5373 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:22.129199 0.000000 udp 10.0.2.19 1701 -> 89.186.85.117 7378 INT 0 1 134 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:29.956164 0.000000 udp 10.0.2.19 1701 -> 95.224.214.119 1701 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:35.814508 0.000000 udp 10.0.2.19 1701 -> 180.190.211.236 17106 INT 0 1 133 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:42.669349 0.000000 udp 10.0.2.19 1701 -> 150.101.100.34 15773 INT 0 1 290 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:47.455943 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:30:48.117590 0.000000 udp 10.0.2.19 1701 -> 176.221.7.245 7465 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:30:56.124075 0.212277 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 748 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:30:56.404723 0.000000 udp 10.0.2.19 1701 -> 199.195.224.76 25300 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:03.616012 0.000000 udp 10.0.2.19 1701 -> 188.169.55.26 28335 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:08.740836 0.000000 udp 10.0.2.19 1701 -> 95.231.149.46 1621 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:16.311423 0.000000 udp 10.0.2.19 1701 -> 50.75.48.164 3660 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:25.061457 0.000068 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:31:28.194470 0.000000 udp 10.0.2.19 1701 -> 74.13.239.90 2062 INT 0 1 182 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:34.489651 0.238995 udp 10.0.2.19 1701 <-> 108.227.70.250 2299 CON 0 0 2 747 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:31:34.920094 0.000000 udp 10.0.2.19 1701 -> 68.143.90.138 6127 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:42.770488 0.000000 udp 10.0.2.19 1701 -> 88.236.250.104 25201 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:47.864776 0.000000 udp 10.0.2.19 1701 -> 24.162.222.216 5896 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:54.257273 0.000000 udp 10.0.2.19 1701 -> 108.82.152.255 2612 INT 0 1 125 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:31:59.059344 1.472004 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:32:03.212355 0.000000 udp 10.0.2.19 1701 -> 112.210.111.73 8287 INT 0 1 303 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:09.012358 0.000000 udp 10.0.2.19 1701 -> 184.75.95.70 8283 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:17.298675 0.000000 udp 10.0.2.19 1701 -> 69.113.64.151 2734 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:24.185991 0.000000 udp 10.0.2.19 1701 -> 71.255.188.218 8330 INT 0 1 140 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:32.904615 2.715470 udp 10.0.2.19 1701 -> 70.88.177.45 6903 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:35.620085 0.000000 icmp 70.88.177.45 0x0303 -> 10.0.2.19 0xf71a URP 192 1 208 flow=Background 1970/01/07 08:32:39.987798 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:32:40.538549 0.000000 udp 10.0.2.19 1701 -> 66.91.151.50 3697 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:47.582021 0.000000 udp 10.0.2.19 1701 -> 2.50.48.101 3194 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:52.533568 0.219463 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 844 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:32:52.850676 0.000000 udp 10.0.2.19 1701 -> 69.142.65.193 6183 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:32:59.626989 0.196799 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 753 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:32:59.896566 0.000000 udp 10.0.2.19 1701 -> 82.107.189.85 7314 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:06.185221 0.000000 udp 10.0.2.19 1701 -> 175.144.241.54 6416 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:12.862295 0.000000 udp 10.0.2.19 1701 -> 27.253.110.22 4407 INT 0 1 295 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:19.773142 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:33:21.696456 0.000000 udp 10.0.2.19 1701 -> 72.213.173.163 2461 INT 0 1 287 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:29.523871 0.594437 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:33:30.243011 0.000000 udp 10.0.2.19 1701 -> 219.74.118.238 8464 INT 0 1 200 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:35.802699 0.000000 udp 10.0.2.19 1701 -> 31.146.47.79 11389 INT 0 1 178 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:43.386288 0.000000 udp 10.0.2.19 1701 -> 31.146.145.5 9404 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:50.763068 0.000000 udp 10.0.2.19 1701 -> 72.213.189.250 9245 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:33:55.335803 0.897164 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:33:57.580310 0.256665 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 738 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:33:57.931214 0.000000 udp 10.0.2.19 1701 -> 74.124.111.49 7864 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:05.883601 0.000000 udp 10.0.2.19 1701 -> 81.110.137.93 4641 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:11.922851 0.217610 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:34:12.207874 0.000000 udp 10.0.2.19 1701 -> 216.14.48.130 2404 INT 0 1 221 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:17.606214 0.000000 udp 10.0.2.19 1701 -> 95.253.112.131 3282 INT 0 1 157 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:24.177319 0.000000 udp 10.0.2.19 1701 -> 83.163.123.111 9652 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:30.181920 0.000000 udp 10.0.2.19 1701 -> 69.64.105.130 9072 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:34.673487 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:34:38.419604 0.000000 udp 10.0.2.19 1701 -> 66.56.204.248 4326 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:46.454823 0.239280 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 735 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:34:46.748401 0.000000 udp 10.0.2.19 1701 -> 107.201.208.1 2158 INT 0 1 150 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:54.249622 0.380883 udp 10.0.2.19 1701 <-> 5.202.161.209 11614 CON 0 0 2 814 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:34:54.682425 0.156881 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 825 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:34:54.881646 0.000000 udp 10.0.2.19 1701 -> 217.165.79.77 4737 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:34:55.229019 2.951521 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 08:35:02.134254 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:35:02.758471 0.290289 udp 10.0.2.19 1701 <-> 181.135.143.64 1943 CON 0 0 2 790 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:35:03.298782 0.176249 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 667 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:35:03.589704 0.338064 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 693 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:35:03.966118 0.264705 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 812 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:35:04.272043 0.000000 udp 10.0.2.19 1701 -> 97.73.35.55 1513 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:35:08.172759 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:35:10.016356 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:35:11.853278 0.000000 udp 10.0.2.19 1701 -> 70.117.241.68 11555 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:35:19.296357 0.445556 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 772 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:35:19.894400 0.226495 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 771 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 08:35:20.174319 0.000000 udp 10.0.2.19 1701 -> 50.74.153.34 3885 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:35:25.775500 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:35:32.943582 0.000000 udp 10.0.2.19 1701 -> 85.37.144.9 21799 INT 0 1 296 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:35:38.969911 0.000000 udp 10.0.2.19 1701 -> 200.60.76.38 3686 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:35:43.926644 0.000000 udp 10.0.2.19 1701 -> 71.232.141.226 5653 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:35:48.805005 0.000059 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:35:51.020342 0.000000 udp 10.0.2.19 1701 -> 79.15.14.142 1661 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:35:57.478461 0.000000 udp 10.0.2.19 1701 -> 82.91.101.29 9467 INT 0 1 149 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:01.509898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:36:05.805263 0.000000 udp 10.0.2.19 1701 -> 83.27.183.30 2618 INT 0 1 281 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:14.605962 0.000000 udp 10.0.2.19 1701 -> 41.135.177.131 8504 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:19.912794 0.000000 udp 10.0.2.19 1701 -> 202.130.129.114 2494 INT 0 1 198 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:26.101489 0.000000 udp 10.0.2.19 1701 -> 182.1.58.126 1616 INT 0 1 298 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:30.941622 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:36:33.767927 0.000000 udp 10.0.2.19 1701 -> 85.154.58.45 14042 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:42.337508 0.000000 udp 10.0.2.19 1701 -> 68.114.245.252 5007 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:50.583601 0.000000 udp 10.0.2.19 1701 -> 174.7.220.125 4786 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:36:58.137290 0.000000 udp 10.0.2.19 1701 -> 71.232.254.72 3840 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:37:06.616183 0.000000 udp 10.0.2.19 1701 -> 173.168.177.131 9780 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:37:11.332169 0.000042 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:37:14.520942 0.000000 udp 10.0.2.19 1701 -> 89.165.72.230 8354 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:37:22.462458 0.000000 udp 10.0.2.19 1701 -> 76.29.210.40 5142 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 08:42:03.881452 2.964428 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 08:42:10.786602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:42:18.675212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:42:34.446534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:43:05.973119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:49:04.656194 2.956616 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 08:49:11.565351 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:49:19.452862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:49:35.221933 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:50:06.767855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:55:58.691256 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 08:55:58.691444 1.580487 tcp 10.0.2.19 51949 -> 90.156.118.144 5237 FSPA* 0 0 14 1723 flow=From-Botnet-V2-TCP-Established 1970/01/07 08:56:05.438975 2.954429 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 08:56:12.340012 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:56:20.217578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:56:35.986277 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 08:57:07.534830 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:03:06.211993 2.961009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 09:03:13.116948 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:03:21.002866 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:03:36.766799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:04:08.286160 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:07:33.381660 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 09:07:33.381849 0.160785 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:33.543054 0.122156 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:33.665608 0.223889 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:33.889896 0.166672 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:34.057020 0.212024 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:34.269445 0.000000 udp 10.0.2.19 1701 -> 85.107.40.140 6049 INT 0 1 246 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:07:51.736654 0.166049 tcp 10.0.2.19 51950 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:07:51.903017 0.213759 tcp 10.0.2.19 51951 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:07:52.117343 0.261972 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:52.379702 0.538089 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:52.918317 0.256719 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:53.175481 1.205138 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:54.381021 0.219493 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:54.600971 0.297815 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:54.899170 0.258873 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:55.158468 0.215671 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:55.374533 0.240694 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:55.615686 0.277100 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:55.893226 0.142941 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:07:56.036547 0.000000 udp 10.0.2.19 1701 -> 99.95.196.161 2218 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:08:13.818922 0.000000 tcp 10.0.2.19 51952 -> 173.194.70.99 80 S_ 0 1 66 flow=From-Botnet-V2-TCP-Attempt 1970/01/07 09:08:20.585083 0.103678 tcp 10.0.2.19 51952 -> 173.194.70.99 80 FPA_* 0 0 9 1772 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:08:20.688599 0.208018 tcp 10.0.2.19 51953 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:08:20.897210 0.000000 udp 10.0.2.19 1701 -> 79.20.148.198 6975 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:08:36.162861 0.167334 tcp 10.0.2.19 51954 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:08:36.329911 0.208670 tcp 10.0.2.19 51955 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:08:36.539204 0.155383 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:36.694996 0.221830 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:36.917210 0.356527 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:37.274152 0.240610 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:37.515173 0.211991 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 585 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:37.727536 0.154378 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:37.882496 0.000000 udp 10.0.2.19 1701 -> 87.17.251.64 5248 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:08:55.672085 0.165569 tcp 10.0.2.19 51956 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:08:55.837560 0.203444 tcp 10.0.2.19 51957 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:08:56.041593 0.110032 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:56.152009 0.248221 udp 10.0.2.19 1701 <-> 172.13.164.195 6491 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:56.400648 0.195764 udp 10.0.2.19 1701 <-> 69.250.218.50 3691 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:56.596834 0.100085 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:56.697382 0.167914 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:56.865721 0.267333 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:08:57.133474 0.000000 udp 10.0.2.19 1701 -> 86.156.139.155 5008 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:09:14.421743 0.165181 tcp 10.0.2.19 51958 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:09:14.586818 0.195368 tcp 10.0.2.19 51959 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:09:14.782765 0.396255 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:15.179412 0.217585 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:15.397428 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:09:34.011548 0.169971 tcp 10.0.2.19 51960 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:09:34.181797 0.210831 tcp 10.0.2.19 51961 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:09:34.393224 0.235177 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:34.628753 0.200926 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:34.830156 0.410194 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:35.240783 0.264286 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:35.505522 0.248530 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:35.754469 0.242735 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:35.997578 0.392728 udp 10.0.2.19 1701 <-> 5.202.161.209 11614 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:36.390705 0.153127 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:36.544223 0.000000 udp 10.0.2.19 1701 -> 181.135.143.64 1943 INT 0 1 235 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:09:51.641840 0.166192 tcp 10.0.2.19 51962 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:09:51.807573 0.201269 tcp 10.0.2.19 51963 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:09:52.009561 0.299090 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:52.309032 0.181814 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:52.491209 0.261044 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:52.752666 0.215875 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:09:52.968958 0.228283 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:13:46.503372 2.949665 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 09:13:53.406135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:14:01.285596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:14:17.043480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:14:48.593676 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:20:48.017173 3.002464 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 09:20:55.025528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:21:03.026520 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:21:19.030337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:21:52.527659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:25:47.836915 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 09:25:47.837110 1.685120 tcp 10.0.2.19 51964 -> 90.156.118.144 5237 FSPA* 0 0 14 1519 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:27:59.407883 3.002015 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 09:28:06.415543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:28:14.417233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:28:30.420115 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:29:02.425936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:35:06.432302 3.001616 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 09:35:13.439807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:35:21.441140 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:35:37.444132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:36:09.930984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:39:50.598007 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 09:39:50.598173 0.000000 udp 10.0.2.19 1701 -> 85.107.40.140 6049 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:40:06.974671 0.165532 tcp 10.0.2.19 51965 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:40:07.140488 0.200416 tcp 10.0.2.19 51966 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:40:07.341467 0.223633 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:40:07.565493 0.000000 udp 10.0.2.19 1701 -> 79.20.148.198 6975 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:40:25.189271 0.175656 tcp 10.0.2.19 51967 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:40:25.364827 0.198392 tcp 10.0.2.19 51968 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:40:25.563781 0.000000 udp 10.0.2.19 1701 -> 87.17.251.64 5248 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:40:42.593811 0.167008 tcp 10.0.2.19 51969 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:40:42.760558 0.201539 tcp 10.0.2.19 51970 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:40:42.962674 0.140277 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:40:43.103296 0.000000 udp 10.0.2.19 1701 -> 108.227.70.250 2299 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:41:01.671812 0.186348 tcp 10.0.2.19 51971 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:01.857810 0.212748 tcp 10.0.2.19 51972 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:02.071147 0.000000 udp 10.0.2.19 1701 -> 181.135.143.64 1943 INT 0 1 201 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:41:19.597710 0.169204 tcp 10.0.2.19 51973 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:19.767073 0.199931 tcp 10.0.2.19 51974 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:19.967548 0.166653 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:20.134556 0.366610 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:20.501535 0.206648 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:20.708574 0.234167 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:20.943108 0.232773 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:21.176254 0.156282 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:21.332941 0.115884 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:21.449209 0.239299 udp 10.0.2.19 1701 <-> 172.13.164.195 6491 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:21.688853 0.000000 udp 10.0.2.19 1701 -> 69.250.218.50 3691 INT 0 1 185 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:41:38.454058 0.166314 tcp 10.0.2.19 51975 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:38.620719 0.214767 tcp 10.0.2.19 51976 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:38.836039 0.213843 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:39.050269 0.276203 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:39.326897 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 09:41:55.088099 0.169423 tcp 10.0.2.19 51977 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:55.257223 0.198984 tcp 10.0.2.19 51978 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:41:55.456740 0.381363 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:55.838490 0.209497 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:56.048352 0.222198 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:56.270925 0.399147 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:56.670425 0.194608 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:56.865411 0.249599 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:57.115380 0.223999 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:57.339751 0.273123 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:57.613233 0.366442 udp 10.0.2.19 1701 <-> 5.202.161.209 11614 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:57.980054 0.171181 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:58.151568 0.282391 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:58.434332 0.160085 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:58.594769 0.254971 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:58.850199 0.216854 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:59.067464 0.220690 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:59.288567 0.224550 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:59.513544 0.145941 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:59.659861 0.162277 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:59.822485 0.114147 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:41:59.936982 0.210333 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:00.147711 0.253948 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:00.401999 0.256148 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:00.658481 0.456174 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:01.115040 0.296477 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:01.411865 0.213426 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:01.625688 0.268753 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:01.894788 0.221789 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:02.116964 0.242379 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:02.359729 0.290043 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:02.650337 0.267985 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:02.918659 0.132199 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 09:42:13.936587 3.362671 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 09:42:21.304731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:42:29.306081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:42:45.309177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:43:17.315233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:49:21.321032 3.002266 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 09:49:28.328978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:49:37.231647 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:49:53.234729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:50:25.240669 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:55:50.378551 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 09:55:50.378744 0.668006 tcp 10.0.2.19 51979 -> 90.156.118.144 5237 FSPA* 0 0 14 1638 flow=From-Botnet-V2-TCP-Established 1970/01/07 09:56:29.246282 3.001693 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 09:56:36.253731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:56:44.255910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:57:00.258703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 09:57:32.264278 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:03:36.270183 3.001578 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 10:03:43.277595 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:03:51.279074 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:04:07.282282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:04:39.288387 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:12:33.631102 0.000139 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 10:12:33.631449 0.099423 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:33.731270 0.000000 udp 10.0.2.19 1701 -> 69.250.218.50 3691 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 10:12:52.149746 0.188079 tcp 10.0.2.19 51980 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:12:52.338143 0.201012 tcp 10.0.2.19 51981 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:12:52.539713 0.248192 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:52.788275 0.154522 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:52.943208 0.157571 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:53.101166 0.534592 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:53.636189 0.110693 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:53.747280 0.225347 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:53.973028 0.218526 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:54.191946 0.165925 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:54.358431 0.244660 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:54.603440 0.250120 udp 10.0.2.19 1701 <-> 172.13.164.195 6491 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:54.853938 0.156512 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:55.010897 0.261997 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:55.273277 0.221677 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:55.495386 0.373364 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:55.869107 0.213098 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:56.082599 0.194679 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:56.277666 0.241959 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:56.520045 0.225881 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:56.746454 0.249435 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:56.996294 0.447848 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:57.444581 0.384554 udp 10.0.2.19 1701 <-> 5.202.161.209 11614 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:57.829509 0.166146 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:57.996005 0.286903 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:58.283258 0.172422 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:58.456036 0.223325 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:58.679703 0.216065 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:58.896164 0.248170 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:59.144736 0.373422 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:59.518558 0.145739 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:59.664647 0.176574 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:59.841585 0.121547 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:12:59.963517 0.212288 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:00.176186 0.255372 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:00.431934 0.269515 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:00.701843 0.489853 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:01.192107 0.945249 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:02.137735 0.483237 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:02.621371 0.243177 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:02.864954 0.804013 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:03.669382 0.229629 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:03.899411 0.134246 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:04.034010 0.287783 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:04.322212 0.270298 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:13:57.302961 3.002056 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 10:14:04.310777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:14:12.312444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:14:28.314948 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:15:00.321209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:21:04.326733 3.002087 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 10:21:11.335066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:21:19.336065 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:21:35.338943 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:22:07.345686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:25:51.047739 0.000109 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 10:25:51.047947 0.693667 tcp 10.0.2.19 51982 -> 90.156.118.144 5237 FSPA* 0 0 14 1747 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:28:11.352429 3.000603 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 10:28:18.358438 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:28:26.359894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:28:42.362869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:29:14.369205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:35:18.374660 3.002276 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 10:35:25.382663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:35:33.384040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:35:49.386888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:36:21.393115 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:42:25.399241 3.001504 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 10:42:32.406788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:42:40.407982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:42:56.410907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:43:19.995950 0.000093 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 10:43:19.996149 0.102666 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:20.099166 0.153318 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:20.252918 0.221477 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:20.474756 0.142499 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:20.617613 0.355621 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:20.973590 0.114857 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:21.088817 0.158270 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:21.247462 0.228740 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:21.476590 0.209403 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:21.686376 0.240059 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:21.926795 0.000000 udp 10.0.2.19 1701 -> 172.13.164.195 6491 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 10:43:28.417340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:43:40.797949 0.165237 tcp 10.0.2.19 51983 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:43:40.963521 0.209817 tcp 10.0.2.19 51984 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:43:41.173871 0.158695 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:41.332948 0.373801 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:41.707141 0.270633 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:41.978189 0.219417 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:42.197992 0.210640 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:42.409002 0.201669 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:42.611054 0.234853 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:42.846267 0.222598 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:43.069244 0.271390 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:43.341014 0.585251 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:43:43.926629 0.000000 udp 10.0.2.19 1701 -> 5.202.161.209 11614 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 10:43:59.533613 0.165991 tcp 10.0.2.19 51985 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:43:59.699205 0.194647 tcp 10.0.2.19 51986 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:43:59.894407 0.174499 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:00.069276 0.374046 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:00.443748 0.243765 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:00.687856 0.266983 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:00.955223 0.221527 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:01.177077 0.217881 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:01.395353 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 10:44:20.363417 0.166496 tcp 10.0.2.19 51987 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:44:20.530372 0.216397 tcp 10.0.2.19 51988 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:44:20.747316 0.153104 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:20.900797 0.164366 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:21.065520 0.255413 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:21.321296 1.101259 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 568 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:22.422985 0.210101 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:22.633492 0.262983 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:22.896854 0.134861 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:23.032107 0.335172 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:23.367669 0.215846 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:23.583924 0.242926 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:23.827234 0.261467 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:24.089102 0.290178 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:24.379693 0.215751 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:24.595851 0.135613 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:44:24.731851 0.270398 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 10:49:32.422920 3.002095 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 10:49:39.430829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:49:47.432142 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:50:03.435324 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:50:36.191937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:55:52.117128 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 10:55:52.117334 1.165923 tcp 10.0.2.19 51989 -> 90.156.118.144 5237 FSPA* 0 0 14 1511 flow=From-Botnet-V2-TCP-Established 1970/01/07 10:56:40.198319 3.001893 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 10:56:53.069292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:57:00.961491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:57:16.742075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 10:57:48.304804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:03:51.347914 3.002176 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 11:03:58.355268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:04:06.357227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:04:22.359799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:04:54.366150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:10:58.371814 3.001897 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 11:11:05.379403 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:11:13.380923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:11:29.383794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:12:01.389880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:14:43.974443 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 11:14:43.974532 0.000000 udp 10.0.2.19 1701 -> 172.13.164.195 6491 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 11:15:01.892494 0.167581 tcp 10.0.2.19 51990 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:02.059709 0.198984 tcp 10.0.2.19 51991 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:02.259256 0.000000 udp 10.0.2.19 1701 -> 5.202.161.209 11614 INT 0 1 110 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 11:15:20.427939 0.176097 tcp 10.0.2.19 51992 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:20.603940 0.198603 tcp 10.0.2.19 51993 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:20.803087 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 11:15:36.120185 0.229160 tcp 10.0.2.19 51994 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:36.349686 0.203176 tcp 10.0.2.19 51995 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:36.553424 0.107793 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:36.661575 0.218037 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:36.880012 0.162467 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:37.042845 0.144927 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:37.188139 0.240416 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:37.428928 0.216205 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:37.645483 0.110083 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:37.755915 0.171230 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:37.927535 0.000000 udp 10.0.2.19 1701 -> 113.108.254.151 7824 INT 0 1 203 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 11:15:56.639387 0.168859 tcp 10.0.2.19 51996 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:56.808473 0.195651 tcp 10.0.2.19 51997 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:15:57.004652 0.243977 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:57.249074 0.166535 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:57.416006 0.375825 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:57.792177 0.189157 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:57.981702 0.214074 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:58.196185 0.221247 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:58.417807 0.264842 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:58.682988 0.235527 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:58.918891 0.218629 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:59.137903 0.245318 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:59.383638 0.419880 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:15:59.803859 0.341226 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:00.145478 0.157857 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:00.303724 0.170095 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 224 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:00.474255 0.217916 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:00.692629 0.243957 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:00.936990 0.212328 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:01.149728 0.258763 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:01.408840 0.167862 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:01.577066 0.190216 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:01.767639 0.256002 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:02.023990 0.118896 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:02.143244 0.202257 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:02.345866 0.232035 rtcp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:02.578436 0.276275 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:06.902226 0.251347 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:07.153932 0.263404 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:07.417733 0.287416 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:07.705502 0.213873 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:07.919761 0.132568 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:08.052692 0.238643 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:16:08.291697 0.267110 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:18:13.397088 3.002556 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 11:18:20.404769 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:18:28.406701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:18:44.409190 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:19:18.018010 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:25:22.023587 3.002029 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 11:25:29.031432 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:25:37.223215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:25:53.225973 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:25:56.490973 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 11:25:56.491196 0.891759 tcp 10.0.2.19 51998 -> 90.156.118.144 5237 FSPA* 0 0 14 1730 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:26:25.652543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:32:29.658197 3.001911 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 11:32:36.666414 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:32:44.667245 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:33:00.670954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:33:32.676516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:39:36.682278 3.001840 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 11:39:43.690342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:39:51.691425 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:40:07.694625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:40:39.700713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:46:37.796117 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 11:46:37.796285 0.355503 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:38.152199 0.167936 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:38.320509 0.099609 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:38.420470 0.225675 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:38.646560 0.211460 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:38.858386 0.109522 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:38.968275 0.228665 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:39.197416 0.142757 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:39.340565 0.000000 udp 10.0.2.19 1701 -> 176.73.199.176 3735 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 11:46:43.706350 3.001884 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 11:46:50.713954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:46:54.401628 0.166379 tcp 10.0.2.19 51999 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:46:54.567906 0.207819 tcp 10.0.2.19 52000 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 11:46:54.776286 0.256502 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:55.033213 0.185897 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:55.219536 0.376988 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:55.596910 0.196805 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:55.794131 0.212057 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:56.006563 0.236964 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:56.243935 0.217851 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:56.462195 0.216721 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:56.679273 0.262470 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:56.942141 0.285033 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:57.227589 0.406767 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:57.634732 0.293410 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:57.928509 0.213970 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:58.142833 0.250917 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:58.394134 0.228271 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:58.622832 0.152623 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:58.715690 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:46:58.775808 0.173988 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:58.950202 0.255411 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:59.206172 0.148035 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:59.354575 0.164193 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:59.519143 0.209615 rtcp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:59.729110 0.118973 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:59.848430 0.130681 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:46:59.979491 0.902051 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:00.881885 0.373285 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:01.255546 0.265843 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:01.521721 0.260137 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:01.782279 0.291274 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:02.073906 0.214150 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:02.288427 0.266319 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:02.555093 0.137124 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:02.692598 0.242395 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 11:47:14.718602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:47:46.724514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:53:50.729856 3.002297 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 11:53:57.737648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:54:05.739375 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:54:21.742470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:54:53.748761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 11:55:57.390856 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 11:55:57.391059 0.752396 tcp 10.0.2.19 52001 -> 90.156.118.144 5237 FSPA* 0 0 14 1614 flow=From-Botnet-V2-TCP-Established 1970/01/07 12:00:57.754524 3.001637 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:01:04.761738 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:01:12.763620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:01:28.766483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:02:00.792348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:08:04.798394 3.002018 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:08:11.805975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:08:19.807867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:08:35.810649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:09:07.816681 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:15:11.822217 3.001772 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:15:18.829770 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:15:26.831700 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:15:42.834564 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:16:14.840479 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:17:31.070901 0.000042 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 12:17:31.070990 0.244032 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:31.315396 0.253831 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:31.569589 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 12:17:49.870214 0.468445 tcp 10.0.2.19 52002 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 12:17:50.338951 0.491365 tcp 10.0.2.19 52003 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 12:17:50.830846 0.384329 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:51.215531 0.609627 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:51.825543 0.338065 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:52.163959 0.352445 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:52.516759 0.110971 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:52.628122 0.228284 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:52.856769 0.250450 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:53.107703 0.167685 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:53.275713 0.377812 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:53.653898 0.259403 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:53.913678 0.304829 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:54.218891 0.363209 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:54.582473 0.422962 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:55.005807 0.413295 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:55.419474 0.682297 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:56.102136 0.268092 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:56.370581 0.236487 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:56.607444 0.279069 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:56.886899 0.214831 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:57.102112 0.248441 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:57.350931 0.224981 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:57.576300 0.156979 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:57.733618 0.146913 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:57.880884 0.163487 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:58.044724 0.204859 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:58.249959 0.182622 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:58.432925 0.257899 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:58.691165 0.118199 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:58.809736 0.129505 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:58.939590 0.665983 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:59.605943 0.214646 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:17:59.820947 0.253340 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:18:00.074633 0.268906 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:18:00.343948 0.263369 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:18:00.607695 0.144079 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:18:00.752101 0.287264 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:18:01.039727 0.221072 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:18:01.261152 0.237701 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:22:18.846357 3.001679 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 12:22:25.853543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:22:33.855617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:22:49.858223 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:23:21.864855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:25:58.309946 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 12:25:58.310147 1.245216 tcp 10.0.2.19 52004 -> 90.156.118.144 5237 FSPA* 0 0 14 1596 flow=From-Botnet-V2-TCP-Established 1970/01/07 12:29:26.190324 3.001865 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:29:33.198081 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:29:41.199770 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:29:57.202841 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:30:29.208763 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:36:33.214548 3.002308 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:36:40.222192 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:36:54.960070 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:37:10.751357 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:37:42.316235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:43:45.471982 2.958564 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:43:52.384056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:44:00.282488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:44:16.072193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:44:49.046239 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:48:16.275534 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 12:48:16.275716 0.096892 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:16.372982 0.186189 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:16.559589 0.154249 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:16.714475 0.219148 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:16.934034 0.362348 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:17.296784 0.145498 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:17.442657 0.209966 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:17.652989 0.116812 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:17.770377 0.257801 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:18.028589 0.240963 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:18.269975 0.189154 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:18.459548 0.154074 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:18.614033 0.367501 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:18.981927 0.223877 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:19.206231 0.217012 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:19.423674 0.209061 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:19.633166 0.247897 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:19.881520 0.426332 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 566 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:20.308308 0.262849 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:20.571564 0.245634 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:20.817641 0.319156 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:21.137181 0.225682 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:22.128465 0.164793 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:22.293669 0.146725 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:22.440826 0.160180 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:22.601357 0.213091 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:22.814883 0.248494 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:23.063747 0.220328 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:23.284452 0.176464 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:23.461305 0.254335 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:23.715999 0.113093 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:23.829506 0.132660 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:23.962566 0.250948 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:24.213914 0.221029 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:24.435477 0.436211 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:24.872077 0.258739 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:25.131184 0.292862 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:25.424438 0.135983 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:25.560837 0.306751 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:25.868020 0.210586 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:48:26.078998 0.238401 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 12:50:56.035316 2.958320 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:51:02.947409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:51:10.837533 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:51:26.619245 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:52:01.927412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:56:07.857446 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 12:56:07.857548 0.798185 tcp 10.0.2.19 52005 -> 90.156.118.144 5237 FSPA* 0 0 14 1512 flow=From-Botnet-V2-TCP-Established 1970/01/07 12:58:01.091650 2.963869 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 12:58:08.003064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:58:15.899461 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:58:32.392221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 12:59:03.954200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:05:05.476761 3.001633 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:05:12.484288 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:05:20.485786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:05:36.488607 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:06:08.494922 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:12:14.503484 3.001565 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:12:21.510937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:12:29.512393 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:12:45.515470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:13:17.521174 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:18:35.749347 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 13:18:35.749519 0.158137 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:36.631001 0.102906 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:36.734315 0.177411 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:36.912134 0.144113 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:37.056642 0.214358 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:37.271379 0.229613 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:37.501351 0.359838 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:37.861576 0.113135 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:37.975054 0.226483 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:38.201900 0.239707 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:38.442011 0.197267 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:38.639650 0.174985 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:38.815035 0.215244 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:39.030644 0.212723 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:39.243707 0.377965 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:39.622162 0.215372 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:39.837887 0.261647 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:40.099925 0.236989 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:40.337319 0.404286 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:40.741971 0.239859 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:40.982239 0.287769 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:41.270378 0.147441 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:41.418258 0.164323 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:41.582972 0.221415 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:41.804778 0.165555 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:41.970720 0.207824 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:42.178909 0.178606 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:42.357865 0.212467 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:42.570736 0.280512 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:42.851642 0.256058 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:43.108067 0.120205 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:43.228665 0.129704 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:43.358768 0.256638 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:43.615780 0.250072 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:43.866286 0.266088 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:44.132734 0.136052 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:44.269123 0.222248 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:44.491773 0.264123 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:44.756341 0.253971 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:45.010714 0.294930 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:18:45.306060 0.213132 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:19:21.527105 3.001997 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:19:28.535241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:19:36.536564 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:19:58.812035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:20:30.385064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:26:04.564814 0.000127 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 13:26:04.565037 0.982697 tcp 10.0.2.19 52006 -> 90.156.118.144 5237 FSPA* 0 0 14 1552 flow=From-Botnet-V2-TCP-Established 1970/01/07 13:26:30.654012 3.001961 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:26:37.661737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:26:45.663202 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:27:01.666523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:27:33.672875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:33:37.678467 3.001529 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:33:44.685606 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:33:52.687379 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:34:08.690129 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:34:40.996589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:40:46.003975 3.001946 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:40:53.011862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:41:01.013157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:41:17.015913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:41:49.022187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:47:55.301258 3.002308 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:48:02.309252 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:48:10.310184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:48:26.313302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:48:56.496965 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 13:48:56.497172 0.158108 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:48:56.655669 0.099599 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:48:56.755616 0.174224 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:48:56.930214 0.149783 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:48:57.080341 0.215251 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:48:57.295939 0.212912 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:48:57.509248 0.227986 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:48:57.737616 0.366575 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:02.004470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:49:02.011300 0.113104 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 559 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:02.124751 0.241318 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:02.366505 0.201709 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:02.568560 0.154200 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:02.723169 0.216756 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:02.940296 0.218515 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:03.159207 0.216915 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:03.376484 0.000000 udp 10.0.2.19 1701 -> 175.195.224.10 7151 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 13:49:20.323533 0.223066 tcp 10.0.2.19 52007 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 13:49:20.546751 0.196470 tcp 10.0.2.19 52008 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 13:49:20.743778 0.275178 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:21.019296 0.237235 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:21.256876 0.422906 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:21.680190 0.253365 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:21.933924 0.286590 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:22.220890 0.176974 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:22.398193 0.168138 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:22.566692 0.205880 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:22.772975 0.195785 udp 10.0.2.19 1701 <-> 78.164.123.17 10492 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:22.969113 0.162908 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:23.132420 0.228353 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:23.361133 0.254264 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:23.615843 0.219587 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:23.835779 0.244929 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:24.081056 1.129366 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:25.210802 0.136566 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:25.347716 0.251392 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:25.599491 1.066271 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:26.666198 0.220061 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:26.886609 0.262065 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:32.138782 0.264570 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:32.403757 0.152278 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:32.556425 0.209645 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:32.766481 0.237164 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:49:33.003996 0.292016 udp 10.0.2.19 1701 <-> 189.177.101.124 8150 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 13:55:06.010288 3.002029 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 13:55:13.018257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:55:21.019436 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:55:37.022905 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 13:56:08.588866 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 13:56:08.588956 0.792367 tcp 10.0.2.19 52009 -> 90.156.118.144 5237 FSPA* 0 0 14 1522 flow=From-Botnet-V2-TCP-Established 1970/01/07 13:56:09.028422 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:02:13.034665 3.001421 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 14:02:20.042128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:02:28.044000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:02:44.047226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:03:16.052666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:13:26.061877 3.002566 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 14:13:33.070238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:13:41.071024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:13:57.074245 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:14:29.080826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:19:39.677228 0.000052 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 14:19:39.677327 0.312864 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:39.990585 0.078727 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:40.069705 0.069254 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:40.139329 0.156365 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:40.296111 0.136547 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:40.433046 0.173214 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:40.606650 0.055837 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:40.662817 0.172698 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:40.835874 0.169114 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:41.005419 0.048046 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:41.053827 0.501967 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:41.556187 0.173004 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:41.729610 0.169493 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:41.899490 0.143272 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:42.043163 0.078144 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:42.121700 0.163131 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:42.285185 0.201919 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:42.487479 0.186478 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:42.674337 0.269000 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:42.943693 0.176781 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:43.120854 0.213948 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:43.335186 0.051874 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:43.387425 0.057162 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:43.444986 0.156237 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:43.601625 0.174032 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:43.776055 0.195314 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:43.971790 0.166821 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:19:44.139029 0.000000 udp 10.0.2.19 1701 -> 78.164.123.17 10492 INT 0 1 261 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 14:20:01.641326 0.044786 tcp 10.0.2.19 52010 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:20:01.686385 0.078535 tcp 10.0.2.19 52011 -> 173.194.70.94 80 SRPA* 0 0 19 15492 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:20:01.765512 0.118682 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:01.884577 0.198412 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.083363 0.043539 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.127244 0.064379 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.191972 0.184097 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.376463 0.176858 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.553707 0.156554 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.710642 0.052507 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.763506 0.128855 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:02.892730 0.188153 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:03.081267 0.207113 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:03.288776 0.190482 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:20:03.479627 0.000000 udp 10.0.2.19 1701 -> 189.177.101.124 8150 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 14:20:19.715967 0.045222 tcp 10.0.2.19 52012 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:20:19.761458 0.079129 tcp 10.0.2.19 52013 -> 173.194.70.94 80 SRPA* 0 0 19 15492 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:20:33.086398 3.001553 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 14:20:40.093601 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:20:48.095518 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:21:04.098629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:21:36.104273 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:26:09.387735 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 14:26:09.387838 0.663432 tcp 10.0.2.19 52014 -> 90.156.118.144 5237 FSPA* 0 0 14 1703 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:27:46.118264 3.002247 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 14:27:53.126063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:28:01.127640 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:28:17.131046 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:28:49.136893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:34:57.148259 3.001814 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 14:35:04.156388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:35:12.158018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:35:28.160454 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:36:00.167224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:42:04.172415 3.001842 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 14:42:11.210248 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:42:19.211938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:42:35.214310 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:43:07.220837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:49:11.225985 3.002358 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 14:49:18.234209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:49:26.235311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:49:42.239171 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:50:14.244837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:50:23.468407 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 14:50:23.468612 0.000000 udp 10.0.2.19 1701 -> 78.164.123.17 10492 INT 0 1 106 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 14:50:41.786783 0.168146 tcp 10.0.2.19 52015 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:50:41.954582 0.195804 tcp 10.0.2.19 52016 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:50:42.150955 0.000000 udp 10.0.2.19 1701 -> 189.177.101.124 8150 INT 0 1 262 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 14:51:00.873355 4.283523 tcp 10.0.2.19 52017 -> 173.194.70.99 80 SPA_* 0 0 6 613 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:51:06.008370 0.000459 tcp 10.0.2.19 52017 -> 173.194.70.99 80 FA_F* 0 0 5 1291 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:51:06.009178 1.756943 tcp 10.0.2.19 52018 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:51:07.766712 1.224769 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:08.991877 1.094056 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:10.086355 1.093458 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:11.180226 0.911931 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:12.092518 0.987583 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:13.080512 0.844403 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:13.925270 0.891600 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:14.817282 1.110083 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:15.927751 1.124185 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:17.052345 0.991256 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:18.044035 0.993343 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:19.037794 0.340354 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:19.378547 0.247358 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:19.626318 0.250444 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:19.877122 0.159498 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:20.036989 0.190938 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:20.228280 0.223207 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:20.451842 0.281667 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:20.733864 0.242608 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:20.976880 0.152750 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:21.130167 0.158767 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:21.289322 0.216426 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:21.506139 0.224119 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:21.730634 0.282299 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:22.013280 0.405961 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:22.419627 0.256783 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:22.676750 0.212965 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:22.890107 0.162294 udp 10.0.2.19 1701 <-> 93.109.245.154 1024 CON 0 0 2 198 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:23.052785 0.179266 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:23.232442 0.263481 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:23.496293 0.253682 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:23.750354 0.114354 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:23.865051 0.249749 udp 10.0.2.19 1701 <-> 90.189.57.28 8989 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:24.115184 0.213870 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:24.329438 0.251223 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:24.581023 0.265546 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:24.846905 0.276509 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:25.123980 0.212712 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:51:25.337143 0.136008 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 14:56:11.839148 4.295391 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/07 14:56:16.134698 0.875175 tcp 10.0.2.19 52019 -> 90.156.118.144 5237 FSPA* 0 0 15 1789 flow=From-Botnet-V2-TCP-Established 1970/01/07 14:56:22.116306 3.001693 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 14:56:29.123966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:56:37.125120 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:56:53.128362 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 14:57:26.476404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:03:30.481878 3.002181 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 15:03:37.489614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:03:45.490950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:04:01.493859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:04:33.500113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:10:40.840373 3.142258 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/07 15:10:45.985790 4.006298 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/07 15:10:57.993150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:11:13.995563 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:11:46.001588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:17:50.008138 3.001164 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 15:17:57.014989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:18:05.017182 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:18:21.019495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:18:53.025789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:21:59.484111 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 15:21:59.484293 0.210314 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:21:59.694975 0.151792 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:21:59.847221 0.218892 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:00.066497 0.159005 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:00.225882 0.229439 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:00.455708 0.099171 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:00.555292 0.137352 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:00.693029 0.379783 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:01.073243 0.361822 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:01.435460 0.221109 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:01.656951 0.209552 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:01.866874 0.112695 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:01.979952 0.181897 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:02.162213 0.198741 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:02.361315 0.241910 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:02.603586 0.236852 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:02.840825 0.218055 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:03.059233 0.263856 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:03.323469 0.240620 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:03.564445 0.146381 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:03.711283 0.225549 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:03.937195 0.166627 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:04.104188 0.216180 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:04.320751 0.255257 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:04.576350 0.291769 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:04.868517 0.421924 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:05.290805 0.225534 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:05.516731 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 1024 INT 0 1 137 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 15:22:24.302621 0.166917 tcp 10.0.2.19 52020 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:22:24.469788 0.198864 tcp 10.0.2.19 52021 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:22:24.669195 0.141551 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:24.811173 0.269611 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:25.081172 0.000000 udp 10.0.2.19 1701 -> 90.189.57.28 8989 INT 0 1 151 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 15:22:40.503995 0.203058 tcp 10.0.2.19 52022 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:22:40.707202 0.275073 tcp 10.0.2.19 52023 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:22:40.982832 0.230577 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:41.213768 0.225457 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:41.439584 0.113911 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:41.553840 0.242007 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:41.796238 0.266813 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:42.063401 0.269663 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:42.333486 0.210393 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:22:42.544302 0.134643 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:24:57.031745 3.001618 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 15:25:04.039165 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:25:12.040787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:25:28.043622 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:26:00.049506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:26:20.369432 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 15:26:20.369592 0.643965 tcp 10.0.2.19 52024 -> 90.156.118.144 5237 FSPA* 0 0 14 1758 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:32:04.055910 3.001485 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 15:32:11.063146 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:32:19.064415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:32:35.067507 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:33:07.073473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:39:11.079475 3.001883 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 15:39:18.087083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:39:26.088419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:39:42.091875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:40:14.097683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:46:18.103340 3.001882 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 15:46:25.111278 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:46:33.112667 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:46:49.115924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:47:21.121895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:52:51.737425 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 15:52:51.737639 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 1024 INT 0 1 272 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 15:53:08.253674 0.171514 tcp 10.0.2.19 52025 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:53:08.425505 0.214522 tcp 10.0.2.19 52026 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:53:08.640623 0.000000 udp 10.0.2.19 1701 -> 90.189.57.28 8989 INT 0 1 230 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 15:53:24.325783 0.165830 tcp 10.0.2.19 52027 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:53:24.491876 0.209212 tcp 10.0.2.19 52028 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 15:53:24.701624 0.212255 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:24.914276 0.152445 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:25.067138 0.228631 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:25.127336 3.001940 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 15:53:25.296161 0.099165 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:25.395664 0.142030 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:25.538056 0.161593 udp 10.0.2.19 1701 <-> 176.73.199.176 3735 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:25.700053 0.224174 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:25.924620 0.361013 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:26.286035 0.378763 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:26.665141 0.222795 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:26.888348 0.249683 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:27.138357 0.235478 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:27.374235 0.194132 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:27.568731 0.187450 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:27.756583 0.111015 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:27.867957 0.237823 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:28.106165 0.146467 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:28.252994 0.220552 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:28.474189 0.240454 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:28.714996 0.270456 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:28.985832 0.265951 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:29.252134 0.287203 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:29.539678 0.220243 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:29.760316 0.174095 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:29.934775 0.211983 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:30.147110 0.217219 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:30.364679 0.416634 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:30.781638 0.197113 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:30.979119 0.257327 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:31.236780 0.238659 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:31.475838 0.113237 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:31.589463 0.238046 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:31.827874 0.236833 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:32.065067 0.205665 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:32.135212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:53:32.271152 0.135400 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:32.406908 0.256358 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:32.663644 0.264558 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 15:53:40.136321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:53:56.139629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:54:28.145544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 15:56:21.018390 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 15:56:21.018543 1.054136 tcp 10.0.2.19 52029 -> 90.156.118.144 5237 FSPA* 0 0 14 1620 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:00:32.151189 3.001889 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 16:00:39.159159 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:00:47.160841 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:01:03.163373 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:01:38.814819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:07:42.820939 3.001591 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 16:07:49.828371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:07:57.980150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:08:13.983301 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:08:45.989118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:14:49.995104 3.001876 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 16:14:57.002624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:15:05.003839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:15:21.007132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:15:53.013207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:21:57.018886 3.001679 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 16:22:04.226814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:22:12.228025 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:22:28.231256 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:23:04.473371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:24:05.792090 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 16:24:05.792287 0.228238 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:06.020891 0.109078 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:06.130479 0.144358 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:06.275240 0.000000 udp 10.0.2.19 1701 -> 176.73.199.176 3735 INT 0 1 226 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 16:24:21.656488 0.170101 tcp 10.0.2.19 52030 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:24:21.826907 0.216344 tcp 10.0.2.19 52031 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:24:22.043776 0.218040 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:22.262234 0.161055 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:22.423706 0.224829 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:22.648926 0.355385 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:23.004688 0.374747 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:23.379827 0.237991 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:23.618204 0.194450 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:23.813031 0.163552 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:23.976991 0.110938 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:24.088246 0.213755 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:24.302390 0.227294 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:24.530063 0.239209 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:24.769666 0.147816 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:24.917853 0.223292 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:25.141495 0.250316 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:25.392173 0.289575 udp 10.0.2.19 1701 <-> 190.204.35.137 9661 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:25.682096 0.221868 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:25.904360 0.264764 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:26.169503 0.257326 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:26.427210 0.222717 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:26.650501 0.489180 udp 10.0.2.19 1701 <-> 171.97.1.132 15517 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:27.140054 0.164947 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:27.305392 0.259168 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:27.564976 0.180771 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:27.746137 0.261595 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:28.008088 0.235033 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:28.243477 0.120426 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:28.364275 0.238133 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:28.602810 0.137050 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:28.740199 0.267247 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:30.072101 0.226234 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:30.298686 0.749603 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:24:31.048656 0.268141 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:26:26.093530 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 16:26:26.093753 0.771694 tcp 10.0.2.19 52032 -> 90.156.118.144 5237 FSPA* 0 0 14 1575 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:29:08.479059 3.001893 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 16:29:15.486485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:29:23.488471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:29:39.491711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:30:11.497741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:36:15.503418 3.001786 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 16:36:22.510607 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:36:30.512272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:36:46.515634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:37:18.671724 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:43:22.677250 3.002276 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 16:43:29.685170 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:43:37.686592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:43:53.689809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:44:25.695215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:50:29.701313 3.001950 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 16:50:36.709047 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:50:44.710655 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:51:00.713543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:51:32.719470 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:54:41.200657 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 16:54:41.200959 0.000000 udp 10.0.2.19 1701 -> 176.73.199.176 3735 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 16:54:57.546472 2.540097 tcp 10.0.2.19 52033 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:55:00.086801 0.198733 tcp 10.0.2.19 52034 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:55:00.286215 0.233160 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:00.519798 0.099595 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:00.619760 0.150483 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:00.770568 0.214416 udp 10.0.2.19 1701 <-> 71.197.43.156 2982 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:00.985363 0.157067 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:01.142818 0.241351 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:01.384554 0.366775 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:01.751704 0.371125 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:02.123270 0.238018 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:02.361646 0.188957 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:02.550978 0.149528 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:02.700899 0.110948 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:02.812209 0.232923 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:03.045506 0.146643 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:03.192519 0.210088 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:03.403002 0.222013 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:03.625418 0.216675 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:03.842443 0.247012 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:04.089794 0.000000 udp 10.0.2.19 1701 -> 190.204.35.137 9661 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 16:55:22.641052 0.166251 tcp 10.0.2.19 52035 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:55:22.806876 0.199027 tcp 10.0.2.19 52036 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:55:23.006473 0.230099 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:23.236924 0.227211 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:23.464512 0.268706 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:23.733680 0.256855 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:23.990909 0.206529 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:24.197770 0.000000 udp 10.0.2.19 1701 -> 171.97.1.132 15517 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 16:55:40.968273 0.180706 tcp 10.0.2.19 52037 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:55:41.148893 0.195390 tcp 10.0.2.19 52038 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:55:41.344811 0.180769 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:41.525950 0.131499 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:41.657822 0.256800 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:41.915006 0.226002 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:42.141403 0.114302 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:42.256125 0.240285 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:42.496787 0.136310 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:42.633455 0.269945 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:42.903744 0.213585 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:43.117731 0.211810 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:55:43.329929 0.264221 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 16:56:28.084759 1.116201 tcp 10.0.2.19 52039 -> 90.156.118.144 5237 FSPA* 0 0 14 1546 flow=From-Botnet-V2-TCP-Established 1970/01/07 16:57:37.866760 3.002013 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 16:57:44.874744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:57:52.876088 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:58:08.879149 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 16:58:42.457573 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:04:46.493377 3.001850 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 17:04:53.500612 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:05:01.502480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:05:17.505485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:05:49.511824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:14:45.524301 3.001693 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 17:14:52.532012 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:15:00.533716 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:15:16.536571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:15:48.542907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:21:52.548234 3.001949 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 17:21:59.556050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:22:07.557757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:22:23.560490 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:22:55.566289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:25:55.586137 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 17:25:55.586307 0.000000 udp 10.0.2.19 1701 -> 190.204.35.137 9661 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 17:26:14.044531 0.170865 tcp 10.0.2.19 52040 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:26:14.215142 0.207302 tcp 10.0.2.19 52041 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:26:14.423090 0.000000 udp 10.0.2.19 1701 -> 171.97.1.132 15517 INT 0 1 102 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 17:26:29.975167 2.160654 tcp 10.0.2.19 52042 -> 90.156.118.144 5237 FSPA* 0 0 14 1679 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:26:32.890816 0.172550 tcp 10.0.2.19 52043 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:26:33.063149 0.208087 tcp 10.0.2.19 52044 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:26:33.271815 0.106448 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:33.378637 0.233465 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:33.612515 0.155469 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:33.768373 0.221591 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:33.990357 0.360941 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:34.351640 0.163313 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:34.515335 0.000000 udp 10.0.2.19 1701 -> 71.197.43.156 2982 INT 0 1 101 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 17:26:49.834726 0.166825 tcp 10.0.2.19 52045 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:26:50.001463 0.209929 tcp 10.0.2.19 52046 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:26:50.211945 0.161356 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:50.373672 0.111729 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:50.485766 0.240385 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:50.726539 0.364990 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:51.091959 0.194793 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 576 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:51.287182 0.219421 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:51.507001 0.216300 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:51.723666 0.148009 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:51.872034 0.242902 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:52.115375 0.220198 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:52.335980 0.247496 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:52.583819 0.255566 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:52.839725 0.215194 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:53.055284 0.216670 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:53.272327 0.268536 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:53.541256 0.223437 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:53.765070 0.135569 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:53.900980 0.259729 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:54.161134 0.152606 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:54.314120 0.503854 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:54.818413 0.236828 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:55.055606 0.142868 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:55.198839 0.257741 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:55.456964 0.218510 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:55.675852 0.226264 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:55.902506 0.211855 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:26:56.114717 0.273215 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:28:59.572360 3.001819 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 17:29:06.580044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:29:14.581417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:29:30.584683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:30:02.591118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:36:06.596353 3.001792 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 17:36:13.603861 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:36:21.605857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:36:37.608365 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:37:09.614449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:43:13.620190 3.001693 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 17:43:20.628131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:43:28.629244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:43:44.632302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:44:17.459549 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:50:21.465159 3.002374 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 17:50:28.472741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:50:36.474878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:50:52.477279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:51:24.483360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:56:32.536893 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 17:56:32.537116 0.702822 tcp 10.0.2.19 52047 -> 90.156.118.144 5237 FSPA* 0 0 14 1590 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:57:04.552572 0.000000 udp 10.0.2.19 1701 -> 71.197.43.156 2982 INT 0 1 90 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 17:57:09.550029 0.000155 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 17:57:21.540071 0.176902 tcp 10.0.2.19 52048 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:57:21.716717 0.201085 tcp 10.0.2.19 52049 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 17:57:21.918392 0.238910 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:22.157673 0.100595 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:22.258633 0.142887 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:22.401884 0.361135 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:22.763394 0.218607 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:22.982412 0.154188 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:23.136980 0.154843 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:23.292247 0.113794 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:23.406419 0.235317 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:23.642143 0.225471 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:23.867975 0.220853 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:24.089199 0.365249 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:24.454886 0.197822 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:24.653107 0.159789 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:24.813314 0.240948 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:25.054647 0.210220 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:25.265221 0.243967 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:25.509586 0.228361 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:25.738477 0.271935 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:26.010791 0.205579 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:26.216753 0.257230 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:26.474433 0.220068 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:26.694907 0.152566 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:26.847859 0.132068 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:26.980335 0.261461 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:27.242192 0.110888 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:27.353436 0.251434 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:27.605326 0.137710 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:27.743418 0.257096 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:28.000884 0.219037 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:28.220326 0.267157 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:28.487804 0.231428 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:28.489732 3.001848 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 17:57:28.719619 0.210120 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 17:57:35.497327 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:57:43.498449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:57:59.501528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 17:58:31.508055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:04:35.513452 3.001691 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 18:04:42.521264 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:04:50.522505 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:05:06.525640 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:05:38.531853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:14:41.544854 3.001864 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 18:14:48.552638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:14:56.554320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:15:12.556743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:15:44.563148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:21:48.568529 3.001870 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 18:21:55.576651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:22:03.577941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:22:19.581233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:22:51.586814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:26:33.245791 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 18:26:33.245967 2.085998 tcp 10.0.2.19 52050 -> 90.156.118.144 5237 FSPA* 0 0 14 1523 flow=From-Botnet-V2-TCP-Established 1970/01/07 18:27:57.096681 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 18:27:57.096859 0.146302 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:57.243561 0.374457 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:57.618379 0.228233 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:57.847060 0.111656 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:57.959074 0.334428 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:58.293919 0.159480 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:58.453757 0.153467 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:58.607630 0.114651 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:58.722702 0.235837 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:58.958925 0.367918 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:59.327229 0.190322 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:59.517958 0.146482 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:59.664852 0.246948 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:27:59.912171 0.216052 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:00.128693 0.245486 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:00.374583 0.210879 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:00.585876 0.247985 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:00.834254 0.293784 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:01.128450 0.256014 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:01.384875 0.219797 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:01.605053 0.281879 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:01.887278 0.206205 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:02.093889 0.167042 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:02.261345 0.135500 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:02.397203 0.268399 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 212 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:02.665981 0.113679 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:02.780038 0.248705 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:03.029101 0.137648 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:03.167112 0.278434 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:03.445927 0.233239 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:03.679554 0.679873 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:04.359782 0.215827 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:04.575984 0.214659 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:28:55.592429 3.002480 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 18:29:02.600148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:29:10.601865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:29:26.605120 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:29:58.760982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:36:02.767038 3.001507 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 18:36:09.774736 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:36:17.775886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:36:33.778786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:37:05.915533 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:43:09.921149 3.001913 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 18:43:16.928933 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:43:24.929775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:43:40.933244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:44:12.938935 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:50:16.944712 3.002160 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 18:50:23.952666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:50:31.954346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:50:47.956986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:51:19.962828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:56:35.457859 0.000272 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 18:56:35.458240 1.815170 tcp 10.0.2.19 52051 -> 90.156.118.144 5237 FSPA* 0 0 14 1674 flow=From-Botnet-V2-TCP-Established 1970/01/07 18:57:23.968756 3.001993 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 18:57:30.976765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:57:38.978246 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:57:54.981134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:58:08.340728 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 18:58:08.340894 0.711690 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:09.052966 1.334326 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:10.387683 1.420605 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:11.808673 1.101831 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:12.910914 0.857595 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:13.768881 0.110790 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:13.880102 0.412374 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:14.292817 0.102910 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:14.396071 0.252566 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:14.649031 0.561135 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:15.210553 0.454563 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:15.665553 0.714874 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:16.380813 0.960955 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:17.342151 0.937667 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:18.280187 1.042083 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:19.322661 0.980957 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:20.303997 1.145407 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:21.449834 1.118663 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:22.568845 1.137737 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:23.707001 1.068564 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:24.775932 1.113585 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:25.889930 0.437440 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 579 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:26.327730 0.265515 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:26.593726 0.260719 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:26.854806 0.211040 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:26.986871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 18:58:27.066249 0.290542 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:27.357202 0.242980 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:27.600573 0.135497 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:27.736488 0.275176 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:28.012047 0.813623 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:28.826043 0.257486 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:29.592886 0.233399 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 18:58:29.826699 0.208303 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:04:30.992672 3.002538 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 19:04:38.000495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:04:46.001918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:05:02.004788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:05:34.011335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:14:41.019648 3.001873 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 19:14:48.028030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:14:56.029132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:15:12.031807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:15:44.038717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:21:48.044235 3.001242 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 19:21:55.051457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:22:03.053462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:22:19.055828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:22:51.372479 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:26:37.428413 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 19:26:37.428610 0.721260 tcp 10.0.2.19 52052 -> 90.156.118.144 5237 FSPA* 0 0 14 1745 flow=From-Botnet-V2-TCP-Established 1970/01/07 19:28:34.546312 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 19:28:34.546501 0.141098 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:34.687967 0.548433 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:35.236762 0.218161 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:35.455318 0.150596 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:35.606352 0.153408 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:35.760124 0.114870 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:35.875368 0.231204 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:36.106977 0.114975 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 578 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:36.222339 0.231116 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:36.453892 0.368254 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:36.822536 0.199961 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:37.022847 0.146341 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:37.169569 0.249903 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:37.419858 0.217991 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:37.638260 0.225143 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:37.863749 0.224471 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:38.088635 0.242683 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:38.331692 0.218459 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:38.550511 0.254990 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:38.805904 0.222056 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:39.028363 0.268520 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:39.297305 0.181442 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:39.479155 0.243194 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 562 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:39.722731 0.266228 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:39.989373 0.221071 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:40.210823 0.115603 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:40.326799 0.235142 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:40.562367 0.136072 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:40.698816 0.267933 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:40.967159 0.234164 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:41.201701 0.259251 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:41.461370 0.214682 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:41.676481 0.214778 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:28:55.377837 3.002387 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 19:29:02.385880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:29:10.387154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:29:26.390325 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:29:58.396769 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:36:02.401990 3.002100 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 19:36:09.409646 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:36:17.411596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:36:33.414478 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:37:05.420881 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:43:09.426650 3.001401 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 19:43:16.433929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:43:28.761581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:43:42.541258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:44:14.547225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:50:18.553172 3.001971 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 19:50:25.560937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:50:33.562734 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:50:49.565682 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:51:21.571149 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:56:40.249912 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 19:56:40.250098 1.462342 tcp 10.0.2.19 52053 -> 90.156.118.144 5237 FSPA* 0 0 14 1671 flow=From-Botnet-V2-TCP-Established 1970/01/07 19:57:26.578426 3.001805 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 19:57:33.586589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:57:46.502253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:58:02.282349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:58:31.730130 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 19:58:58.979073 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 19:58:58.979254 0.140652 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:58:59.120286 0.162711 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:58:59.283410 0.153076 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:58:59.436871 0.111123 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:58:59.548378 0.455121 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:00.003859 0.281193 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:00.285491 0.235795 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:00.521666 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 19:59:18.700374 0.167292 tcp 10.0.2.19 52054 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 19:59:18.867548 0.209475 tcp 10.0.2.19 52055 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 19:59:19.077610 0.263255 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:19.341232 0.367921 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:19.709534 0.238616 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:19.948534 0.213341 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:20.162216 0.221852 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:20.384423 0.199067 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:20.583877 0.204380 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:20.788634 0.212625 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:21.001625 0.246819 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:21.248829 0.224384 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:21.473584 0.255849 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:21.729868 0.166019 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:21.896237 0.430101 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:22.326794 0.215012 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:22.542152 0.255049 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:22.797623 0.278390 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:23.076389 0.207795 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:23.284539 0.555687 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:23.840585 0.243855 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:24.084804 0.135170 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:24.220303 0.258222 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:24.478884 0.214745 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:24.693980 0.208753 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:24.903104 0.268707 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 19:59:25.172174 0.224810 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:04:35.735577 3.002441 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:04:42.743401 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:04:50.745241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:05:06.747899 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:05:41.307726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:11:56.319309 3.001395 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:12:03.327104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:12:11.328211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:12:27.331575 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:12:59.337714 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:19:04.344269 3.001841 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:19:11.351860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:19:25.480385 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:19:41.275440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:20:12.847493 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:26:13.502141 3.001426 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:26:20.508894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:26:28.510668 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:26:44.513816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:26:47.238341 1.199251 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/07 20:26:48.437621 3.820869 tcp 10.0.2.19 52056 -> 90.156.118.144 5237 FSPA* 0 0 14 1722 flow=From-Botnet-V2-TCP-Established 1970/01/07 20:27:17.110432 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:29:55.669143 0.000123 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 20:29:55.669359 0.133024 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:55.802775 0.113174 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:55.916367 0.358166 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:56.274965 0.163272 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:56.438616 0.146388 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:56.585412 0.174496 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:56.760277 0.232136 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:56.992831 0.218599 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:57.211783 0.235851 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:57.447984 0.218646 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:57.666994 0.367156 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:58.034529 0.252412 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:58.287297 0.217630 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:58.505322 0.217561 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:58.723220 0.175338 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:58.898910 0.247703 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:59.147008 0.243680 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:59.391068 0.169655 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:59.561078 0.279853 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:29:59.841302 0.387359 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:00.229015 0.255198 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:00.484592 0.278884 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:00.763904 0.224849 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:00.989137 0.421845 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:01.411454 0.218158 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:01.630177 0.114494 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:01.745051 0.252459 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:01.997920 0.136230 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:02.134518 0.208240 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:02.343134 0.286329 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:02.629882 0.275104 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:03.771366 0.214118 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:30:03.985818 0.892374 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 20:33:21.116336 3.002301 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:33:28.123937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:33:36.125257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:33:52.128961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:34:24.134272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:40:38.144693 3.001889 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:40:45.152591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:40:53.153562 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:41:17.032897 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:41:48.593971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:47:52.268739 3.002041 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:47:59.276528 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:48:07.277875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:48:24.973621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:48:58.552008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:55:02.557275 3.002357 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 20:55:09.564934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:55:17.566995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:55:33.569463 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:56:05.575434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 20:56:55.948998 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 20:56:55.949190 2.945991 tcp 10.0.2.19 52057 -> 90.156.118.144 5237 FSPA* 0 0 14 1664 flow=From-Botnet-V2-TCP-Established 1970/01/07 21:00:17.278239 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 21:00:17.278330 0.104333 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:17.383100 0.112295 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:17.495765 0.144427 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:17.640596 0.648249 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:18.289247 0.167019 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:18.456676 0.157114 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:18.614237 0.225861 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:18.840469 0.217089 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:19.057957 0.373452 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:19.431781 0.249482 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:19.681606 0.217530 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:19.899543 0.202144 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:20.102043 0.240592 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:20.343023 0.219354 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:20.562937 0.146163 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:20.709465 0.217851 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:20.927674 0.253027 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:21.181071 0.166403 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:21.347839 0.228595 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:21.576779 0.265442 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:21.842601 0.217304 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:22.060285 0.256500 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:22.317164 0.259005 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:22.576494 0.171304 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:22.748157 0.233770 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:22.982299 0.112536 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:23.095187 0.469149 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:23.564680 0.237577 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:23.802673 0.138511 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 581 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:23.941549 0.268052 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:24.209956 0.261929 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:24.472228 0.238419 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:00:24.711045 0.230437 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:02:09.581706 3.002039 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/07 21:02:16.589349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:02:24.590745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:02:40.593766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:03:12.730320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:13:30.740891 3.002359 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 21:13:37.748460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:13:49.655916 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:14:05.659114 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:14:37.664695 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:20:41.730318 3.002366 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 21:20:48.738233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:20:56.740117 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:21:12.743059 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:21:44.749121 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:27:01.194511 0.000101 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 21:27:01.194707 0.891710 tcp 10.0.2.19 52058 -> 90.156.118.144 5237 FSPA* 0 0 14 1652 flow=From-Botnet-V2-TCP-Established 1970/01/07 21:27:49.395871 3.001859 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 21:27:56.402780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:28:04.404450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:28:20.407575 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:28:52.413367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:30:37.815697 0.000077 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 21:30:37.815893 0.170874 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:37.987198 0.111785 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:38.099312 0.115936 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:38.215592 0.153733 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:38.369728 0.666403 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:39.036530 0.171722 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:39.208639 0.223850 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:39.432855 0.216333 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:39.649536 0.377871 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:40.027780 0.215874 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:40.244123 0.238487 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:40.483055 0.232812 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:40.716256 0.240634 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:40.957282 0.233349 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:41.190986 0.146417 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:41.337762 0.260992 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:41.599162 0.273505 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:41.873095 0.274033 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:42.147509 0.187948 udp 10.0.2.19 1701 <-> 46.49.109.30 8649 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:42.335800 0.230048 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:42.566217 0.253018 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:42.819625 0.352144 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:43.172135 0.209388 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:43.381946 0.261760 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:43.644068 0.330602 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:43.975042 0.147334 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:44.122753 0.593929 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:44.717055 0.310954 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:45.028406 0.243769 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:45.272532 0.133365 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:45.406449 0.227793 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:45.634609 0.267636 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:30:45.902617 0.294713 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 21:34:56.419366 3.002321 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 21:35:04.479187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:35:12.480367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:35:28.483067 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:36:00.489131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:42:04.494938 3.001904 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 21:42:11.502674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:42:19.504235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:42:35.507098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:43:07.513071 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:49:11.518960 3.001549 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 21:49:18.526853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:49:26.528294 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:49:42.530789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:50:14.537041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:56:18.542840 3.001878 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 21:56:25.550337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:56:33.551972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:56:49.555304 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 21:57:04.086116 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 21:57:04.086309 0.684859 tcp 10.0.2.19 52059 -> 90.156.118.144 5237 FSPA* 0 0 14 1576 flow=From-Botnet-V2-TCP-Established 1970/01/07 21:57:24.545578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:00:49.560780 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 22:00:49.560876 0.157226 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:49.718518 0.108353 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:49.827230 0.463639 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:50.291297 0.177746 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:50.469438 0.131634 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:50.601486 0.157958 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:50.759884 0.245827 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:51.006177 0.219972 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:51.226523 0.365259 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:51.592153 0.191776 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:51.784353 0.217325 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:52.002104 0.266732 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:52.269199 0.173528 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:52.443140 0.267003 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:52.710517 0.372599 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:53.083504 0.221438 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:53.305383 0.245444 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:53.551238 0.290407 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:00:53.842192 0.000000 udp 10.0.2.19 1701 -> 46.49.109.30 8649 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 22:01:11.173413 0.178280 tcp 10.0.2.19 52060 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 22:01:11.351518 0.206505 tcp 10.0.2.19 52061 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 22:01:11.558597 0.221414 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:11.780374 0.213669 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:11.994413 0.250117 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:12.244954 0.263711 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:12.509026 0.259677 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:12.769167 0.282817 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:13.052440 0.236635 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:13.289537 0.221524 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:13.511525 0.134653 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:13.646616 0.222334 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:13.869408 0.269834 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:14.139698 0.268920 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:14.409094 0.258885 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:01:14.668442 0.305769 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:03:28.551191 3.001481 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:03:35.559027 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:03:43.560210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:04:02.447445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:04:34.453678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:14:18.465004 3.002870 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:14:25.473073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:14:33.474973 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:14:49.477864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:15:21.483845 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:21:25.489725 3.001349 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:21:32.496868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:21:40.498730 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:21:56.501390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:22:28.507633 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:27:06.187781 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 22:27:06.187948 0.654747 tcp 10.0.2.19 52062 -> 90.156.118.144 5237 FSPA* 0 0 14 1574 flow=From-Botnet-V2-TCP-Established 1970/01/07 22:28:32.513298 3.001850 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:28:39.521680 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:28:47.523089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:29:03.526199 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:29:35.532018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:31:35.074206 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 22:31:35.074383 0.000000 udp 10.0.2.19 1701 -> 46.49.109.30 8649 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/07 22:31:51.659708 0.192662 tcp 10.0.2.19 52063 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/07 22:31:51.826359 0.233787 tcp 10.0.2.19 52064 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/07 22:31:52.060716 0.442523 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:52.503651 0.154316 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:52.658400 0.110372 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:52.769223 0.151504 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:52.921091 0.107327 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:53.028755 0.213864 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:53.243017 0.372012 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:53.615427 0.195885 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:53.811681 0.225532 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:54.037576 0.247644 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:54.285687 0.147337 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:54.433476 0.242191 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:54.676125 0.220775 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:54.897352 0.220876 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:55.118672 0.238318 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:55.357447 0.250981 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:55.608894 0.252393 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:55.861751 0.283324 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:56.145495 0.220751 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:56.366634 0.261703 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:56.628707 0.222556 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:56.851619 0.209763 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:57.061780 0.254475 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:57.316641 0.317223 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:57.634377 0.114323 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:57.749060 0.216647 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:57.966105 0.131921 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:58.098373 0.240628 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:58.339408 0.259056 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:58.598840 0.232139 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:58.831386 0.290598 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:31:59.122538 0.324896 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 22:35:41.540502 3.002179 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:35:48.548311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:35:56.549586 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:36:12.552629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:36:44.558697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:42:48.564159 3.002356 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:42:55.571779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:43:03.573336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:43:19.576148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:43:51.582346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:49:57.701044 3.001986 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:50:04.709126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:50:12.710666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:50:28.713420 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:51:00.719651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:57:08.731147 3.002031 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 22:57:08.949383 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 22:57:08.949563 0.787535 tcp 10.0.2.19 52065 -> 90.156.118.144 5237 FSPA* 0 0 14 1574 flow=From-Botnet-V2-TCP-Established 1970/01/07 22:57:18.763332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:57:26.764753 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:57:42.767870 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 22:58:14.773824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:02:13.978268 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 23:02:13.978473 0.114523 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:14.093347 0.143358 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:14.237061 0.104899 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:14.342356 0.397123 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:14.739890 0.156927 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:14.897171 0.152099 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:15.049645 0.225482 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:15.275527 0.381888 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:15.657795 0.224925 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:15.883105 0.246411 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:16.129860 0.156052 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:16.286312 0.197179 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:16.483865 0.216670 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 577 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:16.700888 0.305834 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:17.007093 0.215948 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:17.223379 0.242270 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:17.466082 0.245779 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:18.912146 0.280518 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:19.193032 0.226524 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:19.419924 0.250239 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:19.670567 0.254460 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:19.925452 0.312559 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:20.238377 0.516964 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:20.755740 0.209952 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:20.966153 0.116403 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:21.082959 0.218764 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:21.302069 0.133661 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:21.436114 0.236738 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:21.673237 0.260168 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:21.933806 0.311408 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:22.245628 0.923703 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:02:23.169758 0.229740 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:04:25.779255 3.001898 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:04:32.786845 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:04:40.788885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:04:58.173254 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:05:30.981049 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:14:47.993675 3.002370 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:14:55.001778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:15:03.003421 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:15:19.005972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:15:51.012413 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:21:55.018262 3.001541 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:22:02.025814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:22:10.027291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:22:26.029988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:22:58.035796 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:27:13.954824 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 23:27:13.955020 0.695787 tcp 10.0.2.19 52066 -> 90.156.118.144 5237 FSPA* 0 0 14 1679 flow=From-Botnet-V2-TCP-Established 1970/01/07 23:29:05.386477 3.002311 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:29:12.394347 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:29:20.396138 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:29:36.399093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:30:11.759689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:32:37.990354 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 23:32:37.990531 0.115311 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:38.106247 0.423318 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:38.529962 0.178230 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:38.708625 0.153834 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:38.862863 0.224011 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:39.087278 0.154309 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:39.241921 0.100134 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:39.342410 0.381767 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:39.724557 0.223073 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:39.948027 0.220713 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:40.169150 0.146493 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:40.316057 0.194139 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:40.510537 0.224216 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:40.735122 0.247061 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:40.982575 0.222187 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:41.205150 0.242171 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:41.447710 0.245668 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:41.693796 0.253664 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:41.947820 0.257777 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:42.205958 0.314256 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:42.520618 0.288758 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 570 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:42.809775 0.216012 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:43.026261 0.136164 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:43.162794 0.218646 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:43.381866 0.114174 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:43.496407 0.214723 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:43.711543 0.138860 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:43.850774 0.313725 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:44.164865 0.241981 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:44.407233 0.294776 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:44.702368 0.282236 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:32:44.985012 0.235414 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/07 23:36:16.536469 3.001992 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:36:23.543968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:36:31.545589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:36:47.549209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:37:19.554745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:43:27.566733 3.001874 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:43:34.574021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:43:42.575674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:43:58.578870 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:44:30.584666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:50:35.221213 3.002172 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:50:42.228801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:50:50.230825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:51:06.233229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:51:38.239477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:57:16.977039 0.000144 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/07 23:57:16.977275 0.700178 tcp 10.0.2.19 52067 -> 90.156.118.144 5237 FSPA* 0 0 14 1759 flow=From-Botnet-V2-TCP-Established 1970/01/07 23:57:44.248247 3.001377 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/07 23:57:51.255415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:57:59.257387 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:58:15.260381 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/07 23:58:47.266569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:02:48.403209 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 00:02:48.403432 0.162108 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:48.565901 0.169044 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:48.735327 0.112000 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:48.847779 0.360891 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:49.209018 0.218834 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:49.428218 0.140107 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:49.568704 0.106967 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:49.676067 0.372941 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:50.049435 0.225740 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:50.275555 0.205627 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:50.481591 0.221538 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:50.703500 0.246297 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:50.950383 0.214820 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:51.165600 0.147730 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:51.313694 0.211783 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:51.525848 0.249973 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:51.776175 0.257149 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:52.033771 0.258737 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:52.292865 0.276256 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:52.569468 0.234299 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:52.804103 0.129355 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:52.933858 0.259560 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:53.193769 0.329980 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:53.524104 0.208425 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:53.732943 0.119354 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:53.852713 0.251694 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:54.104797 0.136589 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:02:54.241737 0.000000 udp 10.0.2.19 1701 -> 66.226.34.247 4310 INT 0 1 100 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 00:03:09.665905 0.176364 tcp 10.0.2.19 52068 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 00:03:09.842527 0.194029 tcp 10.0.2.19 52069 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 00:03:10.037504 0.263594 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:03:10.301453 0.238266 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:03:10.540154 0.234966 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:03:10.775454 0.328549 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 255 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:04:51.271589 3.002867 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:04:58.279995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:05:06.280883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:05:22.284009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:05:54.290029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:15:03.301825 3.001823 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:15:10.309860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:15:18.311163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:15:34.314314 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:16:06.319940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:22:10.326190 3.001629 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:22:17.333428 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:22:25.335058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:22:41.337940 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:23:13.344022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:27:17.685732 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 00:27:17.685928 3.434755 tcp 10.0.2.19 52070 -> 90.156.118.144 5237 FSPA* 0 0 14 1609 flow=From-Botnet-V2-TCP-Established 1970/01/08 00:29:17.349459 3.002277 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:29:24.357913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:29:32.358893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:29:48.362164 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:30:20.368293 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:33:25.835021 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 00:33:25.835236 0.305191 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:26.140827 0.112360 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:26.253577 0.156125 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:26.410233 0.150511 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:26.561138 0.136017 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:26.697518 0.101174 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:26.799115 0.367936 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:27.167496 0.213497 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:27.381405 0.233552 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:27.615341 0.379920 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:27.995657 0.221330 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:28.217370 0.191947 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:28.409714 0.264672 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:28.674756 0.147138 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:28.822437 0.211772 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:29.034571 0.245094 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:29.280084 0.222736 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:29.503186 0.223602 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:29.727180 0.244412 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:29.971973 0.261719 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:30.234051 0.266765 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:30.501210 0.317565 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:30.819167 0.223546 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:31.043106 0.114944 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:31.158427 0.130525 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:31.289345 0.254668 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:31.544438 0.212495 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:31.757330 0.137392 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:31.895092 0.241234 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:32.136694 0.256394 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:32.393477 0.545040 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:33:32.938874 0.300893 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 00:36:24.373894 3.001916 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:36:31.381836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:36:39.383348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:36:55.385932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:37:27.391998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:43:31.398111 3.001982 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:43:38.405831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:43:46.407226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:44:05.174098 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:44:38.862331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:50:42.868207 3.001639 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:50:49.875954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:50:57.877340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:51:13.880133 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:51:48.680683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:57:37.426559 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 00:57:37.426673 0.724791 tcp 10.0.2.19 52071 -> 90.156.118.144 5237 FSPA* 0 0 14 1648 flow=From-Botnet-V2-TCP-Established 1970/01/08 00:58:05.080417 2.963110 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 00:58:11.989894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:58:22.266334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:58:38.044715 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 00:59:09.627034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:04:15.172938 0.000093 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 01:04:15.173127 0.158824 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:15.332427 0.163817 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:15.496658 0.140427 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:15.637497 0.316726 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:15.954616 0.112848 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:16.067881 0.100330 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:16.168608 0.397001 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:16.565992 0.221765 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:16.788161 0.226308 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:17.014864 0.204126 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:17.219432 0.268051 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:17.487909 0.379492 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:17.867811 0.216913 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:18.085110 0.148264 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:18.233778 0.207213 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:18.441414 0.231396 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:18.673241 0.226793 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:23.516491 0.226386 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:23.743441 0.269580 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:24.013563 0.247375 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:24.261348 0.252623 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:24.514695 0.326120 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:24.841256 0.217528 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:25.059244 0.121665 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:25.181383 0.142518 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:25.324257 0.259299 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:25.583992 0.232682 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:25.817074 0.378957 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:26.196454 0.328464 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:26.525304 0.132410 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:26.658165 0.232283 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:04:26.890865 0.280092 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:05:11.310849 2.953532 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:05:18.221918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:05:26.113090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:05:41.887673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:06:14.173532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:12:44.788822 2.954363 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:12:51.701626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:12:59.593506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:13:15.459080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:13:47.210013 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:19:46.294427 2.967491 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:19:53.209089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:20:01.106918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:20:16.898602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:20:48.888140 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:26:55.687845 2.965676 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:27:02.603893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:27:10.502429 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:27:26.294156 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:27:29.758870 0.000040 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 01:27:29.758964 0.759776 tcp 10.0.2.19 52072 -> 90.156.118.144 5237 FSPA* 0 0 14 1589 flow=From-Botnet-V2-TCP-Established 1970/01/08 01:27:56.006852 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:34:00.012436 3.001429 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:34:07.019918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:34:15.021593 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:34:31.024126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:34:39.367027 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 01:34:39.367207 0.145960 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:39.513524 0.313308 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:39.827183 0.117599 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:39.945118 0.104131 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:40.049669 0.156218 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:40.206256 0.158168 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:40.364741 0.360251 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:40.725353 0.219097 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:40.944875 0.227720 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:41.172952 0.197377 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:41.370715 0.216812 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:41.587891 0.147062 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:41.735341 0.217290 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:41.953065 0.239503 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:42.192937 0.363895 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:42.557200 0.236668 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:42.794294 0.230041 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:43.024722 0.223439 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:43.248526 0.277226 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:43.526127 0.000000 udp 10.0.2.19 1701 -> 99.42.113.147 7090 INT 0 1 223 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 01:34:59.267990 0.168863 tcp 10.0.2.19 52073 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 01:34:59.436650 0.214718 tcp 10.0.2.19 52074 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 01:34:59.651963 0.218402 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:59.870724 0.117569 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:34:59.988662 0.132521 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:00.121607 0.258232 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:00.380245 0.253771 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:00.634545 0.325236 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:00.960142 0.335467 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:01.295968 0.255972 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:01.552303 0.209503 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:02.653866 0.136844 rtcp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:02.791096 0.227022 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:03.018492 0.300923 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 01:35:03.030279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:41:07.036366 3.001886 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:41:14.043711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:41:22.045632 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:41:38.048671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:42:10.054313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:48:14.060391 3.002262 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:48:21.067719 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:48:29.069124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:48:45.072664 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:49:17.078510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:55:21.084549 3.001610 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 01:55:28.092044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:55:36.093218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:55:52.096319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:56:24.102363 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 01:57:28.285013 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 01:57:28.285187 0.672714 tcp 10.0.2.19 52075 -> 90.156.118.144 5237 FSPA* 0 0 14 1693 flow=From-Botnet-V2-TCP-Established 1970/01/08 02:02:28.108237 3.001679 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:02:35.115679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:02:43.117572 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:02:59.120292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:03:31.126333 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:05:24.109062 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 02:05:24.109251 0.240777 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:24.350420 0.163984 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:24.514762 0.103601 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:24.714750 0.151972 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:24.867106 0.154871 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:25.022406 0.308007 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:25.330796 0.113226 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:25.444416 0.230332 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:25.675178 0.209341 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:25.884896 0.359687 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:26.244953 0.296187 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:26.541552 0.243441 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:26.785360 0.541602 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:27.327367 0.147317 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:27.475074 0.213590 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:27.689019 0.241371 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:27.930797 0.222950 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:28.154136 0.266361 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:28.420885 0.236570 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:28.657828 0.261171 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:28.919381 0.133913 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:29.053662 0.283616 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:29.337654 0.333933 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:29.671958 0.226852 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:29.899175 0.248805 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:30.148393 0.314824 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:30.463632 0.234099 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:30.698217 0.258017 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:30.956634 0.226590 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:31.183570 0.332979 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:31.516957 0.206038 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:05:31.723464 0.136403 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 208 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:13:50.139001 3.001536 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:13:57.146595 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:14:05.148318 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:14:21.150737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:14:53.697944 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:20:57.703766 3.001829 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:21:04.711200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:21:12.712529 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:21:28.715607 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:22:00.721669 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:27:29.234675 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 02:27:29.234868 0.711247 tcp 10.0.2.19 52076 -> 90.156.118.144 5237 FSPA* 0 0 14 1560 flow=From-Botnet-V2-TCP-Established 1970/01/08 02:28:09.734557 3.001687 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:28:16.742193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:28:24.744105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:28:40.747305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:29:12.752539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:35:19.763099 3.002046 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:35:26.771167 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:35:34.771989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:35:48.252076 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 02:35:48.252316 0.237472 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:48.490374 0.139331 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:48.630123 0.151610 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:48.782153 0.297418 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:49.080028 0.112969 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:49.193408 0.104676 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:49.298523 0.180188 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:49.479079 0.227050 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:49.706528 0.200765 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:49.907704 0.356264 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:50.264325 0.215454 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:50.480177 0.147344 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:50.627884 0.219633 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:50.775177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:35:50.847933 0.364531 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:51.212900 0.231892 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:51.445157 0.255863 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:51.701419 0.230234 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:51.932049 0.266586 rtcp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:52.199040 0.127932 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:52.327318 0.256163 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:52.583885 0.245634 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:52.829867 0.238543 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:53.068789 0.255686 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:53.324840 0.212114 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:53.537372 0.114998 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:53.652719 0.311435 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:53.964567 0.222603 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:54.187597 0.304167 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:54.492171 0.238437 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:54.731070 0.308632 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:55.040127 0.209660 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:35:55.250266 0.135579 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 02:36:22.780908 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:42:26.787260 3.001450 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:42:33.794895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:42:41.795948 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:42:57.799259 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:43:29.805452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:49:33.810901 3.001551 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:49:40.818693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:49:48.819748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:50:04.823349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:50:57.402924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:56:56.468866 2.966477 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 02:57:03.379290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:57:11.272491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:57:33.962178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 02:57:51.803011 2.335455 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 02:57:54.138555 4.204101 tcp 10.0.2.19 52077 -> 90.156.118.144 5237 FSPA* 0 0 14 1657 flow=From-Botnet-V2-TCP-Established 1970/01/08 02:58:07.864596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:04:08.867800 2.957407 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:04:15.779836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:04:23.672987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:04:39.454282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:05:11.020211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:06:36.019380 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 03:06:36.019549 0.167210 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:36.187243 0.253715 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:36.441368 0.139841 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:36.581628 0.313600 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:36.895646 0.112151 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:37.008182 0.211021 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:37.219642 0.159219 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:37.379250 0.236566 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:37.616235 0.191019 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:37.807695 0.145365 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:37.953439 0.222888 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:38.176775 0.359777 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:38.536920 0.223288 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:38.760592 0.241096 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:39.002149 0.442682 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:39.445218 0.221232 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:39.666881 0.218851 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:39.886345 0.277664 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:40.164382 0.130454 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:40.295266 0.257719 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:40.553363 0.226182 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:40.780016 0.217415 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:40.997853 0.149251 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:41.147513 0.238779 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:41.386762 0.256678 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:41.643840 0.308662 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:41.952906 0.228349 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:42.181627 0.325763 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:42.507769 0.234783 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:42.742957 0.136005 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:42.879417 0.267485 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:06:43.147331 0.229114 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:14:47.558955 2.967176 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:14:54.470761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:15:02.365197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:15:18.148062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:15:49.714938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:21:48.834759 2.957726 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:21:55.747674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:22:03.641124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:22:19.424224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:22:51.841954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:27:40.129340 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 03:27:40.129495 0.948183 tcp 10.0.2.19 52078 -> 90.156.118.144 5237 FSPA* 0 0 14 1559 flow=From-Botnet-V2-TCP-Established 1970/01/08 03:28:50.911766 2.964460 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:28:57.826367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:29:05.720610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:29:21.515142 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:29:51.113989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:35:55.120328 3.001330 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:36:02.127844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:36:10.129091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:36:26.132368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:36:41.714950 0.000108 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 03:36:41.715158 0.176561 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:36:41.892120 0.306559 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:36:42.199114 0.114949 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:36:42.314488 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 205 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 03:36:58.137984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:36:59.843468 0.189092 tcp 10.0.2.19 52079 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 03:37:00.032705 0.200112 tcp 10.0.2.19 52080 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 03:37:00.233433 0.253951 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:00.909502 0.212421 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:01.122323 0.157284 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:01.280028 0.253629 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:01.534142 0.238211 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:01.772752 0.165254 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:01.938397 0.224852 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:02.163641 0.244895 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:02.408907 0.355282 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:02.764579 0.294129 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:03.059080 0.368353 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:03.427835 0.241987 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:03.670376 0.247002 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:03.917731 0.263464 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:04.181546 0.219378 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:04.401332 0.213096 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:04.614836 0.114437 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:04.729668 0.131308 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:04.861367 0.260383 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:05.122254 0.239174 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:05.361832 0.300679 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:05.662893 0.315781 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:05.979036 0.226757 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:06.206207 0.206011 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:06.412604 0.257008 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:06.670225 0.305026 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:06.975621 0.238916 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:37:07.214958 0.212382 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 03:43:10.145369 3.001448 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:43:17.153139 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:43:25.154639 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:43:41.157782 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:44:13.163515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:50:17.168982 3.002196 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:50:24.177000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:50:32.178671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:50:48.181253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:51:20.187759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:57:24.193041 3.002198 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 03:57:31.201208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:57:37.300644 0.000116 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 03:57:37.300846 0.719996 tcp 10.0.2.19 52081 -> 90.156.118.144 5237 FSPA* 0 0 14 1646 flow=From-Botnet-V2-TCP-Established 1970/01/08 03:57:39.202334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:57:55.205665 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 03:58:27.211765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:04:31.217595 3.001132 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:04:38.224766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:04:46.396592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:05:02.399694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:05:36.608674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:07:31.123748 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 04:07:31.123906 0.100660 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:31.224922 0.160518 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:31.385798 0.256862 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:31.643048 0.111196 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:31.754602 0.241417 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:31.996420 0.140153 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:32.136947 0.161511 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:32.298859 0.245470 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:32.544728 0.191087 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:32.736190 0.145704 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:32.882261 0.220139 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:33.102758 0.219605 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:33.322726 0.260039 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:33.583195 0.361810 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:33.945386 0.387452 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:34.333221 0.226298 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:34.559908 0.235589 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:34.795843 0.279476 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:35.075737 0.216365 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:35.292527 0.129280 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:35.422292 0.274887 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:35.697558 0.244553 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:35.942521 0.254234 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:36.197107 0.206141 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:36.403647 0.143189 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:36.547193 0.255020 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:36.802617 0.222928 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:37.025896 0.135094 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:37.161341 0.271244 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:37.432976 0.217106 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:37.655373 0.307969 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:07:37.963728 0.242055 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:11:44.710230 3.002078 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:11:51.717969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:11:59.719260 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:12:15.722737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:12:48.930335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:18:54.939128 3.002142 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:19:01.946678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:19:09.948248 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:19:25.951249 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:20:05.416850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:26:04.066462 3.181853 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:26:11.254238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:26:19.255688 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:26:35.258531 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:27:07.264152 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:27:44.048149 0.000168 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 04:27:44.048456 2.638431 tcp 10.0.2.19 52082 -> 90.156.118.144 5237 FSPA* 0 0 14 1644 flow=From-Botnet-V2-TCP-Established 1970/01/08 04:33:11.270665 3.001369 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:33:18.277870 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:33:29.734655 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:33:45.737468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:34:17.743154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:38:05.531216 0.219748 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 04:38:05.751594 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 141 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 04:38:23.779975 0.166603 tcp 10.0.2.19 52083 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 04:38:23.946476 0.200261 tcp 10.0.2.19 52084 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 04:38:24.147314 0.187192 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:24.334906 0.252624 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:24.587909 0.151063 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:24.739365 0.152273 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:24.892001 0.218261 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:25.110646 0.114737 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:25.225747 0.239002 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:25.465163 0.201579 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:25.667129 0.147740 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:25.815237 0.220212 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 211 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:26.035827 0.220376 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:26.256572 0.240630 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:26.497593 0.354468 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:26.852406 0.378010 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:27.230849 0.214928 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:27.446198 0.229996 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:27.676588 0.279363 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:27.956346 0.256182 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:28.212926 0.225607 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:28.438949 0.131649 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:28.571034 0.220729 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:28.792126 0.111485 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:28.904000 0.236667 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:29.141103 0.251833 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:29.393270 0.218795 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:29.612405 0.232343 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:29.845107 0.138060 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 252 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:29.983566 0.517141 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:30.501062 0.739256 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:31.240717 0.277164 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:38:31.518298 0.245968 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 04:40:21.849564 3.001890 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:40:28.856909 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:40:36.858169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:40:52.861210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:41:24.867791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:47:28.873318 3.001907 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:47:35.881030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:47:44.553614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:48:00.556131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:48:38.661415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:54:38.660723 3.002213 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 04:54:45.668914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:54:53.670324 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:55:12.316865 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:55:44.323177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 04:57:52.658244 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 04:57:52.658341 0.846754 tcp 10.0.2.19 52085 -> 90.156.118.144 5237 FSPA* 0 0 14 1515 flow=From-Botnet-V2-TCP-Established 1970/01/08 05:01:52.364964 3.001675 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:01:59.372543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:02:07.374289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:02:23.376988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:02:55.382906 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:08:44.194777 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 05:08:44.194957 0.103156 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:44.298512 0.175326 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:44.474244 0.179213 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:44.653879 0.278163 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:44.932405 0.154990 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:45.087734 0.214375 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:45.302480 0.112765 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:45.415590 0.247014 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:45.663023 0.198400 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:45.861796 0.148905 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:46.011059 0.259572 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:46.271038 0.463002 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:46.734443 0.231392 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:46.966415 0.273143 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:47.239969 0.370563 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:47.610895 0.218033 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:47.829290 0.253589 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:48.084070 0.226444 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:48.310865 0.128310 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:48.439571 0.212250 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:48.652194 0.307684 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:48.960225 0.254783 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:49.215354 0.120204 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:49.335944 0.240994 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:49.577294 0.255670 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:49.833375 0.220991 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:50.054745 0.328840 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:50.383993 0.185517 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:50.569869 0.262062 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:50.832342 0.240570 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:51.073264 0.213877 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:51.287541 0.268811 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:08:59.388890 3.001411 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:09:06.396576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:09:14.398265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:09:30.401350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:10:02.407120 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:16:06.412430 3.001862 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:16:13.420195 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:16:21.421891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:16:40.639477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:17:13.386856 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:23:18.393971 3.002095 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:23:25.401757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:23:33.402883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:23:49.406065 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:24:21.412077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:27:55.490445 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 05:27:55.490650 0.862307 tcp 10.0.2.19 52086 -> 90.156.118.144 5237 FSPA* 0 0 14 1518 flow=From-Botnet-V2-TCP-Established 1970/01/08 05:30:50.424103 3.001807 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:30:57.431221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:31:05.432922 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:31:21.435538 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:31:53.441701 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:37:57.447258 3.002062 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:38:04.455212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:38:12.457135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:38:28.459534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:39:00.466214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:39:11.612176 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 05:39:11.612279 0.100630 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:11.713275 0.187368 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:11.901019 0.163051 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:12.064444 0.221866 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:12.286678 0.120315 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:12.407357 0.189545 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:12.597278 0.239032 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:12.836664 0.225636 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:13.062707 0.199449 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:13.262474 0.147472 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:13.410264 0.251013 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:13.661619 0.217488 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:13.879494 0.374279 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:14.254351 0.360247 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:14.614971 0.227326 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:14.842644 0.212038 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:15.055095 0.217343 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:15.272780 0.244824 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:15.517960 0.133556 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:15.651915 0.255420 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:15.907738 0.112914 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:16.021038 0.241117 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:16.262538 0.210231 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:16.473139 0.278447 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:16.751995 0.256518 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:17.008876 0.222442 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:17.231692 0.243579 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:17.475662 0.145641 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:17.621690 0.220210 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:17.842394 0.271609 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:18.114409 0.267126 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:39:18.381920 0.250533 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 05:45:04.471461 3.001913 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:45:11.479412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:45:19.481010 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:45:35.483939 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:46:07.960591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:52:11.966541 3.001316 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:52:18.974064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:52:26.975335 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:52:42.978181 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:53:14.984926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:57:56.590008 1.022821 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/08 05:57:57.612934 0.794090 tcp 10.0.2.19 52087 -> 90.156.118.144 5237 FSPA* 0 0 14 1569 flow=From-Botnet-V2-TCP-Established 1970/01/08 05:59:19.502087 3.000736 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 05:59:26.508570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:59:34.509923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 05:59:50.512860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:00:22.519200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:06:30.530941 3.001328 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:06:37.538311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:06:45.540028 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:07:01.542836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:07:33.549124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:09:33.421892 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 06:09:33.422052 0.154814 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:33.577247 0.218410 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:33.796045 0.109245 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:33.905670 0.155415 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:34.061458 0.102789 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:34.164613 0.184271 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:34.349226 0.249386 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:34.598978 0.230873 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:34.830229 0.195026 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:35.025642 0.145244 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:35.171223 0.373436 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:35.544998 0.355395 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:35.900777 0.259200 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:36.160410 0.225267 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:36.386059 0.219365 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:36.605800 0.215836 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:36.822012 0.219388 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:37.041776 0.254372 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:37.297119 0.112982 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:37.410501 0.233206 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:37.644123 0.207912 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:37.852465 0.125590 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:37.978561 0.256137 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:38.235052 0.267756 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:38.503191 0.258610 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:38.762211 0.230981 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:38.993592 0.476568 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:39.470509 0.138469 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:39.609343 0.267420 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:39.877166 0.209900 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:40.087444 0.342043 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:09:40.429848 0.234212 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:13:37.554705 3.002174 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:13:44.562091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:13:52.563980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:14:08.566648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:14:41.173753 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:20:45.179822 3.001638 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:20:52.187295 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:21:00.188419 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:21:16.192011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:21:48.638340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:27:54.647373 3.001684 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:27:58.931369 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 06:27:58.931528 4.718898 tcp 10.0.2.19 52088 -> 90.156.118.144 5237 FSPA* 0 0 14 1726 flow=From-Botnet-V2-TCP-Established 1970/01/08 06:28:01.654576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:28:09.656316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:28:25.659287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:28:58.085478 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:35:03.093366 3.001772 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:35:10.100548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:35:18.101964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:35:34.105239 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:36:06.111488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:40:04.754753 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 06:40:04.754946 0.131469 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:04.886796 0.160271 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:05.047422 0.104981 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:05.152796 0.161775 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:05.314932 0.220039 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:05.535329 0.138331 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:05.674200 0.239704 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:05.914411 0.226611 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:06.141406 0.202844 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:06.344636 0.146303 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:06.491351 0.369005 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:06.860787 0.228035 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:07.089178 0.217675 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:07.307279 0.000000 udp 10.0.2.19 1701 -> 113.108.254.151 7824 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 06:40:23.604479 0.167822 tcp 10.0.2.19 52089 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 06:40:23.771990 0.213768 tcp 10.0.2.19 52090 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 06:40:23.986500 0.255033 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:24.241945 0.214411 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:24.456739 0.218912 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:24.676046 0.238713 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:24.915165 0.121292 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:25.036809 0.129287 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:25.166467 0.238924 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:25.405762 0.211861 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:25.618195 0.256092 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:25.874830 0.256712 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:26.131925 0.267735 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:26.400083 0.216918 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:26.617406 0.240330 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:26.858139 0.135751 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:26.994258 0.261101 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:27.255785 0.249059 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:27.505225 0.266442 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:40:27.772038 0.238778 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 06:42:10.116702 3.002445 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:42:17.124884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:42:25.126009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:42:41.128853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:43:15.809130 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:49:21.817647 3.002123 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:49:28.825207 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:49:36.827253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:49:52.830162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:50:24.836030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:56:28.842030 3.001541 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 06:56:35.849229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:56:43.850793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:56:59.854131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:57:31.859829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 06:58:05.177930 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 06:58:05.178130 0.791448 tcp 10.0.2.19 52091 -> 90.156.118.144 5237 FSPA* 0 0 14 1562 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:03:35.865291 3.002712 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 07:03:42.873197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:03:50.874985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:04:06.877936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:04:40.886945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:10:38.971542 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 07:10:38.971719 0.523887 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:39.495994 0.098636 udp 10.0.2.19 1701 <-> 93.195.196.119 6283 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:39.595043 0.166734 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:39.762156 0.113500 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:39.876023 0.162021 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:40.038424 0.241327 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:40.280209 0.227652 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:40.508211 0.196971 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:40.705577 0.140271 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:40.846337 0.213016 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:41.059711 0.218714 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:41.278805 0.146228 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:41.425401 0.368118 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:41.793919 0.216786 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:42.011069 0.227609 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:42.239058 0.211929 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:42.451387 0.219939 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:42.671687 0.216388 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:42.888432 0.116694 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:43.005528 0.131908 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:43.137863 0.242097 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:43.380337 0.260921 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:43.641629 0.218469 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:43.860491 0.262914 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:44.123804 0.268627 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:44.392792 0.219749 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:44.612914 0.411069 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:45.024342 0.135587 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:45.160343 0.280531 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:45.441221 0.242465 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:10:45.684127 0.000000 udp 10.0.2.19 1701 -> 69.232.68.87 7399 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:11:02.467543 0.167693 tcp 10.0.2.19 52092 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:11:02.635446 0.200013 tcp 10.0.2.19 52093 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:11:02.836045 0.223072 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:14:36.896534 3.001298 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 07:14:43.903855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:14:51.904871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:15:07.908296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:15:39.913901 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:21:43.919843 3.002081 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 07:21:50.927636 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:21:58.929452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:22:14.932447 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:22:46.937989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:28:06.958855 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 07:28:06.958955 1.132421 tcp 10.0.2.19 52094 -> 90.156.118.144 5237 SPA_* 0 0 9 1011 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:28:13.027795 0.045094 tcp 10.0.2.19 52094 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:28:53.948176 3.001604 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 07:29:00.955542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:29:08.957365 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:29:24.960197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:29:56.966237 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:36:03.976138 3.001987 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 07:36:10.984282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:36:18.985504 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:36:34.988548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:37:06.995020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:41:29.973151 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 07:41:29.973359 0.270919 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:41:30.244649 0.198699 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:41:30.443777 0.000000 udp 10.0.2.19 1701 -> 113.108.254.151 7824 INT 0 1 87 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:41:47.530611 0.174705 tcp 10.0.2.19 52095 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:41:47.699909 0.212565 tcp 10.0.2.19 52096 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:41:47.913044 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:04.633747 0.174180 tcp 10.0.2.19 52097 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:42:04.800211 0.198920 tcp 10.0.2.19 52098 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:42:04.999670 0.120273 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:05.120361 0.158605 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:05.279380 0.248878 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:05.528680 0.158885 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:05.687981 0.216057 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:05.904493 0.199190 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:06.104029 0.223431 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 214 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:06.327820 0.369767 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:06.697942 0.220289 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:06.918592 0.154734 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:07.073695 0.220692 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:07.294803 0.242051 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:07.537202 0.252646 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:07.790250 0.133741 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:07.924371 0.224007 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:08.148755 0.226801 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:08.375953 0.171097 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:08.547455 0.258827 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:08.806682 0.246925 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:09.053961 0.265806 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:09.320427 0.255713 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:09.576592 0.207960 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:09.784941 0.271744 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:10.057110 0.214356 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:10.271818 0.350792 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:10.622977 0.243470 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:10.866839 0.263760 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:11.130956 0.208196 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:29.988059 0.577116 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 906 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 07:42:30.562489 0.000000 udp 10.0.2.19 1701 -> 113.108.254.151 7824 INT 0 1 508 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.562604 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 REQ 0 1 451 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.562716 0.000000 udp 10.0.2.19 1701 -> 2.85.52.234 2179 INT 0 1 423 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.562813 0.000000 udp 10.0.2.19 1701 -> 69.232.68.87 7399 INT 0 1 529 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.562907 0.000000 udp 10.0.2.19 1701 -> 88.225.233.16 7710 REQ 0 0 1 406 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563000 0.000000 udp 10.0.2.19 1701 -> 99.42.113.147 7090 REQ 0 0 1 464 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563092 0.000000 udp 10.0.2.19 1701 -> 86.156.139.155 5008 REQ 0 0 1 446 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563184 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 REQ 0 0 1 418 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563277 0.000000 udp 10.0.2.19 1701 -> 66.226.34.247 4310 REQ 0 0 1 404 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563369 0.000000 udp 10.0.2.19 1701 -> 12.175.148.194 8863 REQ 0 0 1 464 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563464 0.000000 udp 10.0.2.19 1701 -> 71.2.203.86 2913 REQ 0 0 1 391 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563565 0.000000 udp 10.0.2.19 1701 -> 175.195.224.10 7151 REQ 0 0 1 419 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563657 0.000000 udp 10.0.2.19 1701 -> 217.220.223.98 6063 REQ 0 0 1 490 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563750 0.000000 udp 10.0.2.19 1701 -> 99.34.137.78 2733 REQ 0 0 1 440 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563843 0.000000 udp 10.0.2.19 1701 -> 97.64.221.67 7745 REQ 0 0 1 391 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.563936 0.000000 udp 10.0.2.19 1701 -> 108.233.136.124 5604 REQ 0 0 1 492 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564038 0.000000 udp 10.0.2.19 1701 -> 99.95.196.161 2218 REQ 0 0 1 514 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564134 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 REQ 0 0 1 490 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564227 0.000000 udp 10.0.2.19 1701 -> 70.91.116.41 3631 REQ 0 0 1 413 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564319 0.000000 udp 10.0.2.19 1701 -> 173.174.73.98 3192 REQ 0 0 1 408 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564421 0.000000 udp 10.0.2.19 1701 -> 78.6.164.6 2928 REQ 0 0 1 536 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564516 0.000000 udp 10.0.2.19 1701 -> 70.139.43.88 9001 REQ 0 0 1 452 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564610 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 REQ 0 0 1 424 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564703 0.000000 udp 10.0.2.19 1701 -> 108.86.251.63 2573 REQ 0 0 1 441 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564797 0.000000 udp 10.0.2.19 1701 -> 70.96.145.133 4307 REQ 0 0 1 534 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564890 0.000000 udp 10.0.2.19 1701 -> 71.205.65.116 6061 REQ 0 0 1 509 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.564982 0.000000 udp 10.0.2.19 1701 -> 69.154.77.2 5820 REQ 0 0 1 523 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.565075 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 REQ 0 0 1 396 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.565268 0.000000 udp 10.0.2.19 1701 -> 76.191.140.101 9551 REQ 0 0 1 540 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.565360 0.000000 udp 10.0.2.19 1701 -> 50.42.61.212 6860 REQ 0 0 1 528 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:42:30.565462 0.000000 udp 10.0.2.19 1701 -> 75.1.149.150 9432 REQ 0 0 1 469 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 07:43:11.000096 3.002147 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 07:43:18.007804 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:43:26.009406 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:43:42.012904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:44:14.679817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:50:18.685244 3.002128 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 07:50:25.692745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:50:33.694766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:50:49.697691 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:51:21.703780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:57:25.709254 3.002140 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 07:57:32.716971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:57:40.718352 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:57:56.721488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 07:58:13.405918 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 07:58:13.406180 0.725086 tcp 10.0.2.19 52099 -> 90.156.118.144 5237 FSPA* 0 0 14 1625 flow=From-Botnet-V2-TCP-Established 1970/01/08 07:58:28.727904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:04:32.733003 3.002752 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:04:39.741099 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:04:47.742504 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:05:03.745790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:05:35.751784 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:12:32.570972 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 08:12:32.571261 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 08:12:48.285888 0.177386 tcp 10.0.2.19 52100 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:12:48.462833 0.216674 tcp 10.0.2.19 52101 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:12:48.680127 0.369656 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:49.050209 0.264445 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:49.315082 0.149938 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:49.465388 0.233457 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:49.699246 0.144585 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:49.844249 0.113929 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:49.958605 0.151939 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:50.110940 0.219795 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:50.331187 0.193731 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:50.525375 0.226702 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:50.752429 0.389169 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:51.142148 0.209962 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:51.352461 0.238332 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:51.591200 0.221612 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:51.813174 0.149830 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:51.963401 0.218742 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:52.182548 0.147649 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:52.330561 0.220859 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:52.551868 0.217276 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:52.769555 0.114845 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:52.884841 0.267069 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:53.152304 0.260182 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:53.412859 0.255273 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:53.668514 0.243271 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:53.912210 0.224117 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:54.136735 0.237491 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:54.374624 0.222431 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:54.597417 0.135847 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:54.733665 0.207916 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:54.942003 0.242272 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:12:55.184690 0.318645 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:15:04.761731 3.002168 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:15:11.769848 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:15:19.771584 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:15:35.774543 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:16:07.780594 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:22:13.479479 3.001349 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:22:20.486491 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:22:28.487967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:22:44.490552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:23:16.496845 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:28:14.966457 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 08:28:14.966553 0.952274 tcp 10.0.2.19 52102 -> 90.156.118.144 5237 FSPA* 0 0 14 1682 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:29:20.502319 3.002297 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:29:27.510025 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:29:35.511710 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:29:51.514648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:30:23.520574 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:36:33.534828 3.002086 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:36:40.542506 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:36:48.543856 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:37:04.547574 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:37:39.287186 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:43:26.817329 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 08:43:26.817475 0.356622 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:27.174471 0.255067 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:27.429884 0.141615 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:27.571907 0.116037 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:27.688343 0.158611 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:27.847337 0.239031 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:28.086746 0.172818 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 207 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:28.259979 0.212167 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:28.472490 0.194731 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:28.667616 0.213982 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:28.881937 0.235031 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:29.117354 0.368807 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:29.486553 0.158879 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:29.645842 0.253122 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:29.899337 0.228284 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:30.127974 0.218518 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:30.346844 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 08:43:43.292835 3.002029 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:43:47.789283 0.167023 tcp 10.0.2.19 52103 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:43:47.956146 0.203529 tcp 10.0.2.19 52104 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:43:48.160255 0.231374 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:48.391998 0.263442 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 559 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:48.655869 0.248397 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:48.904622 0.126018 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:49.030991 0.236935 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:49.268282 0.260301 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:49.528950 0.255713 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:49.785087 0.210920 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:49.996368 0.229578 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:43:50.226324 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 139 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 08:43:50.300510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:43:58.302267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:44:05.353832 0.168647 tcp 10.0.2.19 52105 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:44:05.522257 0.217605 tcp 10.0.2.19 52106 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:44:05.740529 0.238640 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:44:05.979532 0.133932 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:44:06.113809 0.561542 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:44:06.675771 0.274653 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 08:44:14.305141 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:44:46.310851 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:50:51.317834 3.002058 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:50:58.326343 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:51:06.327696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:51:22.330806 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:51:54.416844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:57:58.422144 3.002251 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 08:58:05.429992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:58:13.431343 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:58:17.307239 0.000059 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 08:58:17.307466 0.772588 tcp 10.0.2.19 52107 -> 90.156.118.144 5237 FSPA* 0 0 14 1688 flow=From-Botnet-V2-TCP-Established 1970/01/08 08:58:29.434825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 08:59:01.440355 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:05:05.446473 3.001716 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:05:12.454492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:05:20.455327 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:05:36.458659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:06:08.464629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:14:29.024196 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 09:14:29.024377 0.133626 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:29.158480 0.255186 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:29.414027 0.133774 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:29.548288 0.156018 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:29.704668 0.243822 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:29.948892 0.184431 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:30.133696 0.275141 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:30.409209 0.000000 udp 10.0.2.19 1701 -> 113.108.254.151 7824 INT 0 1 225 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 09:14:49.275661 0.166927 tcp 10.0.2.19 52108 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 09:14:49.442365 0.217385 tcp 10.0.2.19 52109 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 09:14:49.660330 0.227894 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:49.888620 0.235103 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:50.124090 0.373685 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:50.498188 0.168473 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:50.667083 0.218428 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:50.885880 0.190822 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:51.077057 0.224726 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:51.302161 0.146625 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:51.449153 0.241549 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:51.691089 0.218862 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:51.910426 0.222217 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:52.133028 0.662070 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:52.795469 0.238239 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:53.034140 0.253939 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:53.288475 0.218207 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:53.507066 0.263494 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:53.770939 1.009086 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:54.780392 0.205324 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:54.986051 0.255578 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:55.242022 0.239903 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:55.482302 0.133971 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:55.616635 0.431555 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:14:56.048581 0.286361 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:15:22.473901 3.001868 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:15:29.481026 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:15:37.482569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:15:53.485884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:16:25.492009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:22:29.547398 3.002003 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:22:36.555481 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:22:44.556992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:23:00.559790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:23:32.565807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:28:18.106980 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 09:28:18.107157 0.683845 tcp 10.0.2.19 52110 -> 90.156.118.144 5237 FSPA* 0 0 14 1640 flow=From-Botnet-V2-TCP-Established 1970/01/08 09:29:36.571649 3.001456 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:29:43.578986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:29:51.580955 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:30:07.583896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:30:39.589453 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:36:43.595136 3.002583 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:36:50.602942 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:36:58.604304 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:37:14.607569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:37:46.613593 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:43:50.619915 3.001095 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:43:57.626763 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:44:05.628706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:44:21.631333 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:44:53.637786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:45:08.679466 0.847847 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/08 09:45:09.527414 0.357847 udp 10.0.2.19 1701 <-> 113.108.254.151 7824 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:09.885723 0.133962 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:10.020143 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 107 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 09:45:26.948421 0.165729 tcp 10.0.2.19 52111 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 09:45:27.114399 0.212197 tcp 10.0.2.19 52112 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 09:45:27.327178 0.127080 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:27.454651 0.154690 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:27.609702 0.245108 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:27.855199 0.271965 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:28.127578 0.146531 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:28.274461 0.208914 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:28.483772 0.388626 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:28.872829 0.177869 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:29.051046 0.233291 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 568 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:29.284722 0.223969 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:29.509106 0.216751 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 582 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:29.726285 0.197160 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:29.923823 0.160723 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:30.084933 0.239068 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:30.324399 0.213073 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:30.537859 0.220182 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:30.758462 0.254488 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:31.013356 0.127494 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:31.141220 1.068268 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:32.209848 0.270476 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:32.480713 0.277675 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:32.758815 0.885396 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:33.644616 0.212732 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:33.857710 0.254876 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:34.112988 0.219480 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:34.332848 0.236181 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:34.569422 0.133828 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:45:34.703647 0.283044 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 09:50:58.054363 3.001703 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:51:05.061895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:51:13.063100 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:51:29.066356 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:52:01.072078 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:58:05.077902 3.001844 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 09:58:12.085924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:58:19.206568 0.000133 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 09:58:19.206793 1.164577 tcp 10.0.2.19 52113 -> 90.156.118.144 5237 FSPA* 0 0 14 1530 flow=From-Botnet-V2-TCP-Established 1970/01/08 09:58:20.087280 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:58:36.090051 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 09:59:11.040761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:05:15.046231 3.002010 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 10:05:22.054201 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:05:30.055337 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:05:46.058278 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:06:18.064101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:15:29.078819 3.001768 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 10:15:36.086834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:15:38.660311 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 10:15:38.660486 0.222475 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:15:38.883344 0.000000 udp 10.0.2.19 1701 -> 113.108.254.151 7824 INT 0 1 218 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 10:15:44.088000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:15:56.528577 0.000000 tcp 10.0.2.19 52114 -> 173.194.70.99 80 S_ 0 1 66 flow=From-Botnet-V2-TCP-Attempt 1970/01/08 10:16:02.647661 0.109190 tcp 10.0.2.19 52114 -> 173.194.70.99 80 FPA_* 0 0 9 1772 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:16:02.756481 0.198633 tcp 10.0.2.19 52115 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:16:02.955716 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 255 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 10:16:06.075105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:16:21.591156 0.177425 tcp 10.0.2.19 52116 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:16:21.768746 0.211662 tcp 10.0.2.19 52117 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:16:21.981007 0.119373 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:22.100783 0.156799 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:22.258193 0.255024 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:22.513607 0.219031 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:22.733072 0.366418 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:23.099875 0.158859 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:23.259128 0.621695 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:23.881213 0.144006 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:24.025655 0.229925 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:24.255969 0.221764 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:24.478271 0.229812 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:24.708557 0.200670 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:24.909628 0.149992 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:25.060059 0.228393 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:25.288831 0.256142 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:25.545456 0.115386 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:25.661262 0.258780 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:25.920414 0.217057 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:26.137868 0.247694 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:26.386145 0.219775 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:26.606411 0.260808 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:26.867656 0.256457 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:27.124512 0.230864 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:27.355796 0.236439 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:27.592630 0.229803 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:27.822802 0.211412 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:28.034637 0.138046 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:28.173078 0.278449 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:16:37.642358 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:22:38.195797 3.001802 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 10:22:45.203962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:22:53.205205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:23:12.302505 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:23:44.309030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:28:25.413139 0.000113 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 10:28:25.413334 1.108352 tcp 10.0.2.19 52118 -> 90.156.118.144 5237 SPA_* 0 0 9 1125 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:28:31.628824 0.063389 tcp 10.0.2.19 52118 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:29:53.321288 3.002806 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 10:30:00.330168 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:30:08.331128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:30:24.334215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:30:56.339977 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:37:00.345204 3.002155 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 10:37:07.353172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:37:15.354860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:37:31.357499 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:38:03.363484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:44:07.369781 3.001590 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 10:44:14.377368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:44:22.379083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:44:38.381540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:45:10.387558 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:46:43.791984 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 10:46:43.792167 0.131212 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:46:43.923807 0.000000 udp 10.0.2.19 1701 -> 113.108.254.151 7824 INT 0 1 274 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 10:46:59.056433 3.455188 tcp 10.0.2.19 52119 -> 173.194.70.99 80 FSPA* 0 0 11 1904 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:47:02.511910 0.207965 tcp 10.0.2.19 52120 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:47:02.720499 0.222165 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:02.943016 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 INT 0 1 92 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 10:47:19.384268 0.174420 tcp 10.0.2.19 52121 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:47:19.553268 0.209536 tcp 10.0.2.19 52122 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:47:19.763391 0.169893 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:19.933663 0.238246 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:20.172268 0.232447 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:20.405149 0.367980 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:20.773540 0.156389 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:20.930298 0.254467 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:21.185166 0.000000 udp 10.0.2.19 1701 -> 86.156.139.155 5008 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 10:47:39.884248 0.165681 tcp 10.0.2.19 52123 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:47:40.049832 0.201042 tcp 10.0.2.19 52124 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:47:40.251411 0.258349 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:40.510337 0.225982 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:40.736710 0.228368 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:40.965448 0.205935 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:41.171756 0.145937 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:41.318060 0.221389 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:41.539830 0.265916 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:41.806289 0.233516 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:42.040233 0.364249 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:42.404867 0.323925 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:42.729167 0.345419 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:43.075009 0.442621 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:43.517990 0.381184 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:43.899541 0.482607 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:44.382539 0.463254 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:44.846151 0.219296 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:45.065885 0.137628 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:45.203846 0.245855 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:45.450078 0.510498 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:47:45.960960 0.263453 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 10:51:17.778358 3.001551 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 10:51:24.785768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:51:32.787963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:51:48.790612 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:52:20.796282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:58:24.802801 3.001385 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 10:58:31.810510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:58:34.193527 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 10:58:34.193692 3.340666 tcp 10.0.2.19 52125 -> 90.156.118.144 5237 FSPA* 0 0 14 1601 flow=From-Botnet-V2-TCP-Established 1970/01/08 10:58:39.811550 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:58:55.814995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 10:59:27.821424 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:05:31.826987 3.001405 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:05:38.833891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:05:46.835129 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:06:02.838282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:06:34.844728 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:15:41.853873 3.001197 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:15:48.860702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:15:56.862747 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:16:12.865855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:16:44.871272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:18:05.247453 0.000041 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 11:18:05.247561 0.116435 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:05.364420 0.147525 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:05.512302 0.128594 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:05.641269 0.218841 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:05.860510 0.147717 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:06.008627 0.244575 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:06.253598 0.164668 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:06.418629 0.367508 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:06.786500 0.217389 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:07.004243 0.256669 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:07.261318 0.267738 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:07.529422 0.194615 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:07.724400 0.149427 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:07.874211 0.224220 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:08.098841 0.233794 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:08.333008 0.241835 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:08.575201 0.278361 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:08.853946 0.220057 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:09.074441 0.169394 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:09.244236 0.251731 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:09.496322 0.261802 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:09.758510 0.256847 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:10.015762 0.240840 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:10.256998 0.220969 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:10.478366 0.215535 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:10.694281 0.210637 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:10.905384 0.138786 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:11.044554 0.236986 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:11.281903 0.228098 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:18:11.510479 0.274163 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:22:48.877044 3.001856 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:22:55.885483 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:23:03.886700 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:23:19.889697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:23:51.895514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:28:37.536317 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 11:28:37.536519 0.813284 tcp 10.0.2.19 52126 -> 90.156.118.144 5237 FSPA* 0 0 14 1737 flow=From-Botnet-V2-TCP-Established 1970/01/08 11:29:56.902873 3.001672 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:30:03.910614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:30:11.912100 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:30:27.914803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:30:59.921193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:37:03.926528 3.002037 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:37:10.934426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:37:18.935647 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:37:34.939162 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:38:06.944869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:44:10.950612 3.002382 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:44:17.957987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:44:25.960123 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:44:42.753946 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:45:14.760014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:48:15.109858 1.534845 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/08 11:48:16.644836 0.146447 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:16.791767 0.110682 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:16.902840 0.142143 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:17.045337 0.238198 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:17.283952 0.151089 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:17.435436 0.214305 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:17.650269 0.614387 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:18.265015 0.376922 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:18.642346 0.211224 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:18.853934 0.194082 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:19.048410 0.261188 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:19.310017 0.220697 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:19.531126 0.228486 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:19.759972 0.145154 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:19.905489 0.209752 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:20.115605 0.223194 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:20.339212 0.253589 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:20.593163 0.215133 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:20.808650 0.262513 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:21.071609 1.162014 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:22.809598 0.241186 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:23.051133 0.251488 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:23.302965 0.511645 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:23.814935 0.221859 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:24.037157 0.205364 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:24.242928 0.253841 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:24.497150 0.319166 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:24.816677 0.450210 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:25.267234 0.586870 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:48:25.854453 0.772415 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 11:51:19.527339 3.001328 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:51:26.534759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:51:34.536170 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:51:50.538859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:52:22.544765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:58:26.550966 3.001798 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 11:58:33.558854 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:58:39.497191 0.000000 arp 10.0.2.19 who 10.0.2.2 INT 1 42 flow=Background-ARP 1970/01/08 11:58:44.880292 0.000000 arp 10.0.2.19 who 10.0.2.2 RSP 1 42 flow=Background-ARP 1970/01/08 11:58:44.880455 1.041744 tcp 10.0.2.19 52127 -> 90.156.118.144 5237 FSPA* 0 0 14 1592 flow=From-Botnet-V2-TCP-Established 1970/01/08 11:58:46.904514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:59:02.691862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 11:59:34.268682 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:05:39.673470 3.001843 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:05:46.681050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:05:54.682838 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:06:10.685745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:06:54.400897 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:12:54.455516 2.957039 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:13:01.366469 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:13:09.256586 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:13:25.031803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:13:56.619240 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:18:34.415537 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 12:18:34.415641 0.184382 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:34.600399 0.239058 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:34.839831 0.178847 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:35.019044 0.131305 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:35.150690 0.119412 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:35.270437 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 12:18:52.754408 0.222205 tcp 10.0.2.19 52128 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 12:18:52.976900 0.294054 tcp 10.0.2.19 52129 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 12:18:53.271512 0.167507 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:53.439393 0.275996 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:53.715783 0.296760 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:54.012933 0.276002 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:54.289291 0.392357 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:54.682183 0.258929 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:54.941479 0.228472 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:55.170358 0.147439 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:55.318326 0.219860 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:55.538571 0.236878 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:55.775789 0.262849 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:56.038997 0.264470 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:56.303874 0.214094 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:56.518436 0.262861 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:56.781661 0.201431 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:56.983447 0.243050 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:57.226852 0.233278 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:57.460505 0.238783 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:57.699673 0.204938 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:57.905000 0.210183 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 213 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:58.115611 0.150753 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:58.266766 0.271140 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:58.538293 0.246195 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:18:58.784853 0.234939 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:19:56.825579 3.002319 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:20:03.833300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:20:11.835426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:20:27.837942 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:21:02.004035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:27:06.003219 3.001742 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:27:13.010801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:27:21.012215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:27:37.014912 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:28:09.021163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:28:46.856479 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 12:28:46.856644 0.933442 tcp 10.0.2.19 52130 -> 90.156.118.144 5237 FSPA* 0 0 14 1568 flow=From-Botnet-V2-TCP-Established 1970/01/08 12:34:35.038477 3.002375 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:34:42.046670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:34:50.047496 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:35:06.051111 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:35:38.056515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:41:47.070142 3.001714 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:41:54.077834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:42:02.078694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:42:18.081690 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:42:50.088022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:48:58.099520 3.001911 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:49:05.107219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:49:08.462341 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 12:49:08.462586 0.209053 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:08.672078 0.167746 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:08.840214 0.113145 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:08.953701 0.151081 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:09.105123 0.248727 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:09.354245 0.134550 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:09.489147 0.156074 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:09.645614 0.220478 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:09.866455 0.196056 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:10.062854 0.259050 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:10.322317 0.225758 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:10.548471 0.365732 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:10.914609 0.210221 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:11.125193 0.252355 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:11.377960 0.213091 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:11.591419 0.220539 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:11.812340 0.279788 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:12.092494 0.252714 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:12.345632 0.112422 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:12.458400 0.256370 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:12.715144 0.225648 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:12.941148 0.243395 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:13.108757 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:49:13.184884 0.236548 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:13.421814 0.218442 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:13.640647 0.132222 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:13.773224 0.261500 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:14.035107 0.206388 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:14.241885 0.207084 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:14.449296 0.244748 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:14.694404 1.068114 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 12:49:29.111934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:50:01.117574 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:56:08.128050 3.002079 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 12:56:15.135431 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:56:23.137017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:56:39.140012 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:57:11.886768 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 12:58:48.156310 0.000077 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 12:58:48.156474 1.514050 tcp 10.0.2.19 52131 -> 90.156.118.144 5237 FSPA* 0 0 14 1508 flow=From-Botnet-V2-TCP-Established 1970/01/08 13:03:15.892596 3.001827 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:03:22.900363 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:03:30.901713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:03:46.904867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:04:18.910947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:14:33.917962 3.001962 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:14:40.925427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:14:48.927227 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:15:04.930235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:15:36.935773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:19:19.947140 0.000094 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 13:19:19.947328 0.113350 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:20.061132 0.153121 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:20.214623 0.220217 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:20.435267 0.148521 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:20.584222 0.236400 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:20.821025 0.127401 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:20.948784 0.156028 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:21.105228 0.218070 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:21.323685 0.192267 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:21.516396 0.376008 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:21.892775 0.253693 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:22.146858 0.228923 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:22.376145 0.212743 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:22.589254 0.144972 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:22.734577 0.217240 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:22.952178 0.223545 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:23.176104 0.112037 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:23.288529 0.256028 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:23.544916 0.262307 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:23.807608 0.252724 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:24.060790 0.218126 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:24.279303 0.238560 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:24.518281 0.234202 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:24.752864 0.212953 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:24.966197 0.134021 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:25.100622 0.207706 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:25.308706 0.265220 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:25.574385 0.267072 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:25.841873 0.205980 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:19:26.048234 1.010756 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:21:40.942439 3.001269 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:21:47.949232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:21:55.951305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:22:11.953790 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:22:43.960172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:28:47.965620 3.002077 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:28:49.676122 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 13:28:49.676283 0.663199 tcp 10.0.2.19 52132 -> 90.156.118.144 5237 FSPA* 0 0 14 1558 flow=From-Botnet-V2-TCP-Established 1970/01/08 13:28:54.973487 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:29:02.975242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:29:18.978137 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:29:50.983995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:35:54.989308 3.001867 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:36:01.997388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:36:09.998535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:36:26.002202 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:36:58.007697 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:43:02.013452 3.002606 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:43:09.021582 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:43:17.022751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:43:33.025742 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:44:05.933269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:49:48.816706 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 13:49:48.816868 0.220454 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:49:49.037691 0.000000 udp 10.0.2.19 1701 -> 86.156.139.155 5008 INT 0 1 237 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 13:50:05.092092 0.165996 tcp 10.0.2.19 52133 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 13:50:05.258364 0.193445 tcp 10.0.2.19 52134 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 13:50:05.452372 0.120733 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:05.573539 0.154892 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:05.728771 0.241141 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:05.970303 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 13:50:14.946351 3.001367 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:50:21.953989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:50:23.126847 1.164136 tcp 10.0.2.19 52135 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 13:50:24.291089 0.201576 tcp 10.0.2.19 52136 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 13:50:24.493279 0.160265 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:24.653905 0.274278 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:24.928611 0.192023 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:25.121005 0.229313 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:25.350761 0.211940 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:25.563059 0.373183 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:25.936639 0.254820 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:26.191845 0.144081 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:26.336321 0.209649 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:26.546387 0.216931 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:26.763724 0.206525 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:26.970622 0.261535 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:27.232559 0.220565 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:27.453541 0.249217 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:27.703121 0.271055 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:27.974540 0.255157 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:28.230092 0.238806 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:28.469323 0.222801 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:28.692524 0.130238 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:28.823224 0.218733 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:29.042375 0.238394 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:29.281165 0.275818 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:29.557343 0.221056 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:29.778781 0.243396 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 13:50:30.455803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:50:46.458643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:51:18.465153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:57:22.921406 3.001507 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 13:57:29.928995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:57:37.931032 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:57:53.933185 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:58:40.376709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 13:59:05.596638 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 13:59:05.596741 1.660323 tcp 10.0.2.19 52137 -> 90.156.118.144 5237 FSPA* 0 0 14 1580 flow=From-Botnet-V2-TCP-Established 1970/01/08 14:04:40.431757 2.963341 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:04:47.341492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:04:55.239624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:05:11.029517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:05:42.608816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:15:15.092427 3.002840 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:15:22.100390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:15:30.101748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:15:46.105072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:16:18.110785 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:20:55.900707 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 14:20:55.900800 0.144251 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:56.045447 0.130841 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:56.176662 0.210225 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:56.387292 0.172225 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:56.559933 0.116345 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:56.676696 0.234911 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:56.911980 0.153769 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:57.066129 0.219139 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:57.285670 0.201208 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:57.487256 0.365564 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:57.853239 0.224090 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:58.077709 0.211608 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:58.289717 0.282903 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:58.572986 0.145038 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:58.718429 0.208770 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 203 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:58.927566 0.239584 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:59.167578 0.213449 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 578 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:59.381408 0.238603 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:20:59.620379 1.101203 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:00.721944 0.254980 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:00.977351 0.253543 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:01.231250 0.252016 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:01.483610 0.231153 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:01.715126 0.217984 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:01.933541 0.239728 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:02.173685 0.259954 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:02.434177 0.130829 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:02.565419 0.215639 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:02.781460 0.241560 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:21:03.023381 0.218358 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:22:22.117077 3.001784 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:22:29.124840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:22:37.125975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:22:53.129382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:23:25.134941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:28:55.309990 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 14:28:55.310176 0.768350 tcp 10.0.2.19 52138 -> 90.156.118.144 5237 FSPA* 0 0 14 1635 flow=From-Botnet-V2-TCP-Established 1970/01/08 14:29:29.140710 3.002308 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:29:36.148664 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:29:44.150189 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:30:02.176194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:30:34.221897 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:36:42.233820 3.001761 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:36:49.240884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:36:57.242703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:37:13.245367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:37:45.252166 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:43:49.257339 3.002545 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:43:56.265346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:44:06.459509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:44:22.462783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:44:54.469184 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:50:58.474577 3.002082 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:51:05.482292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:51:13.484050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:51:29.487016 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:51:31.429866 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 14:51:31.430118 0.228041 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:31.658609 0.148252 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:32.704986 0.112160 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:32.817517 0.135440 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:32.953375 0.172374 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:33.126125 0.239346 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:33.365914 0.154481 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:33.520806 0.215130 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:33.736313 0.201251 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:33.937960 0.226227 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:34.164585 0.294173 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:34.459133 0.365838 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:34.825300 0.220364 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:35.046060 0.146021 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:35.192466 0.212460 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:35.405334 0.220018 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:35.625771 0.226311 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:35.852488 0.250968 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:36.103879 0.261354 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:36.365629 0.265813 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:36.631800 0.120486 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:36.752685 0.269856 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:37.022994 0.240883 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:37.264267 0.223972 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:37.488557 0.233748 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:37.722647 0.271583 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:37.994590 0.209541 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:38.204515 0.319611 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:38.524538 0.134210 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:51:38.659132 0.206043 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 14:52:01.492678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:58:05.498923 3.001919 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 14:58:12.505986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:58:20.508044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:58:36.510409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 14:58:58.132385 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 14:58:58.132560 1.036357 tcp 10.0.2.19 52139 -> 90.156.118.144 5237 SPA_* 0 0 9 1024 flow=From-Botnet-V2-TCP-Established 1970/01/08 14:59:03.443639 0.005566 tcp 10.0.2.19 52139 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 14:59:08.516448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:05:12.522857 3.001263 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:05:19.530382 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:05:27.531817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:05:43.535144 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:06:16.512006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:12:25.294835 3.001923 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:12:32.302471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:12:40.303588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:12:56.306586 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:13:28.313406 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:19:32.319003 3.001786 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:19:39.326053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:19:47.327729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:20:03.330555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:20:35.336608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:21:51.667258 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 15:21:51.667458 0.222230 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:51.890070 0.150819 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:52.041256 0.113380 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:52.154988 0.152896 udp 10.0.2.19 1701 <-> 86.156.139.155 5008 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:52.308305 0.165953 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:52.474636 0.247954 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:52.722983 0.148708 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:52.872049 0.262884 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:53.135366 0.269430 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:53.405167 0.419351 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:53.824935 0.206790 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:54.032097 0.211827 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:54.244301 0.371298 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:54.615994 0.151220 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:54.767605 0.219063 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:54.987033 0.235615 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:55.223030 0.219183 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:55.442581 0.253023 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:55.695960 0.113051 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:55.809358 0.279344 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:56.089072 0.348069 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:56.437555 0.250412 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:56.688328 0.240922 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:56.929645 0.221082 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:57.151130 0.232542 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:57.384039 0.316144 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:57.700563 0.133727 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:57.834666 0.206444 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:58.041525 0.268563 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:21:58.310458 0.207682 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:26:39.342304 3.002214 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:26:46.350005 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:26:54.351544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:27:10.354580 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:27:42.360831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:29:04.308908 0.000118 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 15:29:04.309130 1.419594 tcp 10.0.2.19 52140 -> 90.156.118.144 5237 SPA_* 0 0 9 1052 flow=From-Botnet-V2-TCP-Established 1970/01/08 15:29:15.597222 0.041109 tcp 10.0.2.19 52140 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 15:33:46.367040 3.001748 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:33:53.374024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:34:01.375692 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:34:17.378737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:34:49.384523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:40:53.390581 3.002280 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:41:00.398180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:41:08.399619 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:41:24.402752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:41:56.408968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:48:00.414751 3.001585 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:48:07.421895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:48:15.423449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:48:38.187163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:49:09.759215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:52:25.796702 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 15:52:25.796890 0.116756 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:25.914078 0.000000 udp 10.0.2.19 1701 -> 86.156.139.155 5008 INT 0 1 209 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 15:52:41.835258 0.161915 tcp 10.0.2.19 52141 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 15:52:41.996846 0.201765 tcp 10.0.2.19 52142 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 15:52:42.199170 0.151577 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:42.351138 0.240692 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:42.592183 0.216210 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:42.808753 0.150723 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:42.959845 0.155699 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:43.115918 0.219310 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:43.335626 0.256023 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:43.592016 0.403642 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:43.996012 0.228886 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:44.225307 0.143622 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:44.369300 0.204660 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:44.574367 0.213842 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:44.788578 0.211911 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:45.000883 0.218690 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:45.220001 0.220833 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:45.441189 0.253942 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:45.695492 0.115108 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:45.810962 0.251483 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:46.062790 0.237658 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:46.300806 0.265847 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:46.567080 0.228978 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:46.796500 0.218809 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:47.015743 0.237331 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:47.253452 0.223715 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:47.477605 0.131270 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:47.609214 0.207895 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:47.817489 0.214688 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:52:48.032550 0.271137 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 15:55:09.541601 3.002013 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 15:55:16.549122 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:55:24.551197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:55:40.553933 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:56:12.560132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 15:59:17.726396 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 15:59:17.726563 3.512950 tcp 10.0.2.19 52143 -> 90.156.118.144 5237 SPA_* 0 0 11 1276 flow=From-Botnet-V2-TCP-Established 1970/01/08 15:59:26.729635 0.018265 tcp 10.0.2.19 52143 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:02:21.782919 3.002283 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 16:02:28.790442 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:02:40.717855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:02:56.721015 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:03:28.727124 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:09:39.592493 3.002162 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 16:09:46.600045 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:10:03.611303 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:10:19.397688 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:10:50.966298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:16:48.740732 3.000881 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 16:16:55.747217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:17:03.748671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:17:19.751996 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:17:51.757805 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:23:06.259999 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 16:23:06.260106 0.000000 udp 10.0.2.19 1701 -> 86.156.139.155 5008 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 16:23:24.748953 0.207193 tcp 10.0.2.19 52144 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:23:24.955903 0.243415 tcp 10.0.2.19 52145 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:23:25.240671 0.153645 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:25.394704 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 152 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 16:23:41.241331 0.165664 tcp 10.0.2.19 52146 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:23:41.407304 0.226148 tcp 10.0.2.19 52147 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:23:41.634030 0.150486 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:41.784874 0.236534 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:42.021867 0.148975 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:42.171259 0.188729 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:42.360396 0.226568 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:42.587318 0.259672 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:42.847420 0.147662 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:42.995504 0.233230 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:43.229121 0.217499 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:43.447003 0.380674 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:43.828035 0.221911 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:44.050401 0.213888 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:44.264660 0.253592 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:44.518680 0.212808 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:44.731837 0.253970 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:44.986372 0.248845 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:45.235606 0.271196 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:45.507218 0.110901 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:45.618495 0.263670 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 576 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:45.882546 0.236239 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:46.119162 0.253560 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:46.373125 0.230789 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:46.604282 0.223216 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:46.827921 0.209833 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:47.038336 0.268962 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:47.307680 0.177787 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:47.485840 0.203124 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:23:55.763868 3.001763 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 16:24:02.771466 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:24:10.772488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:24:26.775904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:24:58.781673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:29:31.203556 0.000093 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 16:29:31.203737 1.042889 tcp 10.0.2.19 52148 -> 90.156.118.144 5237 SPA_* 0 0 9 1244 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:29:37.353451 0.013430 tcp 10.0.2.19 52148 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:31:02.787132 3.002603 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 16:31:09.795192 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:31:17.796855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:31:33.799408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:32:05.806291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:38:09.811061 3.002223 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 16:38:16.819107 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:38:24.820645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:38:40.823720 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:39:12.830001 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:45:16.835742 3.001813 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 16:45:23.843197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:45:31.844830 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:45:47.847931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:46:19.854006 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:52:23.859294 3.001900 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 16:52:30.866674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:52:38.868869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:52:54.871595 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:53:26.877639 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:54:04.101434 0.000000 arp 10.0.2.19 who 10.0.2.2 INT 1 42 flow=Background-ARP 1970/01/08 16:54:14.597272 0.000000 arp 10.0.2.19 who 10.0.2.2 RSP 1 42 flow=Background-ARP 1970/01/08 16:54:14.597413 0.231219 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:14.829056 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 INT 0 1 213 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 16:54:33.421686 0.161239 tcp 10.0.2.19 52149 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:54:33.583181 0.206416 tcp 10.0.2.19 52150 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:54:33.790342 0.143088 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:33.933889 0.241680 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:34.176000 0.155151 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:34.331605 0.151981 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:34.483994 0.217021 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:34.701438 0.201052 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:34.902915 0.212397 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:35.115703 1.106159 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:36.222292 0.189743 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:36.412525 0.375070 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:36.788030 0.243231 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:37.031693 0.901427 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:37.933546 0.230765 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:38.164721 0.212787 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:38.377916 0.263603 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:38.642024 0.207812 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:38.850284 0.253911 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:39.104676 0.337967 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:39.443128 0.258567 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:39.702121 0.261279 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:39.963817 0.220726 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:40.184996 0.307286 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:40.492738 0.410660 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:40.903829 0.133676 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:41.037919 0.207152 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:41.245519 0.957284 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:54:42.203225 0.202697 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 16:59:36.955020 2.962117 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 16:59:43.357149 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 16:59:43.357337 1.135591 tcp 10.0.2.19 52151 -> 90.156.118.144 5237 SPA_* 0 0 9 1006 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:59:43.866134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 16:59:49.131128 0.013450 tcp 10.0.2.19 52151 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 16:59:51.756242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:00:07.543402 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:00:44.664441 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:06:45.896160 2.961144 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 17:06:52.809711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:07:00.704518 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:07:16.489735 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:07:50.776712 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:16:27.044419 3.002287 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 17:16:34.051726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:16:42.053340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:16:58.056861 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:17:30.062321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:23:34.068572 3.001822 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 17:23:41.076285 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:23:49.077485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:24:05.080137 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:24:37.086473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:24:42.935166 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 17:24:42.935340 0.113318 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:43.049022 0.216608 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:43.266042 0.149282 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:43.415751 0.248333 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 577 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:43.664531 0.155492 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:43.820398 0.150920 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:43.971691 0.218541 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:44.190658 0.197421 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:44.388483 0.219799 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:44.608698 0.428627 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:45.037667 0.987121 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:46.025165 0.144610 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:46.170198 0.266502 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:46.437099 0.208917 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:46.646388 0.222081 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:46.868899 0.276870 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:47.146310 0.257496 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:47.404196 0.124796 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:47.529396 0.371789 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:24:47.901535 0.000000 udp 10.0.2.19 1701 -> 70.96.145.133 4307 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 17:25:05.269531 0.166948 tcp 10.0.2.19 52152 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 17:25:05.436170 0.193955 tcp 10.0.2.19 52153 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 17:25:05.630717 0.276056 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:05.907140 0.273329 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:06.180896 0.221021 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:06.402301 0.234011 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:06.636711 0.223373 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:06.860431 0.334674 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:07.195484 0.135152 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:07.331036 0.256004 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:25:07.587425 0.209295 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:29:45.319930 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 17:29:45.320026 1.629713 tcp 10.0.2.19 52154 -> 90.156.118.144 5237 SPA_* 0 0 9 1200 flow=From-Botnet-V2-TCP-Established 1970/01/08 17:29:53.008229 0.015129 tcp 10.0.2.19 52154 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 17:31:05.106741 3.002007 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 17:31:12.114809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:31:20.116094 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:31:36.119318 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:32:08.125055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:38:16.136715 3.001995 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 17:38:23.144484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:38:31.145737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:38:47.148864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:39:19.155034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:45:23.160452 3.002082 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 17:45:30.167907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:45:38.169542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:45:54.172928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:46:26.929818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:52:33.198739 3.001598 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 17:52:40.206154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:52:48.207957 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:53:04.211487 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:53:36.216872 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:55:20.467464 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 17:55:20.467630 0.253233 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:20.721205 0.185516 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:20.907087 0.110285 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:21.017796 0.214621 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:21.232800 0.156612 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:21.389805 0.215574 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:21.605734 0.202685 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:21.808829 0.252536 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:22.061792 0.156222 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:22.218434 0.374790 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:22.593612 0.232071 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:22.826135 0.401654 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:23.228168 0.218993 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:23.447587 0.150850 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:23.598812 0.228107 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:23.827281 0.126768 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:23.954450 0.223867 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:24.178756 0.240554 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:24.419663 0.266587 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:24.686651 0.253606 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:24.940675 0.255394 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:25.196461 0.219054 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:25.415892 0.278799 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:25.695050 0.233337 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:25.928812 0.266686 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:26.195843 0.156121 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:26.352335 0.216893 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:26.569590 0.225886 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:55:26.795855 0.214576 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 17:59:40.222554 3.001763 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 17:59:47.230269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 17:59:54.471477 0.000116 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 17:59:54.471678 1.262082 tcp 10.0.2.19 52155 -> 90.156.118.144 5237 SPA_* 0 0 9 1239 flow=From-Botnet-V2-TCP-Established 1970/01/08 17:59:55.231871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:00:04.266039 0.187960 tcp 10.0.2.19 52155 -> 90.156.118.144 5237 FA_F* 0 0 6 561 flow=From-Botnet-V2-TCP-Established 1970/01/08 18:00:11.234825 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:00:43.241191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:06:47.247062 3.001882 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 18:06:54.254237 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:07:02.255836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:07:18.258704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:07:50.265126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:16:32.277345 3.002308 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 18:16:39.285850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:16:47.287152 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:17:03.289861 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:17:35.296040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:23:39.301662 3.001919 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 18:23:46.309684 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:23:54.311053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:24:10.314320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:24:42.319963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:25:30.949984 0.000129 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 18:25:30.950223 0.112142 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:31.062713 0.214721 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:31.277851 0.152565 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:31.430858 0.219738 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:31.650997 0.253735 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:31.905097 0.133817 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:32.039239 0.228365 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:32.268015 0.254640 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:32.523014 0.160036 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:32.683408 0.375638 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:33.059424 0.214404 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:33.274328 0.149147 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:33.423837 0.217854 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:33.642125 1.273529 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:34.916067 0.218274 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:35.134762 0.109330 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:35.244484 0.215524 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:35.460436 0.216473 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:35.677251 0.243487 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:35.921110 0.223410 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:36.144927 0.266374 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:36.411655 0.248726 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:36.660791 0.248983 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:36.910240 0.233678 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:37.144316 0.276267 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:37.420989 0.133500 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:37.554913 0.206258 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:37.761587 0.252988 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:25:38.014969 0.208054 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:30:04.454164 0.000153 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 18:30:04.454420 0.947018 tcp 10.0.2.19 52156 -> 90.156.118.144 5237 SPA_* 0 0 9 1123 flow=From-Botnet-V2-TCP-Established 1970/01/08 18:30:10.250116 0.001881 tcp 10.0.2.19 52156 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 18:30:46.325968 3.001389 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 18:30:53.333118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:31:01.334810 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:31:17.338331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:31:49.343921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:37:53.350228 3.001419 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 18:38:00.357450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:38:08.359191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:38:24.361645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:38:56.367880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:45:00.374194 3.001602 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 18:45:07.381617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:45:15.382762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:45:33.319060 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:46:05.324391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:52:09.530897 3.001751 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 18:52:16.538686 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:52:24.539657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:52:40.542817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:53:12.549231 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:56:03.785778 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 18:56:03.785950 0.153289 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:03.939611 0.215733 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:04.155743 0.112643 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:04.268759 0.213839 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:04.483017 0.270677 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:04.754154 0.129823 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:04.884382 0.189853 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:05.074644 0.267126 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:05.342163 0.146319 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:05.488846 0.217506 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:05.706704 0.213304 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:05.920378 0.369416 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:06.290209 0.201220 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:06.491813 0.255318 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:06.747496 0.226944 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:06.974845 0.108978 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:07.084205 0.214660 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:07.299225 0.215407 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:07.514998 0.276922 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:07.792290 0.259443 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:08.052094 0.239671 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:08.292176 0.218232 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:08.510785 0.244670 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:08.755833 0.239982 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:08.996216 0.263017 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:09.259658 0.134556 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:09.394574 0.217817 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:09.612756 2.762687 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:56:12.375829 0.217598 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 18:59:16.554335 3.002220 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 18:59:23.562448 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:59:31.563733 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 18:59:47.567294 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:00:11.311484 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 19:00:11.311652 1.403067 tcp 10.0.2.19 52157 -> 90.156.118.144 5237 SPA_* 0 0 9 1209 flow=From-Botnet-V2-TCP-Established 1970/01/08 19:00:18.250148 0.047061 tcp 10.0.2.19 52157 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 19:00:19.572740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:06:23.578403 3.002563 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 19:06:30.586225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:06:38.588031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:06:54.590853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:07:26.597235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:16:21.608269 3.001967 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 19:16:28.616000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:16:36.617370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:16:52.620935 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:17:24.626412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:23:32.117668 3.001789 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 19:23:39.125289 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:23:47.126746 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:24:03.129850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:24:35.136077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:26:37.171250 0.000110 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 19:26:37.171453 0.113707 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:37.285534 0.220989 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:37.506877 0.271512 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:37.778806 0.169307 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:37.948487 0.215319 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:38.164219 0.153355 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:38.317961 0.194872 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:38.513195 0.246255 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:38.759851 0.166647 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:38.926869 0.146323 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 575 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:39.073627 0.208422 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:39.282439 0.255207 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:39.538232 0.214285 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:39.752898 0.381197 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:40.134484 0.228825 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:40.363713 0.121304 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:40.485377 0.227014 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:40.712758 0.221907 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:40.935041 0.264797 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:41.200238 0.220626 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:41.421248 0.228151 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:41.649799 0.256923 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:41.907077 0.257148 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 205 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:42.164613 0.231932 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:42.396958 0.275978 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:42.673304 0.132617 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:42.806339 0.255429 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:43.062193 0.220691 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:26:43.283234 0.208417 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:30:20.022350 0.000122 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 19:30:20.022564 1.522196 tcp 10.0.2.19 52158 -> 90.156.118.144 5237 FSPA* 0 0 14 1566 flow=From-Botnet-V2-TCP-Established 1970/01/08 19:31:00.151610 3.002146 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 19:31:07.159175 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:31:15.160935 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:31:31.164083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:32:03.170037 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:38:16.178534 3.001628 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 19:38:23.185970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:38:31.188054 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:38:47.190709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:39:19.196676 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:45:26.206844 3.001792 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 19:45:33.214334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:45:41.215784 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:45:57.218944 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:46:29.225339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:52:33.230962 3.001697 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 19:52:40.238446 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:52:48.239978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:53:04.243323 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:53:36.249316 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:56:47.254195 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 19:56:47.254390 0.273924 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:47.528725 0.119210 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:47.648291 0.217198 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:47.865910 0.147609 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:48.013887 0.218261 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:48.232490 0.143768 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:48.376619 0.322286 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:48.699269 0.242554 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:48.942213 0.173007 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:49.115591 0.145158 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:49.261145 0.205760 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:49.467253 0.264620 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:49.732283 0.220274 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:49.952920 0.363997 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:50.317339 0.223652 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:50.541379 0.111057 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:50.652802 0.220551 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:50.873727 0.240609 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:51.114679 0.329106 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:51.444168 0.211725 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:51.656265 0.242879 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:51.899502 0.251480 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:52.151358 0.239255 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:52.391352 0.135262 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:52.526977 0.282676 rtcp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:52.810248 0.416819 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:53.227428 0.208428 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:53.436251 0.235867 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:56:53.672509 0.262420 udp 10.0.2.19 1701 <-> 76.191.140.101 9551 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 19:59:40.255108 3.001394 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 19:59:47.262669 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 19:59:55.264053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:00:11.267018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:00:21.642009 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 20:00:21.642192 3.028973 tcp 10.0.2.19 52159 -> 90.156.118.144 5237 FSPA* 0 0 14 1759 flow=From-Botnet-V2-TCP-Established 1970/01/08 20:00:43.463658 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:06:47.468617 3.002416 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 20:06:54.476510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:07:02.478708 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:07:18.481322 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:07:50.487029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:16:29.495752 3.002145 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 20:16:36.503737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:16:44.504696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:17:03.602553 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:17:35.608861 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:23:40.044969 3.001560 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 20:23:47.052648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:23:55.053839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:24:11.056891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:24:43.062947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:27:23.634056 0.000105 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 20:27:23.634254 0.253005 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:23.887625 0.113362 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 559 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:24.001368 0.263032 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:24.264855 0.157982 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:24.423254 0.218278 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:24.641908 0.135180 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:24.777418 0.222250 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:25.000043 0.144095 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:25.144521 0.212276 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:25.357177 0.262092 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:25.619657 0.235658 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:25.855682 0.167186 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:26.023231 0.257882 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:26.281517 0.376150 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:26.658035 0.225837 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:26.884323 0.110575 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:26.995326 0.280876 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:27.276655 0.238585 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:27.515711 0.221910 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:27.738049 0.222835 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:27.961241 0.236255 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:28.197849 0.250746 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:28.448994 0.247508 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:28.696888 0.134820 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:28.832079 0.211902 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:29.044322 0.233193 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:29.277880 0.214463 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:29.492723 0.342915 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:27:29.836005 0.000000 udp 10.0.2.19 1701 -> 76.191.140.101 9551 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 20:27:46.329419 0.162720 tcp 10.0.2.19 52160 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 20:27:46.492440 0.198249 tcp 10.0.2.19 52161 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 20:30:26.396847 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 20:30:26.397023 0.707890 tcp 10.0.2.19 52162 -> 90.156.118.144 5237 FSPA* 0 0 14 1743 flow=From-Botnet-V2-TCP-Established 1970/01/08 20:31:12.074329 3.002545 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 20:31:19.082904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:31:27.083792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:31:43.087038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:32:16.154295 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:38:21.382428 3.001818 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 20:38:28.389764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:38:36.391119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:38:53.736097 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:39:25.742181 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:45:29.748026 3.001713 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 20:45:36.755525 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:45:44.756871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:46:00.759783 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:46:32.766546 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:52:36.772330 3.001428 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 20:52:43.779669 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:52:51.781343 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:53:12.592312 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:53:44.169794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 20:58:15.977294 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 20:58:15.977393 0.000000 udp 10.0.2.19 1701 -> 76.191.140.101 9551 INT 0 1 284 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 20:58:33.555574 0.166027 tcp 10.0.2.19 52163 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 20:58:33.721952 0.192384 tcp 10.0.2.19 52164 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 20:58:33.914862 0.260999 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:34.176262 0.287820 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:34.464454 0.156699 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:34.621535 0.219946 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:34.841895 0.137978 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:34.980253 0.196003 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:35.176621 0.114460 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:35.291461 0.232264 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:35.524140 0.174091 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:35.698572 0.305014 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:36.004027 0.311202 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:36.315615 0.146934 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:36.462960 0.257181 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:36.720511 0.370463 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:37.091392 0.135483 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:37.227309 0.263217 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:37.490929 0.238897 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:37.730283 0.224420 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:37.955098 0.236500 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:38.191962 0.251030 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:38.443367 0.222692 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:38.666411 0.220321 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:38.887102 0.210685 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:39.098187 0.237920 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:39.336462 0.225455 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:39.562402 0.169483 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:39.732243 0.245246 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:58:39.977881 0.306901 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 20:59:45.888949 3.002051 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 20:59:52.897029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:00:00.897901 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:00:18.132584 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:00:31.201710 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 21:00:31.201887 1.321352 tcp 10.0.2.19 52165 -> 90.156.118.144 5237 SPA_* 0 0 9 1014 flow=From-Botnet-V2-TCP-Established 1970/01/08 21:00:37.669215 1.289718 tcp 10.0.2.19 52165 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/08 21:00:50.349069 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:06:57.359655 3.001233 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:07:04.366984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:07:12.368069 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:07:28.371498 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:08:04.002808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:14:12.014621 3.001130 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:14:19.021694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:14:27.023623 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:14:43.026268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:15:15.032283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:21:19.038445 3.001534 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:21:26.045468 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:21:34.047451 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:21:50.050228 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:22:22.056563 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:28:26.061804 3.002276 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:28:33.070195 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:28:41.070998 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:28:49.903906 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 21:28:49.904068 0.295375 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:28:50.199859 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 21:28:57.074219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:29:05.259054 0.161957 tcp 10.0.2.19 52166 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 21:29:05.420737 0.190873 tcp 10.0.2.19 52167 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 21:29:05.612155 0.165024 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:05.777563 0.230859 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:06.008784 0.128730 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:06.137897 0.194046 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:06.332304 0.111776 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:06.444474 0.000000 udp 10.0.2.19 1701 -> 99.42.113.147 7090 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 21:29:23.453367 0.168088 tcp 10.0.2.19 52168 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 21:29:23.621553 0.210520 tcp 10.0.2.19 52169 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 21:29:23.832631 0.165589 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:23.998644 0.144975 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:24.144025 0.261180 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:24.405618 0.375616 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:24.781587 0.307451 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:25.089406 0.209158 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:25.298918 0.126359 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:25.425684 0.265901 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:25.691940 0.219929 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:25.912248 0.219299 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:26.131895 0.238870 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:26.371140 0.251900 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:26.623425 0.203371 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:26.827200 0.234777 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:27.062363 0.209941 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:27.272711 0.146115 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:27.419170 0.216452 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:27.635987 0.246894 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:27.883289 0.256109 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:28.139798 0.602320 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 21:29:29.080782 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:30:40.743777 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 21:30:40.743937 0.703299 tcp 10.0.2.19 52170 -> 90.156.118.144 5237 FSPA* 0 0 14 1681 flow=From-Botnet-V2-TCP-Established 1970/01/08 21:35:33.086333 3.001501 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:35:40.093987 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:35:48.095038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:36:04.098306 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:36:36.104532 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:42:40.110392 3.001271 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:42:49.441685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:42:57.442330 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:43:13.445225 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:43:45.451602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:49:50.278626 3.002012 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:49:57.286386 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:50:05.287888 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:50:21.290866 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:50:53.296415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:56:57.302322 3.001744 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 21:57:04.310202 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:57:12.311662 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:57:28.314974 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:58:00.931836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 21:59:46.353178 0.000133 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 21:59:46.353407 0.000000 udp 10.0.2.19 1701 -> 99.42.113.147 7090 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 22:00:03.199750 0.163540 tcp 10.0.2.19 52171 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 22:00:03.363599 0.202907 tcp 10.0.2.19 52172 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 22:00:03.567037 0.321910 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:03.889306 0.253419 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:04.143112 0.128137 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:04.271595 0.191108 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:04.463058 0.112007 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:04.575484 0.215051 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:04.790904 0.395878 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:05.187150 0.255779 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:05.443308 0.151240 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:05.594911 0.152930 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:05.748214 0.362969 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:06.111645 0.312298 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:06.424313 0.211485 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:06.636197 0.107963 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:06.744520 0.274460 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:07.019387 0.241180 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:07.260934 0.245899 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:07.507230 0.222939 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:07.730589 0.223570 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:07.954604 0.207061 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:08.162022 0.228690 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:08.391086 0.205322 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:08.596789 0.133418 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:08.730584 0.244263 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:08.975280 0.000000 udp 10.0.2.19 1701 -> 108.233.136.124 5604 INT 0 1 97 flow=From-Botnet-V2-UDP-Attempt 1970/01/08 22:00:25.050292 0.707698 tcp 10.0.2.19 52173 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/08 22:00:25.758408 0.197602 tcp 10.0.2.19 52174 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/08 22:00:25.956561 0.256455 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:26.213404 0.426524 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:00:43.716031 4.382443 tcp 10.0.2.19 52175 -> 90.156.118.144 5237 FSPA* 0 0 14 1621 flow=From-Botnet-V2-TCP-Established 1970/01/08 22:04:05.327842 3.001903 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/08 22:04:12.335755 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:04:22.680504 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:04:38.683717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:05:10.689613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:15:17.704810 3.001410 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 22:15:24.712049 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:15:32.713570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:15:48.717041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:16:20.832904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:22:24.839285 3.001509 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 22:22:31.846328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:22:39.847613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:22:55.850611 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:23:27.856760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:29:31.862485 3.002377 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 22:29:38.870417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:29:46.872021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:30:02.875003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:30:38.406019 0.000112 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 22:30:38.406238 0.216389 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:38.623051 0.268654 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:38.646055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:30:38.892070 0.144083 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:39.036533 0.234052 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:39.270982 0.114708 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:39.386090 0.225441 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:42.771869 0.316997 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:43.089221 0.193420 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:43.282999 0.260949 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:43.544321 0.153952 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:43.698643 0.156975 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:43.856044 0.247320 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:44.103755 0.117921 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:44.222042 0.311159 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:44.533577 0.386643 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:44.920564 0.285562 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:45.206449 0.320914 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:45.527718 0.259839 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:45.787947 0.207754 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:45.996077 0.236973 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:46.233465 0.212798 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:46.446715 0.218647 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:46.665746 0.245337 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:46.911457 0.238922 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:47.150748 0.192384 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:47.343529 0.255753 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:47.599707 0.244341 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 22:30:51.164392 0.704609 tcp 10.0.2.19 52176 -> 90.156.118.144 5237 FSPA* 0 0 14 1509 flow=From-Botnet-V2-TCP-Established 1970/01/08 22:36:42.651843 4.203833 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 22:36:50.861844 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:36:58.863699 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:37:14.866327 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:37:47.933776 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:43:55.945204 3.001568 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 22:44:05.687009 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:44:13.687863 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:44:29.691515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:45:02.778558 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:51:06.784651 3.001456 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 22:51:17.998788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:51:25.999791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:51:42.003007 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:52:14.009036 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:58:21.019379 3.001707 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 22:58:28.026415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:58:36.028347 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:58:52.030982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 22:59:24.037421 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:00:56.940828 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 23:00:56.940974 0.924239 tcp 10.0.2.19 52177 -> 90.156.118.144 5237 FSPA* 0 0 14 1640 flow=From-Botnet-V2-TCP-Established 1970/01/08 23:01:07.856544 0.214501 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:08.071421 0.239565 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:08.311330 0.120929 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:08.432603 0.270812 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:08.703776 0.129255 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:08.833402 0.219679 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:09.053431 0.280120 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:09.333949 0.178408 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:09.512752 0.308898 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:09.821997 0.178170 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:10.000500 0.166496 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:10.167375 0.208678 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:10.376538 0.111191 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:10.488164 0.326528 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:10.815087 0.232042 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:11.047520 0.253582 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:11.301488 0.367733 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:11.669650 0.270075 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:11.940086 0.267636 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:12.208111 0.236693 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:12.445231 0.237879 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:12.683479 0.328746 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:13.012623 0.132958 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:13.145945 0.277906 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:13.424261 0.233623 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:13.658308 0.227144 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:01:13.885829 0.262406 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:05:28.082789 3.001889 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:05:35.090577 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:05:43.091884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:05:59.094716 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:06:31.100748 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:16:03.116165 3.002144 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:16:10.383693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:16:18.385629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:16:34.388579 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:17:06.394368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:23:10.400562 3.001964 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:23:17.408387 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:23:25.409496 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:23:41.412287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:24:13.418131 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:30:17.424474 3.001310 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:30:24.431928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:30:32.433122 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:30:48.436707 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:30:58.040934 1.648893 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/08 23:30:59.690063 0.778799 tcp 10.0.2.19 52178 -> 90.156.118.144 5237 FSPA* 0 0 14 1721 flow=From-Botnet-V2-TCP-Established 1970/01/08 23:31:21.253445 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:31:39.430182 0.211043 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:39.641598 0.201913 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:39.843932 0.108567 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:39.952908 0.256484 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:40.209766 0.129866 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:40.340027 0.156835 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:40.497285 0.314756 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:40.812422 0.274260 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:41.087056 0.258768 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:41.346201 0.144707 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:41.491248 0.154353 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:41.645971 0.211520 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:41.857876 0.108256 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:41.966472 0.302979 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:42.269788 0.366912 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:42.637063 0.241191 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:42.878617 0.255299 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:43.134323 0.267476 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:43.402327 0.217160 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:43.619886 0.231638 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:43.851884 0.207928 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:44.060219 0.239516 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:44.300113 0.230433 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:44.406725 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/08 23:31:44.530918 0.222984 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:44.754247 0.219580 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:44.974335 0.132759 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:31:45.107470 0.223171 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/08 23:37:25.259771 3.001163 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:37:32.267089 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:37:40.268529 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:37:56.271210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:38:31.251613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:44:37.340774 3.001685 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:44:44.348058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:44:52.350101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:45:08.352923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:45:40.359039 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:51:44.364268 4.243870 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:51:52.613894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:52:00.615649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:52:16.618345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:52:48.705030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:59:01.713043 3.002171 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/08 23:59:08.720978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:59:16.722513 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/08 23:59:32.725331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:00:04.731333 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:01:04.618605 0.000088 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 00:01:04.618785 1.021048 tcp 10.0.2.19 52179 -> 90.156.118.144 5237 FSPA* 0 0 14 1615 flow=From-Botnet-V2-TCP-Established 1970/01/09 00:02:11.263860 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 00:02:11.263953 0.213899 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:11.478271 0.202787 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:11.681410 0.110160 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:11.792007 0.270307 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:12.062675 0.138434 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:12.201510 0.158419 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:12.360268 0.263286 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:12.623922 0.190860 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:12.815131 0.155844 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:12.971378 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 00:02:28.060289 0.181374 tcp 10.0.2.19 52180 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 00:02:28.241994 0.253279 tcp 10.0.2.19 52181 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 00:02:28.495826 0.221749 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:28.717979 0.211732 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:28.930189 0.110372 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:29.040948 0.311595 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:29.352933 0.365112 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:29.718453 0.287558 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:30.006428 0.208054 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:30.214896 0.236729 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:30.451978 0.252297 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:30.704684 0.264161 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:30.969201 0.204988 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:31.174572 0.257810 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:31.432815 0.287280 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:31.720485 0.133450 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:31.854333 0.225778 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:32.080515 0.224232 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:02:32.305112 0.222316 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:06:08.737462 3.001697 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/09 00:06:15.745267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:06:23.746829 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:06:39.749652 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:07:11.755320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:16:25.764460 3.002044 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 00:16:32.772407 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:16:40.773331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:16:56.776934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:17:28.782896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:23:32.788090 3.001939 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 00:23:39.796331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:23:47.797871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:24:03.800836 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:24:35.806531 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:30:39.812316 3.002237 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 00:30:49.183904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:30:57.184855 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:31:06.818977 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 00:31:06.819206 0.743403 tcp 10.0.2.19 52182 -> 90.156.118.144 5237 FSPA* 0 0 14 1653 flow=From-Botnet-V2-TCP-Established 1970/01/09 00:31:13.187733 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:31:45.193850 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:32:40.203090 0.000054 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 00:32:40.203204 0.372330 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:40.575906 0.111606 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:40.687893 0.254389 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:40.942656 0.217392 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:41.160460 0.190390 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:41.351209 0.258932 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:41.610511 0.144691 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:41.755599 0.125303 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:41.881255 0.151427 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:42.033044 0.168750 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:42.202383 0.216162 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:42.418967 0.209860 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:42.629182 0.111584 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:42.741176 0.311213 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:43.052758 0.213308 rtcp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:43.266447 0.365117 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:43.631967 0.278992 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:43.911310 0.236058 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:44.147767 0.236951 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:44.385089 0.254503 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:44.639982 0.581769 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:45.222126 0.238198 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:45.460739 0.226827 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:45.687926 0.129931 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:45.818277 0.226656 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:46.045297 0.211966 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:32:46.257692 0.222589 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 00:37:53.205265 3.002113 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 00:38:00.213101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:38:08.214523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:38:24.217642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:38:56.224073 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:45:00.229294 3.001794 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 00:45:07.237412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:45:15.238568 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:45:31.242395 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:46:03.248440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:52:07.253107 3.002136 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 00:52:14.260984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:52:22.262376 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:52:38.265332 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:53:10.532047 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:59:14.538357 3.001326 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 00:59:21.545407 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:59:29.546674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 00:59:45.550163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:00:17.555936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:01:07.698562 0.000053 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 01:01:07.698656 0.850970 tcp 10.0.2.19 52183 -> 90.156.118.144 5237 FSPA* 0 0 14 1703 flow=From-Botnet-V2-TCP-Established 1970/01/09 01:03:02.623683 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 01:03:02.623858 0.257679 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:02.881959 0.213770 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 269 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:03.096131 0.332721 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:03.429248 0.112083 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:03.541748 0.196688 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:03.738839 0.259054 udp 10.0.2.19 1701 <-> 69.232.68.87 7399 CON 0 0 2 572 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:03.998250 0.144794 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:04.143453 0.126368 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:04.270381 0.156872 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:04.427624 0.209278 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:04.637314 0.117188 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:04.754925 0.171781 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:04.927060 0.218673 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:05.146243 0.312754 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:05.459364 0.207762 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:05.667543 0.364331 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:06.032243 0.239078 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:06.271733 0.254470 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:06.526596 0.274940 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:06.801918 0.237573 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:07.039897 0.462523 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:07.502787 0.262305 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:07.765536 0.224342 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:07.990426 0.232388 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:08.223210 0.227570 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:08.451193 0.223867 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:03:08.675440 0.133656 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:06:21.561343 3.002345 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/09 01:06:28.569415 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:06:36.570803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:06:52.573640 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:07:24.579687 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:16:28.594444 3.002179 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 01:16:35.602520 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:16:43.603834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:16:59.606915 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:17:31.612446 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:23:35.618904 3.001340 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 01:23:42.626364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:23:50.628083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:24:06.630787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:24:38.637169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:30:42.642669 3.001368 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 01:30:49.649869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:30:57.651343 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:31:08.557698 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 01:31:08.557859 2.952427 tcp 10.0.2.19 52184 -> 90.156.118.144 5237 FSPA* 0 0 14 1711 flow=From-Botnet-V2-TCP-Established 1970/01/09 01:31:13.654657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:31:45.660414 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:33:18.333946 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 01:33:18.334268 1.145484 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:19.480126 0.980351 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:20.460900 1.097049 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:21.558358 1.171604 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:22.730393 1.148142 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:23.878889 0.000000 udp 10.0.2.19 1701 -> 69.232.68.87 7399 INT 0 1 197 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 01:33:40.939359 1.676181 tcp 10.0.2.19 52185 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 01:33:42.615884 1.773063 tcp 10.0.2.19 52186 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 01:33:44.389517 1.031592 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:45.421450 0.942868 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:46.364750 0.996579 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:47.361725 1.078414 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:48.440490 1.014006 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:49.454873 1.081783 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:50.537027 1.136010 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:51.673389 1.281693 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:52.955510 1.181245 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:54.137145 1.254863 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:55.392413 1.273475 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:56.666259 1.395954 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:58.062578 1.324998 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:33:59.387985 1.332329 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:34:00.720682 1.335350 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:34:02.056406 1.406789 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:34:03.463611 1.397270 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:34:04.861282 1.637256 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:34:06.498879 1.311765 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:34:07.811064 1.428449 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:34:09.239891 1.456711 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 01:37:49.666870 3.001631 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/09 01:37:56.673882 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:38:04.675339 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:38:20.678731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:38:52.685440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:44:56.690246 3.002358 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 01:45:03.698444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:45:11.699324 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:45:27.702356 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:45:59.708852 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:52:03.714541 3.001494 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 01:52:10.721858 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:52:18.723428 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:52:34.726544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:53:06.732726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:59:10.738338 3.001897 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 01:59:17.745773 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:59:25.747261 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 01:59:41.750353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:00:15.399015 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:01:12.331356 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 02:01:12.331454 3.022876 tcp 10.0.2.19 52187 -> 90.156.118.144 5237 FSPA* 0 0 14 1590 flow=From-Botnet-V2-TCP-Established 1970/01/09 02:04:25.969380 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 02:04:25.969550 0.000000 udp 10.0.2.19 1701 -> 69.232.68.87 7399 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 02:04:41.494498 2.454220 tcp 10.0.2.19 52188 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 02:04:43.948478 1.449737 tcp 10.0.2.19 52189 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 02:04:45.501334 0.851888 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:46.353609 0.665178 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:47.019143 0.777347 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:47.796853 0.845900 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:48.643194 0.835293 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:49.478925 0.827703 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:50.307002 0.835252 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:51.142640 0.822423 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:51.965484 0.994936 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:52.960851 0.846875 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:53.808131 0.907131 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:54.715647 0.971883 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:55.687896 1.079521 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:56.767804 1.005535 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:57.773741 1.079777 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:04:58.853909 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 02:05:16.132637 4.426396 tcp 10.0.2.19 52190 -> 173.194.70.99 80 FSPA* 0 0 11 1892 flow=From-Botnet-V2-TCP-Established 1970/01/09 02:05:18.633596 2.108320 tcp 10.0.2.19 52191 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 02:05:20.742499 0.965929 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:21.708802 0.789909 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:22.499115 0.829277 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:23.328750 0.819797 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:24.148915 0.883947 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:25.033203 0.879323 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:25.912931 0.965533 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:26.878860 1.033940 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:27.913186 1.121975 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:05:29.035538 1.004857 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:06:19.405208 3.001472 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/09 02:06:26.412624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:06:34.413654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:06:50.416509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:07:22.422881 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:16:29.431654 3.001964 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 02:16:36.439733 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:16:44.441156 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:17:00.443814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:17:32.449751 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:23:36.456116 3.002119 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 02:23:43.463914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:23:51.464881 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:24:07.467762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:24:39.473657 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:30:49.578558 3.001535 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 02:30:56.586358 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:31:04.587851 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:31:16.394717 0.477544 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 02:31:16.873087 2.479736 tcp 10.0.2.19 52192 -> 90.156.118.144 5237 FSPA* 0 0 14 1545 flow=From-Botnet-V2-TCP-Established 1970/01/09 02:31:20.810875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:31:52.816958 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:35:38.702019 0.000054 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 02:35:38.702124 1.135052 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:39.837603 1.182601 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:41.020596 0.977188 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:43.240462 1.115157 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:44.355976 1.186991 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:45.543375 1.168038 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:46.711806 1.121844 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:47.834139 1.125607 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:48.960167 1.184652 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:50.145207 1.237669 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:51.383232 1.194791 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:52.578379 1.254594 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:53.833333 1.342640 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:55.176326 1.484566 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:56.661282 0.865605 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:57.527225 0.380180 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:57.907828 0.867520 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:58.775779 0.767368 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:35:59.543490 1.188466 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:36:00.732332 0.873064 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:36:01.605781 0.981102 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:36:02.587262 0.920422 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:36:03.508033 1.054643 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:36:04.563118 0.885320 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:36:05.448816 0.904344 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:36:06.353532 0.941585 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 02:38:00.447827 3.001718 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 02:38:07.455287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:38:19.252228 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:38:35.255689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:39:07.261621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:45:17.275858 3.002409 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 02:45:24.283315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:45:32.285443 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:45:48.287953 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:46:20.294194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:52:24.300062 3.001778 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 02:52:31.307869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:52:39.309212 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:52:55.311982 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:53:27.317867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:59:31.324127 3.001368 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 02:59:38.331770 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 02:59:46.333429 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:00:02.336077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:00:34.342371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:01:23.032406 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 03:01:23.032584 3.158812 tcp 10.0.2.19 52193 -> 90.156.118.144 5237 FSPA* 0 0 14 1715 flow=From-Botnet-V2-TCP-Established 1970/01/09 03:06:38.347635 3.001845 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:06:43.232838 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 03:06:43.233045 1.385287 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:44.618714 1.405160 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:45.355742 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:06:46.024220 1.065077 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:47.089658 0.733454 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:47.823498 0.794667 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:48.618535 0.770557 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:49.389481 0.714384 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:50.104240 0.724260 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:50.828900 0.772761 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:51.602024 0.858866 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:52.461283 0.788507 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:53.250200 0.833938 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:53.357024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:06:54.084500 0.894382 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:54.979256 0.973927 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:55.953587 0.909247 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 570 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:56.863203 1.002637 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:57.866215 1.131682 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:06:58.998337 1.028390 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:00.027121 1.037483 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:01.065002 1.034745 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:02.100108 1.117774 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:03.218248 1.142205 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:04.360868 1.181493 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:05.542797 1.042784 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:06.585941 1.139534 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:07.725857 1.197254 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:07:09.360079 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:07:41.366477 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:16:42.376521 3.001657 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:16:49.383943 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:16:57.385676 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:17:13.388238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:17:45.394753 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:23:49.400169 3.002633 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:23:56.407651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:24:04.409146 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:24:20.412501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:24:52.418213 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:30:56.424359 3.002209 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:31:03.431890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:31:11.433643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:31:27.286645 0.000066 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 03:31:27.286789 3.406628 tcp 10.0.2.19 52194 -> 90.156.118.144 5237 FSPA* 0 0 14 1754 flow=From-Botnet-V2-TCP-Established 1970/01/09 03:31:29.659820 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:32:01.666146 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:37:31.470011 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 03:37:31.470186 1.184264 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:32.654835 1.256047 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:33.911285 1.094093 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:35.005727 1.173908 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:36.180028 1.282791 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:37.463182 1.238555 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:38.702108 1.236113 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 218 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:39.938598 0.932859 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:40.871839 0.746102 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:41.618337 0.768921 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:42.387701 0.647297 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:43.035388 0.723771 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:43.759537 0.808776 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:44.568671 0.983383 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:45.552432 0.909933 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:46.462769 0.742285 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:47.205462 0.806415 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:48.012242 0.636176 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:48.648782 0.632374 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:49.281555 0.598108 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:49.880053 0.647422 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:50.527869 0.718955 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:51.247224 0.707435 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:51.955072 0.486596 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:52.442063 0.752517 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:37:53.194939 0.685193 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 03:38:07.674188 3.001845 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:38:14.682154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:38:22.683786 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:38:38.686314 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:39:10.692954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:45:14.698180 3.002081 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:45:21.705904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:45:29.707727 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:45:45.710642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:46:17.716193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:52:21.721993 3.002475 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:52:28.730033 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:52:36.731638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:52:52.734156 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:53:24.740423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:59:28.746098 3.002381 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 03:59:35.753678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:59:43.755198 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 03:59:59.758508 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:00:31.764172 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:01:30.699414 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 04:01:30.699626 3.291142 tcp 10.0.2.19 52195 -> 90.156.118.144 5237 FSPA* 0 0 14 1726 flow=From-Botnet-V2-TCP-Established 1970/01/09 04:06:35.770352 3.001671 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:06:42.777795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:06:50.779521 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:07:06.782083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:07:38.788503 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:08:15.782121 0.000117 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 04:08:15.782330 0.288416 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:16.071108 0.269081 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:16.340543 0.173760 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:16.514713 0.205765 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:16.720872 0.255026 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:16.976301 0.220582 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:17.197298 0.144053 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:17.341729 0.135065 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:17.477191 0.152875 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:17.630504 0.247180 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:17.878227 0.115169 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:17.993773 0.160153 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:18.154492 0.250597 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:18.405546 0.270468 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:18.676392 0.208902 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:18.885652 0.254161 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:19.140240 0.371845 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:19.512516 0.235616 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:19.748509 0.243151 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:19.992023 1.492721 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:21.485168 0.253713 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:21.739262 0.245282 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:21.984906 0.227306 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:22.212560 0.131782 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:22.344700 0.228347 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:08:22.573508 0.234231 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:16:42.803399 3.001544 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:16:49.810774 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:16:57.811837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:17:13.814911 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:17:45.820894 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:23:49.826649 3.001942 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:23:56.834377 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:24:04.836012 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:24:20.839479 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:24:52.845037 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:30:56.850613 3.002100 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:31:03.858642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:31:11.860031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:31:27.863345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:31:33.991987 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 04:31:33.992157 0.762905 tcp 10.0.2.19 52196 -> 90.156.118.144 5237 FSPA* 0 0 14 1670 flow=From-Botnet-V2-TCP-Established 1970/01/09 04:31:59.869128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:38:03.875331 3.001709 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:38:10.882469 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:38:18.884304 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:38:34.886801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:38:45.693193 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 04:38:45.693374 0.115813 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:38:45.809596 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 126 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 04:39:03.030505 0.162114 tcp 10.0.2.19 52197 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 04:39:03.192956 0.191560 tcp 10.0.2.19 52198 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 04:39:03.385111 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 04:39:06.893041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:39:21.386779 0.162658 tcp 10.0.2.19 52199 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 04:39:21.549679 0.200867 tcp 10.0.2.19 52200 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 04:39:21.751103 0.202399 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:21.953897 0.255290 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:22.209548 0.212006 rtcp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:22.421910 0.144472 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:22.566757 0.128942 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:22.696062 0.154187 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:22.850682 0.161581 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:23.012616 0.210712 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:23.223688 0.212159 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:23.436246 0.111718 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:23.548333 0.217931 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:23.766661 0.208281 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:23.975305 0.252585 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:24.228714 0.366431 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:24.595525 0.249112 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:24.845032 0.235861 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:25.081280 0.221301 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:25.302933 0.241717 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:25.545010 0.224952 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:25.770335 0.232698 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:26.003446 0.132631 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:26.136485 0.214503 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:39:26.351352 0.220595 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 04:45:10.898995 3.001592 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:45:17.906479 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:45:25.907942 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:45:41.911215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:46:13.917128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:52:17.922801 3.001959 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:52:24.930250 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:52:34.945014 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:52:50.947887 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:53:22.953787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:59:26.959379 3.002407 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 04:59:33.967497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:59:41.968473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 04:59:57.971745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:00:29.978066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:01:35.752984 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 05:01:35.753150 0.796156 tcp 10.0.2.19 52201 -> 90.156.118.144 5237 FSPA* 0 0 14 1745 flow=From-Botnet-V2-TCP-Established 1970/01/09 05:06:33.983484 3.002521 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:06:40.991729 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:06:48.992492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:07:04.996030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:07:37.001966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:09:34.150936 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 05:09:34.151121 0.220083 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:34.371579 0.274114 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:34.646119 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 05:09:51.036152 0.161461 tcp 10.0.2.19 52202 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 05:09:51.197392 0.193835 tcp 10.0.2.19 52203 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 05:09:51.391780 0.230022 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:51.622347 0.146249 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:51.768987 0.135406 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:51.904769 0.194122 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:52.099307 0.256073 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:52.355732 0.157570 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:52.513663 0.170561 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:52.684656 0.223163 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:52.908197 0.213477 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:53.122225 0.404570 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:53.527169 0.221143 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:53.748729 0.373171 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:54.122283 0.215070 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:54.337703 0.252666 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:54.590792 0.249036 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:54.840301 0.233806 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:55.074453 0.218189 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:55.293048 0.239837 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:55.533320 0.222699 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:55.756366 0.220199 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:55.976923 0.218670 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:56.195960 0.224124 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:09:56.420439 0.130235 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:16:43.009578 3.001495 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:16:52.710737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:17:00.712605 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:17:16.715125 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:17:48.721344 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:23:52.727398 3.001542 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:23:59.734826 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:24:07.736378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:24:23.739678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:24:56.325883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:31:09.135168 3.000983 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:31:16.142533 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:31:24.143638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:31:38.544793 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 05:31:38.544887 0.797127 tcp 10.0.2.19 52204 -> 90.156.118.144 5237 FSPA* 0 0 14 1516 flow=From-Botnet-V2-TCP-Established 1970/01/09 05:31:40.146779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:32:17.944393 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:38:18.221039 3.002217 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:38:25.229119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:38:33.230765 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:38:49.233478 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:39:22.130745 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:40:11.703464 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 05:40:11.703625 0.113755 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:11.817752 0.214730 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:12.032831 0.280960 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:12.314153 0.213676 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:12.528190 0.146342 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:12.674896 0.130406 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:12.805678 0.200246 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:13.006485 0.253814 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:13.260678 0.158533 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:13.419563 0.157532 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:13.577453 0.223465 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:13.801300 0.208586 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 271 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:14.010266 0.211489 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:14.222166 0.222050 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:14.444633 0.253118 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:14.698306 0.376617 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:15.075312 0.211307 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:15.286967 0.236494 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:15.523840 0.235847 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:15.760092 0.209807 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:15.970421 0.262939 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:16.233725 0.226940 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:16.461039 0.707472 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:17.168918 0.130448 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:17.299759 0.221662 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:17.521784 0.252823 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 05:40:26.670037 0.000000 udp 10.0.2.19 1701 <- 99.95.196.161 2218 RSP 0 0 1 246 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 05:45:26.136750 3.001926 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:45:33.144648 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:45:41.146177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:45:57.149283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:46:29.154819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:52:33.160890 3.001785 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:52:42.161475 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:52:50.162495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:53:06.165706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:53:38.171984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:59:42.177374 3.002209 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 05:59:49.185487 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 05:59:59.269911 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:00:15.482968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:00:48.009876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:01:45.252585 0.000054 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 06:01:45.252681 0.763093 tcp 10.0.2.19 52205 -> 90.156.118.144 5237 FSPA* 0 0 14 1731 flow=From-Botnet-V2-TCP-Established 1970/01/09 06:06:52.015268 3.002342 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 06:06:59.023193 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:07:07.024409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:07:23.028082 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:07:55.033837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:10:30.057232 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 06:10:30.057399 0.176379 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:30.234160 0.220387 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:30.454957 0.272258 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:30.727592 0.218902 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:30.946864 0.144610 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:31.091901 0.130884 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:31.223222 0.149877 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:31.373522 0.161196 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:31.535060 0.000000 udp 10.0.2.19 1701 -> 99.95.196.161 2218 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 06:10:48.265691 0.161022 tcp 10.0.2.19 52206 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 06:10:48.426445 0.189077 tcp 10.0.2.19 52207 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 06:10:48.616109 0.198205 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:48.814681 0.252620 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:49.265841 0.213170 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:49.479402 0.109774 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:49.589540 0.210880 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:49.800785 0.250341 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:50.051547 0.243657 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:50.295616 0.241130 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:50.537100 0.370968 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:50.908456 0.206475 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:51.115340 0.201654 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:51.317863 0.235598 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:51.553856 0.225841 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:51.780050 0.215600 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:51.996051 0.219349 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:52.215774 0.230039 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:10:52.446221 0.130074 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:16:53.039540 3.001766 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 06:17:00.047857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:17:08.048552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:17:24.051749 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:17:56.057989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:24:00.063341 3.002188 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 06:24:07.071176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:24:15.072702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:24:31.075481 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:25:05.164926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:31:09.170222 3.002682 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 06:31:17.069571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:31:25.071306 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:31:41.073794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:31:51.006595 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 06:31:51.006685 1.328143 tcp 10.0.2.19 52208 -> 90.156.118.144 5237 FSPA* 0 0 14 1712 flow=From-Botnet-V2-TCP-Established 1970/01/09 06:32:15.193040 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:38:19.198842 4.033501 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/09 06:38:25.235702 4.005660 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/09 06:38:42.583199 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:38:58.376410 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:39:32.722327 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:41:33.149006 0.000075 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 06:41:33.149169 0.212798 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:33.362373 0.373890 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:33.736700 0.204106 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:33.941248 0.488984 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:34.430696 0.222596 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:34.653688 0.227407 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:34.881496 0.283952 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:35.165911 0.133987 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:35.300306 0.229445 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:35.530337 0.773355 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:36.304125 0.114314 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:36.418860 0.212483 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:36.631768 0.168465 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:36.800682 0.152880 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:36.954006 0.263775 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:37.218217 0.212818 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:37.431420 0.142975 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:37.574800 0.126627 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:37.701920 0.213273 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:37.915617 0.253009 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:38.169042 0.198156 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:38.367592 0.147034 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:38.515042 0.255470 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:38.770935 0.213729 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:38.985083 0.232496 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:41:39.218021 0.235467 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 06:45:37.912222 2.971358 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 06:45:44.835350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:45:52.728566 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:46:06.388296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:46:38.394160 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:52:42.400072 3.001662 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 06:52:49.407667 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:52:57.409478 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:53:13.411954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:53:45.418239 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 06:59:51.426919 3.001809 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 06:59:58.434426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:00:06.435706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:00:22.439008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:00:54.445269 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:01:55.924100 0.000117 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 07:01:55.924308 1.087940 tcp 10.0.2.19 52209 -> 90.156.118.144 5237 FSPA* 0 0 14 1758 flow=From-Botnet-V2-TCP-Established 1970/01/09 07:06:58.450873 3.001910 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 07:07:05.458816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:07:13.459638 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:07:29.463353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:08:01.468823 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:11:55.795829 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 07:11:55.795995 0.212850 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:56.009200 0.206547 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:56.216144 0.366562 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:56.583088 0.208976 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:56.792475 0.226830 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:57.019699 0.228929 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:57.249016 0.236552 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:57.485947 0.130943 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:57.617284 0.215675 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:57.833370 0.222385 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:58.056120 0.243759 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:58.300264 0.288306 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:58.588919 0.150493 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:58.739787 0.147311 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:58.887482 0.265935 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:59.153839 0.218701 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:59.372927 0.143364 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:59.516669 0.132140 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:59.649203 0.189080 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:59.838689 0.109772 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:11:59.948885 0.211288 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:12:00.160531 0.251616 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:12:00.412587 0.237300 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:12:00.650340 0.241331 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:12:00.892108 0.252310 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:12:01.144798 0.212451 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:17:00.476717 3.001655 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 07:17:07.483930 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:17:15.485685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:17:31.488544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:18:03.494613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:24:07.500580 3.001465 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 07:24:14.508254 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:24:22.509542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:24:38.512904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:25:10.999047 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:31:18.009404 3.001865 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 07:31:25.017214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:31:33.018795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:31:49.021869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:31:57.254063 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 07:31:57.254165 2.610001 tcp 10.0.2.19 52210 -> 90.156.118.144 5237 FSPA* 0 0 14 1646 flow=From-Botnet-V2-TCP-Established 1970/01/09 07:32:21.027659 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:38:25.033164 3.002432 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 07:38:32.040892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:38:40.042578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:38:56.045360 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:39:28.051502 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:42:16.414308 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 07:42:16.414488 0.216745 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:16.631621 0.210031 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:16.842015 0.375064 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:17.217462 0.236820 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:17.454672 0.210732 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:17.665767 0.221905 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:17.888095 0.240042 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 553 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:18.128544 0.133347 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:18.262465 0.220998 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:18.483860 0.116448 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:18.600655 0.215151 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:18.816215 0.835593 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:19.652186 0.155997 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:19.808545 0.149468 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:19.958476 0.270349 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:20.229216 0.127758 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:20.357443 0.197547 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:20.555368 0.114205 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:20.670011 0.209546 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:20.880010 0.155885 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:21.036294 0.208850 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:21.284377 0.255067 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:21.539841 0.241116 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:21.781314 0.208338 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:21.990056 0.240564 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:42:22.231065 0.257559 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 07:45:33.929866 3.001637 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 07:45:40.937252 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:45:48.939420 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:46:04.941854 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:46:36.948185 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:52:40.954321 0.998599 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/09 07:52:46.149210 4.005732 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/09 07:52:58.156392 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:53:14.159298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:53:46.165598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 07:59:50.171432 3.001701 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 07:59:57.178706 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:00:05.179846 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:00:21.183502 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:00:53.189087 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:02:01.868042 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 08:02:01.868210 0.731315 tcp 10.0.2.19 52211 -> 90.156.118.144 5237 FSPA* 0 0 14 1552 flow=From-Botnet-V2-TCP-Established 1970/01/09 08:06:57.194804 3.002284 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:07:04.202488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:07:12.204104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:07:28.207511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:08:00.213291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:12:41.918500 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 08:12:41.918600 0.289018 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:42.208000 0.227552 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:42.435971 0.206169 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:42.642525 0.206572 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:42.849507 0.376942 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 584 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:43.226792 0.216952 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:43.444117 0.237928 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:43.682462 0.132654 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:43.815494 0.218529 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:44.034406 0.107572 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 245 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:44.142394 0.224691 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:44.367450 0.223502 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 520 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:44.591308 0.158367 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:44.750018 0.157309 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:44.907755 0.259496 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:45.167637 0.140255 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:45.308270 0.187438 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:45.496096 0.109645 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 218 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:45.606177 0.216272 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:45.822874 0.253322 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:46.076606 0.251492 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:46.328514 0.216110 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:46.545378 0.145242 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:46.690977 0.254296 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:46.945631 0.212330 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:12:47.158472 0.234694 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:17:02.224982 3.001925 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:17:09.232264 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:17:17.233852 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:17:33.237270 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:18:05.243279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:24:09.248842 3.001999 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:24:16.256794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:24:24.257788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:24:40.261350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:25:12.267096 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:31:19.277194 3.001837 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:31:26.284516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:31:34.286104 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:31:50.289226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:32:02.607929 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 08:32:02.608143 0.747120 tcp 10.0.2.19 52212 -> 90.156.118.144 5237 FSPA* 0 0 14 1694 flow=From-Botnet-V2-TCP-Established 1970/01/09 08:32:22.295397 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:38:26.301299 3.002014 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:38:33.309033 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:38:41.310338 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:38:57.313072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:39:29.319315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:42:54.865324 0.000147 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 08:42:54.865595 0.202702 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:55.068719 0.214127 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:55.283279 0.246577 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:55.530228 0.219229 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:55.749889 0.205424 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:55.955685 0.367827 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:56.323884 0.236398 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:56.560631 0.134619 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:56.695650 0.226689 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:56.922725 0.260841 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:57.183951 0.171840 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:57.356149 0.110147 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:57.466635 0.229819 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:57.696883 0.156457 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 302 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:57.853756 0.266133 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:58.120224 0.129915 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:58.250516 0.211443 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:58.462431 0.253857 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:58.716637 0.208061 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:58.925138 0.151436 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:59.076945 0.237633 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:59.314928 0.209080 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:59.524363 0.144445 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:59.669204 0.244498 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:42:59.914259 0.262411 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:43:00.177089 0.209741 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 08:45:33.325318 3.001518 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:45:40.833592 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:45:48.835277 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:46:04.837807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:46:46.833554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:52:48.391970 2.955535 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:52:55.306199 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:53:03.200464 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:53:18.986488 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:53:50.565885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 08:59:51.989567 3.001668 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 08:59:58.997353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:00:06.998878 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:00:23.001501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:00:55.378794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:02:05.870073 0.000121 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 09:02:05.870380 2.088566 tcp 10.0.2.19 52213 -> 90.156.118.144 5237 FSPA* 0 0 14 1574 flow=From-Botnet-V2-TCP-Established 1970/01/09 09:07:01.386873 3.002520 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:07:08.394986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:07:16.396305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:07:32.399099 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:08:04.405428 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:13:26.098332 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 09:13:26.098504 0.226851 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:26.325727 0.220064 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:26.546205 0.206258 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:26.752875 0.215584 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:26.968863 0.261765 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:27.231015 0.146120 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:27.377535 0.204321 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:27.582288 0.366542 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:27.949207 0.216602 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:28.166228 1.188637 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:29.355263 0.162577 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:29.518419 0.111545 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:29.630397 0.209709 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:29.840496 0.148219 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:29.989094 0.212228 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:30.201739 0.254614 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:30.456771 0.259115 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:30.716255 0.130785 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:30.847451 0.224399 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:31.072224 0.111133 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:31.183758 0.231137 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:31.415346 0.213746 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:31.629474 0.145201 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:31.775163 0.212700 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:31.988262 0.233288 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:13:32.221925 0.254394 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:14:08.410942 3.002307 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:14:15.418950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:14:23.419819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:14:39.573627 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:15:11.579645 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:21:17.587621 3.002517 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:21:24.595964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:21:32.597266 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:21:48.600194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:22:20.606021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:28:24.612006 3.001590 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:28:31.619975 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:28:39.621578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:28:55.624032 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:29:27.630394 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:32:08.030973 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 09:32:08.031160 0.865456 tcp 10.0.2.19 52214 -> 90.156.118.144 5237 SPA_* 0 0 9 1157 flow=From-Botnet-V2-TCP-Established 1970/01/09 09:32:13.994190 0.023230 tcp 10.0.2.19 52214 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 09:35:31.635490 3.002286 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:35:38.643976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:35:46.645259 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:36:02.648490 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:36:34.653928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:42:38.660331 3.001536 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:42:45.667772 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:42:53.668840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:43:09.672238 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:43:41.677860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:43:43.601212 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 09:43:43.601446 0.206947 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:43.808852 0.227036 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:44.036305 0.222376 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 197 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:44.259055 0.224983 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:44.484415 0.242254 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:44.727071 0.132951 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:44.860474 0.205214 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:45.066146 0.365627 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:45.432183 0.222229 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:45.654777 0.114197 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:45.769381 0.215503 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:45.985324 0.224132 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:46.209883 0.152187 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:46.362475 0.156871 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:46.519760 0.218707 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:46.738853 0.254838 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:46.994071 0.193338 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:47.187834 0.112098 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:47.300306 0.263521 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:47.564189 0.128357 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:47.692910 0.233571 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:47.926915 0.212488 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:48.139805 0.144635 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:48.284787 0.209123 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:48.494334 0.239878 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 222 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:43:48.734603 0.266026 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 09:49:45.684352 3.001512 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:49:52.691390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:50:00.692988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:50:16.696069 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:50:48.702213 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:56:52.707959 3.001464 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 09:56:59.715803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:57:07.716827 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:57:23.720364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 09:57:55.726199 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:02:14.017561 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 10:02:14.017771 1.427157 tcp 10.0.2.19 52215 -> 90.156.118.144 5237 SPA_* 0 0 9 1019 flow=From-Botnet-V2-TCP-Established 1970/01/09 10:02:20.453801 0.167757 tcp 10.0.2.19 52215 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 10:03:59.731785 3.001764 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:04:06.739840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:04:14.740777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:04:30.743831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:05:02.749931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:11:08.858584 3.002266 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:11:15.866171 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:11:23.868118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:11:39.870791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:12:11.876778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:14:02.606278 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 10:14:02.606377 0.205808 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:02.812535 0.232316 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:03.045225 0.220288 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:03.265915 0.253020 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:03.519316 0.252563 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:03.772279 0.377019 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:04.149648 0.211124 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:04.361147 0.130488 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:04.492028 0.239525 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:04.731957 0.137840 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:04.870354 0.211930 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:05.082636 0.851950 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:05.934957 0.148269 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:06.083639 0.154282 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:06.238502 0.195021 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:06.433902 0.115848 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:06.550293 0.267337 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:06.817994 0.134269 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:06.952641 0.209990 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:07.163013 0.254322 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:07.417717 0.241117 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:07.659244 0.212689 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:07.872325 0.145757 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:08.018405 0.209947 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:08.228694 0.237192 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:14:08.466305 0.252023 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:18:16.884763 3.001027 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:18:23.891793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:18:31.893539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:18:47.896618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:19:19.902579 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:25:25.380676 3.001910 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:25:32.387832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:25:40.389576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:25:56.392408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:26:28.398891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:32:23.449765 0.000114 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 10:32:23.449976 0.949920 tcp 10.0.2.19 52216 -> 90.156.118.144 5237 FSPA* 0 0 14 1589 flow=From-Botnet-V2-TCP-Established 1970/01/09 10:32:36.409861 3.001816 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:32:43.417801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:32:51.419053 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:33:07.421952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:33:39.427904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:39:44.716058 3.001479 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:39:51.723394 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:39:59.724749 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:40:15.728052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:40:47.734307 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:44:15.262765 0.000128 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 10:44:15.262982 0.215686 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:15.479081 0.206365 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:15.685793 0.234282 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:15.920453 0.218269 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:16.139128 0.240664 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:16.380234 0.373636 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:16.754303 0.216337 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:16.970997 0.111349 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:17.082719 0.217209 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:17.300281 0.130494 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:17.431119 0.204356 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:17.635885 0.993125 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:18.629354 0.163559 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 558 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:18.793272 0.152960 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:18.946650 0.191123 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:19.682054 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 10:44:38.358508 0.162352 tcp 10.0.2.19 52217 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 10:44:38.520644 0.193122 tcp 10.0.2.19 52218 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 10:44:38.714319 0.225049 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:38.939774 0.252737 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:39.192888 0.214793 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:39.408043 0.261429 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:39.669856 0.241266 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:40.827303 0.213134 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:41.040819 0.144497 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 202 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:41.185671 0.217434 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:41.403487 0.658017 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:44:42.061870 0.251743 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 10:46:51.739929 3.001926 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:46:58.747135 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:47:06.749066 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:47:22.752042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:47:54.758130 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:54:05.263076 3.002121 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 10:54:12.270561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:54:20.272414 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:54:36.275061 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 10:55:08.281065 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:01:21.290509 3.001108 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:01:28.298134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:01:36.299096 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:01:52.301938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:02:24.308191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:02:25.259828 0.000041 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 11:02:25.259916 0.868346 tcp 10.0.2.19 52219 -> 90.156.118.144 5237 FSPA* 0 0 14 1704 flow=From-Botnet-V2-TCP-Established 1970/01/09 11:08:28.314223 3.001374 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:08:35.321544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:08:43.323412 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:08:59.325980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:09:31.332173 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:14:45.543990 0.000132 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 11:14:45.544238 0.793770 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:46.338420 0.230878 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:46.569732 0.224938 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:46.795029 0.241649 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:47.037053 0.218313 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:47.255710 0.206822 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:47.462919 0.224397 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:47.687761 0.368220 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:48.056414 0.217064 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:48.273860 0.132154 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:48.406509 0.210851 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:48.617729 0.110164 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:48.728275 0.157285 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:48.886013 0.161524 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:49.047921 0.878255 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:49.926597 0.189713 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:50.116703 0.115436 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:50.232527 0.268074 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:50.501046 0.217064 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:50.718505 0.251919 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:50.970837 1.236458 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 578 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:52.207730 0.211506 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:52.419622 0.166941 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:52.586973 0.259802 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:52.847182 0.226165 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:14:53.073759 0.245571 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:17:48.339106 3.001883 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:17:55.347636 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:18:03.348509 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:18:19.351230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:18:51.357785 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:24:55.363042 3.001848 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:25:02.370689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:25:10.372650 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:25:26.375271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:25:58.381552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:32:02.386947 3.002276 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:32:09.394999 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:32:17.396534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:32:26.129392 0.000068 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 11:32:26.129543 0.987745 tcp 10.0.2.19 52220 -> 90.156.118.144 5237 SPA_* 0 0 9 1234 flow=From-Botnet-V2-TCP-Established 1970/01/09 11:32:32.555829 0.152681 tcp 10.0.2.19 52220 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 11:32:33.399643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:33:05.405372 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:39:09.410921 3.002630 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:39:16.418964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:39:24.420276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:39:40.423600 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:40:12.429299 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:45:03.257918 0.000125 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 11:45:03.258139 0.132741 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:03.391266 0.222569 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:03.614226 0.215586 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:03.830200 0.236904 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:04.067471 0.242460 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:04.310328 0.210003 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:04.520726 0.225604 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:04.746730 0.131191 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:04.878285 0.505273 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 536 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:05.383906 0.369039 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:05.753360 0.215164 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:05.968885 0.114295 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:06.083548 0.150442 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:06.234386 0.172358 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:06.407104 0.645532 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:07.053115 0.268837 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:07.322356 0.190799 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:07.513570 0.326106 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:07.840037 0.213447 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:08.053829 0.251302 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:08.305525 0.237851 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:08.543796 0.212908 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:09.749514 0.148895 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:09.898836 0.233708 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:10.132928 0.255560 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:45:10.388903 0.207793 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 11:46:16.434745 3.001861 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:46:23.442947 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:46:33.487447 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:46:49.490549 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:47:21.496056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:53:25.501594 3.001940 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 11:53:32.509808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:53:40.510926 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:53:56.514085 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 11:54:28.519875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:00:32.526234 3.001255 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:00:39.533760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:00:47.534902 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:01:03.537778 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:01:35.543925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:02:33.708558 0.000043 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 12:02:33.708656 1.386281 tcp 10.0.2.19 52221 -> 90.156.118.144 5237 FSPA* 0 0 14 1697 flow=From-Botnet-V2-TCP-Established 1970/01/09 12:07:39.550398 3.001651 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:07:46.557556 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:07:54.839815 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:08:10.842613 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:08:43.308992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:15:31.976928 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 12:15:31.977125 0.127331 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:32.104886 0.224602 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:32.329896 0.225331 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:32.555682 0.221475 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:32.777537 0.239154 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:33.017110 0.216659 rtcp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:33.234225 0.208055 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:33.442699 0.216334 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:33.659390 0.130285 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:33.790228 0.375316 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:34.166008 0.215055 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:34.381409 0.111794 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:34.493615 0.156790 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:34.650842 0.156254 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:34.807497 0.198708 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:35.006584 1.051677 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:36.058656 0.258274 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:36.317342 0.162071 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 560 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:36.479820 0.220428 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:36.700663 0.262821 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:36.963936 0.235046 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:37.199377 0.232775 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 240 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:37.432572 0.253994 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:37.686919 0.223806 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:37.911133 0.223184 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:15:38.134898 0.152193 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:17:26.323779 3.001914 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:17:33.330853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:17:41.332934 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:17:57.335868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:18:29.341952 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:24:33.347692 3.001604 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:24:40.355041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:24:48.356916 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:25:04.359368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:25:36.365684 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:31:45.378521 3.002500 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:31:52.385966 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:32:00.387495 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:32:16.391221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:32:35.458446 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 12:32:35.458537 4.864936 tcp 10.0.2.19 52222 -> 90.156.118.144 5237 FSPA* 0 0 14 1592 flow=From-Botnet-V2-TCP-Established 1970/01/09 12:32:48.397293 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:38:52.403201 3.001756 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:38:59.410523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:39:07.411457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:39:23.415204 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:40:00.702403 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:45:42.360250 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 12:45:42.360438 0.136927 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:42.497719 0.223408 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:42.721544 0.245503 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:42.967476 0.218057 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:43.185977 0.219570 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:43.405912 0.214762 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:43.621127 0.393914 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:44.015449 0.215154 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:44.230993 0.130334 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:44.361694 0.118604 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:44.480651 0.368093 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:44.849103 0.214731 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:45.064206 0.158605 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:45.223220 0.175892 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:45.399466 0.247803 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:45.647627 0.399937 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:46.047958 0.224676 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:46.273060 0.273328 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:46.546778 0.208728 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:46.755898 0.253223 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:47.009519 0.242286 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:47.252184 0.237160 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:47.489722 0.248558 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:47.738643 0.144206 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:47.883220 0.205622 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:45:48.089216 0.239398 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 12:46:01.509608 3.001902 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:46:08.516905 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:46:16.518958 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:46:33.142635 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:47:05.970409 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:53:09.975826 3.001544 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 12:53:16.983376 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:53:24.984593 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:53:40.987450 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 12:54:12.993696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:00:27.003836 3.001860 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:00:34.011761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:00:42.013434 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:00:58.015834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:01:30.022310 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:02:43.118055 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 13:02:43.118221 4.177071 tcp 10.0.2.19 52223 -> 90.156.118.144 5237 SPA_* 0 0 10 1431 flow=From-Botnet-V2-TCP-Established 1970/01/09 13:02:53.287739 0.285632 tcp 10.0.2.19 52223 -> 90.156.118.144 5237 FA_F* 0 0 7 852 flow=From-Botnet-V2-TCP-Established 1970/01/09 13:07:36.030752 3.001740 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:07:43.038670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:07:51.039756 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:08:07.042819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:08:39.049114 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:16:00.433696 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 13:16:00.433873 0.240952 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:00.675211 0.220912 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 220 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:00.896516 0.136547 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:01.033484 0.220065 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:01.253943 0.274003 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:01.528340 0.206613 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:01.751724 0.204258 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:01.752153 2.997680 tcp 10.0.2.19 52224 -> 71.205.65.116 9711 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 13:16:01.956427 0.216934 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:02.173857 0.133588 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:02.307822 0.110763 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:02.418940 0.370052 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:02.789368 0.218188 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:03.007916 0.158611 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:03.166926 0.178484 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:03.345779 0.191563 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:03.537712 1.030178 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:04.568263 0.242704 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:04.811311 0.255878 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:05.067600 0.213038 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:05.281053 0.251141 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:05.532594 0.235499 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:05.768505 0.144424 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:05.913299 0.217713 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:06.131442 0.223097 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:06.354956 0.240682 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:06.596077 0.266911 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:16:10.758738 0.000000 tcp 10.0.2.19 52224 -> 71.205.65.116 9711 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 13:17:27.060292 3.002535 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:17:34.068510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:17:42.069877 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:17:59.394932 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:18:31.400410 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:24:35.406232 3.002488 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:24:42.413776 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:24:50.415541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:25:06.418880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:25:38.424652 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:31:48.379038 3.001752 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:31:55.386817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:32:03.388390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:32:19.390945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:32:51.397396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:32:54.712209 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 13:32:54.712488 4.736383 tcp 10.0.2.19 52225 -> 90.156.118.144 5237 FSPA* 0 0 14 1726 flow=From-Botnet-V2-TCP-Established 1970/01/09 13:38:55.403418 3.001500 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:39:02.410497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:39:10.411973 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:39:26.415164 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:40:00.183598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:46:07.193975 3.002053 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:46:14.201147 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:46:22.203118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:46:38.205886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:46:38.967580 0.000064 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 13:46:38.967767 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 123 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 13:46:55.593726 0.161294 tcp 10.0.2.19 52226 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 13:46:55.755194 0.196235 tcp 10.0.2.19 52227 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 13:46:55.952031 0.250972 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:56.203374 0.219734 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:56.423522 0.210453 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:56.634409 0.230581 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:56.634753 3.002244 tcp 10.0.2.19 52228 -> 71.205.65.116 9711 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 13:46:56.865371 0.220210 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:57.085909 0.209855 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:57.296096 0.216006 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:57.512529 0.130636 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:57.643567 0.107213 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:57.751159 0.152165 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:57.903737 0.375240 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:58.279323 0.214111 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:58.493822 0.164427 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:58.658663 0.190700 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:58.849750 0.256263 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:46:59.106425 1.219451 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 261 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:00.326257 0.826842 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:01.153477 0.213622 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:01.367468 0.254300 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:01.622152 0.230893 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:01.853402 0.214126 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:02.067867 0.171644 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:02.239877 0.208926 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:02.449187 0.240547 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:02.690120 0.252846 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 13:47:05.635335 0.000000 tcp 10.0.2.19 52228 -> 71.205.65.116 9711 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 13:47:10.212137 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:53:16.220277 3.002729 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 13:53:23.388722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:53:31.389860 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:53:47.392702 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 13:54:19.398985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:00:48.410546 3.002114 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:00:55.418181 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:01:03.419986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:01:19.422755 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:01:53.041406 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:03:01.169801 1.480413 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/09 14:03:02.650319 1.513318 tcp 10.0.2.19 52229 -> 90.156.118.144 5237 SPA_* 0 0 9 1072 flow=From-Botnet-V2-TCP-Established 1970/01/09 14:03:10.607891 0.103864 tcp 10.0.2.19 52229 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 14:07:57.778648 3.001026 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:08:04.785766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:08:12.787048 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:08:28.790565 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:09:01.587649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:15:05.593141 3.002027 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:15:12.600928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:15:20.602050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:15:36.605232 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:16:08.611072 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:17:16.619194 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 14:17:16.619378 0.127666 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:16.747461 0.213337 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:16.961319 0.224762 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:16.961716 3.001885 tcp 10.0.2.19 52230 -> 71.205.65.116 9711 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 14:17:17.186445 0.241567 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:17.428438 0.218981 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:17.647818 0.217970 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:17.866322 0.212316 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:18.079043 0.216254 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:18.295672 0.129262 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:18.425303 0.112789 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:18.538522 0.157123 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:18.696045 0.365675 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:19.062098 0.213898 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:19.276315 0.313187 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:19.589932 0.192046 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:19.782376 0.258730 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:20.041476 1.204052 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:21.245950 0.724249 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:21.970578 0.211022 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:22.181987 0.255211 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:22.437578 0.243775 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:22.681748 0.212596 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:22.894692 0.237648 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:23.132694 0.246927 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:23.380006 0.214898 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:23.595300 0.145211 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:17:25.962613 0.000000 tcp 10.0.2.19 52230 -> 71.205.65.116 9711 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 14:22:16.622962 3.001977 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:22:23.630924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:22:31.632218 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:22:47.635402 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:23:19.640787 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:29:23.646818 3.002183 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:29:30.654637 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:29:38.655831 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:29:54.658984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:30:26.665141 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:33:11.102329 0.000084 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 14:33:11.102509 1.615675 tcp 10.0.2.19 52231 -> 90.156.118.144 5237 SPA_* 0 0 9 1177 flow=From-Botnet-V2-TCP-Established 1970/01/09 14:33:29.595945 0.116593 tcp 10.0.2.19 52231 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 14:36:30.671393 3.001261 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:36:37.678988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:36:45.680296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:37:01.683134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:37:33.689060 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:43:37.694606 3.002045 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:43:44.702670 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:43:52.704460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:44:17.844963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:44:49.425599 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:47:50.430190 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 14:47:50.430291 0.366977 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:50.797743 0.444135 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:51.242311 0.349430 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:51.592156 0.325345 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:51.918026 0.422717 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:51.918499 2.961590 tcp 10.0.2.19 52232 -> 71.205.65.116 9711 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 14:47:52.341143 0.626565 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 509 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:52.968127 0.205360 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:53.173924 0.572601 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:53.746930 0.250135 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:53.997506 0.475722 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:54.473638 0.411301 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:54.885340 0.107518 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:54.993295 0.377861 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:55.371580 0.188902 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:55.560947 0.421802 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:55.983209 0.404826 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:56.388436 1.240257 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:57.629094 1.108627 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:58.738315 0.357118 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:59.095893 0.451362 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:59.547681 0.422541 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:47:59.970616 0.394672 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:48:00.365670 0.349385 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:48:00.715487 0.194771 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:48:00.795485 0.000000 tcp 10.0.2.19 52232 -> 71.205.65.116 9711 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 14:48:00.910673 0.374081 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:48:01.285154 0.446103 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 212 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 14:50:46.841637 3.002083 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:50:53.849789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:51:01.850964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:51:17.853802 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:51:49.859889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:57:59.874115 3.002231 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 14:58:06.882105 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:58:14.883264 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:58:30.886457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 14:59:02.892806 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:03:31.830009 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 15:03:31.830145 1.618640 tcp 10.0.2.19 52233 -> 90.156.118.144 5237 SPA_* 0 0 9 1181 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:03:42.746652 0.063224 tcp 10.0.2.19 52233 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:05:06.898876 3.001870 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 15:05:13.905969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:05:21.907683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:05:37.910378 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:06:09.916439 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:12:22.925192 3.002338 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 15:12:29.932788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:12:37.934610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:12:53.937248 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:13:25.943938 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:18:17.232480 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 15:18:17.232665 0.231934 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:17.464979 0.205523 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:17.670986 0.244464 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:17.671399 3.005582 tcp 10.0.2.19 52234 -> 71.205.65.116 9711 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 15:18:17.915818 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 15:18:26.676151 0.000000 tcp 10.0.2.19 52234 -> 71.205.65.116 9711 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/09 15:18:35.821546 0.159478 tcp 10.0.2.19 52235 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:18:35.981394 0.192413 tcp 10.0.2.19 52236 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:18:36.174358 0.231367 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:36.406192 0.224775 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:36.631403 0.204040 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:36.835833 0.227870 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:37.064051 0.130918 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:37.195339 0.112678 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:37.308389 0.384105 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:37.692900 0.217630 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:37.910954 0.156057 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:38.067386 0.152778 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:38.220547 0.193705 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:38.414658 0.259262 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:38.674422 0.266389 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:38.941233 0.316046 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:38.941564 4.964317 tcp 10.0.2.19 52237 -> 78.6.164.6 7316 SPA_* 0 0 171 121970 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:18:39.257632 0.232060 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:39.490264 0.265806 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:39.756471 0.234713 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:39.991572 0.146986 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:40.138985 0.217029 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:40.356385 0.218196 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:40.574933 0.242838 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:40.818170 0.262695 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:18:44.125488 4.748359 tcp 10.0.2.19 52237 -> 78.6.164.6 7316 A_PA 0 0 132 97240 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:18:49.316328 4.993167 tcp 10.0.2.19 52237 -> 78.6.164.6 7316 A_PA 0 0 98 72876 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:18:54.327945 4.859641 tcp 10.0.2.19 52237 -> 78.6.164.6 7316 A_PA 0 0 117 86190 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:18:59.484717 3.467494 tcp 10.0.2.19 52237 -> 78.6.164.6 7316 FPA_* 0 0 68 45067 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:19:29.949521 3.001519 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/09 15:19:36.956833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:19:44.958643 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:20:00.961639 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:20:32.967598 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:26:36.973395 3.001492 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 15:26:43.980922 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:26:51.982709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:27:07.985505 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:27:39.991311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:33:42.813674 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 15:33:42.813871 1.563476 tcp 10.0.2.19 52238 -> 90.156.118.144 5237 SPA_* 0 0 9 1083 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:33:43.997305 3.001816 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 15:33:50.870087 0.023988 tcp 10.0.2.19 52238 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 15:33:51.004991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:33:59.006525 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:34:15.009663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:34:47.015727 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:40:51.021191 4.674344 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 15:40:59.701129 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:41:07.703055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:41:23.706128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:41:55.711709 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:47:59.717820 3.001892 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 15:48:06.724904 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:48:16.980204 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:48:51.104022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:49:22.693106 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:49:28.936957 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 15:49:28.937063 0.136589 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:29.074212 0.230257 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:29.304887 0.213601 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:29.518945 0.236855 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:29.756190 0.220461 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:29.977097 0.221019 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:30.198553 0.203332 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:30.402318 0.110790 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 552 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:30.513494 0.384644 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:30.898533 0.216984 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:31.115947 0.132468 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:31.248869 0.222580 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:31.471846 0.155971 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:31.628244 0.150406 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:31.779021 0.196844 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:31.976260 0.265905 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:32.242565 0.541710 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:32.784687 0.252544 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:33.037662 0.111853 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:33.149930 0.225244 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:33.375598 0.230812 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:33.606819 0.144066 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:33.751293 0.210714 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:33.962404 0.217115 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:34.179950 0.234511 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:49:34.414866 0.255066 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 15:55:24.681848 2.967216 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 15:55:31.594590 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:55:39.490370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:55:55.275630 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 15:56:26.832082 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:02:25.926474 2.958206 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:02:32.840460 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:02:40.747837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:02:56.547589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:03:29.680088 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:04:02.969208 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 16:04:02.969403 1.329332 tcp 10.0.2.19 52239 -> 90.156.118.144 5237 SPA_* 0 0 9 1041 flow=From-Botnet-V2-TCP-Established 1970/01/09 16:04:10.823573 0.278616 tcp 10.0.2.19 52239 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 16:09:28.740098 2.964012 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:09:35.654880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:09:44.326535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:10:00.288267 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:10:49.411963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:16:50.433356 2.962088 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:16:57.342741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:17:05.234497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:17:21.016840 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:17:52.595945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:19:36.729657 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 16:19:36.729756 0.130204 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:36.860356 0.225571 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:37.086381 0.209630 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:37.296454 0.238766 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:37.535696 0.215942 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:37.752080 0.215972 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:37.968514 0.362790 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:38.331683 0.221500 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:38.553594 0.130301 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:38.684286 0.209694 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:38.894422 0.113187 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:39.008061 0.218309 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:39.452695 0.154500 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:39.607589 0.161920 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:39.769927 0.192844 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:39.963239 0.263648 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:40.227308 0.000000 udp 10.0.2.19 1701 -> 78.6.164.6 2928 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 16:19:55.092386 0.182890 tcp 10.0.2.19 52240 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 16:19:55.275630 0.280511 tcp 10.0.2.19 52241 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 16:19:55.556710 0.325832 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:55.882951 0.254939 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:56.138298 0.223985 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:56.362716 0.235101 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:56.598244 0.201560 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:56.800218 0.214076 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:57.014755 0.222723 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:57.237872 0.235945 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:19:57.474236 0.253233 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:23:51.683185 3.783925 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:23:59.424537 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:24:07.315684 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:24:23.092954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:24:54.660589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:30:54.711136 2.968115 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:31:01.628340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:31:10.774931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:31:26.561880 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:31:58.153502 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:34:09.195012 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 16:34:09.195109 1.647743 tcp 10.0.2.19 52242 -> 90.156.118.144 5237 SPA_* 0 0 9 1051 flow=From-Botnet-V2-TCP-Established 1970/01/09 16:34:17.382050 0.109428 tcp 10.0.2.19 52242 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 16:37:57.217220 2.956009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:38:04.133766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:38:12.029899 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:38:27.816559 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:38:57.341714 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:45:01.347507 3.001127 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:45:09.737302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:45:17.738834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:45:33.741143 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:46:05.867224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:49:57.120308 0.000118 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 16:49:57.120549 0.111888 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:57.232750 0.130816 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:57.363947 0.229211 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:57.593522 0.207182 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:57.801071 0.240735 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:58.042308 0.218853 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:58.261528 0.366692 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:58.628615 0.216476 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:58.845433 0.215721 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:59.061484 0.109677 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:59.171500 0.223004 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:59.394888 0.134854 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:59.530339 0.171655 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:59.702365 0.154652 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:49:59.857398 0.242865 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:00.100597 0.258302 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:00.359272 0.201584 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:06.715449 0.211067 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:06.926903 0.272376 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:07.199651 0.260607 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:07.460638 0.236858 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:07.697851 0.144390 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 544 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:07.842623 0.248186 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:08.091209 0.254296 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:08.345938 0.258520 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:50:08.604842 0.251021 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 16:52:18.455633 3.001962 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:52:25.463271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:52:33.464970 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:52:49.467771 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:53:21.473941 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:59:27.582251 3.002234 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 16:59:34.590331 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:59:42.591611 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 16:59:58.594717 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:00:30.851433 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:04:14.793397 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 17:04:14.793486 0.861155 tcp 10.0.2.19 52243 -> 90.156.118.144 5237 SPA_* 0 0 9 1242 flow=From-Botnet-V2-TCP-Established 1970/01/09 17:04:20.522630 0.045779 tcp 10.0.2.19 52243 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 17:06:34.856773 3.001983 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:06:41.864473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:06:49.865767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:07:05.869414 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:07:37.875320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:16:59.885789 3.002280 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:17:06.893569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:17:14.894900 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:17:30.897473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:18:02.903485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:20:19.360049 0.000120 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 17:20:19.360274 0.232175 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:19.592817 0.207110 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:19.800409 0.113443 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:19.914249 0.132877 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:20.047551 0.257082 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:20.305045 0.217315 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:20.522725 0.367176 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:20.890404 0.108953 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:20.999714 0.214140 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:21.214357 0.131371 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:21.346264 0.223548 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:21.570249 0.209897 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:21.780551 0.176723 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:21.957676 0.158649 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:22.116675 0.301896 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:22.419000 0.266043 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:22.685388 0.190494 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 208 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:22.876262 0.728639 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:23.605330 0.211089 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:23.816790 0.260368 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:24.077535 0.236040 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:24.313926 0.142882 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:24.457181 0.242488 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:24.700057 0.304456 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:25.004870 0.214489 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:20:25.219747 0.257142 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:24:06.909651 3.001959 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:24:13.917246 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:24:21.918296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:24:37.922011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:25:09.927692 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:31:13.933182 3.002035 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:31:20.941203 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:31:28.942561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:31:44.946077 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:32:16.951755 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:34:20.570061 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 17:34:20.570249 1.487197 tcp 10.0.2.19 52244 -> 90.156.118.144 5237 SPA_* 0 0 9 1144 flow=From-Botnet-V2-TCP-Established 1970/01/09 17:34:30.405161 0.031680 tcp 10.0.2.19 52244 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 17:38:20.957701 3.001876 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:38:27.965417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:38:35.966452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:38:51.969688 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:39:24.846907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:45:28.852593 3.001800 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:45:35.860537 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:45:43.861808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:45:59.864856 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:46:32.010727 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:50:31.445205 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 17:50:31.445413 0.226050 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:31.671827 0.131183 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:31.803393 0.263858 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:32.067615 0.224418 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:32.292423 0.113517 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:32.406306 0.300508 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:32.707232 0.364249 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:33.071845 0.113969 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:33.186188 0.224100 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:33.410638 0.218303 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:33.629299 0.131801 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:33.761473 0.578372 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:34.340243 0.151987 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:34.492677 0.154123 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:34.647220 0.193985 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:34.841637 0.311177 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:35.153216 0.272887 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:35.426472 0.231162 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:35.658008 0.211702 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:35.894118 0.000000 udp 10.0.2.19 1701 -> 70.96.145.133 4307 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 17:50:54.460684 0.159428 tcp 10.0.2.19 52245 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 17:50:54.620463 0.198108 tcp 10.0.2.19 52246 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 17:50:54.819163 0.239701 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:55.059271 0.149497 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:55.209139 0.236449 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:55.445981 0.252363 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:55.698765 0.307123 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:50:56.006296 0.215540 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 17:52:36.016615 3.002420 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:52:43.024113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:52:51.026226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:53:07.028957 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:53:39.035291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:59:43.040594 3.001764 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 17:59:50.048799 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 17:59:58.049797 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:00:14.052921 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:00:46.058630 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:04:30.943012 0.000059 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 18:04:30.943125 3.205471 tcp 10.0.2.19 52247 -> 90.156.118.144 5237 FSPA* 0 0 14 1702 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:06:50.064691 3.001602 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 18:06:57.072668 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:07:05.074028 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:07:21.076933 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:07:53.082597 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:17:10.095932 3.002142 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 18:17:17.104100 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:17:25.105211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:17:41.108330 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:18:16.639128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:21:11.821836 0.000125 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 18:21:11.822055 0.256282 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:12.078712 0.224657 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:12.303733 0.133534 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:12.437625 0.115488 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:12.553494 0.220093 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:12.773953 0.251569 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:13.025886 0.206111 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:13.232437 0.365322 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:13.598138 0.219774 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:13.818273 0.134071 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 522 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:13.952738 0.217058 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:14.170425 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 18:21:32.022541 0.161749 tcp 10.0.2.19 52248 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:21:32.184569 0.190786 tcp 10.0.2.19 52249 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:21:32.375912 0.155243 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:32.531529 0.198182 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:32.730143 0.156041 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:32.886603 0.202626 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:21:33.089593 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 98 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 18:21:50.869818 0.736570 tcp 10.0.2.19 52250 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:21:51.606291 0.193916 tcp 10.0.2.19 52251 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:21:51.800744 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 109 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 18:22:08.904722 0.161286 tcp 10.0.2.19 52252 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:22:09.066287 0.198388 tcp 10.0.2.19 52253 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:22:09.265353 0.231641 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:22:09.497362 0.218513 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:22:09.716225 0.236166 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:22:09.952744 0.144085 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:22:10.097193 0.277080 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:22:10.374667 0.257834 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:22:10.632869 0.310228 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:22:10.943485 0.221330 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:24:24.430830 3.002128 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/09 18:24:31.438326 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:24:39.439759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:24:55.443029 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:25:27.448589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:31:34.338593 3.001889 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 18:31:41.346437 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:31:49.348315 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:32:05.350990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:32:37.357334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:34:39.282451 0.000102 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 18:34:39.282642 1.257104 tcp 10.0.2.19 52254 -> 90.156.118.144 5237 FSPA* 0 0 14 1585 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:38:41.362941 3.001438 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 18:38:48.370895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:38:56.371995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:39:12.374967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:39:44.381128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:45:48.386665 3.002140 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 18:45:55.394391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:46:03.395672 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:46:19.398846 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:46:51.404824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:52:37.432350 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 18:52:37.432527 0.121657 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:37.554584 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 18:52:53.768676 0.160183 tcp 10.0.2.19 52255 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:52:53.929028 0.190098 tcp 10.0.2.19 52256 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 18:52:54.119869 0.282467 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:54.402748 0.129358 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:54.532483 0.227975 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:54.760871 0.254784 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:55.016039 0.112072 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:55.128478 0.242313 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:55.371150 0.217468 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:55.410889 3.001953 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 18:52:55.589006 0.203331 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:55.792755 0.133527 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:55.926649 0.214707 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:56.141751 0.377180 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:56.519281 0.216370 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:56.736068 0.195516 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:56.931971 0.164484 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:57.096817 0.217540 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:57.314718 0.202692 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:57.517783 0.221796 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:57.739983 0.209919 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:57.950276 0.250346 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:58.200989 0.144917 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:58.346280 0.235934 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:58.582628 0.256450 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:58.839437 0.310703 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:52:59.150496 0.231261 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 18:53:02.418000 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:53:10.419611 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:53:36.611891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 18:54:08.189853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:00:07.245036 2.961303 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:00:14.153253 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:00:22.052951 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:00:37.848541 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:01:07.555803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:04:42.636090 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 19:04:42.636183 1.103700 tcp 10.0.2.19 52257 -> 90.156.118.144 5237 FSPA* 0 0 14 1623 flow=From-Botnet-V2-TCP-Established 1970/01/09 19:07:11.561507 3.001854 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:07:18.569654 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:07:26.570918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:07:42.573760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:08:14.579971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:14:24.594247 3.001889 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:14:31.601968 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:14:39.603722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:14:55.606575 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:15:27.612713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:21:31.618611 3.001615 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:21:38.625779 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:21:46.627047 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:22:02.630126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:22:34.636364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:23:18.639862 0.000104 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 19:23:18.640063 0.116414 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:18.756883 0.282884 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:19.040164 0.128449 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:19.169017 0.226137 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:19.395504 0.254084 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:19.649975 0.115237 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:19.765612 0.249004 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:20.015012 0.218177 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:20.233586 0.232957 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:20.466918 0.362399 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:20.829714 0.210016 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:21.040130 0.131486 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:21.171998 0.218108 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:21.390473 0.194683 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:21.585523 0.153582 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:21.739521 0.158942 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:21.898883 0.290090 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:22.189326 0.234072 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:22.423821 0.144317 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:22.578829 0.238905 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:22.818159 1.045202 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:23.863792 0.212305 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:24.076514 0.213840 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:24.290738 0.254023 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:23:24.545204 0.306059 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:28:38.641996 3.002005 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:28:45.649766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:28:53.651219 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:29:09.654297 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:29:41.960782 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:34:43.885515 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 19:34:43.885712 2.414930 tcp 10.0.2.19 52258 -> 90.156.118.144 5237 FSPA* 0 0 14 1611 flow=From-Botnet-V2-TCP-Established 1970/01/09 19:35:45.966246 3.002573 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:35:52.974349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:36:00.975795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:36:16.978791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:36:48.985062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:42:52.990799 3.001593 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:42:59.998639 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:43:07.999401 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:43:24.002640 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:43:56.008671 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:50:00.014845 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:50:09.845179 1.995411 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/09 19:50:15.785915 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:50:23.683186 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:50:39.472672 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:51:11.035423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:53:33.119331 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 19:53:33.119509 0.112667 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:33.232617 0.266406 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:33.499489 0.131432 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:33.631406 0.221529 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:33.853338 0.257846 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:34.111614 0.216897 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:34.328926 0.215457 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:34.544828 0.511311 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:35.056577 0.234706 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:35.291715 0.374472 rtcp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:35.666683 0.208888 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:35.876037 0.151971 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:36.028420 0.220613 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:36.249413 0.194374 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:36.444205 0.926801 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:37.371412 0.245766 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:37.617602 0.144904 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:37.762931 0.158568 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:37.921935 0.161279 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:38.083617 0.241957 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 266 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:38.326164 0.223482 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:38.550147 0.250936 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:38.801481 0.989510 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:39.791445 0.227899 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:53:40.019823 0.309318 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 19:57:10.153017 3.001559 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 19:57:17.160296 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:57:25.162449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:57:42.116429 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 19:58:14.122674 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:04:18.128471 3.001562 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 20:04:25.135577 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:04:33.137539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:04:48.870234 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 20:04:48.870397 0.714111 tcp 10.0.2.19 52259 -> 90.156.118.144 5237 FSPA* 0 0 14 1655 flow=From-Botnet-V2-TCP-Established 1970/01/09 20:04:49.140792 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:05:21.146591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:11:36.158339 3.002070 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 20:11:43.165839 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:11:51.166996 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:12:07.170388 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:12:39.176381 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:18:43.181829 3.002139 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 20:18:51.932540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:18:59.934011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:19:15.937061 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:19:49.525244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:23:57.201463 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 20:23:57.201635 0.129015 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:57.331123 0.113434 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:57.444917 0.270612 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:57.715925 0.222563 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:57.938898 0.277181 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:58.216469 0.217303 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:58.434161 0.228825 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:58.663421 0.372636 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:59.036473 0.561801 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:59.598660 0.248339 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:23:59.847358 0.214222 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 512 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:00.061993 0.139465 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:00.201842 1.195844 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:01.398059 0.197811 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:01.596205 0.147308 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:01.743874 0.208709 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 563 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:01.952961 0.238139 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:02.191457 0.167310 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:02.359118 0.163963 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:02.523443 0.277100 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:02.800905 0.216445 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:03.017730 0.253039 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:03.271133 0.339646 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:03.611172 0.650398 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:24:04.261909 0.208475 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:26:01.912403 3.002230 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 20:26:08.920539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:26:16.922008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:26:32.925303 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:27:04.931217 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:33:08.936374 3.002554 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 20:33:15.944807 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:33:23.945708 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:33:39.948690 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:34:11.955030 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:34:51.292155 1.904629 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/09 20:34:53.197085 3.801313 tcp 10.0.2.19 52260 -> 90.156.118.144 5237 FSPA* 0 0 14 1635 flow=From-Botnet-V2-TCP-Established 1970/01/09 20:40:16.902068 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:40:22.537223 1.975468 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/09 20:40:28.466246 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:40:36.354283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:40:50.047494 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:41:28.200486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:47:28.181977 3.002402 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 20:47:35.190260 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:47:43.192112 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:47:59.194928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:48:31.200216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:54:26.141020 3.096873 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/09 20:54:29.238162 0.128300 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:29.366919 0.227245 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:29.594523 0.136966 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:29.731840 0.269532 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:30.001738 0.271531 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:30.273681 0.224356 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:30.498399 0.222498 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:30.721309 0.363309 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:31.084985 0.144646 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:31.230024 0.239483 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:31.469876 0.205890 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:31.676145 0.133841 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:31.810499 0.216742 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:32.027654 0.192262 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 538 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:32.220299 0.143311 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:32.363996 1.114412 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:33.478812 0.152627 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:33.631810 0.246396 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:33.878606 0.234696 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:34.113797 0.158211 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:34.272383 0.224422 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:34.497185 0.259346 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:34.756917 0.342436 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:35.099768 0.780657 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:35.880816 0.207945 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 20:54:40.694338 3.001680 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 20:54:47.701895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:54:55.703350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:55:11.705985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 20:55:46.636805 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:01:50.641839 3.002587 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:01:58.741340 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:02:06.742867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:02:22.745614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:02:58.477342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:05:08.574516 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 21:05:08.574609 1.521913 tcp 10.0.2.19 52261 -> 90.156.118.144 5237 SPA_* 0 0 9 1102 flow=From-Botnet-V2-TCP-Established 1970/01/09 21:05:18.746445 0.228510 tcp 10.0.2.19 52261 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/09 21:09:04.555925 3.001895 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:09:11.563874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:09:19.565525 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:09:35.568177 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:10:07.574020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:18:27.585171 3.002346 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:18:34.593179 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:18:42.595058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:18:58.597527 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:19:30.603700 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:24:54.499728 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 21:24:54.499824 0.127745 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:54.627979 0.237145 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:54.865563 0.115579 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:54.981504 0.278801 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:55.260733 0.270729 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:55.531833 0.220640 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:55.752854 0.231668 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:55.984992 0.272619 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:56.258000 0.205416 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:56.463840 0.131909 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:56.596123 0.362455 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:56.958985 0.109610 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:57.068959 0.210010 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:57.279429 0.198325 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:57.478278 0.143942 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:57.622600 0.233566 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:57.856546 0.492325 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:58.349227 0.155848 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:58.505417 0.234315 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:58.740104 0.156455 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:58.896939 0.211599 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:59.108984 0.253962 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:59.363370 0.323435 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:59.687211 0.230449 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:24:59.918023 0.212154 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:25:34.609948 3.001676 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:25:41.617001 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:25:49.618589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:26:05.621580 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:26:37.627683 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:32:41.633721 3.002067 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:32:48.641274 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:32:56.642622 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:33:12.645716 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:33:44.651401 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:35:18.977627 0.000118 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 21:35:18.977828 0.824542 tcp 10.0.2.19 52262 -> 90.156.118.144 5237 FSPA* 0 0 14 1611 flow=From-Botnet-V2-TCP-Established 1970/01/09 21:39:48.657666 3.001865 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:39:55.665298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:40:03.666978 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:40:19.669910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:40:51.675875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:46:55.681619 3.001802 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:47:02.689457 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:47:10.690760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:47:26.693905 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:47:58.699533 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:54:02.705447 3.001588 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 21:54:09.712732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:54:17.714404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:54:33.717368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:55:05.723389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 21:55:10.620680 0.000043 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 21:55:10.620771 0.115920 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:10.737065 0.278904 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:11.016371 0.126156 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:11.142924 0.223571 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:11.366906 0.285431 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:11.652699 0.221942 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 210 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:11.875063 0.222361 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:12.097790 0.238611 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:12.336829 0.206259 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:12.543472 0.132247 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:12.676132 0.365881 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:13.042599 0.127451 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:13.170400 0.224955 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:13.395735 0.192251 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:13.588352 0.208214 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:13.796972 0.148450 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:13.945844 0.143456 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:14.089715 0.251914 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:14.342076 0.243061 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:14.585515 0.176639 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:14.762530 0.221058 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:14.983979 0.261853 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:15.246233 0.307482 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:15.554135 0.230214 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 21:55:15.784707 0.207134 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:01:12.142666 3.002276 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:01:19.151050 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:01:27.152449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:01:43.155180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:02:15.160985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:05:21.018616 0.000131 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 22:05:21.018831 1.728441 tcp 10.0.2.19 52263 -> 90.156.118.144 5237 FSPA* 0 0 14 1737 flow=From-Botnet-V2-TCP-Established 1970/01/09 22:08:19.166869 3.002001 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:08:26.174291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:08:34.176186 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:08:50.178948 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:09:22.625576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:18:05.640202 3.002018 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:18:12.647458 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:18:20.649144 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:18:36.652013 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:19:08.657924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:25:12.664180 3.001937 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:25:19.671876 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:25:27.673258 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:25:28.795293 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 22:25:28.795499 0.932488 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:29.728387 0.266764 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:29.995505 0.131724 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:30.127635 0.229768 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:30.357787 0.256750 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:30.614896 0.216597 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:30.831932 0.245178 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 573 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:31.077538 0.130936 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:31.208853 0.223285 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:31.432556 0.237131 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:31.670043 0.372763 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:32.043190 0.382632 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:32.426215 0.216244 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:32.642834 0.189207 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:32.832389 0.266202 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:33.098968 0.233706 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 241 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:33.333067 0.235197 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:33.568648 0.149621 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:33.718680 0.160805 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:33.879901 0.146355 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:34.026636 0.218767 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:34.245777 0.251013 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 227 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:34.497166 0.307576 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 529 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:34.805118 0.222149 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:35.027639 0.211333 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 537 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:25:43.676118 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:26:15.682290 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:32:19.688104 3.001814 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:32:26.695961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:32:34.697397 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:32:50.699871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:33:22.706396 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:35:22.979772 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 22:35:22.979952 1.572730 tcp 10.0.2.19 52264 -> 90.156.118.144 5237 SPA_* 0 0 12 1562 flow=From-Botnet-V2-TCP-Established 1970/01/09 22:35:28.350286 0.000096 tcp 10.0.2.19 52264 -> 90.156.118.144 5237 FA_A 0 0 2 108 flow=From-Botnet-V2-TCP-Established 1970/01/09 22:39:26.712227 3.001317 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:39:33.720019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:39:41.720808 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:39:57.723816 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:40:29.730416 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:46:33.736281 3.001837 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:46:40.743551 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:46:48.744752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:47:04.748034 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:47:36.754362 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:53:40.759619 3.002023 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 22:53:47.767621 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:53:55.769345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:54:11.771834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:54:43.777784 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 22:55:44.145382 0.000046 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 22:55:44.145477 0.929679 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:45.075582 0.227004 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:45.303013 0.273257 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:45.576638 0.234017 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:45.811011 0.209642 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:46.021020 0.137263 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:46.158691 0.305995 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 547 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:46.465070 0.128262 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:46.593697 0.219153 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:46.813237 0.237784 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:47.051420 0.371164 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:47.422972 0.111906 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:47.535275 0.215089 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:47.750771 0.203631 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:47.954809 0.238794 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 541 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:48.193988 0.158577 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:48.352981 0.292756 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:48.646230 0.248960 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:48.895605 0.183879 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:49.079848 0.242065 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:49.322370 0.218307 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:49.541041 0.256520 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:49.797917 0.313983 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:50.112282 1.047353 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 22:55:51.160045 0.209768 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:00:47.783705 3.002251 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:00:54.791625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:01:02.793123 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:01:18.795886 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:01:54.677964 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:05:30.247732 0.196497 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/09 23:05:30.444325 0.866962 tcp 10.0.2.19 52265 -> 90.156.118.144 5237 FSPA* 0 0 14 1662 flow=From-Botnet-V2-TCP-Established 1970/01/09 23:07:58.773682 3.002265 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:08:05.781321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:08:13.783052 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:08:29.786055 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:09:06.233370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:17:58.886451 3.001434 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:18:05.893923 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:18:13.896008 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:18:29.898632 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:19:02.415160 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:25:06.420908 3.001860 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:25:13.428851 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:25:21.430137 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:25:37.433358 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:26:09.439588 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:26:12.003303 0.000097 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 23:26:12.003511 0.273160 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:12.277071 0.227492 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:12.504979 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 INT 0 1 186 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 23:26:28.759864 0.187366 tcp 10.0.2.19 52266 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 23:26:28.947553 0.199242 tcp 10.0.2.19 52267 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 23:26:29.147341 0.233948 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:29.381687 0.205340 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:29.587420 0.130215 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:29.718001 0.596789 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:30.315204 0.130454 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:30.446015 0.266545 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:30.712950 0.241432 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:30.954774 0.364964 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:31.320123 0.129548 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:31.450301 0.213779 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:31.664474 0.156076 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:31.820940 0.206791 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:32.028077 0.189643 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:32.218307 0.233449 udp 10.0.2.19 1701 <-> 70.139.43.88 9001 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:32.452128 0.235697 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:32.688178 0.152887 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:32.841423 0.145514 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:32.987308 0.901300 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:33.888938 0.263986 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:34.153302 0.311457 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:34.465178 0.233416 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:26:34.698951 0.208896 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:32:13.445345 3.001740 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:32:20.452346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:32:28.454070 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:32:44.457307 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:33:18.832997 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:35:35.763822 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 23:35:35.763993 0.662158 tcp 10.0.2.19 52268 -> 90.156.118.144 5237 FSPA* 0 0 14 1626 flow=From-Botnet-V2-TCP-Established 1970/01/09 23:39:22.832143 3.001811 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:39:29.840002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:39:37.841395 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:39:53.844963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:40:28.163985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:46:37.177314 3.001395 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:46:44.184542 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:46:52.185967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:47:08.189321 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:47:40.195305 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:53:44.200399 3.002196 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/09 23:53:51.208789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:53:59.209744 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:54:15.212704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:54:47.319364 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/09 23:56:43.526359 0.000044 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/09 23:56:43.526450 0.934228 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:44.461112 0.261738 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:44.723215 0.217073 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:44.940677 0.219507 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:45.160603 0.201696 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:45.362650 0.166166 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:45.529200 0.130315 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:45.659868 0.253508 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:45.913807 0.236634 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:46.150853 0.234974 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:46.386267 0.365796 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 296 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:46.752480 0.145111 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:46.897948 0.213891 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:47.112189 0.191688 udp 10.0.2.19 1701 <-> 12.175.148.194 8863 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:56:47.304275 0.000000 udp 10.0.2.19 1701 -> 70.139.43.88 9001 INT 0 1 241 flow=From-Botnet-V2-UDP-Attempt 1970/01/09 23:57:02.912098 0.161021 tcp 10.0.2.19 52269 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/09 23:57:03.072796 0.225976 tcp 10.0.2.19 52270 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/09 23:57:03.299324 0.240901 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:03.540596 0.159072 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:03.700042 0.208828 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:03.909234 0.174150 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:04.083735 0.142642 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:04.226769 0.307035 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:04.534346 0.206509 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:04.741198 0.248061 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:04.989606 0.222140 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/09 23:57:05.212069 0.213759 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:00:51.324951 3.001538 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 00:00:58.332347 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:01:06.334235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:01:22.337480 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:01:54.343254 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:05:37.635031 0.000077 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:05:37.635192 0.754022 tcp 10.0.2.19 52271 -> 90.156.118.144 5237 FSPA* 0 0 14 1691 flow=From-Botnet-V2-TCP-Established 1970/01/10 00:07:58.349229 3.001929 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 00:08:05.406288 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:08:13.407820 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:08:31.524244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:09:03.529948 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:15:07.536004 3.001850 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 00:15:14.543402 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:15:22.545063 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:15:38.548056 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:16:10.554456 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:22:15.561652 3.001844 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 00:22:22.568761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:22:30.570414 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:22:46.573936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:23:18.579282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:27:29.210098 0.000064 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:27:29.210208 0.000000 udp 10.0.2.19 1701 -> 70.139.43.88 9001 INT 0 1 91 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:27:47.820090 0.170094 tcp 10.0.2.19 52272 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 00:27:47.989874 0.197195 tcp 10.0.2.19 52273 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 00:27:48.187689 0.126416 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:48.314465 0.226905 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:48.541763 0.210506 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:48.752672 0.126981 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:48.880028 0.135273 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:49.015839 0.257092 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:49.273288 0.224690 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:49.498485 0.238773 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:49.737623 0.255887 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:49.993875 0.235389 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:50.229643 0.215239 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:27:50.445276 0.000000 udp 10.0.2.19 1701 -> 12.175.148.194 8863 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:28:08.667673 0.158945 tcp 10.0.2.19 52274 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 00:28:08.826814 0.194002 tcp 10.0.2.19 52275 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 00:28:09.021360 0.122476 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:09.144247 0.361183 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:09.505813 0.240944 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:09.747146 0.158113 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:09.905654 0.206481 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:10.112504 0.152623 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:10.265530 0.143961 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 569 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:10.409848 0.305410 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:10.715681 0.617314 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:11.333396 0.209000 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:11.542774 0.214894 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:11.758244 0.253885 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:12.177269 0.000000 udp 10.0.2.19 1701 -> 12.175.148.194 8863 REQ 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:28:19.822599 0.223346 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 739 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:20.046399 0.212872 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 678 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:20.286466 0.137436 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 678 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:20.424379 0.140143 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 834 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:20.590351 0.131850 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 841 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:20.722688 0.226506 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 699 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:21.001625 0.259601 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 756 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:21.261704 0.214865 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 811 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:21.476984 0.261856 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 684 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:21.739280 0.244630 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 713 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:21.984432 0.219611 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 799 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:22.213790 0.124292 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 841 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:22.338582 0.372555 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 748 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:22.711600 0.160824 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 754 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:22.872893 0.213445 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 705 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:23.086792 0.152058 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 672 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:23.239277 0.146058 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 853 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:23.385798 0.237234 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 816 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:23.636108 0.306594 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 847 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:23.943190 0.385031 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 753 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:24.328719 0.215866 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 861 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:24.545122 0.253242 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 666 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:24.798864 0.213739 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 706 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:25.013152 0.000000 udp 10.0.2.19 1701 -> 210.15.203.157 4170 INT 0 1 164 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:28:31.058814 0.000000 udp 10.0.2.19 1701 -> 68.143.211.178 4162 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:28:38.880193 0.000000 udp 10.0.2.19 1701 -> 64.234.251.167 3530 INT 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:28:43.436721 2.482601 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:28:45.925674 0.246824 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 765 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:28:46.528460 0.000000 udp 10.0.2.19 1701 -> 68.65.130.226 5189 INT 0 1 219 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:28:52.860268 0.000000 udp 10.0.2.19 1701 -> 74.62.192.115 1770 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:28:57.977550 0.000000 udp 10.0.2.19 1701 -> 66.60.158.190 8858 INT 0 1 190 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:03.816470 0.000000 udp 10.0.2.19 1701 -> 93.177.182.222 9728 INT 0 1 282 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:09.774706 0.000000 udp 10.0.2.19 1701 -> 94.88.11.18 3441 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:17.376068 0.000000 udp 10.0.2.19 1701 -> 50.20.182.29 3684 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:23.123565 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:29:27.570235 0.000000 udp 10.0.2.19 1701 -> 68.45.163.46 8440 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:30.436494 3.002285 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 00:29:36.192451 0.000000 udp 10.0.2.19 1701 -> 186.115.54.24 5509 INT 0 1 115 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:37.444071 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:29:44.604791 0.000000 udp 10.0.2.19 1701 -> 107.208.121.249 6349 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:45.445828 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:29:50.944165 0.164060 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 843 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:29:51.137474 0.000000 udp 10.0.2.19 1701 -> 24.0.232.228 4911 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:29:57.443243 0.000000 udp 10.0.2.19 1701 -> 62.219.238.163 4055 INT 0 1 313 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:01.449153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:30:02.129798 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:30:03.702002 0.000000 udp 10.0.2.19 1701 -> 69.199.128.93 1988 INT 0 1 193 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:09.089932 0.000000 udp 10.0.2.19 1701 -> 173.10.236.46 5853 INT 0 1 122 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:18.052678 0.251163 udp 10.0.2.19 1701 <-> 184.71.161.90 5973 CON 0 0 2 779 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:30:18.394250 0.000000 udp 10.0.2.19 1701 -> 189.223.109.233 2087 INT 0 1 280 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:23.891558 0.000000 udp 10.0.2.19 1701 -> 108.207.14.96 9658 INT 0 1 220 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:30.757082 0.000000 udp 10.0.2.19 1701 <- 108.207.14.96 9658 RSP 0 0 1 549 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:30.921815 0.269571 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 664 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:30:31.232167 0.236216 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 784 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:30:31.586130 0.000000 udp 10.0.2.19 1701 -> 190.201.0.183 3104 INT 0 1 142 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:38.034482 0.000000 udp 10.0.2.19 1701 -> 94.59.252.18 2153 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:39.930381 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:30:42.568846 0.000109 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:30:44.164471 0.000000 udp 10.0.2.19 1701 -> 87.28.24.185 6678 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:51.582297 0.000000 udp 10.0.2.19 1701 -> 187.174.119.158 6747 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:30:59.200836 0.000000 udp 10.0.2.19 1701 -> 93.195.196.119 6283 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:31:07.845671 0.000000 udp 10.0.2.19 1701 -> 91.99.105.168 1609 INT 0 1 166 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:31:18.653735 0.211222 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 739 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:31:18.955655 0.311868 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 722 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:31:19.352751 0.000000 udp 10.0.2.19 1701 -> 69.244.46.205 8868 INT 0 1 252 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:31:23.238168 0.000061 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:31:25.720301 0.000000 udp 10.0.2.19 1701 -> 80.36.234.42 2109 INT 0 1 308 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:31:33.245199 0.000000 udp 10.0.2.19 1701 -> 24.43.156.102 7535 INT 0 1 173 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:31:41.815082 0.000000 udp 10.0.2.19 1701 -> 74.9.167.49 4051 INT 0 1 253 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:31:50.315198 0.000000 udp 10.0.2.19 1701 -> 106.240.77.220 1655 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:31:56.434290 0.000000 udp 10.0.2.19 1701 -> 86.29.136.213 7163 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:01.325440 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:32:01.986477 0.000000 udp 10.0.2.19 1701 -> 74.95.5.205 6270 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:07.093608 0.000000 udp 10.0.2.19 1701 -> 177.158.51.209 2285 INT 0 1 199 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:12.593036 0.000000 udp 10.0.2.19 1701 -> 69.126.181.133 2769 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:21.380758 0.000000 udp 10.0.2.19 1701 -> 88.250.36.89 4970 INT 0 1 294 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:31.167753 0.000000 udp 10.0.2.19 1701 -> 71.179.255.7 9897 INT 0 1 240 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:37.282548 0.000000 udp 10.0.2.19 1701 -> 69.193.16.198 5373 INT 0 1 216 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:41.802335 0.000038 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:32:45.809500 0.000000 udp 10.0.2.19 1701 -> 2.0.96.129 5145 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:32:54.478219 0.000000 udp 10.0.2.19 1701 -> 24.73.167.82 3274 INT 0 1 144 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:02.851386 0.215875 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 700 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:33:03.534909 0.000000 udp 10.0.2.19 1701 -> 83.185.145.255 4271 INT 0 1 171 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:12.357443 0.362744 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 662 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:33:12.875712 0.000000 udp 10.0.2.19 1701 -> 148.244.220.234 7079 INT 0 1 172 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:16.815784 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:33:20.238032 0.000000 udp 10.0.2.19 1701 -> 109.165.170.202 16979 INT 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:27.581312 0.000000 udp 10.0.2.19 1701 -> 110.171.87.44 2814 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:35.430457 0.000000 udp 10.0.2.19 1701 -> 95.56.10.160 4894 INT 0 1 145 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:41.742964 0.000000 udp 10.0.2.19 1701 -> 85.72.112.141 19137 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:48.335596 0.140531 udp 10.0.2.19 1701 -> 89.212.125.20 4469 INT 0 1 238 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:33:48.476127 0.000000 icmp 89.212.125.20 0x0303 -> 10.0.2.19 0x7511 URP 192 1 238 flow=Background 1970/01/10 00:33:52.809594 0.000040 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:33:56.221070 0.000000 udp 10.0.2.19 1701 -> 123.110.175.202 1157 INT 0 1 313 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:04.358763 0.000000 udp 10.0.2.19 1701 -> 182.178.57.91 7938 INT 0 1 187 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:13.176239 0.000000 udp 10.0.2.19 1701 -> 112.205.77.27 23539 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:20.714180 0.000000 udp 10.0.2.19 1701 -> 180.249.120.151 12765 INT 0 1 263 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:29.223230 0.151695 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 669 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:34:29.563601 0.000000 udp 10.0.2.19 1701 -> 75.112.157.83 7535 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:33.758650 0.000046 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:34:35.173417 0.263625 udp 10.0.2.19 1701 <-> 69.232.77.90 7399 CON 0 0 2 742 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:34:35.780238 0.000000 udp 10.0.2.19 1701 -> 85.124.198.201 8825 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:40.963085 0.000000 udp 10.0.2.19 1701 -> 41.224.177.58 3502 INT 0 1 192 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:49.209426 0.266611 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 750 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:34:49.711136 0.000000 udp 10.0.2.19 1701 -> 69.231.42.234 8252 INT 0 1 177 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:34:56.205127 0.000000 udp 10.0.2.19 1701 -> 168.187.134.74 3362 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:02.001715 0.000000 udp 10.0.2.19 1701 -> 86.98.93.111 4997 INT 0 1 211 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:09.839092 0.000000 udp 10.0.2.19 1701 -> 213.57.136.226 3394 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:14.301869 0.000091 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:35:15.316440 0.000000 udp 10.0.2.19 1701 -> 130.193.165.46 5613 INT 0 1 212 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:21.344486 0.000000 udp 10.0.2.19 1701 -> 76.103.201.241 8251 INT 0 1 245 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:27.491255 0.000000 udp 10.0.2.19 1701 -> 69.74.166.5 9996 INT 0 1 208 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:35.460287 0.000000 udp 10.0.2.19 1701 -> 69.125.255.139 1444 INT 0 1 196 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:41.550861 0.000000 udp 10.0.2.19 1701 -> 72.67.86.85 1775 INT 0 1 119 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:47.874573 0.000000 udp 10.0.2.19 1701 -> 181.165.120.249 8761 INT 0 1 224 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:52.763657 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:35:54.768130 0.000000 udp 10.0.2.19 1701 -> 87.17.253.164 9616 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:35:58.086608 0.783575 tcp 10.0.2.19 52276 -> 90.156.118.144 5237 FSPA* 0 0 14 1652 flow=From-Botnet-V2-TCP-Established 1970/01/10 00:36:00.804385 0.000000 udp 10.0.2.19 1701 -> 97.93.67.162 7155 INT 0 1 161 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:08.782973 0.000000 udp 10.0.2.19 1701 -> 176.41.90.50 1505 INT 0 1 233 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:17.049183 0.113463 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:36:17.235274 0.000000 udp 10.0.2.19 1701 -> 90.227.250.93 5308 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:25.089852 0.000000 udp 10.0.2.19 1701 -> 89.242.226.237 8577 INT 0 1 311 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:30.551843 0.000000 udp 10.0.2.19 1701 -> 99.168.126.30 9768 INT 0 1 305 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:35.171355 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:36:38.412136 0.000000 udp 10.0.2.19 1701 -> 24.145.8.253 7590 INT 0 1 217 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:45.350359 0.000000 udp 10.0.2.19 1701 -> 24.123.69.22 4127 INT 0 1 309 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:48.330690 3.856799 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 00:36:52.852656 0.000000 udp 10.0.2.19 1701 -> 70.168.113.171 1219 INT 0 1 283 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:36:56.146895 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:36:59.561286 0.000000 udp 10.0.2.19 1701 -> 68.148.16.174 9439 INT 0 1 273 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:04.040889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:37:08.582191 0.000000 udp 10.0.2.19 1701 -> 72.4.69.34 5614 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:13.047437 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:37:14.379257 0.299546 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 682 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:37:14.778185 0.000000 udp 10.0.2.19 1701 -> 189.177.101.124 8150 INT 0 1 286 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:20.800134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:37:21.156805 0.000000 udp 10.0.2.19 1701 -> 87.20.123.17 1024 INT 0 1 202 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:28.012679 0.000000 udp 10.0.2.19 1701 -> 72.188.175.227 9923 INT 0 1 135 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:35.384704 0.000000 udp 10.0.2.19 1701 -> 99.110.138.125 8732 INT 0 1 265 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:42.863238 0.259066 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 748 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:37:43.997929 0.000000 udp 10.0.2.19 1701 -> 176.73.51.253 5060 INT 0 1 180 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:47.566245 0.000110 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:37:50.016834 0.000000 udp 10.0.2.19 1701 -> 93.203.207.159 5601 INT 0 1 206 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:37:52.380168 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:37:58.779284 0.000000 udp 10.0.2.19 1701 -> 31.192.30.72 1715 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:38:07.566019 0.000000 udp 10.0.2.19 1701 -> 70.55.17.243 3689 INT 0 1 304 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:38:13.861113 0.000000 udp 10.0.2.19 1701 -> 81.174.40.56 28484 INT 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:38:32.556679 0.000000 udp 10.0.2.19 1701 -> 94.64.35.72 24906 INT 0 1 310 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:38:37.158069 0.000052 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:38:39.499070 0.000000 udp 10.0.2.19 1701 -> 172.248.237.202 1544 INT 0 1 234 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:38:47.905241 0.000000 udp 10.0.2.19 1701 -> 151.42.54.217 6749 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:38:55.847319 0.000000 udp 10.0.2.19 1701 -> 37.201.242.84 4465 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:04.536940 0.000000 udp 10.0.2.19 1701 -> 71.74.21.58 9341 INT 0 1 301 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:11.141607 0.000000 udp 10.0.2.19 1701 -> 96.10.244.24 8756 INT 0 1 258 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:15.963617 0.000139 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:39:16.112661 0.311739 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 715 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 00:39:16.534224 0.000000 udp 10.0.2.19 1701 -> 76.160.92.152 1868 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:22.307837 0.000000 udp 10.0.2.19 1701 -> 174.7.220.125 4786 INT 0 1 229 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:30.454757 0.000000 udp 10.0.2.19 1701 -> 41.159.134.66 6363 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:35.896776 0.000000 udp 10.0.2.19 1701 -> 188.153.212.248 1139 INT 0 1 116 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:43.299748 0.000000 udp 10.0.2.19 1701 -> 24.146.245.219 3744 INT 0 1 146 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:51.799464 0.000000 udp 10.0.2.19 1701 -> 99.118.157.159 7879 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:39:56.265074 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 00:40:00.445417 0.000000 rtcp 10.0.2.19 1701 -> 24.166.230.151 1079 INT 0 1 285 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 00:44:03.719022 3.619988 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 00:44:11.286866 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:44:19.172547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:44:34.969599 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:45:06.782210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:51:05.883918 2.960092 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 00:51:12.794730 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:51:20.687042 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:51:39.316443 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:52:10.880336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:58:09.935147 2.958162 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 00:58:16.846993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:58:24.737391 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:58:40.520515 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 00:59:12.087664 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:05:11.145215 2.965214 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 01:05:18.060428 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:05:25.958642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:05:41.749655 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:05:52.307280 0.000106 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 01:05:52.310370 0.685381 tcp 10.0.2.19 52277 -> 90.156.118.144 5237 FSPA* 0 0 14 1552 flow=From-Botnet-V2-TCP-Established 1970/01/10 01:06:13.318732 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:09:55.431089 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 01:09:55.431204 0.247622 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:55.679193 0.209612 rtcp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:55.889203 0.129853 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:56.019402 0.113868 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:56.133625 0.132768 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:56.266761 0.213927 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:56.481060 0.257290 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:56.738754 0.256041 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:56.995169 0.260554 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:57.256103 0.119662 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:57.376112 0.370748 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:57.747257 0.251067 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:57.998709 0.210062 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:58.209129 0.143003 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:58.352499 0.245842 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:58.598726 0.148010 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:58.747116 0.238142 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:58.985666 0.148270 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:59.134506 0.211226 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:59.346113 0.248823 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:59.595329 0.306268 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:09:59.901978 0.455004 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:00.357359 0.209773 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:00.567509 0.237068 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:00.804948 0.162567 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:00.967889 0.247860 udp 10.0.2.19 1701 <-> 184.71.161.90 5973 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:01.216101 0.197606 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:01.414210 0.250793 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:01.665383 0.230858 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:01.896579 0.307922 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:02.204862 0.216477 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:02.421737 0.218628 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:02.640800 0.363851 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:03.005037 0.166019 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:03.171416 0.259883 udp 10.0.2.19 1701 <-> 69.232.77.90 7399 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:03.431679 0.264955 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:03.697046 0.108712 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:03.806134 0.292398 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 208 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:04.098936 0.253937 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:10:04.353244 0.465327 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:12:18.749247 3.002233 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 01:12:25.756929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:12:33.758147 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:12:49.761629 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:13:21.767682 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:19:26.774565 3.001933 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 01:19:33.782788 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:19:41.783806 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:19:57.786562 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:20:29.792835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:26:35.801649 3.002145 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 01:26:42.809594 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:26:50.810703 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:27:06.813780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:27:38.819620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:33:42.825706 3.001827 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 01:33:49.832914 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:33:57.834344 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:34:13.837442 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:34:45.843946 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:35:50.136443 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 01:35:50.136628 0.427334 tcp 10.0.2.19 52278 -> 90.156.118.144 5237 FSPA* 0 0 14 1616 flow=From-Botnet-V2-TCP-Established 1970/01/10 01:40:21.736940 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 01:40:21.737113 0.064720 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:21.802331 0.052503 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:21.855260 0.175180 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:22.030839 0.164935 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:22.196187 0.194614 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:22.391167 0.180078 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:22.571655 0.053380 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:22.625437 0.202014 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 283 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:22.827822 0.197721 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:23.025940 0.249219 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:23.275540 0.336452 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:23.612344 0.176290 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:23.789004 0.186632 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:23.976020 0.068845 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.045258 0.172268 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.217903 0.051401 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.269685 0.160779 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.430984 0.193267 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.624619 0.158653 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.783667 0.077788 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.861932 0.128519 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:24.990900 0.377685 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:25.369023 0.170692 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:25.540077 0.000000 udp 10.0.2.19 1701 -> 184.71.161.90 5973 INT 0 1 249 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 01:40:42.278483 0.045715 tcp 10.0.2.19 52279 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 01:40:42.324534 0.074170 tcp 10.0.2.19 52280 -> 173.194.70.94 80 SRPA* 0 0 20 15546 flow=From-Botnet-V2-TCP-Established 1970/01/10 01:40:42.399225 0.156430 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:42.556018 0.167652 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:42.724044 0.129214 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:42.853647 0.168260 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:43.022329 0.135830 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:43.158522 0.187682 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:43.346632 0.164123 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:43.511130 0.169614 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:43.681185 0.351051 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:44.032622 0.055770 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:44.088800 0.245871 udp 10.0.2.19 1701 <-> 69.232.77.90 7399 CON 0 0 2 323 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:44.335025 0.000000 udp 10.0.2.19 1701 -> 174.89.157.21 3725 INT 0 1 260 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 01:40:49.849539 3.002152 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 01:40:54.135482 0.000000 udp 10.0.2.19 1701 <- 174.89.157.21 3725 RSP 0 0 1 242 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 01:40:54.135881 0.206869 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:54.343113 0.045758 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:54.389236 0.200965 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 406 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:54.590594 0.236969 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 01:40:56.856981 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:41:04.858949 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:41:20.861319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:41:52.868058 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:47:56.873717 3.001943 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 01:48:03.881266 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:48:11.882607 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:48:27.885418 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:48:59.891485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:55:03.897760 3.001585 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 01:55:10.904738 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:55:18.906707 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:55:34.909292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 01:56:06.915688 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:02:10.921285 3.903688 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:02:18.830551 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:02:26.832142 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:02:42.834954 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:03:15.361548 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:05:51.266644 0.000148 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 02:05:51.266887 3.087591 tcp 10.0.2.19 52281 -> 90.156.118.144 5237 FSPA* 0 0 14 1604 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:09:19.367853 3.001194 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:09:26.375449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:09:36.489897 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:09:52.492242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:10:24.498908 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:11:15.612610 0.000137 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 02:11:15.612839 0.181721 udp 10.0.2.19 1701 -> 184.71.161.90 5973 INT 0 1 222 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 02:11:15.794560 0.000000 icmp 184.71.161.90 0x0303 -> 10.0.2.19 0x5517 URP 192 1 222 flow=Background 1970/01/10 02:11:33.670818 0.044925 tcp 10.0.2.19 52282 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:11:33.715997 0.073083 tcp 10.0.2.19 52283 -> 173.194.70.94 80 SRPA* 0 0 20 15546 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:11:33.789635 0.173468 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:33.963490 0.161466 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:34.125349 0.194814 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:34.320539 0.173812 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:34.494772 0.051785 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:34.546917 0.064152 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:34.611425 0.048820 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:34.660601 0.043738 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:34.704754 0.312006 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:35.017143 0.213973 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:35.231507 0.202476 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:35.434521 0.077579 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:35.512492 0.172872 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:35.685713 0.052065 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:35.738156 0.161097 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:35.899674 0.188709 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:36.088797 0.185432 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:36.274614 0.176361 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:36.451392 0.128551 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:36.580304 0.540687 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:37.121406 0.168929 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:37.290742 0.081024 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:37.372143 0.159363 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:37.531867 0.160971 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:37.693241 0.000000 udp 10.0.2.19 1701 -> 99.42.113.147 7090 INT 0 1 210 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 02:11:52.766647 0.045250 tcp 10.0.2.19 52284 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:11:52.812134 0.072501 tcp 10.0.2.19 52285 -> 173.194.70.94 80 SRPA* 0 0 20 15546 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:11:52.885195 0.135634 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:53.021220 0.189158 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:53.210748 0.243845 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:53.454983 0.165901 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:53.621255 0.118865 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:53.740490 0.166000 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 264 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:53.906901 0.365528 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:54.272798 0.056348 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:54.329508 0.729617 udp 10.0.2.19 1701 <-> 69.232.77.90 7399 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:55.059520 0.044609 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:55.104496 0.208936 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:55.313808 0.141004 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:55.455188 0.218886 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:11:55.674428 0.171510 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:16:28.504244 3.002058 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 02:16:35.512151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:16:43.513985 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:16:59.516442 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:17:31.522664 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:23:35.528507 3.001707 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:23:42.536075 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:23:50.537524 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:24:06.540731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:24:38.546501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:30:42.552477 3.001679 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:30:49.560097 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:30:57.561726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:31:14.916653 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:31:46.922237 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:35:56.071350 0.000050 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 02:35:56.071439 0.459642 tcp 10.0.2.19 52286 -> 90.156.118.144 5237 FSPA* 0 0 14 1756 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:37:50.928455 3.001341 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:37:57.935634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:38:05.937180 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:38:21.940120 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:38:54.997666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:42:01.035835 0.817426 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/10 02:42:01.853411 0.171290 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.025100 0.173594 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.199046 0.168577 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.367984 0.051414 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.419738 0.062121 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.482390 0.052334 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.535067 0.118700 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.654192 0.194980 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:02.849566 0.208133 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:03.058237 0.224835 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:03.283493 0.311579 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:03.595442 0.069486 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:03.665306 0.172406 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:03.838286 0.201014 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:04.039709 0.189007 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:04.229085 0.160642 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:04.390279 0.051484 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:04.442136 0.189157 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:04.631669 0.174329 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:04.806397 0.129932 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:04.936668 0.176770 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:05.113791 0.158133 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:05.272345 0.175591 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:05.448305 0.077220 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:05.525887 0.158321 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:05.684610 0.163154 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:05.848125 0.171205 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:06.019730 0.135632 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:06.155715 0.188292 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:06.344461 0.111831 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:06.456749 0.164823 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:06.621956 0.366949 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:06.989298 0.154843 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:07.144491 0.208106 udp 10.0.2.19 1701 <-> 108.199.165.214 9919 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:07.352946 0.000000 udp 10.0.2.19 1701 -> 69.232.77.90 7399 INT 0 1 111 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 02:42:23.059909 4.017477 tcp 10.0.2.19 52287 -> 173.194.70.99 80 FSPA* 0 0 11 1904 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:42:27.077674 0.074931 tcp 10.0.2.19 52288 -> 173.194.70.94 80 SRPA* 0 0 20 15546 flow=From-Botnet-V2-TCP-Established 1970/01/10 02:42:27.153190 0.046167 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 546 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:27.199717 0.169744 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:27.369868 0.139168 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:42:27.509513 0.207557 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 02:45:01.296796 3.002271 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:45:08.304835 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:45:16.305863 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:45:32.309365 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:46:04.435320 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:52:08.440875 3.002080 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:52:15.448694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:52:23.931242 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:52:39.933925 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:53:12.600961 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:59:16.606604 3.001682 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 02:59:23.614291 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:59:31.615759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 02:59:47.618713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:00:19.625189 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:05:59.954352 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 03:05:59.954522 0.776467 tcp 10.0.2.19 52289 -> 90.156.118.144 5237 FSPA* 0 0 14 1566 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:06:23.630325 3.001993 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 03:06:30.638221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:06:38.639803 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:06:54.642563 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:07:26.649189 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:12:41.281937 0.000100 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 03:12:41.282160 0.000000 udp 10.0.2.19 1701 -> 69.232.77.90 7399 INT 0 1 232 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 03:13:00.140959 0.045830 tcp 10.0.2.19 52290 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:13:00.187083 0.080658 tcp 10.0.2.19 52291 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:13:00.268278 0.164969 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:00.433631 0.053336 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:00.487340 0.067735 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:00.555476 0.049481 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:00.605300 0.043427 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:00.649106 0.170883 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:00.820357 0.172726 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:00.993467 0.215488 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:01.209376 0.195945 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:01.405721 0.208930 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:01.615079 0.172864 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:01.788327 0.201915 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:01.990711 0.186290 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:02.177400 0.081219 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:02.259017 0.311578 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:02.570971 0.188042 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:02.759402 0.182793 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:02.942642 0.129261 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:03.764642 0.176117 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:03.941143 0.160626 udp 10.0.2.19 1701 <-> 108.233.136.124 5604 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:04.102287 0.051381 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:04.154046 0.084067 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:04.238476 0.413497 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:04.652370 0.165568 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:04.818367 0.168324 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:04.987112 0.156547 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:05.144058 0.174120 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:05.318554 0.111463 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:05.430389 0.167246 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:05.597988 0.135517 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:05.733910 0.189417 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:05.923722 0.342784 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:06.266872 0.056598 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 320 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:06.323909 0.000000 udp 10.0.2.19 1701 -> 108.199.165.214 9919 INT 0 1 184 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 03:13:23.884438 0.045512 tcp 10.0.2.19 52292 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:13:23.930180 0.071556 tcp 10.0.2.19 52293 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:13:24.002281 0.044588 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:24.047241 0.206729 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:24.254387 0.167988 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:13:24.422775 0.690452 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:17:24.660976 3.002148 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 03:17:31.668668 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:17:39.670022 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:17:55.673054 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:18:27.678989 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:24:31.684946 3.002104 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 03:24:38.692817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:24:46.694062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:25:02.697346 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:25:34.703523 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:31:42.755169 3.002035 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 03:31:49.762719 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:31:57.763891 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:32:13.767163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:32:45.773265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:36:00.744060 0.000116 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 03:36:00.744267 0.523795 tcp 10.0.2.19 52294 -> 90.156.118.144 5237 FSPA* 0 0 14 1610 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:38:53.784706 3.001460 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 03:39:00.792150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:39:08.793822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:39:24.796929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:39:56.803045 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:43:54.745376 0.000087 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 03:43:54.745572 0.000000 udp 10.0.2.19 1701 -> 108.199.165.214 9919 INT 0 1 104 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 03:44:12.172738 0.045170 tcp 10.0.2.19 52295 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:44:12.218209 0.073434 tcp 10.0.2.19 52296 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:44:12.292227 0.070278 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:12.362859 0.053020 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:12.416275 0.043159 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:12.459824 0.170641 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:12.630850 0.051793 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:12.683084 0.214816 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:12.898448 0.196592 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:13.095424 0.170348 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:13.266211 0.182745 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:13.449342 0.187003 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:13.636767 0.212011 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:13.849158 0.171359 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:14.020910 0.184935 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:14.206346 0.185001 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:14.391757 0.338545 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:14.730686 0.077131 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:14.808200 0.178645 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:14.987206 0.000000 udp 10.0.2.19 1701 -> 108.233.136.124 5604 INT 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 03:44:33.522389 0.046306 tcp 10.0.2.19 52297 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:44:33.569081 0.072214 tcp 10.0.2.19 52298 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 03:44:33.641819 0.050759 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:33.692959 0.127868 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 561 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:33.821233 0.176928 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:33.998534 0.164170 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:34.163119 0.075338 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:34.238830 0.158375 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:34.397591 0.169080 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:34.567049 0.109439 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:34.676860 0.161125 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:34.838404 0.172435 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:35.011195 0.186323 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:35.197907 0.135584 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:35.333875 0.163062 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:35.497284 0.153824 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:35.651512 0.362863 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:36.014740 0.044278 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:36.059435 0.210244 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:36.270077 0.169964 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:44:36.440424 0.138781 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 03:46:03.612872 3.001445 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 03:46:10.620229 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:46:18.621795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:46:34.624859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:47:06.630936 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:53:10.636465 3.002038 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 03:53:17.644487 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:53:25.646035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:53:41.648383 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 03:54:13.654789 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:00:17.660411 3.001856 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 04:00:24.668038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:00:33.480983 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:00:49.483950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:01:22.531681 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:06:03.896339 0.000120 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 04:06:03.896542 1.519809 tcp 10.0.2.19 52299 -> 90.156.118.144 5237 FSPA* 0 0 14 1511 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:07:28.229220 3.002509 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 04:07:35.237373 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:07:43.238428 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:07:59.241642 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:08:31.638295 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:14:52.311542 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 04:14:52.311647 0.000000 udp 10.0.2.19 1701 -> 108.233.136.124 5604 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 04:15:09.383346 0.045037 tcp 10.0.2.19 52300 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:15:09.428653 0.072378 tcp 10.0.2.19 52301 -> 173.194.70.94 80 SRPA* 0 0 20 15546 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:15:09.501573 0.051639 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:09.553551 0.170163 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:09.724079 0.052468 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:09.776883 0.218461 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:09.995696 0.067869 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:10.063915 0.049617 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:10.113847 0.169621 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:10.283884 0.174680 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:10.458931 0.195049 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:10.654504 0.204275 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:10.859134 0.186196 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:11.045675 0.311608 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 317 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:11.357675 0.071502 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:11.429562 0.192086 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:11.621989 0.171619 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:11.794019 0.184857 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:11.979254 0.175068 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:12.154664 0.054326 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:12.209332 0.128423 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:12.338141 0.081198 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:12.419724 0.161287 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:12.581462 0.171433 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:12.753330 0.110121 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:12.863807 0.162027 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:13.026234 0.176432 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:13.203096 0.165512 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:13.368981 0.168748 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:13.538149 0.187625 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:13.726322 0.135410 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:13.862141 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 131 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 04:15:31.393078 0.046361 tcp 10.0.2.19 52302 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:15:31.439724 0.074897 tcp 10.0.2.19 52303 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:15:31.515199 0.058496 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:31.574075 0.210687 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:31.785128 0.166357 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:31.951842 0.140856 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:32.093120 0.364661 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:15:32.458322 0.052401 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:17:53.648600 3.002193 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 04:18:00.656341 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:18:08.658024 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:18:24.660976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:18:56.666680 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:25:00.672702 3.001826 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 04:25:07.680746 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:25:18.415884 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:25:34.419169 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:26:06.424930 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:32:10.431014 3.001476 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 04:32:17.438371 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:32:25.439492 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:32:41.442841 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:33:14.340037 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:36:07.389189 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 04:36:07.389410 3.263363 tcp 10.0.2.19 52304 -> 90.156.118.144 5237 FSPA* 0 0 14 1664 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:39:18.345787 3.002309 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 04:39:25.353636 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:39:33.354761 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:39:49.358442 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:40:21.364011 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:45:45.870577 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 04:45:45.870749 0.165032 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.036202 0.052596 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.089149 0.217791 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.307296 0.067259 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.374955 0.051450 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.426752 0.043170 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.470292 0.170845 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.641499 0.195366 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:46.837272 0.185564 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:47.023223 0.173258 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:47.196864 0.220675 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:47.417882 0.073988 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:47.492292 0.311355 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:47.804051 0.217461 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:48.021938 0.187545 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:48.209866 0.625399 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:48.835655 0.184961 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.021011 0.171738 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 273 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.193143 0.101305 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.294867 0.157159 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.452437 0.166603 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.619458 0.128930 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.748815 0.051489 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.800646 0.175166 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:49.976179 0.163629 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:45:50.140211 0.000000 udp 10.0.2.19 1701 -> 93.109.245.154 9067 INT 0 1 108 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 04:46:09.086636 0.045957 tcp 10.0.2.19 52305 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:46:09.132844 0.072207 tcp 10.0.2.19 52306 -> 173.194.70.94 80 SRPA* 0 0 20 15546 flow=From-Botnet-V2-TCP-Established 1970/01/10 04:46:09.205589 0.159630 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 215 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:09.365577 0.135487 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:09.501432 0.172093 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:09.673914 0.186104 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 246 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:09.860373 0.210457 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:10.071186 0.169601 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:10.241199 0.000000 udp 10.0.2.19 1701 -> 174.89.157.21 3725 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 04:46:19.999665 0.000000 udp 10.0.2.19 1701 <- 174.89.157.21 3725 RSP 0 0 1 130 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 04:46:20.000082 0.056135 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:20.056584 0.352109 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 253 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:20.409130 0.045370 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 04:46:27.442782 3.182544 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 04:46:34.630651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:46:42.632559 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:46:58.635534 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:47:30.641685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:53:34.647367 3.001304 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 04:53:41.654675 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:53:49.656606 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:54:05.658889 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 04:54:37.665612 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:00:41.671179 3.001406 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:00:48.678500 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:00:56.680311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:01:12.683091 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:01:44.689554 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:06:11.733388 0.000056 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 05:06:11.733499 0.425086 tcp 10.0.2.19 52307 -> 90.156.118.144 5237 FSPA* 0 0 14 1686 flow=From-Botnet-V2-TCP-Established 1970/01/10 05:07:48.695398 3.001922 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:07:55.702672 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:08:03.703864 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:08:19.706882 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:08:51.713455 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:16:31.304153 0.000059 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 05:16:31.304347 0.107288 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:31.412037 0.221186 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:31.633628 0.066227 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:31.700231 0.050701 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:31.751358 0.043172 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:31.794899 0.162556 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:31.957838 0.163129 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 254 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:32.121327 0.052791 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:32.174499 0.170206 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:32.345078 0.175021 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:32.520455 0.215181 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:32.736010 0.195507 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:32.931904 0.076474 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:33.008777 0.318485 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:33.327660 0.174534 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:33.502573 0.189645 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:33.692600 0.185137 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:33.878082 0.173999 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.052453 0.077380 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.130288 0.157362 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.288015 0.166194 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.454644 0.130433 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 268 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.585486 0.178827 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.764676 0.051371 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.816440 0.174029 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:34.990870 0.163172 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:35.154496 0.172232 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:35.327095 0.160362 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:35.487822 0.135523 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:35.623693 0.187774 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:35.811874 0.209715 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:36.022010 0.172156 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:36.194535 0.353210 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:36.548198 0.043904 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:36.592491 0.141228 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:16:36.734136 0.056080 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:18:05.722453 3.001519 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:18:12.729953 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:18:20.731211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:18:36.734462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:19:08.740685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:25:12.746505 3.001845 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:25:19.753874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:25:27.755624 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:25:43.758596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:26:15.764083 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:32:19.770443 3.001558 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:32:26.778991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:32:34.780093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:32:50.782976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:33:22.788004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:36:12.162102 0.000052 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 05:36:12.162197 1.136448 tcp 10.0.2.19 52308 -> 90.156.118.144 5237 FSPA* 0 0 14 1580 flow=From-Botnet-V2-TCP-Established 1970/01/10 05:39:26.794511 3.001411 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:39:33.802204 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:39:41.803405 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:39:57.806208 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:40:29.812211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:46:33.818191 3.763045 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:46:41.587068 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:46:49.588536 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:46:53.493907 3.089828 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/10 05:46:56.583862 0.111854 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:56.696082 0.204915 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:56.901402 0.066225 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:56.968043 0.053659 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:57.022286 0.043427 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:57.066128 0.157104 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:57.223645 0.166096 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:57.390116 0.052373 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:57.442886 0.199272 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:57.642554 0.195812 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:57.838745 0.171283 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:58.010429 0.173062 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:58.183855 0.174431 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:58.358659 0.070942 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:58.429959 0.311112 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:58.741512 0.188736 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:58.930654 0.184251 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:59.115270 0.173725 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:59.289369 0.076114 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:59.365867 0.129445 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:59.495724 0.173101 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:59.669212 0.052093 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 583 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:46:59.721617 0.526311 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:00.248283 0.169258 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:00.417999 0.177337 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:00.595674 0.164449 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 415 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:00.760508 0.170457 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:00.931356 0.161487 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:01.093287 0.219532 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:01.313188 0.167320 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:01.480842 0.135458 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:01.616662 1.684273 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:03.301294 0.771770 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:04.073426 0.054404 udp 10.0.2.19 1701 <-> 176.73.161.181 4759 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:04.128204 0.342055 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:04.470657 0.054592 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 05:47:07.794652 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:47:39.800449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:53:44.808215 3.001437 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 05:53:51.815693 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:53:59.816513 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:54:15.820003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 05:54:47.825911 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:00:54.956230 3.002156 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 06:01:01.963992 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:01:10.676526 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:01:26.679109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:02:06.599890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:06:22.742080 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 06:06:22.742186 0.586587 tcp 10.0.2.19 52309 -> 90.156.118.144 5237 FSPA* 0 0 14 1749 flow=From-Botnet-V2-TCP-Established 1970/01/10 06:08:04.813991 3.001920 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 06:08:11.821667 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:08:19.822991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:08:35.826569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:09:07.832032 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:17:36.604327 1.885809 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/10 06:17:38.490253 0.108298 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:38.598969 0.170754 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:38.770281 0.069471 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:38.840108 0.052577 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 469 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:38.893043 0.041628 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:38.935060 0.157063 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:39.092542 0.162399 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:39.255316 0.051359 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:39.307068 0.207488 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:39.514901 0.191969 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:39.707232 0.189234 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:39.896906 0.079683 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:39.976961 0.194205 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:40.171550 0.166200 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 492 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:40.338195 0.337934 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:40.676545 0.191689 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 238 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:40.868640 0.185748 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:41.054755 0.174084 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:41.229201 0.079449 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:41.309082 0.128659 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:41.438120 0.159827 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:41.598355 0.167529 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:41.766269 0.920654 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:42.687275 0.051533 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 421 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:42.739175 0.174213 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 367 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:42.913777 0.164150 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:43.078401 0.172222 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:43.250983 0.160972 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:43.412351 0.209233 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:43.622000 0.172209 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:43.794627 0.135741 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 258 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:43.930771 0.187739 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:44.118897 0.358661 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:44.477984 0.045899 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:44.524258 0.142588 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:17:44.667190 0.000000 udp 10.0.2.19 1701 -> 176.73.161.181 4759 INT 0 1 277 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 06:18:03.355172 0.045599 tcp 10.0.2.19 52310 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 06:18:03.401068 0.073499 tcp 10.0.2.19 52311 -> 173.194.70.94 80 SRPA* 0 0 20 15546 flow=From-Botnet-V2-TCP-Established 1970/01/10 06:18:19.768332 3.002203 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 06:18:26.775976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:18:34.777797 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:18:50.780726 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:19:22.786678 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:25:28.244153 3.002105 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 06:25:36.894801 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:25:44.896314 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:26:00.898971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:26:34.617111 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:32:39.304362 3.001864 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 06:32:46.312094 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:32:54.313370 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:33:10.315994 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:33:44.155324 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:36:25.567301 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 06:36:25.567479 0.602929 tcp 10.0.2.19 52312 -> 90.156.118.144 5237 FSPA* 0 0 14 1636 flow=From-Botnet-V2-TCP-Established 1970/01/10 06:39:48.161043 3.001651 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 06:39:55.168516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:40:03.169767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:40:19.173149 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:40:51.178725 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:46:55.184476 3.002288 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 06:47:02.192259 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:47:10.194044 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:47:26.196874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:47:58.202785 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:48:18.942698 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 06:48:18.942888 0.000000 udp 10.0.2.19 1701 -> 176.73.161.181 4759 INT 0 1 214 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 06:48:37.422370 2.802447 tcp 10.0.2.19 52313 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 06:48:40.225155 0.071807 tcp 10.0.2.19 52314 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 06:48:40.297613 0.067521 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:40.365501 0.051656 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:40.417530 0.043231 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:40.461139 0.153562 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 532 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:40.614976 0.112600 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:40.727936 0.171769 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:40.900114 0.052341 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:40.952817 0.201870 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:41.155235 0.172065 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:41.327659 0.168107 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:41.496165 0.171766 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:41.668304 0.166290 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:41.834972 0.074567 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:41.909881 0.195494 rtcp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:42.105773 0.191006 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:42.297141 0.336187 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:42.633701 0.185596 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:42.819674 0.172269 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 221 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:42.992301 0.129230 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:43.121883 0.159619 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 557 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:43.281889 0.168305 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:43.450554 0.083348 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:43.534447 0.177979 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:43.712783 0.163846 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:43.877050 0.689125 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:44.566521 0.051630 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:44.618589 0.220805 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:44.839757 0.172716 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:45.012866 0.160304 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:45.173568 0.187419 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:49.093544 0.172037 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:49.265943 0.135654 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:49.402163 0.044326 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:49.446872 0.353258 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:48:49.800508 0.139435 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 06:54:05.573651 3.001994 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 06:54:12.581404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:54:20.583064 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:54:36.585917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 06:55:08.591452 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:01:12.597849 3.001899 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:01:19.605272 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:01:33.142345 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:01:48.920857 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:02:20.504535 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:06:29.631074 0.000067 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 07:06:29.631291 3.482227 tcp 10.0.2.19 52315 -> 90.156.118.144 5237 FSPA* 0 0 14 1525 flow=From-Botnet-V2-TCP-Established 1970/01/10 07:08:26.731565 3.002209 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:08:33.739012 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:08:41.740949 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:08:57.743724 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:09:31.602615 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:15:35.608412 3.001702 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:15:42.615991 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:15:51.147890 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:16:07.151262 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:16:47.674529 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:19:06.809952 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 07:19:06.810090 0.115007 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:06.925553 0.156341 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.082310 0.107900 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.190631 0.174754 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.365806 0.068320 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.434549 0.051227 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.486328 0.051374 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.538138 0.201731 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.740272 0.173332 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:07.914011 0.163013 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:08.077452 0.176023 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:08.253921 0.167670 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:08.422249 0.190841 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:08.613534 0.336156 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:08.950282 0.070585 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:09.021268 0.195763 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:09.217452 0.189535 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:09.407412 0.171727 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:09.790399 0.129104 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:09.919913 0.156677 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:10.077022 0.173683 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:10.251183 0.079413 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 236 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:10.331045 0.174602 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:10.506094 0.174384 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:10.681034 0.164839 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:10.846458 0.051433 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:10.898287 0.212632 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 341 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:11.111338 0.169754 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:11.281481 0.158210 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:11.440077 0.188140 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:11.628735 0.055793 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:11.684900 0.343998 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 465 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:12.029333 0.138526 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:12.168257 0.169235 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:19:12.337882 0.135387 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:22:45.225788 3.623282 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/10 07:22:50.852081 4.005685 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/10 07:23:02.859214 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:23:18.861689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:23:50.867753 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:29:54.873891 3.002111 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:30:01.881519 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:30:09.883084 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:30:25.885716 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:30:57.892117 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:36:38.011720 0.000082 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 07:36:38.011904 1.389456 tcp 10.0.2.19 52316 -> 90.156.118.144 5237 FSPA* 0 0 14 1736 flow=From-Botnet-V2-TCP-Established 1970/01/10 07:37:02.698933 3.843077 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:37:10.547868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:37:18.548960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:37:34.552112 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:38:06.557937 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:44:10.564008 3.001658 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:44:17.571658 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:44:25.573328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:44:41.576017 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:45:13.582834 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:49:24.283219 0.000066 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 07:49:24.283403 0.107759 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:24.391613 0.171455 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:24.563465 0.073911 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:24.637779 0.056067 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:24.694376 0.052563 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:24.747401 0.202435 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:24.950245 0.084804 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:25.035405 0.159508 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:25.195306 0.173269 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:25.368973 0.165541 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 523 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:25.534912 0.203926 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:25.739210 0.167002 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:25.906597 0.190385 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:26.097324 0.194486 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:26.292193 0.180816 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:26.473379 0.336088 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:26.809859 0.079518 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:26.889743 0.205525 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 325 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:27.095655 0.137685 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:27.233717 0.377137 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:27.611212 0.166755 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 498 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:27.778478 0.077739 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:27.856656 0.189450 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:28.046505 0.051670 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:28.098563 0.233297 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:28.332231 0.172248 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:28.504829 0.173829 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:28.679145 0.174491 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:28.854051 0.160547 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:29.014981 0.187961 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:29.203306 0.044555 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:29.248252 0.340891 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:29.589506 0.135287 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 239 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:29.725151 0.140752 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:49:29.866435 0.169479 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 07:51:17.587763 3.001990 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:51:24.595497 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:51:32.597087 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:51:48.599917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:52:24.361617 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:58:28.367668 3.001700 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 07:58:35.375187 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:58:43.376300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:58:59.379399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 07:59:31.385427 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:05:35.391156 3.002022 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:05:42.398730 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:05:50.400313 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:06:06.403603 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:06:38.409191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:06:41.654859 0.000115 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 08:06:41.655057 0.418281 tcp 10.0.2.19 52317 -> 90.156.118.144 5237 FSPA* 0 0 14 1709 flow=From-Botnet-V2-TCP-Established 1970/01/10 08:12:42.415491 3.001493 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:12:49.422620 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:12:57.424417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:13:17.263311 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:13:49.319372 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:19:34.896097 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 08:19:34.896198 0.069056 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:34.965649 0.047668 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.013731 0.052846 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.066941 0.108254 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.175631 0.171149 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.347158 0.199970 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.547498 0.047781 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 518 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.595696 0.156598 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.752676 0.172959 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:35.925981 0.168498 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:36.094914 0.212402 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:36.307738 0.194450 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:36.502583 0.186075 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:36.689073 0.316553 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:37.005978 0.166325 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:37.172665 0.185987 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 256 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:37.359066 0.076008 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:37.435484 0.173356 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:37.609187 0.129620 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:37.739196 0.155883 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 311 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:37.895453 0.166412 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:38.062417 0.081586 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:38.144325 0.213139 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:38.357828 0.168369 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:38.659252 0.178642 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:38.838333 0.176414 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:39.015145 0.163126 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:39.178678 0.053112 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:39.232171 0.158759 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:39.391276 0.186980 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:39.578647 0.048218 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:39.627236 0.365858 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:39.993472 0.135395 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:40.129272 0.136935 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:40.266620 0.168536 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:19:53.324777 3.001957 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:20:00.332615 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:20:08.334090 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:20:24.337109 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:21:02.756350 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:27:26.714113 3.800774 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:27:34.467833 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:27:43.873942 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:27:59.664647 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:28:31.239317 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:34:29.524947 3.001268 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:34:36.532444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:34:44.533663 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:35:00.537230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:35:32.542743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:36:46.069233 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 08:36:46.069406 2.030944 tcp 10.0.2.19 52318 -> 90.156.118.144 5237 FSPA* 0 0 14 1610 flow=From-Botnet-V2-TCP-Established 1970/01/10 08:41:36.548721 3.002081 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:41:43.556449 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:41:51.557903 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:42:07.561035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:42:39.566910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:48:57.572666 3.002394 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:49:04.580265 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:49:12.581698 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:49:28.584634 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:50:00.611236 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:50:12.117987 0.000211 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 08:50:12.118308 0.076308 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:12.195001 0.054592 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:12.249974 0.047963 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:12.298541 0.111634 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:12.410581 0.171460 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:12.582430 0.195323 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:12.778340 0.056457 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:12.835155 0.167730 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:13.003319 0.156987 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:13.160694 0.173572 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:13.334630 0.185815 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:13.520816 0.171534 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 286 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:13.692775 0.194093 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:13.887271 0.366940 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:14.254595 0.167393 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 477 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:14.466321 0.187795 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:14.654517 0.079729 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:14.734595 0.172538 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:14.907589 0.166317 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 534 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:15.074291 0.081891 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 235 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:15.156568 0.139700 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:15.296619 0.205057 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:15.502245 0.187550 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:15.690207 0.214403 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 527 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:15.905008 0.170567 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:16.075984 0.173971 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:16.250333 0.163032 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:16.413769 0.051598 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:16.465720 0.156385 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:16.622507 0.188067 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:16.810961 0.135765 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:16.947081 0.157774 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:17.105240 0.045508 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:17.151119 0.341943 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:50:17.493421 0.169456 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 334 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 08:56:07.820933 3.002052 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 08:56:14.829336 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:56:22.830425 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:56:38.833292 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 08:57:10.839777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:03:14.845329 3.002202 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:03:21.852583 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:03:29.854820 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:03:45.857818 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:04:17.863121 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:06:49.762412 0.000060 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 09:06:49.762521 0.494768 tcp 10.0.2.19 52319 -> 90.156.118.144 5237 FSPA* 0 0 14 1596 flow=From-Botnet-V2-TCP-Established 1970/01/10 09:10:21.868802 3.002708 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:10:28.877257 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:10:36.878704 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:10:52.881222 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:11:25.768684 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:17:34.781204 3.002025 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:17:41.789517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:17:49.791260 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:18:05.793692 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:18:37.800178 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:20:28.649173 0.000107 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 09:20:28.649387 0.052308 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:28.702320 0.111453 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:28.814208 0.167355 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:28.982023 0.000000 udp 10.0.2.19 1701 -> 189.165.60.251 3630 INT 0 1 267 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 09:20:44.895578 0.045647 tcp 10.0.2.19 52320 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 09:20:44.941519 0.074000 tcp 10.0.2.19 52321 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 09:20:45.016048 0.066575 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:45.083060 0.058256 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 435 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:45.141732 0.056872 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 322 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:45.198976 0.166127 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:45.365515 0.155297 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:45.521221 0.174887 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:45.696490 0.183104 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:45.879970 0.173833 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:46.054357 0.195407 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:46.250196 0.346111 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:46.596669 0.169946 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:46.766987 0.191656 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 419 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:46.958997 0.077519 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:47.036950 0.174802 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:47.212125 0.210427 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:47.422912 0.076574 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 290 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:47.499874 0.129296 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:47.629537 0.218326 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:47.848239 0.173286 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:48.021909 0.175016 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:48.197332 0.166820 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:48.364527 0.050995 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 265 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:48.415890 0.162067 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:48.578333 0.291675 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 443 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:48.870390 0.160052 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 571 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:49.030829 0.189046 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:49.220238 0.135863 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 490 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:49.356474 0.397703 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:49.754571 0.044867 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:49.799817 0.342225 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:20:50.142399 0.168044 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 237 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:24:42.807221 3.001848 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:24:49.814680 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:24:57.816197 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:25:13.819061 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:25:45.825154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:32:13.835647 3.001700 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:32:20.843170 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:32:28.844438 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:32:44.847566 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:33:16.853423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:36:50.691864 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 09:36:50.691953 0.520667 tcp 10.0.2.19 52322 -> 90.156.118.144 5237 FSPA* 0 0 14 1689 flow=From-Botnet-V2-TCP-Established 1970/01/10 09:39:20.859334 3.001788 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:39:27.867191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:39:35.868473 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:39:51.871775 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:40:23.877837 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:46:32.890451 3.001889 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:46:39.898148 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:46:47.900021 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:47:03.902628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:47:42.541980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:51:15.584651 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 09:51:15.584831 0.199810 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:15.784998 0.109052 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 371 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:15.894473 0.052915 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:15.947781 0.170387 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.118586 0.075724 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.194724 0.052282 udp 10.0.2.19 1701 <-> 81.149.254.99 6663 CON 0 0 2 524 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.247394 0.047038 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.294811 0.166588 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.461817 0.156027 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.618373 0.172026 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.790845 0.187576 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:16.978796 0.311426 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:17.290598 0.166558 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 248 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:17.457584 0.187246 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:17.645224 0.171623 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:17.817225 0.195642 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:18.013278 0.071957 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:18.085591 0.173018 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 479 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:18.258997 0.167025 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:18.426410 0.081443 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:18.508210 0.160507 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:18.669103 0.215021 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:18.884526 0.164598 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 574 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:19.049530 0.051557 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:19.101424 0.160082 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 549 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:19.261917 0.913676 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:20.683202 0.173274 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 503 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:20.856841 0.175350 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:21.032546 0.159372 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:21.192281 0.187914 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:21.380571 0.135430 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:21.516412 0.140398 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:21.657221 0.043710 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 324 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:21.701352 0.359435 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 513 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:51:22.061192 0.168154 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 09:53:48.016341 3.002181 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 09:53:55.023929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:54:03.025514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:54:19.028485 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 09:54:51.034578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:00:57.043215 3.001804 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:01:06.253858 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:01:14.255417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:01:30.258158 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:02:02.875720 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:06:55.316347 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 10:06:55.316489 0.461611 tcp 10.0.2.19 52323 -> 90.156.118.144 5237 FSPA* 0 0 14 1691 flow=From-Botnet-V2-TCP-Established 1970/01/10 10:08:08.183152 3.002006 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:08:15.191216 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:08:23.192357 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:08:41.097881 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:09:13.865153 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:15:38.871028 3.001934 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:15:45.878962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:15:53.880475 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:16:09.882928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:16:42.250276 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:21:40.258327 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 10:21:40.258498 0.202294 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 436 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:40.461201 0.118512 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:40.580109 0.051530 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:40.632006 0.171651 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:40.804023 0.067038 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:40.871425 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 INT 0 1 269 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 10:21:57.315581 0.045682 tcp 10.0.2.19 52324 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 10:21:57.361507 0.077670 tcp 10.0.2.19 52325 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 10:21:57.439728 0.043577 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:57.483716 0.174077 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:57.658294 0.185799 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:57.844518 0.336793 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:58.181682 0.166932 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:58.348979 0.164506 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:58.513881 0.157043 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:58.671338 0.190099 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:58.861782 0.172127 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 430 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.034275 0.193697 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 263 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.228437 0.076767 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.305615 0.172845 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.478876 0.167541 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.668256 0.077593 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.746583 0.164856 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.911781 0.051778 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:21:59.963949 0.839078 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 228 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:00.803383 0.149867 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:00.953650 0.207144 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:01.161193 0.181267 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:01.342835 0.172370 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:01.515583 0.178036 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:01.693975 0.157794 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:01.852138 0.186231 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:02.038745 0.135616 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 461 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:02.174721 0.142662 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:02.317760 0.044890 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:02.363036 0.336050 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:02.699472 0.166017 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:22:46.255572 3.001538 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:22:53.263484 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:23:01.264300 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:23:18.979780 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:23:50.986275 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:29:54.992895 3.010660 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/10 10:30:00.006439 4.006012 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/10 10:30:12.013927 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:30:28.016760 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:31:00.022911 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:36:59.059474 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 10:36:59.059636 0.674305 tcp 10.0.2.19 52326 -> 90.156.118.144 5237 FSPA* 0 0 14 1731 flow=From-Botnet-V2-TCP-Established 1970/01/10 10:37:04.029404 3.001293 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:37:11.036623 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:37:19.037589 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:37:35.040879 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:38:07.047031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:44:11.053297 3.001512 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:44:18.060571 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:44:26.061817 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:44:42.065368 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:45:14.071027 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:51:18.076538 3.002325 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:51:25.084271 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:51:33.086235 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:51:49.088776 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:52:14.786375 1.067753 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/10 10:52:15.854142 0.000000 udp 10.0.2.19 1701 -> 81.149.254.99 6663 INT 0 1 120 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 10:52:21.635501 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:52:31.332523 0.047008 tcp 10.0.2.19 52327 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 10:52:31.379883 0.077094 tcp 10.0.2.19 52328 -> 173.194.70.94 80 SRPA* 0 0 21 15600 flow=From-Botnet-V2-TCP-Established 1970/01/10 10:52:31.457563 0.111938 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:31.569884 0.204248 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 542 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:31.774522 0.053070 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:31.827962 0.172968 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:32.001300 0.079590 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:32.081231 0.049483 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:32.131127 0.196508 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:32.328033 0.170325 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:32.498758 0.163731 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 344 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:32.662885 0.155892 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 511 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:32.819180 0.187042 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:33.006610 0.311766 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:33.318792 0.188931 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:33.508119 0.172241 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:33.680735 0.194943 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:33.876030 0.078758 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:33.955149 0.171937 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:34.127484 0.166403 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:34.294448 0.074990 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:34.369780 0.163505 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:34.533657 0.051557 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:34.585565 0.155431 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:34.741351 0.145047 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:34.942252 0.221387 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:35.164002 0.170643 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 353 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:35.335012 0.171644 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:35.507058 0.176522 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:35.683970 0.135480 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 225 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:35.819817 2.268503 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:38.088737 0.050589 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:38.139636 0.363567 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:38.503551 0.157703 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 300 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:38.661606 0.187708 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:52:38.849663 0.171182 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 567 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 10:58:25.641812 3.001432 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 10:58:32.648993 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:58:40.651010 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:58:56.653767 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 10:59:29.761569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:05:38.774533 3.001259 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 11:05:45.781984 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:05:53.783843 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:06:09.786516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:06:41.792038 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:07:00.810353 0.000051 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 11:07:00.810445 0.476766 tcp 10.0.2.19 52329 -> 90.156.118.144 5237 FSPA* 0 0 14 1703 flow=From-Botnet-V2-TCP-Established 1970/01/10 11:12:47.800892 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:12:55.411738 1.976435 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/10 11:13:01.343995 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:13:09.236196 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:13:25.024929 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:13:58.995157 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:20:12.951558 3.001246 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 11:20:19.958516 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:20:27.959976 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:20:43.963241 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:21:15.969261 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 11:23:04.375706 0.000123 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 11:23:04.375934 0.051780 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:04.428119 0.171155 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:04.599617 0.069347 udp 10.0.2.19 1701 <-> 217.41.32.90 8641 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:04.669378 0.041226 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:04.710980 0.113232 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:04.824616 0.201936 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:05.026978 0.173898 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:05.201266 0.168727 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:05.370359 0.165789 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 243 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:05.536593 0.156389 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:05.693352 0.187004 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:05.880777 0.173738 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:06.054877 0.195840 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:06.251066 0.066210 udp 10.0.2.19 1701 <-> 2.85.52.234 2179 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:06.317670 0.173324 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 533 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:06.491381 0.331478 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:06.823246 0.275212 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:07.098813 0.165325 udp 10.0.2.19 1701 <-> 107.214.174.97 6448 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:07.264516 0.074475 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:07.339442 0.165304 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:07.505133 0.052605 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 337 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:07.558247 0.158998 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:07.717613 0.129424 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:07.847406 0.217853 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 540 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:08.065616 0.177824 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:08.243803 0.135363 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 315 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:08.379563 0.310032 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:08.693262 0.173263 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:08.866866 0.141905 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:09.009160 0.050774 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 578 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:09.060247 0.187665 udp 10.0.2.19 1701 <-> 108.207.14.96 9658 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:09.248251 0.168012 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:09.416633 0.336865 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 11:23:09.753858 0.160101 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:14:34.812378 3.001383 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 18:14:41.819815 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:14:49.820963 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:15:05.824476 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:15:37.829967 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:21:41.835788 3.001898 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 18:21:48.843539 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:22:00.791176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:22:16.793962 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:22:50.381869 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:24:20.953096 0.000081 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 18:24:20.953267 2.037031 tcp 10.0.2.19 52330 -> 90.156.118.144 5237 FSPA* 0 0 14 1641 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:28:54.388037 3.002021 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 18:29:01.395417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:29:09.396898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:29:25.400302 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:29:57.406618 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:36:01.411574 3.002265 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 18:36:08.419847 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:36:16.872069 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:36:32.874822 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:37:04.880631 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:40:57.505699 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 18:40:57.505879 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 159 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 18:41:16.365010 0.988279 tcp 10.0.2.19 52331 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:41:17.353131 0.195688 tcp 10.0.2.19 52332 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:41:17.549371 0.213637 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:17.763363 0.183090 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:17.946907 0.136388 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:19.238358 0.220901 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:19.459638 0.284624 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:19.744632 0.236128 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:19.981152 0.243726 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:20.225292 0.314546 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:20.540228 0.207685 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:20.748301 0.253242 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:21.001922 0.000000 udp 10.0.2.19 1701 -> 2.85.52.234 2179 INT 0 1 88 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 18:41:36.132096 0.163018 tcp 10.0.2.19 52333 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:41:36.294356 0.192470 tcp 10.0.2.19 52334 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:41:36.487372 0.310154 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:36.797942 0.364928 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:37.163259 0.219583 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:37.383215 0.281022 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 350 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:37.664581 0.240719 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:37.905643 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 162 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 18:41:53.056061 2.487936 tcp 10.0.2.19 52335 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:41:55.544252 0.197315 tcp 10.0.2.19 52336 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:41:55.742115 0.216090 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:55.958628 0.232963 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:56.191965 0.143706 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:56.336018 0.207199 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:56.543564 0.313381 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:56.857335 0.217064 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:57.074742 0.239819 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:57.314973 0.208644 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:57.523963 0.262499 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:57.786842 0.240918 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:58.028106 0.297579 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 270 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:58.326055 0.114720 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:41:58.441132 0.000000 udp 10.0.2.19 1701 -> 108.207.14.96 9658 INT 0 1 160 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 18:42:17.391300 0.162344 tcp 10.0.2.19 52337 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:42:17.553732 0.208168 tcp 10.0.2.19 52338 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:42:17.762471 0.314301 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:42:18.077156 0.351817 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 434 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:42:18.429331 0.226951 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 18:43:10.429485 3.000849 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 18:43:17.436531 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:43:25.438163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:43:41.441191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:44:17.839279 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:50:19.565566 3.002192 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 18:50:26.573155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:50:34.575101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:50:50.578353 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:51:22.584328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:54:26.859596 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 18:54:26.859687 1.809443 tcp 10.0.2.19 52339 -> 90.156.118.144 5237 FSPA* 0 0 14 1614 flow=From-Botnet-V2-TCP-Established 1970/01/10 18:57:26.590342 3.001254 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 18:57:33.597039 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:57:41.599176 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:57:57.601694 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 18:58:36.163754 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:04:49.756795 3.002216 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 19:04:56.764224 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:05:04.765896 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:05:20.768918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:05:52.775380 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:11:56.780854 3.372493 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 19:12:04.159015 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:12:12.160625 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:12:24.648905 0.000080 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 19:12:24.649073 0.000000 udp 10.0.2.19 1701 -> 217.41.32.90 8641 INT 0 1 244 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 19:12:28.163711 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:12:41.425243 0.170337 tcp 10.0.2.19 52340 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:12:41.595763 0.199519 tcp 10.0.2.19 52341 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:12:41.795973 0.000000 udp 10.0.2.19 1701 -> 2.85.52.234 2179 INT 0 1 92 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 19:12:59.669972 0.165007 tcp 10.0.2.19 52342 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:12:59.835214 0.197453 tcp 10.0.2.19 52343 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:13:00.033238 0.000000 udp 10.0.2.19 1701 -> 107.214.174.97 6448 INT 0 1 236 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 19:13:00.169879 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:13:18.607401 0.207757 tcp 10.0.2.19 52344 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:13:18.815398 0.198294 tcp 10.0.2.19 52345 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:13:19.014236 0.000000 udp 10.0.2.19 1701 -> 108.207.14.96 9658 INT 0 1 163 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 19:13:37.224006 0.171783 tcp 10.0.2.19 52346 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:13:37.395334 0.204047 tcp 10.0.2.19 52347 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:13:37.599932 0.195092 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:37.795485 0.115120 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:37.910989 0.281862 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:38.193215 0.131124 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:38.324734 0.306022 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:38.631131 0.223328 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:38.854825 0.308120 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:39.163311 0.341304 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:39.504994 0.256827 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:39.762213 0.211760 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:39.974368 0.223428 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:40.198323 0.214582 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:40.413310 0.364674 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:40.778361 0.239323 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:41.018074 0.251297 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:41.269796 0.236630 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 551 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:41.506827 0.148301 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 416 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:41.655506 0.142915 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 346 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:41.798767 0.216937 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:42.016064 0.230830 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:42.247255 0.207053 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:42.454680 0.311507 rtcp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 295 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:42.766579 0.243274 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:43.010247 0.534252 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:43.544880 0.192240 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:43.737501 0.305080 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:44.042916 0.234668 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:44.277928 0.231028 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:44.509317 0.355766 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:13:44.865520 0.200352 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:19:04.175169 3.001976 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 19:19:11.183211 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:19:19.845627 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:19:35.848418 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:20:07.854440 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:24:31.293355 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 19:24:31.293524 0.722493 tcp 10.0.2.19 52348 -> 90.156.118.144 5237 FSPA* 0 0 14 1735 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:26:11.860224 3.001881 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 19:26:18.867673 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:26:26.869630 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:26:42.872689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:27:14.878584 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:33:18.884549 3.001374 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 19:33:25.891848 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:33:33.893510 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:33:49.896540 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:34:21.902555 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:40:25.908646 3.001315 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 19:40:32.915983 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:40:40.916990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:40:56.920309 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:41:29.026945 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:43:55.717999 0.000092 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 19:43:55.718195 0.243783 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:55.962326 0.137086 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:56.099803 0.246126 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:56.346321 0.122992 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:56.469703 0.954764 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:57.424872 0.219560 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 413 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:57.644808 0.311202 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:57.956376 0.217025 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:58.173766 0.244104 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:58.418276 0.214228 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:58.632884 0.234516 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:58.867777 0.253940 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:59.122227 0.375209 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:59.497794 0.245893 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:43:59.744047 0.257586 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:00.002036 0.236744 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:00.239129 0.216437 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:00.455971 0.377318 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:00.833694 0.212262 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:01.046355 0.169868 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:01.216635 0.148050 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 530 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:01.365082 0.000000 udp 10.0.2.19 1701 -> 66.226.34.247 4310 INT 0 1 195 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 19:44:17.401677 0.236089 tcp 10.0.2.19 52349 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:44:17.637366 0.224158 tcp 10.0.2.19 52350 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:44:17.862095 0.248076 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:18.110591 0.000000 udp 10.0.2.19 1701 -> 174.89.157.21 3725 INT 0 1 251 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 19:44:35.024937 0.170958 tcp 10.0.2.19 52351 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:44:35.195598 0.200848 tcp 10.0.2.19 52352 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:44:35.397019 0.166065 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:35.563497 0.270437 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:35.834357 0.213486 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 244 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:36.048208 0.218194 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:36.266816 0.261701 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:44:36.528889 0.374791 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 19:47:33.032375 3.001981 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 19:47:41.992696 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:47:49.993972 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:48:05.997283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:48:38.003128 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:54:33.024459 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 19:54:33.024563 1.339933 tcp 10.0.2.19 52353 -> 90.156.118.144 5237 FSPA* 0 0 14 1586 flow=From-Botnet-V2-TCP-Established 1970/01/10 19:54:42.008703 3.002480 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 19:54:49.016665 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:54:57.017917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:55:13.021243 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 19:55:45.026986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:01:49.033150 3.001579 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:01:56.040988 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:02:04.042281 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:02:20.045003 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:02:52.051596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:08:56.057646 3.001568 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:09:03.064508 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:09:11.065979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:09:27.069538 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:09:59.075564 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:14:59.307154 0.000072 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 20:14:59.307338 0.308949 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 368 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:14:59.616712 0.370088 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:14:59.987162 0.162461 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:00.150027 0.132413 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:00.282836 0.227581 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:00.510805 0.109445 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:00.620641 0.221438 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:00.842430 0.294832 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:01.137606 0.206316 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:01.344313 0.308418 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:01.653088 0.279446 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 293 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:01.932889 0.224467 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:02.157737 0.242767 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 486 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:02.400874 0.377862 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 526 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:02.779133 0.257172 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:03.036705 0.233071 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:03.270174 0.272035 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 556 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:03.542586 0.211334 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:03.754443 0.232252 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 517 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:03.987071 0.733961 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 373 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:04.721434 0.526319 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 351 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:05.248172 0.151703 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:05.400272 0.148443 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:05.549095 0.259071 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 404 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:05.808532 0.262272 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:06.071221 0.115938 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 424 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:06.187542 0.242951 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 303 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:06.430871 0.211251 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:06.642507 0.201975 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:15:06.844833 0.341526 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:16:05.194226 0.999004 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/10 20:16:11.941614 4.006007 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/10 20:16:23.948823 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:16:39.951590 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:17:12.017695 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:23:16.023165 3.002007 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:23:23.031328 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:23:31.032910 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:23:47.035570 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:24:19.041458 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:24:38.319493 0.000111 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 20:24:38.319686 0.768865 tcp 10.0.2.19 52354 -> 90.156.118.144 5237 FSPA* 0 0 14 1686 flow=From-Botnet-V2-TCP-Established 1970/01/10 20:30:23.047548 3.001942 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:30:30.055150 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:30:38.056399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:30:55.001194 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:31:28.188770 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:37:32.194546 3.002196 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:37:39.201980 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:37:47.203813 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:38:03.206824 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:38:36.224001 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:44:40.230155 3.001286 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:44:47.237349 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:44:55.239392 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:45:11.242762 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:45:22.598613 0.000076 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 20:45:22.598772 0.313335 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 481 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:22.912502 0.133909 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:23.046797 0.283397 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 229 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:23.330546 0.112653 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:23.443579 0.297854 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 548 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:23.741811 0.218859 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 399 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:23.961060 0.216484 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:24.177921 0.284665 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:24.462966 0.234941 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 525 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:24.698279 0.314903 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:25.013580 0.239375 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:25.253300 0.365967 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:25.619661 0.217698 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 292 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:25.837768 0.249500 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:26.087672 0.254035 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 564 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:26.342125 0.236837 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:26.579328 0.264581 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:26.844274 0.210786 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:27.055421 0.237148 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:27.292972 0.390772 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:27.684117 0.156337 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:27.840821 0.246405 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:28.087580 0.311525 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 394 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:28.399515 0.144093 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:28.543991 0.265869 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:28.810383 0.116968 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:28.927711 0.232505 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 401 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:29.160592 0.217798 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:29.378752 0.202793 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 278 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:29.581890 0.395757 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 20:45:43.247931 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:51:47.254758 3.001072 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:51:54.261442 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:52:02.262971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:52:18.266035 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:52:50.272018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:54:40.641384 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 20:54:40.641482 1.186632 tcp 10.0.2.19 52355 -> 90.156.118.144 5237 FSPA* 0 0 14 1637 flow=From-Botnet-V2-TCP-Established 1970/01/10 20:58:54.277884 3.001837 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 20:59:01.285400 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:59:09.286793 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:59:25.290205 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 20:59:57.295875 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:06:01.301377 3.002317 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:06:08.309121 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:06:16.310602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:06:32.313569 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:07:04.319660 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:13:08.325867 3.002091 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:13:15.333741 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:13:23.334715 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:13:39.338209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:14:11.343740 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:15:42.245138 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 21:15:42.245314 0.222500 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:42.468210 0.110182 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:42.578779 0.302444 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 476 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:42.881628 0.382349 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:43.264332 0.132150 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 383 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:43.396834 0.173365 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 247 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:43.570623 0.221429 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 475 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:43.792427 0.276327 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:44.069116 0.216609 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 403 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:44.286136 0.364076 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:44.650593 0.219998 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:44.870946 0.313188 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 550 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:45.184502 0.239611 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 357 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:45.424517 0.225459 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:45.650370 0.251442 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:45.902300 0.256889 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:46.159593 0.254116 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:46.414343 0.220399 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:15:46.635195 0.000000 udp 10.0.2.19 1701 -> 88.225.233.16 7710 INT 0 1 254 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 21:16:05.320228 0.167017 tcp 10.0.2.19 52356 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 21:16:05.486956 0.195036 tcp 10.0.2.19 52357 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 21:16:05.682570 0.228917 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:05.911935 0.240885 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:06.153210 0.236373 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:06.390021 0.271177 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:06.661578 0.142341 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:06.804336 0.262019 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 432 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:07.066724 0.210766 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:07.277912 0.202542 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:07.480897 0.115543 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:07.596847 0.229743 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 354 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:16:07.826985 0.342063 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:20:15.349598 3.001634 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:20:22.357020 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:20:30.359282 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:20:46.361899 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:21:18.367529 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:24:41.830748 0.000090 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 21:24:41.830925 0.994585 tcp 10.0.2.19 52358 -> 90.156.118.144 5237 FSPA* 0 0 14 1551 flow=From-Botnet-V2-TCP-Established 1970/01/10 21:27:22.373850 3.001812 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:27:29.381423 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:27:37.383086 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:27:53.385547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:28:25.561752 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:34:29.567749 3.001759 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:34:36.575759 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:34:44.576971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:35:00.580051 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:35:32.585746 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:41:36.591562 3.001843 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:41:43.599845 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:41:51.600868 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:42:07.603871 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:42:39.610283 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:46:09.983054 0.000055 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 21:46:09.983162 0.148794 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:10.132350 0.292932 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:10.425661 0.227786 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 442 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:10.653815 0.303294 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 502 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:10.957550 0.167839 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:11.125753 0.220689 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:11.346832 0.311128 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 488 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:11.658401 0.209662 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:11.868466 0.271930 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:12.140815 0.221372 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:12.362574 0.397328 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 339 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:12.760270 0.207367 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:12.968003 0.313906 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:13.282482 0.238194 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 309 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:13.521033 0.236055 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:13.757445 0.256696 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:14.014518 0.225850 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:14.240768 0.251058 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:14.492247 0.256644 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:14.749311 0.255030 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 585 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:15.004800 0.234123 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:15.239279 0.144219 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:15.383895 0.216044 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:15.600309 0.230534 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 429 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:15.831219 0.284963 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:16.116541 0.208021 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:16.324931 0.236694 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 559 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:16.562001 0.107072 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 204 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:16.669474 0.239554 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:46:16.909412 0.343060 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 21:48:43.645645 3.002211 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:48:50.653578 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:48:58.655198 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:49:14.657797 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:49:46.664080 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:54:42.930089 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 21:54:42.930187 0.744160 tcp 10.0.2.19 52359 -> 90.156.118.144 5237 FSPA* 0 0 14 1753 flow=From-Botnet-V2-TCP-Established 1970/01/10 21:55:50.669703 3.001651 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 21:55:57.677725 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:56:05.678685 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:56:21.681707 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 21:56:53.688119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:02:57.694149 3.001805 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:03:04.701471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:03:12.702781 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:03:28.705664 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:04:00.712209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:10:04.847695 3.001978 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:10:11.855713 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:10:19.857287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:10:35.860019 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:11:07.865867 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:16:41.576251 0.000096 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 22:16:41.576437 0.236331 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:41.813151 0.165719 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:41.979254 0.332545 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:42.312234 0.119125 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 449 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:42.431790 0.164360 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 480 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:42.596553 0.219386 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:42.816346 0.308108 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 485 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:43.124879 0.167742 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:43.293074 0.369987 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:43.663456 0.292551 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 284 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:43.956423 0.224915 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:44.181714 0.239969 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:44.422244 0.220952 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 515 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:44.643607 0.214130 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 451 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:44.858129 0.316194 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:45.174679 0.255696 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 426 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:45.430826 0.225110 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:45.656316 0.297070 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:45.953779 0.337776 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 316 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:46.291973 0.178233 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 554 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:46.470561 0.219698 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:46.690619 0.241990 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 535 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:46.932994 0.271104 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:47.204506 0.204734 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 393 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:47.409629 0.261650 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:47.671708 0.226079 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:47.898162 0.207793 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:48.106458 0.117035 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:48.223842 0.258168 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:16:48.482383 0.365045 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 232 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:17:14.836566 3.002133 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:17:21.843471 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:17:29.845404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:17:45.848314 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:18:17.854359 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:24:21.860338 3.002102 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:24:28.867608 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:24:36.869348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:24:45.171873 0.000045 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 22:24:45.171974 0.690002 tcp 10.0.2.19 52360 -> 90.156.118.144 5237 FSPA* 0 0 14 1622 flow=From-Botnet-V2-TCP-Established 1970/01/10 22:24:52.872462 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:25:24.877953 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:31:28.884500 3.001549 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:31:35.891591 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:31:43.893544 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:31:59.896614 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:32:31.902416 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:38:35.907962 3.002093 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:38:42.915791 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:38:50.917536 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:39:06.920174 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:39:38.926230 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:45:42.932002 3.002027 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:45:49.939965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:45:57.941215 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:46:13.943930 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:46:45.950031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:47:17.586119 1.596598 arp 10.0.2.19 who 10.0.2.2 CON 4 168 flow=Background-ARP 1970/01/10 22:47:19.182796 0.244279 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:19.427446 0.112292 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 412 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:19.540124 0.162187 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 340 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:19.702722 0.222659 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:19.925728 0.181315 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:20.107497 0.296655 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:20.404524 0.304414 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:20.709369 0.131130 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 506 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:20.840925 0.376808 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 519 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:21.218188 0.242846 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:21.252474 0.000000 tcp 10.0.2.19 52361 -> 175.195.224.10 6248 S_ 0 1 66 flow=From-Botnet-V2-TCP-Attempt 1970/01/10 22:47:21.461481 0.238279 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:21.700161 0.276298 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:21.976856 0.217796 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:22.195012 0.207013 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 473 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:22.402555 0.313184 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:22.716114 0.276763 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 319 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:22.993238 0.761330 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 384 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:23.755028 0.191869 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:23.947267 0.219053 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 299 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:27.213034 3.040810 tcp 10.0.2.19 52361 -> 175.195.224.10 6248 S_ 0 2 128 flow=From-Botnet-V2-TCP-Attempt 1970/01/10 22:47:27.218859 0.235025 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 471 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:27.454453 0.257260 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:27.712061 0.233622 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:27.946238 0.242426 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 234 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:28.189045 0.208656 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 528 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:28.398067 0.265251 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:28.663693 0.122825 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 379 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:28.786964 0.289643 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:29.077001 0.265557 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:29.342897 0.200346 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 233 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:47:29.543645 0.335935 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 497 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 22:52:57.176329 3.002008 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 22:53:04.183845 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:53:12.185365 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:53:28.188862 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:54:01.165651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 22:54:48.554266 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 22:54:48.554443 1.916841 tcp 10.0.2.19 52362 -> 90.156.118.144 5237 FSPA* 0 0 14 1696 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:00:05.171448 3.002297 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 23:00:12.179032 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:00:20.180512 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:00:36.183526 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:01:08.189814 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:07:12.195817 3.001839 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 23:07:19.203188 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:07:27.204695 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:07:43.207930 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:08:15.213969 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:14:21.222480 3.001881 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 23:14:32.754398 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:14:40.648209 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:14:54.367819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:15:26.373737 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:17:53.245417 0.000089 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:17:53.245588 0.222967 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:17:53.468898 0.202494 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 545 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:17:53.671758 0.198246 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 288 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:17:53.870399 0.552585 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 484 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:17:54.423366 0.207640 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 294 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:17:54.631481 0.000000 udp 10.0.2.19 1701 -> 173.174.73.98 3192 INT 0 1 239 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 23:17:54.631911 2.999537 tcp 10.0.2.19 52363 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/10 23:18:03.629981 0.000000 tcp 10.0.2.19 52363 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/10 23:18:13.737150 0.515264 tcp 10.0.2.19 52364 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:18:14.252091 0.234517 tcp 10.0.2.19 52365 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:18:14.487134 0.336352 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 501 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:14.823871 0.133153 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:14.957398 0.368796 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:15.326568 0.238290 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:15.565272 0.213788 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:15.779458 0.213920 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:15.993750 0.243322 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 249 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:16.237502 0.280884 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:16.518771 0.393484 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:16.912625 0.270582 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 437 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:17.183611 0.227232 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:17.411256 0.145312 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:17.556979 0.248686 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 307 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:17.806207 0.237094 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:18.043718 0.212636 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:18.256759 0.239176 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 345 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:18.496304 0.249248 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:18.745988 0.207943 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 279 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:18.954291 0.556502 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 289 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:19.511162 0.115029 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:19.626556 0.254262 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:19.881195 0.359174 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 216 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:20.240731 0.222875 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:18:20.464044 0.213528 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 439 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:21:31.921833 3.002090 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 23:21:38.929433 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:21:46.931398 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:22:02.933812 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:22:35.861206 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:24:54.591076 0.000074 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:24:54.591235 0.647409 tcp 10.0.2.19 52366 -> 90.156.118.144 5237 FSPA* 0 0 14 1707 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:28:39.867224 3.002009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 23:28:47.505679 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:28:55.506877 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:29:11.510389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:29:43.516133 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:35:47.521686 3.042086 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 23:35:54.569898 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:36:02.570859 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:36:18.574191 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:36:54.295547 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:42:58.301421 3.001494 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/10 23:43:05.309093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:43:13.310901 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:43:29.313426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:44:01.319362 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:48:50.865859 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:48:50.865955 3.209206 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 453 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:48:54.075607 0.294177 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:48:54.076030 3.338786 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 SPA_* 0 0 10 2749 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:48:54.370307 0.154997 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:48:54.525680 0.114090 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 455 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:48:54.640185 0.000000 udp 10.0.2.19 1701 -> 174.89.157.21 3725 INT 0 1 128 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 23:49:02.781904 0.000000 udp 10.0.2.19 1701 <- 174.89.157.21 3725 RSP 0 0 1 155 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 23:49:02.782490 0.164619 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 420 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:02.947480 0.311397 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:03.259261 0.240920 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:03.500534 0.131784 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 217 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:03.632701 0.377030 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:04.010105 0.211790 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:04.222411 0.219823 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 259 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:04.442599 0.214191 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:04.657188 0.282931 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 405 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:04.940502 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 165 flow=From-Botnet-V2-UDP-Attempt 1970/01/10 23:49:08.544384 0.397739 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 4 2896 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:49:14.324490 3.620220 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 11 8154 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:49:20.381061 0.162248 tcp 10.0.2.19 52368 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:49:20.543580 0.191298 tcp 10.0.2.19 52369 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:49:20.735428 0.291728 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 356 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:21.027529 0.277573 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 467 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:21.305456 0.234147 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 207 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:21.540004 0.308866 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:21.849267 0.142928 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:21.992660 0.257607 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 385 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:22.250651 0.216843 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 458 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:22.467956 0.233934 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 376 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:22.702359 0.546310 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:23.249029 0.274436 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 305 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:23.523847 0.116654 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:23.640904 0.235779 udp 10.0.2.19 1701 <-> 75.57.132.229 5683 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:25.954676 0.193750 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:26.148812 0.373133 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 392 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:26.522320 0.206598 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 326 flow=From-Botnet-V2-UDP-Establishedd 1970/01/10 23:49:26.716744 0.401043 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 4 2264 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:49:40.812333 3.430262 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 9 6546 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:49:52.936622 3.623637 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 9 6714 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:49:57.781605 0.000048 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:49:59.497242 2.861687 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 9 7186 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:50:05.080458 3.149849 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 10 8176 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:50:05.325161 3.413009 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 23:50:12.743399 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:50:14.460916 0.395708 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 4 2264 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:50:20.745002 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:50:30.417337 3.416370 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 9 6630 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:50:35.997078 0.000069 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:50:36.392268 3.490296 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 8 6500 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:50:37.268764 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:50:42.895447 3.516084 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 9 6706 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:50:49.537209 0.229531 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 8 7916 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:50:56.424160 3.657620 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 9 7262 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:02.940908 0.395427 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 4 2896 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:09.274854 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:51:10.195307 3.395810 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:16.620743 3.079119 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 8 7132 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:21.871640 3.288653 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 8 6880 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:24.266364 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:51:31.966770 2.468002 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 12 10180 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:37.186465 0.208834 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 2 816 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:44.460091 3.550120 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:54.975426 3.630012 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:51:59.767107 0.000047 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:52:00.870527 0.198848 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 2 1448 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:52:08.593675 3.651760 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:52:14.980941 3.492957 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:52:48.267112 0.000087 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 FA_A 0 0 2 108 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:52:53.703777 0.000186 tcp 10.0.2.19 52367 -> 173.174.73.98 3558 RA_PA 0 0 2 632 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:54:58.394307 0.000083 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/10 23:54:58.394475 0.839378 tcp 10.0.2.19 52370 -> 90.156.118.144 5237 FSPA* 0 0 14 1567 flow=From-Botnet-V2-TCP-Established 1970/01/10 23:57:13.551328 3.001597 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/10 23:57:20.558918 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:57:28.559881 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:57:44.563334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/10 23:58:16.569203 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:04:20.575116 3.001756 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 00:04:27.582552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:04:35.583781 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:04:51.587444 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:05:23.593408 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:11:27.599316 3.001483 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 00:11:34.606795 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:11:42.608259 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:11:58.611093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:12:30.617133 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:18:34.622816 3.002295 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 00:18:41.630268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:18:49.631858 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:19:05.634809 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:19:37.641134 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:19:37.981601 0.000073 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:19:37.981760 0.588241 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:19:38.570393 0.341420 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 272 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:19:38.912179 0.115004 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:19:39.027591 2.852299 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 260 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:19:41.880353 0.235479 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:19:41.880772 3.742174 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 SPA_* 0 0 10 2811 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:19:42.116207 0.000000 udp 10.0.2.19 1701 -> 174.89.157.21 3725 INT 0 1 264 flow=From-Botnet-V2-UDP-Attempt 1970/01/11 00:19:54.479115 0.407163 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 4 2264 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:00.346245 0.176766 tcp 10.0.2.19 52372 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:00.522859 0.226402 tcp 10.0.2.19 52373 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:00.749815 0.305325 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:01.055533 0.161884 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 457 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:01.217810 0.184599 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 327 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:01.402789 0.234790 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:01.637972 0.239303 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:01.877669 0.264088 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:02.142146 0.369366 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:02.511936 0.251652 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 363 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:02.764021 0.275181 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:03.039578 0.272347 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:03.312360 0.245219 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 447 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:03.557963 0.230853 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 287 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:03.789507 0.226813 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:04.016723 0.210264 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 262 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:04.227381 0.239550 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 504 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:04.467309 0.144966 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:04.612637 0.239779 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:04.852811 0.540228 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 464 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:05.393406 0.268173 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:05.661950 0.117997 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:05.780348 0.365540 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 440 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:06.146302 0.255472 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:06.402283 0.000000 udp 10.0.2.19 1701 -> 75.57.132.229 5683 INT 0 1 243 flow=From-Botnet-V2-UDP-Attempt 1970/01/11 00:20:07.276009 0.408331 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 7 5098 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:14.269753 0.404380 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 4 1640 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:24.429818 0.167680 tcp 10.0.2.19 52374 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:24.597384 0.194614 tcp 10.0.2.19 52375 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:24.792565 0.211747 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 418 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:20:28.270406 2.773259 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 10 7940 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:34.169571 3.437450 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:43.124020 0.201260 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 976 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:48.887154 3.381273 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 13 10234 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:54.965511 0.206953 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 1448 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:20:59.768865 0.000093 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:21:01.290350 0.201501 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 1436 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:21:09.300584 3.617194 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 6718 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:21:30.374182 3.563748 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 8 5804 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:21:35.270183 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:21:40.929439 3.694172 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 7186 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:21:47.264695 3.377720 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 7186 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:21:53.630931 0.196180 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 8 6236 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:00.655740 3.566157 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:07.053615 0.192675 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 5 4290 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:12.592695 0.201488 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 260 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:19.531953 2.795825 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 10 8024 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:25.254319 2.932151 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 10 7316 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:30.269114 0.000071 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:22:34.993233 0.193437 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 1448 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:51.081004 2.972749 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 8 5804 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:22:56.803308 3.369452 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 7186 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:03.204449 3.006994 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 15 12050 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:04.769164 0.000098 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:23:09.257496 0.208945 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 7970 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:15.865764 0.209567 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 816 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:21.825152 3.102950 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 14 10996 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:27.864482 3.362771 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 10 8580 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:37.535444 3.475621 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 11 8230 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:43.503589 3.455969 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 10 7316 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:50.025211 3.693876 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 17 12574 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:23:58.295804 0.000086 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:23:59.003071 3.388741 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 13 11650 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:05.412247 3.669280 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 14 10996 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:14.470541 0.398798 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 7 5814 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:22.341870 3.573470 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 6 4420 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:28.711798 3.482830 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 7110 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:46.637559 2.575035 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 5 4290 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:51.802595 0.000046 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:24:52.058575 3.429842 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 7186 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:58.562182 3.325147 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 15 12846 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:24:59.263778 0.708653 tcp 10.0.2.19 52376 -> 90.156.118.144 5237 FSPA* 0 0 14 1706 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:04.853835 3.505724 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 22 17572 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:10.750442 0.560035 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 10 8024 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:16.980842 3.503409 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 13 11650 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:26.344900 2.771330 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 14 12336 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:32.235499 0.195811 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 1448 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:41.676728 3.002184 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/11 00:25:43.086822 3.424873 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 10 8100 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:48.684576 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:25:49.601391 3.138050 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 14 10996 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:25:51.298262 0.000062 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:25:56.686417 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:26:00.188162 1.335057 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 12 11508 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:08.440805 3.286712 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 7 5814 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:16.193924 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:26:18.341494 0.195958 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 2 1448 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:25.146522 3.575230 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:29.933751 0.000041 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:26:31.051790 3.288382 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 9 7186 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:37.311614 3.418200 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 16 12748 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:43.137058 2.846952 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 20 17464 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:48.200348 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:26:48.353898 3.382366 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 19 15362 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:26:57.702471 0.201844 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 8 6576 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:27:03.238711 3.077405 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 14 12336 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:27:12.468810 3.531299 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 6 4344 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:27:18.306623 3.511840 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 7 5738 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:27:24.597772 0.405016 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 A_PA 0 0 4 2896 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:27:31.556158 4.228783 tcp 10.0.2.19 52371 -> 173.174.73.98 3558 FPA_* 0 0 10 1925 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:32:54.209118 3.001706 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/11 00:33:01.216113 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:33:09.217666 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:33:25.220766 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:33:57.227154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:40:01.233639 3.001403 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 00:40:08.240062 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:40:16.242132 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:40:32.245210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:41:04.250610 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:47:08.256983 3.001842 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 00:47:15.264390 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:47:23.266192 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:47:39.268651 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:48:11.275114 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:50:47.940152 0.000057 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:50:47.940251 0.299704 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:50:48.240366 0.000000 udp 10.0.2.19 1701 -> 75.57.132.229 5683 INT 0 1 138 flow=From-Botnet-V2-UDP-Attempt 1970/01/11 00:51:03.284435 0.164888 tcp 10.0.2.19 52377 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:51:03.449520 0.191887 tcp 10.0.2.19 52378 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:51:03.641984 0.330835 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:03.973218 0.147090 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 441 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:04.120712 0.164320 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 493 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:04.285410 2.916647 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 580 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:07.202512 0.232929 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:07.435798 0.134672 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 507 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:07.570869 0.197957 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 310 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:07.769322 0.315370 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 470 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:07.769701 3.003397 tcp 10.0.2.19 52379 -> 93.109.245.154 6596 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/11 00:51:08.275609 0.239067 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:08.515049 0.263998 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:08.779439 0.216392 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:08.996192 0.368034 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:09.364612 0.260402 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 331 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:09.625449 0.253217 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 355 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:09.879068 0.273613 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 330 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:10.153068 0.216471 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 343 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:10.369962 0.243646 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 338 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:10.614043 0.144101 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 332 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:10.758505 0.243643 udp 10.0.2.19 1701 <-> 108.80.13.137 4968 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:11.002558 0.230168 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 417 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:11.233125 0.233656 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:11.467139 0.353101 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 494 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:11.820627 0.215115 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 304 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:12.036141 0.257215 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:12.293723 0.113752 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:12.420329 0.377299 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 328 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:12.798063 0.222195 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 425 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:13.020645 0.200417 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 00:51:16.771384 0.000000 tcp 10.0.2.19 52379 -> 93.109.245.154 6596 S_ 0 1 62 flow=From-Botnet-V2-TCP-Attempt 1970/01/11 00:54:15.280394 3.002093 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 00:54:22.288342 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:54:30.289811 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:54:46.292777 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 00:55:01.605088 0.000058 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 00:55:01.605187 0.633028 tcp 10.0.2.19 52380 -> 90.156.118.144 5237 FSPA* 0 0 14 1579 flow=From-Botnet-V2-TCP-Established 1970/01/11 00:55:18.298730 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 01:01:22.304506 3.002129 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 01:01:29.312602 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 01:01:37.313628 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 01:01:53.316743 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 01:02:25.322907 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:02:56.532046 3.002214 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 10:03:03.540043 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:03:11.541731 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:03:27.544155 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:03:59.550805 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:10:03.556363 3.001710 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 10:10:10.564163 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:10:18.565334 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:10:34.568380 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:11:06.574367 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:16:03.631907 0.000079 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 10:16:03.632083 0.198519 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 291 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:03.831028 0.115043 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:03.946605 0.000000 udp 10.0.2.19 1701 -> 142.161.36.205 7485 INT 0 1 247 flow=From-Botnet-V2-UDP-Attempt 1970/01/11 10:16:03.946999 4.913465 tcp 10.0.2.19 52381 -> 78.6.164.6 7316 SPA_* 0 0 377 274447 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:16:09.126782 2.705505 tcp 10.0.2.19 52381 -> 78.6.164.6 7316 FPA_* 0 0 208 148953 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:16:21.008967 0.165627 tcp 10.0.2.19 52382 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:16:21.174906 0.194588 tcp 10.0.2.19 52383 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:16:21.370140 0.157831 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:21.528373 0.130173 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:21.658994 0.217734 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:21.877145 0.228593 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 409 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:22.106141 0.164913 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 539 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:22.271445 0.216071 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:22.487881 0.240956 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 402 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:22.729263 0.374748 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 390 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:23.104375 0.250358 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 280 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:23.355133 0.208706 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 313 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:23.564254 0.222310 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:23.786946 0.263183 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:24.050916 0.261849 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 360 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:24.313150 0.216411 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 226 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:24.529947 0.237160 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:24.767465 0.295922 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 427 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:25.063787 0.216546 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:25.280706 0.143450 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 391 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:25.424527 0.000000 udp 10.0.2.19 1701 -> 108.80.13.137 4968 INT 0 1 278 flow=From-Botnet-V2-UDP-Attempt 1970/01/11 10:16:40.495547 0.165903 tcp 10.0.2.19 52384 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:16:40.661747 0.192227 tcp 10.0.2.19 52385 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:16:40.854976 0.277912 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 242 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:41.133251 0.528450 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 531 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:41.662290 0.249110 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:41.911755 0.217970 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 445 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:42.130278 0.206494 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 438 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:42.337114 0.353336 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 329 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:16:42.690854 0.212438 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 482 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:17:10.580124 3.001767 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/11 10:17:17.587486 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:17:25.589093 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:17:41.592430 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:18:13.598221 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:19:29.448101 0.000049 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 10:19:29.448204 2.993360 tcp 10.0.2.19 52386 -> 90.156.118.144 5237 S_ 0 2 132 flow=From-Botnet-V2-TCP-Attempt 1970/01/11 10:19:38.154643 0.001931 tcp 10.0.2.19 52386 -> 90.156.118.144 5237 PA_SA 0 0 8 1115 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:19:49.033766 0.001776 tcp 10.0.2.19 52386 -> 90.156.118.144 5237 FA_F* 0 0 5 507 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:24:17.604311 3.001902 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 10:24:24.612018 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:24:32.613186 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:24:48.616524 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:25:20.622007 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:31:24.628232 3.001877 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 10:31:31.635489 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:31:39.637584 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:31:55.640561 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:32:27.646287 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:38:31.652572 3.002168 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 10:38:38.659813 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:38:46.661661 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:39:02.663971 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:39:34.670119 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:45:38.676223 3.002232 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 10:45:45.684031 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:45:53.685233 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:46:09.688268 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:46:41.694126 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:46:54.623307 0.000099 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 10:46:54.623499 0.228515 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 521 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:46:54.852461 0.000000 udp 10.0.2.19 1701 -> 108.80.13.137 4968 INT 0 1 231 flow=From-Botnet-V2-UDP-Attempt 1970/01/11 10:47:10.488182 0.160407 tcp 10.0.2.19 52387 -> 173.194.70.99 80 FSPA* 0 0 10 1838 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:47:10.648489 0.199651 tcp 10.0.2.19 52388 -> 173.194.70.94 80 SRPA* 0 0 7 2004 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:47:10.848719 0.223505 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 491 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:11.072605 0.139819 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 400 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:12.236575 0.162415 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:12.399337 0.134607 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 374 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:12.534314 0.215922 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 395 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:12.750626 0.218845 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 250 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:12.969820 0.229484 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 347 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:13.199682 0.249272 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:13.449371 0.201268 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 454 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:13.651020 0.208536 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 463 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:13.859946 0.212714 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 460 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:14.073004 0.257031 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:14.330445 0.373785 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 365 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:14.704650 0.243868 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 433 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:14.948882 0.263605 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 444 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:15.212846 0.262184 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 298 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:15.475402 0.216290 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 369 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:15.692053 0.271272 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 281 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:15.963761 0.221478 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 396 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:16.643498 0.147967 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:16.791885 0.207169 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 277 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:16.999439 0.268368 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:17.268167 0.110940 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 414 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:17.379462 0.204167 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:17.583993 0.344052 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 274 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:17.928390 0.244582 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 308 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:47:18.173307 0.211970 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 388 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 10:49:49.955638 0.000103 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 10:49:49.955834 3.359405 tcp 10.0.2.19 52389 -> 90.156.118.144 5237 FSPA* 0 0 14 1575 flow=From-Botnet-V2-TCP-Established 1970/01/11 10:52:47.522482 3.002165 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/11 10:52:54.530004 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:53:02.531979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:53:18.534797 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:53:50.540885 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 10:59:54.546494 3.002266 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:00:01.554202 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:00:09.555513 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:00:25.559893 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:00:57.566133 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:07:01.571733 3.000763 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:07:08.578511 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:07:16.579426 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:07:32.582596 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:08:04.588917 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:14:08.594340 3.002037 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:14:15.602041 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:14:23.603883 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:14:39.606950 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:15:11.612853 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:17:43.741431 0.000085 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 11:17:43.741608 0.214305 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 468 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:43.956265 0.202172 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:44.158819 0.133107 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 276 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:44.292325 0.114946 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 359 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:44.407632 0.156624 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 375 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:44.564636 0.217809 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 257 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:44.782859 0.222458 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 377 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:45.005718 0.230392 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:45.236515 0.238955 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 381 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:45.475874 0.162917 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 505 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:45.639143 0.253578 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 352 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:45.893110 0.364169 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 382 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:46.257643 0.206752 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 472 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:46.464790 0.228790 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 306 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:46.693940 0.231150 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 397 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:46.925504 0.260735 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 361 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:47.186658 0.254210 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 508 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:47.441271 0.213400 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 321 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:47.655041 0.221497 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 318 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:47.876921 0.209334 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 230 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:48.086616 0.142172 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 358 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:48.229138 0.209850 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:48.439334 0.270657 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 423 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:48.710363 0.117003 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 380 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:48.827733 0.201400 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 378 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:49.029494 0.210457 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 452 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:49.240326 0.379186 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 431 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:17:49.619894 0.238634 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 410 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:19:53.318093 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 11:19:53.318250 0.723413 tcp 10.0.2.19 52390 -> 90.156.118.144 5237 FSPA* 0 0 14 1676 flow=From-Botnet-V2-TCP-Established 1970/01/11 11:21:15.618279 3.002112 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 INT 0 3 438 flow=Background 1970/01/11 11:21:22.625832 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:21:31.038626 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:21:47.041357 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:22:19.047552 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:28:23.052812 3.002351 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:28:30.060794 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:28:38.062330 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:28:54.065514 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:29:26.071101 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:35:30.076626 3.002219 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:35:37.084942 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:35:45.086094 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:36:01.088874 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:36:33.094958 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:42:37.101340 3.001600 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:42:44.108979 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:42:52.110298 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:43:08.112960 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:43:40.119200 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:48:08.826092 0.000065 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 11:48:08.826286 0.130222 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 466 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:08.956904 0.130724 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 510 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:09.087988 0.153203 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 314 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:09.241625 0.218988 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 335 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:09.461010 0.199231 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 555 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:09.660705 0.268144 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 372 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:09.929221 0.247850 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 362 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:10.177478 0.338826 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 489 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:10.516717 0.288001 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 568 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:10.805108 0.233159 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 366 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:11.038636 0.211731 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 459 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:11.250684 0.391717 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 251 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:11.642755 0.264371 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 333 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:11.907527 0.410063 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 364 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:12.318020 0.235745 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:12.554147 0.284445 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 349 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:12.838971 0.324697 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 446 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:13.164040 0.247254 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 348 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:13.411694 0.147700 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 342 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:13.559792 0.206670 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 478 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:13.766857 0.262889 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 428 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:14.030116 0.683558 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 495 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:14.714017 0.260720 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 411 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:14.975151 0.367960 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 496 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:15.343519 0.465822 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 514 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:15.809739 0.656869 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 499 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:16.466985 0.994669 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 223 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:48:17.462047 0.814621 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 456 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 11:49:44.124809 3.001988 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:49:51.132404 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:49:54.247403 0.000078 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 11:49:54.247566 0.912430 tcp 10.0.2.19 52391 -> 90.156.118.144 5237 FSPA* 0 0 14 1533 flow=From-Botnet-V2-TCP-Established 1970/01/11 11:49:59.134319 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:50:15.136798 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:50:47.142990 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:56:51.149044 3.001745 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 11:56:58.156722 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:57:06.158183 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:57:28.855411 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 11:58:00.441443 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:04:00.297388 3.511513 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 12:04:07.814689 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:04:15.815986 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:04:31.819226 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:05:07.710154 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:11:11.716501 3.001549 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 12:11:18.723928 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:11:26.725222 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:11:42.728151 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:12:14.734649 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:18:18.740227 3.002220 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 12:18:25.747965 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:18:33.749046 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:18:47.309065 0.000070 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 12:18:47.309245 0.172460 udp 10.0.2.19 1701 <-> 88.225.233.16 7710 CON 0 0 2 543 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:47.482294 0.218783 udp 10.0.2.19 1701 <-> 142.161.36.205 7485 CON 0 0 2 301 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:47.701455 0.191986 udp 10.0.2.19 1701 <-> 174.89.157.21 3725 CON 0 0 2 231 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:47.893833 0.131165 udp 10.0.2.19 1701 <-> 147.163.75.36 3026 CON 0 0 2 450 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:48.025376 0.111511 udp 10.0.2.19 1701 <-> 78.6.164.6 2928 CON 0 0 2 398 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:48.137261 0.209447 udp 10.0.2.19 1701 <-> 66.226.34.247 4310 CON 0 0 2 500 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:48.347094 0.230780 udp 10.0.2.19 1701 <-> 71.2.203.86 2913 CON 0 0 2 297 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:48.578263 0.216775 udp 10.0.2.19 1701 <-> 173.174.73.98 3192 CON 0 0 2 408 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:48.795473 0.251118 udp 10.0.2.19 1701 <-> 75.1.149.150 9432 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:51.178467 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:18:51.183749 0.217571 udp 10.0.2.19 1701 <-> 70.91.116.41 3631 CON 0 0 2 336 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:51.401685 0.157459 udp 10.0.2.19 1701 <-> 93.109.245.154 9067 CON 0 0 2 312 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:51.559527 0.207972 udp 10.0.2.19 1701 <-> 71.205.65.116 6061 CON 0 0 2 483 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:51.767858 0.253705 udp 10.0.2.19 1701 <-> 70.96.145.133 4307 CON 0 0 2 565 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:52.021932 0.368507 udp 10.0.2.19 1701 <-> 175.195.224.10 7151 CON 0 0 2 386 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:52.390848 0.239151 udp 10.0.2.19 1701 <-> 99.42.113.147 7090 CON 0 0 2 282 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:52.630506 0.261460 udp 10.0.2.19 1701 <-> 189.165.60.251 3630 CON 0 0 2 448 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:52.892320 0.143599 udp 10.0.2.19 1701 <-> 217.220.223.98 6063 CON 0 0 2 387 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:53.036286 0.206187 udp 10.0.2.19 1701 <-> 50.42.61.212 6860 CON 0 0 2 474 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:53.242857 0.258024 udp 10.0.2.19 1701 <-> 108.86.251.63 2573 CON 0 0 2 389 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:53.501297 0.215678 udp 10.0.2.19 1701 <-> 99.95.196.161 2218 CON 0 0 2 267 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:53.717327 0.278818 udp 10.0.2.19 1701 <-> 69.228.38.216 4555 CON 0 0 2 275 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:53.996540 1.737188 udp 10.0.2.19 1701 <-> 69.154.77.2 5820 CON 0 0 2 370 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:55.734159 0.216421 udp 10.0.2.19 1701 <-> 72.46.250.35 9966 CON 0 0 2 407 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:55.950939 0.114352 udp 10.0.2.19 1701 <-> 86.156.53.81 4891 CON 0 0 2 285 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:56.065728 0.206684 udp 10.0.2.19 1701 <-> 68.22.158.150 4609 CON 0 0 2 487 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:56.272802 0.212247 udp 10.0.2.19 1701 <-> 99.34.137.78 2733 CON 0 0 2 422 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:56.485486 0.355087 udp 10.0.2.19 1701 <-> 223.17.69.28 8575 CON 0 0 2 516 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:18:56.840949 0.236840 udp 10.0.2.19 1701 <-> 97.64.221.67 7745 CON 0 0 2 462 flow=From-Botnet-V2-UDP-Establishedd 1970/01/11 12:19:23.180819 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:20:00.103734 0.000095 arp 10.0.2.19 who 10.0.2.2 CON 2 84 flow=Background-ARP 1970/01/11 12:20:00.103918 1.539070 tcp 10.0.2.19 52392 -> 90.156.118.144 5237 FSPA* 0 0 14 1573 flow=From-Botnet-V2-TCP-Established 1970/01/11 12:25:32.193848 3.001458 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/11 12:25:39.200927 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:25:47.202465 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:26:03.205830 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/11 12:26:35.211244 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 09:25:13.502016 3.001020 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 3 438 flow=Background 1970/01/23 09:25:20.508866 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 09:25:28.510389 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 09:25:44.513517 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 09:26:16.519581 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 12:08:17.303962 3.024743 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/23 12:08:22.332048 4.005806 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 2 292 flow=Background 1970/01/23 12:08:36.401913 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 12:08:52.405210 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 12:09:24.411033 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background 1970/01/23 12:15:37.820503 0.000000 udp fe80::d5e6:502a:54ce:e387 546 -> ff02::1:2 547 REQ 0 1 146 flow=Background