Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
file.exe (PID: 4968 cmdline:
C:\Users\u ser\Deskto p\file.exe MD5: 059AA5219C81CCEC4D257337C885C9E5) explorer.exe (PID: 3524 cmdline:
C:\Windows \Explorer. EXE MD5: AD5296B280E8F522A8A897C96BAB0E1D) 953E.exe (PID: 5160 cmdline:
C:\Users\u ser\AppDat a\Local\Te mp\953E.ex e MD5: 33AE73E6DED24C1427D538C8EBA2B5DD)
crtauus (PID: 3620 cmdline:
C:\Users\u ser\AppDat a\Roaming\ crtauus MD5: 059AA5219C81CCEC4D257337C885C9E5)
953E.exe (PID: 5360 cmdline:
"C:\Users\ user\AppDa ta\Local\T emp\953E.e xe" MD5: 33AE73E6DED24C1427D538C8EBA2B5DD)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
SmokeLoader | The SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. The malware is delivered in a variety of ways and is broadly associated with criminal activity. The malware frequently tries to hide its C2 activity by generating requests to legitimate sites such as microsoft.com, bing.com, adobe.com, and others. Typically the actual Download returns an HTTP 404 but still contains data in the Response Body. |
{"Version": 2022, "C2 list": ["http://taibi.at/tmp/", "http://01stroy.ru/tmp/", "http://mal-net.com/tmp/", "http://gromograd.ru/tmp/", "http://kingpirate.ru/tmp/"]}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_SmokeLoader_2 | Yara detected SmokeLoader | Joe Security | ||
Windows_Trojan_Smokeloader_4e31426e | unknown | unknown |
| |
Windows_Trojan_Smokeloader_3687686f | unknown | unknown |
| |
JoeSecurity_UACBypassusingCMSTP | Yara detected UAC Bypass using CMSTP | Joe Security | ||
Windows_Trojan_RedLineStealer_ed346e4c | unknown | unknown |
| |
Click to see the 15 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_SmokeLoader_2 | Yara detected SmokeLoader | Joe Security | ||
JoeSecurity_SmokeLoader_2 | Yara detected SmokeLoader | Joe Security | ||
JoeSecurity_SmokeLoader_2 | Yara detected SmokeLoader | Joe Security | ||
JoeSecurity_SmokeLoader_2 | Yara detected SmokeLoader | Joe Security | ||
JoeSecurity_SmokeLoader_2 | Yara detected SmokeLoader | Joe Security | ||
Click to see the 5 entries |
Timestamp: | 192.168.2.3188.36.122.17449765802851815 09/01/23-15:46:40.454894 |
SID: | 2851815 |
Source Port: | 49765 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3188.36.122.17449768802851815 09/01/23-15:46:44.166946 |
SID: | 2851815 |
Source Port: | 49768 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3188.36.122.17449783802851815 09/01/23-15:46:59.448434 |
SID: | 2851815 |
Source Port: | 49783 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3211.40.39.25149780802851815 09/01/23-15:46:56.017705 |
SID: | 2851815 |
Source Port: | 49780 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3188.36.122.17449782802851815 09/01/23-15:46:59.047838 |
SID: | 2851815 |
Source Port: | 49782 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3211.40.39.25149771802851815 09/01/23-15:46:47.861881 |
SID: | 2851815 |
Source Port: | 49771 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3188.36.122.17449775802851815 09/01/23-15:46:51.439790 |
SID: | 2851815 |
Source Port: | 49775 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3188.36.122.17449764802851815 09/01/23-15:46:38.756347 |
SID: | 2851815 |
Source Port: | 49764 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.3123.140.161.24349767802851815 09/01/23-15:46:42.816654 |
SID: | 2851815 |
Source Port: | 49767 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | Malware Configuration Extractor: |
Source: | ReversingLabs: |
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: |
Source: | ReversingLabs: |
Source: | Joe Sandbox ML: |
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: |
Exploits |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Compliance |
---|
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Static PE information: |
Source: | File opened: | Jump to behavior |
Source: | HTTPS traffic detected: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Networking |
---|
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Domain query: | |||
Source: | Domain query: |
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: |
Source: | ASN Name: |
Source: | JA3 fingerprint: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTPS traffic detected: |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Binary or memory string: | memstr_e5f9888b-4 |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Code function: | 0_2_004027CB | |
Source: | Code function: | 0_2_00403294 | |
Source: | Code function: | 0_2_00412867 | |
Source: | Code function: | 0_2_00413110 | |
Source: | Code function: | 0_2_0041351C | |
Source: | Code function: | 0_2_00412D3C | |
Source: | Code function: | 0_2_0041393C | |
Source: | Code function: | 0_2_0040B723 | |
Source: | Code function: | 18_2_004027CB | |
Source: | Code function: | 18_2_00412867 | |
Source: | Code function: | 18_2_00413110 | |
Source: | Code function: | 18_2_0041351C | |
Source: | Code function: | 18_2_00412D3C | |
Source: | Code function: | 18_2_0041393C | |
Source: | Code function: | 18_2_0040B723 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Code function: | 0_2_004014B2 | |
Source: | Code function: | 0_2_00403244 | |
Source: | Code function: | 0_2_0040146C | |
Source: | Code function: | 0_2_00401423 | |
Source: | Code function: | 0_2_004014C0 | |
Source: | Code function: | 0_2_004018C1 | |
Source: | Code function: | 0_2_004014CF | |
Source: | Code function: | 0_2_004014D2 | |
Source: | Code function: | 0_2_004014E7 | |
Source: | Code function: | 0_2_004014F8 | |
Source: | Code function: | 0_2_004016A3 | |
Source: | Code function: | 18_2_004014B2 | |
Source: | Code function: | 18_2_00403244 | |
Source: | Code function: | 18_2_0040146C | |
Source: | Code function: | 18_2_00401423 | |
Source: | Code function: | 18_2_004014C0 | |
Source: | Code function: | 18_2_004018C1 | |
Source: | Code function: | 18_2_004014CF | |
Source: | Code function: | 18_2_004014D2 | |
Source: | Code function: | 18_2_004014E7 | |
Source: | Code function: | 18_2_004014F8 | |
Source: | Code function: | 18_2_004016A3 | |
Source: | Code function: | 19_2_00409543 | |
Source: | Code function: | 19_2_0040E48D | |
Source: | Code function: | 19_2_00401B2C | |
Source: | Code function: | 19_2_040497A9 | |
Source: | Code function: | 19_2_040497AA |
Source: | Code function: | 19_2_0040B453 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | ReversingLabs: |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | File read: | Jump to behavior |
Source: | Code function: | 18_2_04076AB6 |
Source: | Mutant created: |
Source: | Command line argument: | 0_2_004149B0 | |
Source: | Command line argument: | 18_2_004149B0 |
Source: | String found in binary or memory: |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Data Obfuscation |
---|
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: | ||
Source: | Unpacked PE file: |
Source: | Code function: | 0_2_00402E12 | |
Source: | Code function: | 0_2_0042CC59 | |
Source: | Code function: | 0_2_0042CC3D | |
Source: | Code function: | 0_2_0042CC3D | |
Source: | Code function: | 0_2_0042CC41 | |
Source: | Code function: | 0_2_0040BD44 | |
Source: | Code function: | 0_2_0042BA2E | |
Source: | Code function: | 0_2_0042C2CD | |
Source: | Code function: | 0_2_0042CB71 | |
Source: | Code function: | 18_2_00402E12 | |
Source: | Code function: | 18_2_0042CC59 | |
Source: | Code function: | 18_2_0042CC3D | |
Source: | Code function: | 18_2_0042CC3D | |
Source: | Code function: | 18_2_0042CC41 | |
Source: | Code function: | 18_2_0040BD44 | |
Source: | Code function: | 18_2_0042BA2E | |
Source: | Code function: | 18_2_0042C2CD | |
Source: | Code function: | 18_2_0042CB71 | |
Source: | Code function: | 18_2_04078EE4 | |
Source: | Code function: | 18_2_04078194 | |
Source: | Code function: | 19_2_0040A3BE | |
Source: | Code function: | 19_2_04043C2A | |
Source: | Code function: | 19_2_0404A046 | |
Source: | Code function: | 19_2_04049C59 | |
Source: | Code function: | 19_2_04045CB2 | |
Source: | Code function: | 19_2_04045CCE | |
Source: | Code function: | 19_2_04048D06 | |
Source: | Code function: | 19_2_04048916 | |
Source: | Code function: | 19_2_0404A146 | |
Source: | Code function: | 19_2_0404A162 | |
Source: | Code function: | 19_2_04047580 |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Persistence and Installation Behavior |
---|
Source: | Code function: | 19_2_00408951 | |
Source: | Code function: | 19_2_00408951 | |
Source: | Code function: | 19_2_00408958 | |
Source: | Code function: | 19_2_00408958 | |
Source: | Code function: | 19_2_0040895B | |
Source: | Code function: | 19_2_0040895B | |
Source: | Code function: | 19_2_04048BBF | |
Source: | Code function: | 19_2_04048BBF | |
Source: | Code function: | 19_2_04048BB8 | |
Source: | Code function: | 19_2_04048BB8 | |
Source: | Code function: | 19_2_04048BC2 | |
Source: | Code function: | 19_2_04048BC2 |
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Boot Survival |
---|
Source: | Code function: | 19_2_00408951 | |
Source: | Code function: | 19_2_00408951 | |
Source: | Code function: | 19_2_00408958 | |
Source: | Code function: | 19_2_00408958 | |
Source: | Code function: | 19_2_0040895B | |
Source: | Code function: | 19_2_0040895B | |
Source: | Code function: | 19_2_04048BBF | |
Source: | Code function: | 19_2_04048BBF | |
Source: | Code function: | 19_2_04048BB8 | |
Source: | Code function: | 19_2_04048BB8 | |
Source: | Code function: | 19_2_04048BC2 | |
Source: | Code function: | 19_2_04048BC2 |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File deleted: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Registry key monitored for changes: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Binary or memory string: |
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior | ||
Source: | Key enumerated: | Jump to behavior |
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: | ||
Source: | Last function: |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Check user administrative privileges: | graph_19-7021 |
Source: | File opened: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | System information queried: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Anti Debugging |
---|
Source: | System information queried: | Jump to behavior | ||
Source: | System information queried: | Jump to behavior |
Source: | Code function: | 19_2_0040803E |
Source: | Code function: | 18_2_04076393 | |
Source: | Code function: | 19_2_0040AEA4 | |
Source: | Code function: | 19_2_00407D21 | |
Source: | Code function: | 19_2_0404092B | |
Source: | Code function: | 19_2_0404B10B | |
Source: | Code function: | 19_2_04040D90 |
Source: | Process queried: | Jump to behavior | ||
Source: | Process queried: | Jump to behavior |
Source: | Code function: | 19_2_00409543 |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | File created: | Jump to dropped file |
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior | ||
Source: | Domain query: | |||
Source: | Domain query: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Thread created: | Jump to behavior | ||
Source: | Thread created: | Jump to behavior |
Source: | Code function: | 19_2_004082B6 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00410CD2 | |
Source: | Code function: | 0_2_00416149 | |
Source: | Code function: | 0_2_0040FA37 | |
Source: | Code function: | 0_2_00411340 | |
Source: | Code function: | 18_2_00410CD2 | |
Source: | Code function: | 18_2_00416149 | |
Source: | Code function: | 18_2_0040FA37 | |
Source: | Code function: | 18_2_00411340 |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | 1 Input Capture | 1 File and Directory Discovery | Remote Services | 1 Archive Collected Data | Exfiltration Over Other Network Medium | 1 Ingress Tool Transfer | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | 1 Exploitation for Client Execution | 1 Bootkit | 32 Process Injection | 3 Obfuscated Files or Information | LSASS Memory | 23 System Information Discovery | Remote Desktop Protocol | 1 Input Capture | Exfiltration Over Bluetooth | 11 Encrypted Channel | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | 3 Command and Scripting Interpreter | Logon Script (Windows) | Logon Script (Windows) | 22 Software Packing | Security Account Manager | 1 Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | 3 Non-Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | 1 DLL Side-Loading | NTDS | 431 Security Software Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | 114 Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 1 File Deletion | LSA Secrets | 141 Virtualization/Sandbox Evasion | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | 11 Masquerading | Cached Domain Credentials | 3 Process Discovery | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | 141 Virtualization/Sandbox Evasion | DCSync | 1 Application Window Discovery | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | 32 Process Injection | Proc Filesystem | 1 Remote System Discovery | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue | |
Exploit Public-Facing Application | PowerShell | At (Linux) | At (Linux) | 1 Hidden Files and Directories | /etc/passwd and /etc/shadow | System Network Connections Discovery | Software Deployment Tools | Data Staged | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | Web Protocols | Rogue Cellular Base Station | Data Destruction | |
Supply Chain Compromise | AppleScript | At (Windows) | At (Windows) | 1 Bootkit | Network Sniffing | Process Discovery | Taint Shared Content | Local Data Staging | Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol | File Transfer Protocols | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
37% | ReversingLabs | |||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML | |||
37% | ReversingLabs |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
taibi.at | 115.88.24.200 | true | true | unknown | |
shsplatform.co.uk | 80.66.203.53 | true | true | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
188.36.122.174 | unknown | Hungary | 5483 | MAGYAR-TELEKOM-MAIN-ASMagyarTelekomNyrtHU | true | |
211.40.39.251 | unknown | Korea Republic of | 3786 | LGDACOMLGDACOMCorporationKR | true | |
123.140.161.243 | unknown | Korea Republic of | 3786 | LGDACOMLGDACOMCorporationKR | true | |
80.66.203.53 | shsplatform.co.uk | United Kingdom | 61323 | UKFASTGB | true | |
115.88.24.200 | taibi.at | Korea Republic of | 3786 | LGDACOMLGDACOMCorporationKR | true |
Joe Sandbox Version: | 38.0.0 Beryl |
Analysis ID: | 1301643 |
Start date and time: | 2023-09-01 15:44:32 +02:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 13m 8s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 25 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 2 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample file name: | file.exe |
Detection: | MAL |
Classification: | mal100.troj.expl.evad.winEXE@5/3@25/5 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, dllhost.exe, BackgroundTransferHost.exe, consent.exe, WMIADAP.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe, wuapihost.exe
- Excluded domains from analysis (whitelisted): ris.api.iris.microsoft.com, client.wns.windows.com, eudb.ris.api.iris.microsoft.com, tse1.mm.bing.net, ctldl.windowsupdate.com, displaycatalog.mp.microsoft.com, g.bing.com, arc.msn.com
- Not all processes where analyzed, report is missing behavior information
- Report creation exceeded maximum time and may have missing disassembly code information.
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtEnumerateKey calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- VT rate limit hit for: file.exe
Time | Type | Description |
---|---|---|
06:46:33 | Task Scheduler | |
15:46:15 | API Interceptor | |
15:48:04 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
188.36.122.174 | Get hash | malicious | SmokeLoader | Browse |
| |
Get hash | malicious | Glupteba, LummaC Stealer, SmokeLoader | Browse |
| ||
Get hash | malicious | Djvu, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | Glupteba, SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, Babuk, Clipboard Hijacker, Djvu, Fabookie, SmokeLoader | Browse |
| ||
Get hash | malicious | Babuk, Djvu | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
taibi.at | Get hash | malicious | SmokeLoader | Browse |
| |
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | 000Stealer, Amadey, Glupteba, PrivateLoader, SmokeLoader | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | SmokeLoader, TheBoxClipper | Browse |
| ||
Get hash | malicious | Amadey, DotRunpeX, Glupteba, SmokeLoader, Xmrig | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, Djvu, Fabookie, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, Djvu, Fabookie, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, Glupteba, LummaC Stealer, RedLine, SmokeLoader, Xmrig | Browse |
| ||
Get hash | malicious | Amadey, Glupteba, SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, Glupteba, PrivateLoader, SmokeLoader, Vidar, Xmrig | Browse |
| ||
Get hash | malicious | Amadey, Djvu, Fabookie, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, Clipboard Hijacker, Djvu, Fabookie, RedLine, SmokeLoader | Browse |
| ||
Get hash | malicious | Amadey, Glupteba, LummaC Stealer, SmokeLoader, Xmrig | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
MAGYAR-TELEKOM-MAIN-ASMagyarTelekomNyrtHU | Get hash | malicious | SmokeLoader | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ce5f3254611a8c095a3d821d44539877 | Get hash | malicious | KnightCrypt | Browse |
| |
Get hash | malicious | KnightCrypt | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | Vidar, onlyLogger | Browse |
| ||
Get hash | malicious | KnightCrypt | Browse |
| ||
Get hash | malicious | KnightCrypt | Browse |
| ||
Get hash | malicious | KnightCrypt | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | PrivateLoader, RisePro Stealer | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | SmokeLoader | Browse |
| ||
Get hash | malicious | IcedID | Browse |
|
Process: | C:\Windows\explorer.exe |
File Type: | |
Category: | modified |
Size (bytes): | 703488 |
Entropy (8bit): | 7.09487525787039 |
Encrypted: | false |
SSDEEP: | 12288:YHpe4s6/Esm4HRBSJ+on265j5KghexuUnsmvVl/gLUeL/:uPfBHI+S2mpgu+3/gLHL/ |
MD5: | 33AE73E6DED24C1427D538C8EBA2B5DD |
SHA1: | 04C7618C86E7B8FB80FF3CFBC68625D93F9727A5 |
SHA-256: | 2183E9C69EAC67831D82C638F5C93738AD70B76B4DE43F8AD876C1153010CA4A |
SHA-512: | 2E3F119778E2C38547173B89BC1979D3F8DDC6474F656F6C7A66971D4CF4674568FCEAB1C6B6EBB9669F0440EF0D775BF0B8DA5595DCD8A6227D70472F5EA81E |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Windows\explorer.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 395776 |
Entropy (8bit): | 5.898860717696632 |
Encrypted: | false |
SSDEEP: | 3072:BdeUSdFCGEnpS9zSahHnboPV3dFpyQc16Z+tYuxrm4KNKLPcOJdxH/WRXWh:7exSGqpSJSP/yILtgLUebH/i |
MD5: | 059AA5219C81CCEC4D257337C885C9E5 |
SHA1: | 1075024D4A988EDDFDF2B4042078640C65D4B603 |
SHA-256: | A3E06D811446215D4CCF92E136C20795D346F94C23F94CAEAB63D5727F35B866 |
SHA-512: | 6249F7D5FEF925BC956A6F16BA431500EB6C403AE7880C434259D156D90D6D19820840E352C786E17C7F0CFF65BEA951730D471835A94734F1B7BB7868C032FD |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\Windows\explorer.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 26 |
Entropy (8bit): | 3.95006375643621 |
Encrypted: | false |
SSDEEP: | 3:ggPYV:rPYV |
MD5: | 187F488E27DB4AF347237FE461A079AD |
SHA1: | 6693BA299EC1881249D59262276A0D2CB21F8E64 |
SHA-256: | 255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309 |
SHA-512: | 89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E |
Malicious: | true |
Reputation: | high, very likely benign file |
Preview: |
File type: | |
Entropy (8bit): | 5.898860717696632 |
TrID: |
|
File name: | file.exe |
File size: | 395'776 bytes |
MD5: | 059aa5219c81ccec4d257337c885c9e5 |
SHA1: | 1075024d4a988eddfdf2b4042078640c65d4b603 |
SHA256: | a3e06d811446215d4ccf92e136c20795d346f94c23f94caeab63d5727f35b866 |
SHA512: | 6249f7d5fef925bc956a6f16ba431500eb6c403ae7880c434259d156d90d6d19820840e352c786e17c7f0cff65bea951730d471835a94734f1b7bb7868c032fd |
SSDEEP: | 3072:BdeUSdFCGEnpS9zSahHnboPV3dFpyQc16Z+tYuxrm4KNKLPcOJdxH/WRXWh:7exSGqpSJSP/yILtgLUebH/i |
TLSH: | 2384D64392E13D59EA268B739F1FCAF8770DF5608E497B6922189F2F04B1076C263B15 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......;.v.............a...k...a...K...a.......Xjc.t...........a...~...a...~...a...~...Rich............................PE..L......d... |
Icon Hash: | 514151492d514509 |
Entrypoint: | 0x4081ce |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | TERMINAL_SERVER_AWARE |
Time Stamp: | 0x640414EB [Sun Mar 5 04:04:59 2023 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 0 |
File Version Major: | 5 |
File Version Minor: | 0 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 0 |
Import Hash: | eb568a174db8395072c750a957035097 |
Instruction |
---|
call 00007F26CC717647h |
jmp 00007F26CC70FEEDh |
mov edi, edi |
push ebp |
mov ebp, esp |
mov eax, dword ptr [ebp+08h] |
xor ecx, ecx |
cmp eax, dword ptr [0042E0E8h+ecx*8] |
je 00007F26CC710085h |
inc ecx |
cmp ecx, 2Dh |
jc 00007F26CC710063h |
lea ecx, dword ptr [eax-13h] |
cmp ecx, 11h |
jnbe 00007F26CC710080h |
push 0000000Dh |
pop eax |
pop ebp |
ret |
mov eax, dword ptr [0042E0ECh+ecx*8] |
pop ebp |
ret |
add eax, FFFFFF44h |
push 0000000Eh |
pop ecx |
cmp ecx, eax |
sbb eax, eax |
and eax, ecx |
add eax, 08h |
pop ebp |
ret |
call 00007F26CC714FEEh |
test eax, eax |
jne 00007F26CC710078h |
mov eax, 0042E250h |
ret |
add eax, 08h |
ret |
call 00007F26CC714FDBh |
test eax, eax |
jne 00007F26CC710078h |
mov eax, 0042E254h |
ret |
add eax, 0Ch |
ret |
mov edi, edi |
push ebp |
mov ebp, esp |
push esi |
call 00007F26CC710057h |
mov ecx, dword ptr [ebp+08h] |
push ecx |
mov dword ptr [eax], ecx |
call 00007F26CC70FFF7h |
pop ecx |
mov esi, eax |
call 00007F26CC710031h |
mov dword ptr [eax], esi |
pop esi |
pop ebp |
ret |
mov edi, edi |
push ebp |
mov ebp, esp |
sub esp, 4Ch |
mov eax, dword ptr [0042E260h] |
xor eax, ebp |
mov dword ptr [ebp-04h], eax |
push ebx |
xor ebx, ebx |
push esi |
mov esi, dword ptr [ebp+08h] |
push edi |
mov dword ptr [ebp-2Ch], ebx |
mov dword ptr [ebp-1Ch], ebx |
mov dword ptr [ebp-20h], ebx |
mov dword ptr [ebp-28h], ebx |
mov dword ptr [ebp-24h], ebx |
mov dword ptr [ebp-4Ch], esi |
mov dword ptr [ebp-48h], ebx |
cmp dword ptr [esi+14h], ebx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x2cb8c | 0x78 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x201d000 | 0x276a8 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x2045000 | 0x11f0 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x1240 | 0x1c | .text |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x38d8 | 0x40 | .text |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x1000 | 0x1dc | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x2c6ba | 0x2c800 | False | 0.7541915379213483 | data | 7.451622734367755 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.data | 0x2e000 | 0x1fee404 | 0x1e00 | unknown | unknown | unknown | unknown | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0x201d000 | 0x276a8 | 0x27800 | False | 0.3225746637658228 | data | 3.979988964837493 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x2045000 | 0xa644 | 0xa800 | False | 0.09021577380952381 | data | 1.154517302690227 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
AFX_DIALOG_LAYOUT | 0x2042038 | 0xe | data | Punjabi | Pakistan | 1.5714285714285714 |
AFX_DIALOG_LAYOUT | 0x2042038 | 0xe | data | Punjabi | India | 1.5714285714285714 |
RT_CURSOR | 0x2042048 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | Pakistan | 0.27238805970149255 |
RT_CURSOR | 0x2042048 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | India | 0.27238805970149255 |
RT_CURSOR | 0x2042ef0 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | Pakistan | 0.375 |
RT_CURSOR | 0x2042ef0 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | India | 0.375 |
RT_CURSOR | 0x2043798 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | Pakistan | 0.5057803468208093 |
RT_CURSOR | 0x2043798 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | India | 0.5057803468208093 |
RT_ICON | 0x201db60 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | Pakistan | 0.35847547974413646 |
RT_ICON | 0x201db60 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | India | 0.35847547974413646 |
RT_ICON | 0x201ea08 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | Pakistan | 0.47653429602888087 |
RT_ICON | 0x201ea08 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | India | 0.47653429602888087 |
RT_ICON | 0x201f2b0 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | Pakistan | 0.4628630705394191 |
RT_ICON | 0x201f2b0 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | India | 0.4628630705394191 |
RT_ICON | 0x2021858 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | Pakistan | 0.4702157598499062 |
RT_ICON | 0x2021858 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | India | 0.4702157598499062 |
RT_ICON | 0x2022900 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | Pakistan | 0.4973404255319149 |
RT_ICON | 0x2022900 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | India | 0.4973404255319149 |
RT_ICON | 0x2022db8 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | Pakistan | 0.4066820276497696 |
RT_ICON | 0x2022db8 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | India | 0.4066820276497696 |
RT_ICON | 0x2023480 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | Pakistan | 0.25186721991701244 |
RT_ICON | 0x2023480 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | India | 0.25186721991701244 |
RT_ICON | 0x2025a28 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | Pakistan | 0.3067375886524823 |
RT_ICON | 0x2025a28 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | India | 0.3067375886524823 |
RT_ICON | 0x2025ec0 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | Pakistan | 0.4066820276497696 |
RT_ICON | 0x2025ec0 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | India | 0.4066820276497696 |
RT_ICON | 0x2026588 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | Pakistan | 0.25186721991701244 |
RT_ICON | 0x2026588 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | India | 0.25186721991701244 |
RT_ICON | 0x2028b30 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | Pakistan | 0.3067375886524823 |
RT_ICON | 0x2028b30 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | India | 0.3067375886524823 |
RT_ICON | 0x2028fc8 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | Pakistan | 0.3704690831556503 |
RT_ICON | 0x2028fc8 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | India | 0.3704690831556503 |
RT_ICON | 0x2029e70 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | Pakistan | 0.4517148014440433 |
RT_ICON | 0x2029e70 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | India | 0.4517148014440433 |
RT_ICON | 0x202a718 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | Pakistan | 0.4539170506912442 |
RT_ICON | 0x202a718 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | India | 0.4539170506912442 |
RT_ICON | 0x202ade0 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | Pakistan | 0.46098265895953755 |
RT_ICON | 0x202ade0 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | India | 0.46098265895953755 |
RT_ICON | 0x202b348 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | Pakistan | 0.26981327800829874 |
RT_ICON | 0x202b348 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | India | 0.26981327800829874 |
RT_ICON | 0x202d8f0 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | Pakistan | 0.3051125703564728 |
RT_ICON | 0x202d8f0 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | India | 0.3051125703564728 |
RT_ICON | 0x202e998 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | Pakistan | 0.3599290780141844 |
RT_ICON | 0x202e998 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | India | 0.3599290780141844 |
RT_ICON | 0x202ee68 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colors | Punjabi | Pakistan | 0.5146588486140725 |
RT_ICON | 0x202ee68 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colors | Punjabi | India | 0.5146588486140725 |
RT_ICON | 0x202fd10 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colors | Punjabi | Pakistan | 0.5112815884476535 |
RT_ICON | 0x202fd10 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colors | Punjabi | India | 0.5112815884476535 |
RT_ICON | 0x20305b8 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colors | Punjabi | Pakistan | 0.45852534562211983 |
RT_ICON | 0x20305b8 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colors | Punjabi | India | 0.45852534562211983 |
RT_ICON | 0x2030c80 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colors | Punjabi | Pakistan | 0.4804913294797688 |
RT_ICON | 0x2030c80 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colors | Punjabi | India | 0.4804913294797688 |
RT_ICON | 0x20311e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9216 | Punjabi | Pakistan | 0.27977178423236515 |
RT_ICON | 0x20311e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9216 | Punjabi | India | 0.27977178423236515 |
RT_ICON | 0x2033790 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4096 | Punjabi | Pakistan | 0.3093339587242026 |
RT_ICON | 0x2033790 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4096 | Punjabi | India | 0.3093339587242026 |
RT_ICON | 0x2034838 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2304 | Punjabi | Pakistan | 0.3413934426229508 |
RT_ICON | 0x2034838 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2304 | Punjabi | India | 0.3413934426229508 |
RT_ICON | 0x20351c0 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1024 | Punjabi | Pakistan | 0.37322695035460995 |
RT_ICON | 0x20351c0 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1024 | Punjabi | India | 0.37322695035460995 |
RT_ICON | 0x20356a0 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | Pakistan | 0.4896055437100213 |
RT_ICON | 0x20356a0 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | India | 0.4896055437100213 |
RT_ICON | 0x2036548 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | Pakistan | 0.4711191335740072 |
RT_ICON | 0x2036548 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | India | 0.4711191335740072 |
RT_ICON | 0x2036df0 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | Pakistan | 0.43858381502890176 |
RT_ICON | 0x2036df0 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | India | 0.43858381502890176 |
RT_ICON | 0x2037358 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | Pakistan | 0.27717842323651454 |
RT_ICON | 0x2037358 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | India | 0.27717842323651454 |
RT_ICON | 0x2039900 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | Pakistan | 0.2898686679174484 |
RT_ICON | 0x2039900 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | India | 0.2898686679174484 |
RT_ICON | 0x203a9a8 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 0 | Punjabi | Pakistan | 0.30573770491803276 |
RT_ICON | 0x203a9a8 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 0 | Punjabi | India | 0.30573770491803276 |
RT_ICON | 0x203b330 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | Pakistan | 0.3324468085106383 |
RT_ICON | 0x203b330 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | India | 0.3324468085106383 |
RT_ICON | 0x203b800 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | Pakistan | 0.27398720682302774 |
RT_ICON | 0x203b800 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | Punjabi | India | 0.27398720682302774 |
RT_ICON | 0x203c6a8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | Pakistan | 0.3700361010830325 |
RT_ICON | 0x203c6a8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | Punjabi | India | 0.3700361010830325 |
RT_ICON | 0x203cf50 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | Pakistan | 0.39746543778801846 |
RT_ICON | 0x203cf50 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 0 | Punjabi | India | 0.39746543778801846 |
RT_ICON | 0x203d618 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | Pakistan | 0.38439306358381503 |
RT_ICON | 0x203d618 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | Punjabi | India | 0.38439306358381503 |
RT_ICON | 0x203db80 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | Pakistan | 0.274896265560166 |
RT_ICON | 0x203db80 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | Punjabi | India | 0.274896265560166 |
RT_ICON | 0x2040128 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | Pakistan | 0.3051125703564728 |
RT_ICON | 0x2040128 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | Punjabi | India | 0.3051125703564728 |
RT_ICON | 0x20411d0 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 0 | Punjabi | Pakistan | 0.32254098360655736 |
RT_ICON | 0x20411d0 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 0 | Punjabi | India | 0.32254098360655736 |
RT_ICON | 0x2041b58 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | Pakistan | 0.35815602836879434 |
RT_ICON | 0x2041b58 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | Punjabi | India | 0.35815602836879434 |
RT_STRING | 0x2043fa0 | 0xee | data | Punjabi | Pakistan | 0.5882352941176471 |
RT_STRING | 0x2043fa0 | 0xee | data | Punjabi | India | 0.5882352941176471 |
RT_STRING | 0x2044090 | 0x614 | data | Punjabi | Pakistan | 0.42802056555269924 |
RT_STRING | 0x2044090 | 0x614 | data | Punjabi | India | 0.42802056555269924 |
RT_GROUP_CURSOR | 0x2043d00 | 0x30 | data | Punjabi | Pakistan | 0.9375 |
RT_GROUP_CURSOR | 0x2043d00 | 0x30 | data | Punjabi | India | 0.9375 |
RT_GROUP_ICON | 0x2022d68 | 0x4c | data | Punjabi | Pakistan | 0.75 |
RT_GROUP_ICON | 0x2022d68 | 0x4c | data | Punjabi | India | 0.75 |
RT_GROUP_ICON | 0x202ee00 | 0x68 | data | Punjabi | Pakistan | 0.7115384615384616 |
RT_GROUP_ICON | 0x202ee00 | 0x68 | data | Punjabi | India | 0.7115384615384616 |
RT_GROUP_ICON | 0x2025e90 | 0x30 | data | Punjabi | Pakistan | 0.9791666666666666 |
RT_GROUP_ICON | 0x2025e90 | 0x30 | data | Punjabi | India | 0.9791666666666666 |
RT_GROUP_ICON | 0x2028f98 | 0x30 | data | Punjabi | Pakistan | 1.0 |
RT_GROUP_ICON | 0x2028f98 | 0x30 | data | Punjabi | India | 1.0 |
RT_GROUP_ICON | 0x2035628 | 0x76 | data | Punjabi | Pakistan | 0.6864406779661016 |
RT_GROUP_ICON | 0x2035628 | 0x76 | data | Punjabi | India | 0.6864406779661016 |
RT_GROUP_ICON | 0x2041fc0 | 0x76 | data | Punjabi | Pakistan | 0.6779661016949152 |
RT_GROUP_ICON | 0x2041fc0 | 0x76 | data | Punjabi | India | 0.6779661016949152 |
RT_GROUP_ICON | 0x203b798 | 0x68 | data | Punjabi | Pakistan | 0.7307692307692307 |
RT_GROUP_ICON | 0x203b798 | 0x68 | data | Punjabi | India | 0.7307692307692307 |
RT_VERSION | 0x2043d30 | 0x270 | data | Punjabi | Pakistan | 0.5240384615384616 |
RT_VERSION | 0x2043d30 | 0x270 | data | Punjabi | India | 0.5240384615384616 |
DLL | Import |
---|---|
KERNEL32.dll | SetComputerNameExA, FindResourceW, InterlockedDecrement, GetCurrentProcess, InterlockedCompareExchange, AddConsoleAliasW, CreateHardLinkA, GetConsoleAliasesLengthA, GetDateFormatA, LoadLibraryW, ReadConsoleInputA, GetSystemWindowsDirectoryA, GetFileAttributesW, EnumResourceLanguagesA, RaiseException, FindFirstFileA, InterlockedFlushSList, SetLastError, ReadConsoleOutputCharacterA, GetProcAddress, AttachConsole, VirtualAlloc, PeekNamedPipe, LoadLibraryA, BuildCommDCBAndTimeoutsW, SetFileApisToANSI, FindAtomA, GetOEMCP, GetModuleHandleA, FreeEnvironmentStringsW, EnumResourceNamesA, GetShortPathNameW, FileTimeToLocalFileTime, FindFirstVolumeW, GetConsoleProcessList, CloseHandle, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, GetLocaleInfoW, SetFilePointer, CreateFileA, FindFirstChangeNotificationW, VirtualAllocEx, UnregisterWait, FlushFileBuffers, WideCharToMultiByte, InterlockedIncrement, InterlockedExchange, MultiByteToWideChar, Sleep, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetLastError, HeapFree, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCommandLineA, GetStartupInfoA, GetCPInfo, RtlUnwind, LCMapStringW, LCMapStringA, GetStringTypeW, HeapAlloc, HeapCreate, VirtualFree, HeapReAlloc, GetModuleHandleW, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetCurrentThreadId, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, GetStringTypeA, HeapSize, GetACP, IsValidCodePage, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, InitializeCriticalSectionAndSpinCount, SetStdHandle, GetConsoleCP, GetConsoleMode |
USER32.dll | CharToOemBuffW, EnumDesktopWindows, ChangeMenuW, GetMessageExtraInfo, UnhookWinEvent, CharUpperBuffA, LoadMenuW |
GDI32.dll | GetCharacterPlacementA, GetPolyFillMode |
ADVAPI32.dll | ReadEventLogW |
ole32.dll | CoRegisterPSClsid |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
Punjabi | Pakistan | |
Punjabi | India |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
192.168.2.3188.36.122.17449765802851815 09/01/23-15:46:40.454894 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49765 | 80 | 192.168.2.3 | 188.36.122.174 |
192.168.2.3188.36.122.17449768802851815 09/01/23-15:46:44.166946 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49768 | 80 | 192.168.2.3 | 188.36.122.174 |
192.168.2.3188.36.122.17449783802851815 09/01/23-15:46:59.448434 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49783 | 80 | 192.168.2.3 | 188.36.122.174 |
192.168.2.3211.40.39.25149780802851815 09/01/23-15:46:56.017705 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
192.168.2.3188.36.122.17449782802851815 09/01/23-15:46:59.047838 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49782 | 80 | 192.168.2.3 | 188.36.122.174 |
192.168.2.3211.40.39.25149771802851815 09/01/23-15:46:47.861881 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49771 | 80 | 192.168.2.3 | 211.40.39.251 |
192.168.2.3188.36.122.17449775802851815 09/01/23-15:46:51.439790 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49775 | 80 | 192.168.2.3 | 188.36.122.174 |
192.168.2.3188.36.122.17449764802851815 09/01/23-15:46:38.756347 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49764 | 80 | 192.168.2.3 | 188.36.122.174 |
192.168.2.3123.140.161.24349767802851815 09/01/23-15:46:42.816654 | TCP | 2851815 | ETPRO TROJAN Sharik/Smokeloader CnC Beacon 18 | 49767 | 80 | 192.168.2.3 | 123.140.161.243 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 1, 2023 15:46:33.392437935 CEST | 49760 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:33.653892994 CEST | 80 | 49760 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:33.654150009 CEST | 49760 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:33.670453072 CEST | 49760 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:33.670496941 CEST | 49760 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:33.929704905 CEST | 80 | 49760 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:34.913573980 CEST | 80 | 49760 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:34.913674116 CEST | 80 | 49760 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:34.913800001 CEST | 49760 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:34.913898945 CEST | 49760 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:35.045093060 CEST | 49761 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:35.173424959 CEST | 80 | 49760 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:35.297887087 CEST | 80 | 49761 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:35.298101902 CEST | 49761 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:35.298345089 CEST | 49761 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:35.298378944 CEST | 49761 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:35.551018000 CEST | 80 | 49761 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:36.499001026 CEST | 80 | 49761 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:36.499042034 CEST | 80 | 49761 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:36.499170065 CEST | 49761 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:36.499316931 CEST | 49761 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:36.564207077 CEST | 49762 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:36.751749992 CEST | 80 | 49761 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:36.822875023 CEST | 80 | 49762 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:36.823061943 CEST | 49762 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:36.901483059 CEST | 49762 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:36.901549101 CEST | 49762 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:37.160406113 CEST | 80 | 49762 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:38.146894932 CEST | 80 | 49762 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:38.146939039 CEST | 80 | 49762 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:38.147089958 CEST | 49762 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:38.244782925 CEST | 49762 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:38.502451897 CEST | 80 | 49762 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:38.704858065 CEST | 49764 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:38.755657911 CEST | 80 | 49764 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:38.755919933 CEST | 49764 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:38.756346941 CEST | 49764 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:38.756386042 CEST | 49764 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:38.806653023 CEST | 80 | 49764 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:38.971018076 CEST | 80 | 49764 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:38.971076012 CEST | 80 | 49764 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:38.971285105 CEST | 49764 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:38.985249996 CEST | 49764 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:39.035588026 CEST | 80 | 49764 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:40.403517008 CEST | 49765 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:40.454402924 CEST | 80 | 49765 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:40.454562902 CEST | 49765 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:40.454894066 CEST | 49765 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:40.454977989 CEST | 49765 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:40.507884026 CEST | 80 | 49765 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:40.666369915 CEST | 80 | 49765 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:40.666460991 CEST | 80 | 49765 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:40.666518927 CEST | 49765 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:40.666832924 CEST | 49765 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:40.716608047 CEST | 80 | 49765 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:40.896600962 CEST | 49766 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:41.157687902 CEST | 80 | 49766 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:41.157934904 CEST | 49766 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:41.158391953 CEST | 49766 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:41.158472061 CEST | 49766 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:41.424158096 CEST | 80 | 49766 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:42.489564896 CEST | 80 | 49766 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:42.489603043 CEST | 80 | 49766 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:42.489738941 CEST | 49766 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:42.489866018 CEST | 49766 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:42.555634975 CEST | 49767 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:42.761792898 CEST | 80 | 49766 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:42.816134930 CEST | 80 | 49767 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:42.816346884 CEST | 49767 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:42.816653967 CEST | 49767 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:42.816700935 CEST | 49767 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:43.077124119 CEST | 80 | 49767 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:44.046610117 CEST | 80 | 49767 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:44.046653032 CEST | 80 | 49767 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:44.046870947 CEST | 49767 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:44.046920061 CEST | 49767 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:44.111799002 CEST | 49768 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:44.166476011 CEST | 80 | 49768 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:44.166659117 CEST | 49768 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:44.166945934 CEST | 49768 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:44.166985035 CEST | 49768 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:44.220979929 CEST | 80 | 49768 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:44.307522058 CEST | 80 | 49767 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:44.392565012 CEST | 80 | 49768 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:44.392599106 CEST | 80 | 49768 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:44.392766953 CEST | 49768 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:44.395585060 CEST | 49768 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:44.449428082 CEST | 80 | 49768 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:44.450814009 CEST | 49769 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:44.695646048 CEST | 80 | 49769 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:44.695777893 CEST | 49769 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:44.696122885 CEST | 49769 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:44.696160078 CEST | 49769 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:44.941154003 CEST | 80 | 49769 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:45.907716036 CEST | 80 | 49769 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:45.907767057 CEST | 80 | 49769 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:45.907949924 CEST | 49769 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:45.908086061 CEST | 49769 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:45.991080999 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:45.991143942 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:45.991240978 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:45.995138884 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:45.995181084 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.088679075 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.088912010 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.091084003 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.091130018 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.091491938 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.152683020 CEST | 80 | 49769 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:46.268992901 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.294029951 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.335488081 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.336751938 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.336786985 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.336796045 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.336832047 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.336898088 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.336930037 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.336954117 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.373590946 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.373616934 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.373730898 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.373783112 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.373831034 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.373831987 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.373852015 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.373873949 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.373914957 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.373917103 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.373944998 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.373944998 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.374021053 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.374036074 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.374080896 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.374104023 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.374123096 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.410608053 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.410759926 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.410835981 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.410887957 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.410917044 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.410964012 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.410983086 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411030054 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.411045074 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411145926 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411160946 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411195993 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.411210060 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411237955 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.411319971 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411374092 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.411391973 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411448956 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411554098 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.411575079 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411636114 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.411686897 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.411704063 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.448343992 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.448543072 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.448582888 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.448889971 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.448987961 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.448995113 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.449026108 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449173927 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449527979 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449644089 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449666023 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.449682951 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449692965 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449726105 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.449754000 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449758053 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.449788094 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.449842930 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.449950933 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450028896 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.450037956 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450119019 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450325966 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450644970 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450659037 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.450670004 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450735092 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450756073 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.450768948 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.450800896 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.450959921 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.451037884 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.451047897 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.465049028 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.465075970 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.465137959 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.465223074 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.488348961 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.488679886 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.488744020 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.488821983 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.488940954 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.488971949 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.489197016 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.489322901 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.489353895 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.489511967 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.489624023 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.489651918 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.489886999 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490000963 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.490030050 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490283966 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490407944 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.490434885 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490463972 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490617990 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490686893 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.490720034 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490778923 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.490782976 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490886927 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.490911961 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.490940094 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491036892 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491058111 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491082907 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491137981 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491149902 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491174936 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491197109 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491240978 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491298914 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491393089 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491417885 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491447926 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491565943 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491566896 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491595030 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491673946 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491682053 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491770029 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491790056 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491815090 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491877079 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.491897106 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491962910 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.491986990 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.492011070 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.492067099 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.492077112 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.492137909 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.492160082 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.492185116 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.492196083 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.492275000 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.492294073 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.492317915 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.492369890 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.492393017 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.492484093 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.492508888 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.524288893 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.524480104 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.524513960 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.530169964 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.530302048 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.530365944 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.530395031 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.530416965 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.530735016 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.530870914 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.530884027 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.531127930 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.531232119 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.531250000 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.531543016 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.531671047 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.531687021 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.531923056 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.532026052 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.532037973 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.532279015 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.532372952 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.532387972 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.532612085 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.532717943 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.532731056 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.532951117 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.533055067 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.533067942 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.533291101 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.533392906 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.533407927 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.533579111 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.533677101 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.533689976 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.533864975 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.533963919 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.533973932 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.534719944 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.534823895 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.534909964 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.535357952 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.535480976 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.535501957 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.535721064 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.535825014 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.535845995 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536040068 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536134005 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.536154032 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536303043 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536391020 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.536411047 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536561966 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536648989 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.536668062 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536767960 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.536848068 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.536864042 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.572268963 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.572504997 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.572555065 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.572683096 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.572789907 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.572805882 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.572971106 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.573112011 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.573128939 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.573277950 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.573384047 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.573399067 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.573595047 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.573704958 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.573728085 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.573863029 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.573961020 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.573976994 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.574131966 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.574224949 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.574242115 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.574332952 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.574420929 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.574434042 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.574542999 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.574804068 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.574902058 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.574902058 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.574933052 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575103998 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575210094 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.575227976 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575356960 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575465918 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.575478077 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575639963 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575829983 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.575844049 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575897932 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.575983047 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.575993061 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.593689919 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.593727112 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.593811989 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.964956999 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:46.965132952 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:46.965169907 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.001849890 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.002051115 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.002084970 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.038731098 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.038870096 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.038907051 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.039043903 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.039067030 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.039108038 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.039119959 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.039134026 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.039293051 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.039341927 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.039347887 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.039362907 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.039380074 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.076011896 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.076251030 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.076277971 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.076308012 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.076329947 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.076371908 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.076411963 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.076421976 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.076484919 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.076524973 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.076586008 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.077409029 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.077436924 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.077466011 CEST | 49770 | 443 | 192.168.2.3 | 80.66.203.53 |
Sep 1, 2023 15:46:47.077474117 CEST | 443 | 49770 | 80.66.203.53 | 192.168.2.3 |
Sep 1, 2023 15:46:47.606220961 CEST | 49771 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:47.861311913 CEST | 80 | 49771 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:47.861541986 CEST | 49771 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:47.861881018 CEST | 49771 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:47.861922979 CEST | 49771 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:48.122344971 CEST | 80 | 49771 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:49.035181046 CEST | 80 | 49771 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:49.035242081 CEST | 80 | 49771 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:49.035433054 CEST | 49771 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:49.035434008 CEST | 49771 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:49.119591951 CEST | 49772 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:49.166932106 CEST | 80 | 49772 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:49.167579889 CEST | 49772 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:49.181657076 CEST | 49772 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:49.182424068 CEST | 49772 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:49.229361057 CEST | 80 | 49772 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:49.297091961 CEST | 80 | 49771 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:49.394129992 CEST | 80 | 49772 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:49.394174099 CEST | 80 | 49772 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:49.394288063 CEST | 49772 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:49.394397020 CEST | 49772 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:49.441000938 CEST | 80 | 49772 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:49.451905966 CEST | 49773 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:49.694765091 CEST | 80 | 49773 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:49.695008039 CEST | 49773 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:49.695246935 CEST | 49773 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:49.695281982 CEST | 49773 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:49.938191891 CEST | 80 | 49773 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:50.847105980 CEST | 80 | 49773 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:50.847146988 CEST | 80 | 49773 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:50.853019953 CEST | 49773 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:50.870820999 CEST | 49773 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:51.006283045 CEST | 49774 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.053225994 CEST | 80 | 49774 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.054997921 CEST | 49774 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.055461884 CEST | 49774 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.055505991 CEST | 49774 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.102313995 CEST | 80 | 49774 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.116729021 CEST | 80 | 49773 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:51.257399082 CEST | 80 | 49774 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.257437944 CEST | 80 | 49774 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.277268887 CEST | 49774 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.279016972 CEST | 49774 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.325624943 CEST | 80 | 49774 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.372577906 CEST | 49775 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.422935009 CEST | 80 | 49775 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.439308882 CEST | 49775 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.439790010 CEST | 49775 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.439838886 CEST | 49775 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.489720106 CEST | 80 | 49775 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.661725998 CEST | 80 | 49775 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.661784887 CEST | 80 | 49775 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.698633909 CEST | 49775 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.698693991 CEST | 49775 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:51.748900890 CEST | 80 | 49775 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:51.750149012 CEST | 49776 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:52.005372047 CEST | 80 | 49776 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:52.005530119 CEST | 49776 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:52.005809069 CEST | 49776 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:52.005842924 CEST | 49776 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:52.262628078 CEST | 80 | 49776 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:52.876811981 CEST | 80 | 49776 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:52.876883984 CEST | 80 | 49776 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:52.881299019 CEST | 49776 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:52.881299019 CEST | 49776 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:52.940334082 CEST | 49777 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:53.140042067 CEST | 80 | 49776 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:53.201263905 CEST | 80 | 49777 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:53.207333088 CEST | 49777 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:53.207707882 CEST | 49777 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:53.207761049 CEST | 49777 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:53.467638016 CEST | 80 | 49777 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:54.469517946 CEST | 80 | 49777 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:54.469558001 CEST | 80 | 49777 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:54.469630003 CEST | 49777 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:54.469743013 CEST | 49777 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:54.523927927 CEST | 49779 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:54.729286909 CEST | 80 | 49777 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:54.780677080 CEST | 80 | 49779 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:54.780889034 CEST | 49779 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:54.781130075 CEST | 49779 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:54.781166077 CEST | 49779 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:55.038254023 CEST | 80 | 49779 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:55.692565918 CEST | 80 | 49779 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:55.692630053 CEST | 80 | 49779 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:55.693092108 CEST | 49779 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:55.700467110 CEST | 49779 | 80 | 192.168.2.3 | 123.140.161.243 |
Sep 1, 2023 15:46:55.755104065 CEST | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:55.957298040 CEST | 80 | 49779 | 123.140.161.243 | 192.168.2.3 |
Sep 1, 2023 15:46:56.016732931 CEST | 80 | 49780 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:56.017179966 CEST | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:56.017704964 CEST | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:56.017735004 CEST | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:56.279294014 CEST | 80 | 49780 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:57.207369089 CEST | 80 | 49780 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:57.207431078 CEST | 80 | 49780 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:57.207731962 CEST | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:57.207731962 CEST | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:57.258420944 CEST | 49781 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:57.525652885 CEST | 80 | 49781 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:57.525875092 CEST | 49781 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:57.561868906 CEST | 49781 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:57.561938047 CEST | 49781 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:57.830291033 CEST | 80 | 49781 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:57.976507902 CEST | 49780 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:46:58.238102913 CEST | 80 | 49780 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:46:58.808310032 CEST | 80 | 49781 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:58.808384895 CEST | 80 | 49781 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:58.808552027 CEST | 49781 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:58.936440945 CEST | 49781 | 80 | 192.168.2.3 | 115.88.24.200 |
Sep 1, 2023 15:46:58.995737076 CEST | 49782 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.047281981 CEST | 80 | 49782 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.047559023 CEST | 49782 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.047837973 CEST | 49782 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.047873020 CEST | 49782 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.099103928 CEST | 80 | 49782 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.203486919 CEST | 80 | 49781 | 115.88.24.200 | 192.168.2.3 |
Sep 1, 2023 15:46:59.272161961 CEST | 80 | 49782 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.272197008 CEST | 80 | 49782 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.272341013 CEST | 49782 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.272416115 CEST | 49782 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.323525906 CEST | 80 | 49782 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.332354069 CEST | 49783 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.385217905 CEST | 80 | 49783 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.385436058 CEST | 49783 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.448434114 CEST | 49783 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.451837063 CEST | 49783 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:46:59.504271030 CEST | 80 | 49783 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.660711050 CEST | 80 | 49783 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.660840034 CEST | 80 | 49783 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:46:59.660952091 CEST | 49783 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:00.520627975 CEST | 49783 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:00.573029041 CEST | 80 | 49783 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:00.759824991 CEST | 49784 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:00.814246893 CEST | 80 | 49784 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:00.814383030 CEST | 49784 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:00.814646006 CEST | 49784 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:00.814680099 CEST | 49784 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:00.869277000 CEST | 80 | 49784 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:01.040075064 CEST | 80 | 49784 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:01.040149927 CEST | 80 | 49784 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:01.040205956 CEST | 49784 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:01.040255070 CEST | 49784 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:01.064342976 CEST | 49785 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:47:01.094475031 CEST | 80 | 49784 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:01.317293882 CEST | 80 | 49785 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:47:01.317481995 CEST | 49785 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:47:01.317769051 CEST | 49785 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:47:01.317804098 CEST | 49785 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:47:01.570823908 CEST | 80 | 49785 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:47:02.688188076 CEST | 80 | 49785 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:47:02.688400984 CEST | 49785 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:47:02.688415051 CEST | 80 | 49785 | 211.40.39.251 | 192.168.2.3 |
Sep 1, 2023 15:47:02.688471079 CEST | 49785 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:47:02.733000040 CEST | 49786 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:02.786788940 CEST | 80 | 49786 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:02.786879063 CEST | 49786 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:02.787271023 CEST | 49786 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:02.787331104 CEST | 49786 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:02.840316057 CEST | 80 | 49786 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:03.003756046 CEST | 80 | 49786 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:03.003789902 CEST | 80 | 49786 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:03.003887892 CEST | 49786 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:03.003966093 CEST | 49786 | 80 | 192.168.2.3 | 188.36.122.174 |
Sep 1, 2023 15:47:03.057482958 CEST | 80 | 49786 | 188.36.122.174 | 192.168.2.3 |
Sep 1, 2023 15:47:03.508280993 CEST | 49785 | 80 | 192.168.2.3 | 211.40.39.251 |
Sep 1, 2023 15:47:03.762710094 CEST | 80 | 49785 | 211.40.39.251 | 192.168.2.3 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 1, 2023 15:46:33.230180025 CEST | 55108 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:33.381759882 CEST | 53 | 55108 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:34.928476095 CEST | 62364 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:35.043750048 CEST | 53 | 62364 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:36.541393042 CEST | 49809 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:36.562041998 CEST | 53 | 49809 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:38.557352066 CEST | 56157 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:38.702075958 CEST | 53 | 56157 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:40.350274086 CEST | 53493 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:40.371294975 CEST | 53 | 53493 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:40.703532934 CEST | 57594 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:40.893867970 CEST | 53 | 57594 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:42.524774075 CEST | 50791 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:42.553888083 CEST | 53 | 50791 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:44.081161976 CEST | 54156 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:44.110239983 CEST | 53 | 54156 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:44.428592920 CEST | 50959 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:44.449398041 CEST | 53 | 50959 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:45.959829092 CEST | 50193 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:45.989103079 CEST | 53 | 50193 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:47.575283051 CEST | 60880 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:47.604783058 CEST | 53 | 60880 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:49.097467899 CEST | 65220 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:49.118186951 CEST | 53 | 65220 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:49.421482086 CEST | 57453 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:49.450658083 CEST | 53 | 57453 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:50.966245890 CEST | 65154 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:50.995620012 CEST | 53 | 65154 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:51.334579945 CEST | 58750 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:51.358720064 CEST | 53 | 58750 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:51.718269110 CEST | 60541 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:51.746865034 CEST | 53 | 60541 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:52.910217047 CEST | 61871 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:52.931092024 CEST | 53 | 61871 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:54.487627983 CEST | 64097 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:54.508610964 CEST | 53 | 64097 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:55.732805967 CEST | 64730 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:55.753829002 CEST | 53 | 64730 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:57.227052927 CEST | 53776 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:57.255840063 CEST | 53 | 53776 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:58.969770908 CEST | 49561 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:58.994007111 CEST | 53 | 49561 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:46:59.301525116 CEST | 64019 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:46:59.330538988 CEST | 53 | 64019 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:47:00.737375021 CEST | 50442 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:47:00.758197069 CEST | 53 | 50442 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:47:01.047629118 CEST | 61166 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:47:01.063045979 CEST | 53 | 61166 | 8.8.8.8 | 192.168.2.3 |
Sep 1, 2023 15:47:02.706882000 CEST | 61026 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 1, 2023 15:47:02.730986118 CEST | 53 | 61026 | 8.8.8.8 | 192.168.2.3 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Sep 1, 2023 15:46:33.230180025 CEST | 192.168.2.3 | 8.8.8.8 | 0xe90c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:34.928476095 CEST | 192.168.2.3 | 8.8.8.8 | 0xe045 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:36.541393042 CEST | 192.168.2.3 | 8.8.8.8 | 0xf19a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:38.557352066 CEST | 192.168.2.3 | 8.8.8.8 | 0x4640 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:40.350274086 CEST | 192.168.2.3 | 8.8.8.8 | 0x56c9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:40.703532934 CEST | 192.168.2.3 | 8.8.8.8 | 0xcb1b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:42.524774075 CEST | 192.168.2.3 | 8.8.8.8 | 0x2884 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:44.081161976 CEST | 192.168.2.3 | 8.8.8.8 | 0x84a6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:44.428592920 CEST | 192.168.2.3 | 8.8.8.8 | 0x92f1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:45.959829092 CEST | 192.168.2.3 | 8.8.8.8 | 0x65bb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:47.575283051 CEST | 192.168.2.3 | 8.8.8.8 | 0x23f0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:49.097467899 CEST | 192.168.2.3 | 8.8.8.8 | 0x1c0c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:49.421482086 CEST | 192.168.2.3 | 8.8.8.8 | 0xd19e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:50.966245890 CEST | 192.168.2.3 | 8.8.8.8 | 0xfc0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:51.334579945 CEST | 192.168.2.3 | 8.8.8.8 | 0x9afb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:51.718269110 CEST | 192.168.2.3 | 8.8.8.8 | 0xe36f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:52.910217047 CEST | 192.168.2.3 | 8.8.8.8 | 0x5120 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:54.487627983 CEST | 192.168.2.3 | 8.8.8.8 | 0xc51e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:55.732805967 CEST | 192.168.2.3 | 8.8.8.8 | 0x95f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:57.227052927 CEST | 192.168.2.3 | 8.8.8.8 | 0x835 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:58.969770908 CEST | 192.168.2.3 | 8.8.8.8 | 0x40f1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:46:59.301525116 CEST | 192.168.2.3 | 8.8.8.8 | 0x1dd6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:47:00.737375021 CEST | 192.168.2.3 | 8.8.8.8 | 0x7502 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:47:01.047629118 CEST | 192.168.2.3 | 8.8.8.8 | 0x9ca0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 1, 2023 15:47:02.706882000 CEST | 192.168.2.3 | 8.8.8.8 | 0x5bd3 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:33.381759882 CEST | 8.8.8.8 | 192.168.2.3 | 0xe90c | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:35.043750048 CEST | 8.8.8.8 | 192.168.2.3 | 0xe045 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:36.562041998 CEST | 8.8.8.8 | 192.168.2.3 | 0xf19a | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:38.702075958 CEST | 8.8.8.8 | 192.168.2.3 | 0x4640 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.371294975 CEST | 8.8.8.8 | 192.168.2.3 | 0x56c9 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:40.893867970 CEST | 8.8.8.8 | 192.168.2.3 | 0xcb1b | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:42.553888083 CEST | 8.8.8.8 | 192.168.2.3 | 0x2884 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.110239983 CEST | 8.8.8.8 | 192.168.2.3 | 0x84a6 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:44.449398041 CEST | 8.8.8.8 | 192.168.2.3 | 0x92f1 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:45.989103079 CEST | 8.8.8.8 | 192.168.2.3 | 0x65bb | No error (0) | 80.66.203.53 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:47.604783058 CEST | 8.8.8.8 | 192.168.2.3 | 0x23f0 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.118186951 CEST | 8.8.8.8 | 192.168.2.3 | 0x1c0c | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:49.450658083 CEST | 8.8.8.8 | 192.168.2.3 | 0xd19e | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:50.995620012 CEST | 8.8.8.8 | 192.168.2.3 | 0xfc0 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.358720064 CEST | 8.8.8.8 | 192.168.2.3 | 0x9afb | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:51.746865034 CEST | 8.8.8.8 | 192.168.2.3 | 0xe36f | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:52.931092024 CEST | 8.8.8.8 | 192.168.2.3 | 0x5120 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:54.508610964 CEST | 8.8.8.8 | 192.168.2.3 | 0xc51e | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:55.753829002 CEST | 8.8.8.8 | 192.168.2.3 | 0x95f3 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:57.255840063 CEST | 8.8.8.8 | 192.168.2.3 | 0x835 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:58.994007111 CEST | 8.8.8.8 | 192.168.2.3 | 0x40f1 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:46:59.330538988 CEST | 8.8.8.8 | 192.168.2.3 | 0x1dd6 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:00.758197069 CEST | 8.8.8.8 | 192.168.2.3 | 0x7502 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:01.063045979 CEST | 8.8.8.8 | 192.168.2.3 | 0x9ca0 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 188.36.122.174 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 175.126.109.15 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 211.168.53.110 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 211.40.39.251 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 115.88.24.200 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 123.140.161.243 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 187.134.70.168 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 186.182.55.44 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 37.34.248.24 | A (IP address) | IN (0x0001) | false | ||
Sep 1, 2023 15:47:02.730986118 CEST | 8.8.8.8 | 192.168.2.3 | 0x5bd3 | No error (0) | 181.197.76.240 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.3 | 49770 | 80.66.203.53 | 443 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.2.3 | 49760 | 115.88.24.200 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:33.670453072 CEST | 2699 | OUT | |
Sep 1, 2023 15:46:33.670496941 CEST | 2699 | OUT | |
Sep 1, 2023 15:46:34.913573980 CEST | 2700 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
10 | 192.168.2.3 | 49771 | 211.40.39.251 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:47.861881018 CEST | 3440 | OUT | |
Sep 1, 2023 15:46:47.861922979 CEST | 3440 | OUT | |
Sep 1, 2023 15:46:49.035181046 CEST | 3441 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
11 | 192.168.2.3 | 49772 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:49.181657076 CEST | 3442 | OUT | |
Sep 1, 2023 15:46:49.182424068 CEST | 3442 | OUT | |
Sep 1, 2023 15:46:49.394129992 CEST | 3443 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
12 | 192.168.2.3 | 49773 | 211.40.39.251 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:49.695246935 CEST | 3444 | OUT | |
Sep 1, 2023 15:46:49.695281982 CEST | 3444 | OUT | |
Sep 1, 2023 15:46:50.847105980 CEST | 3445 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
13 | 192.168.2.3 | 49774 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:51.055461884 CEST | 3446 | OUT | |
Sep 1, 2023 15:46:51.055505991 CEST | 3446 | OUT | |
Sep 1, 2023 15:46:51.257399082 CEST | 3447 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
14 | 192.168.2.3 | 49775 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:51.439790010 CEST | 3448 | OUT | |
Sep 1, 2023 15:46:51.439838886 CEST | 3448 | OUT | |
Sep 1, 2023 15:46:51.661725998 CEST | 3449 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
15 | 192.168.2.3 | 49776 | 211.40.39.251 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:52.005809069 CEST | 3450 | OUT | |
Sep 1, 2023 15:46:52.005842924 CEST | 3450 | OUT | |
Sep 1, 2023 15:46:52.876811981 CEST | 3451 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
16 | 192.168.2.3 | 49777 | 115.88.24.200 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:53.207707882 CEST | 3458 | OUT | |
Sep 1, 2023 15:46:53.207761049 CEST | 3458 | OUT | |
Sep 1, 2023 15:46:54.469517946 CEST | 3459 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
17 | 192.168.2.3 | 49779 | 123.140.161.243 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:54.781130075 CEST | 3460 | OUT | |
Sep 1, 2023 15:46:54.781166077 CEST | 3460 | OUT | |
Sep 1, 2023 15:46:55.692565918 CEST | 3461 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
18 | 192.168.2.3 | 49780 | 211.40.39.251 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:56.017704964 CEST | 3463 | OUT | |
Sep 1, 2023 15:46:56.017735004 CEST | 3463 | OUT | |
Sep 1, 2023 15:46:57.207369089 CEST | 3464 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
19 | 192.168.2.3 | 49781 | 115.88.24.200 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:57.561868906 CEST | 3464 | OUT | |
Sep 1, 2023 15:46:57.561938047 CEST | 3465 | OUT | |
Sep 1, 2023 15:46:58.808310032 CEST | 3466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
2 | 192.168.2.3 | 49761 | 211.40.39.251 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:35.298345089 CEST | 2701 | OUT | |
Sep 1, 2023 15:46:35.298378944 CEST | 2701 | OUT | |
Sep 1, 2023 15:46:36.499001026 CEST | 2702 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
20 | 192.168.2.3 | 49782 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:59.047837973 CEST | 3466 | OUT | |
Sep 1, 2023 15:46:59.047873020 CEST | 3467 | OUT | |
Sep 1, 2023 15:46:59.272161961 CEST | 3467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
21 | 192.168.2.3 | 49783 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:59.448434114 CEST | 3468 | OUT | |
Sep 1, 2023 15:46:59.451837063 CEST | 3469 | OUT | |
Sep 1, 2023 15:46:59.660711050 CEST | 3469 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
22 | 192.168.2.3 | 49784 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:47:00.814646006 CEST | 3470 | OUT | |
Sep 1, 2023 15:47:00.814680099 CEST | 3471 | OUT | |
Sep 1, 2023 15:47:01.040075064 CEST | 3471 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
23 | 192.168.2.3 | 49785 | 211.40.39.251 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:47:01.317769051 CEST | 3472 | OUT | |
Sep 1, 2023 15:47:01.317804098 CEST | 3473 | OUT | |
Sep 1, 2023 15:47:02.688188076 CEST | 3474 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
24 | 192.168.2.3 | 49786 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:47:02.787271023 CEST | 3474 | OUT | |
Sep 1, 2023 15:47:02.787331104 CEST | 3475 | OUT | |
Sep 1, 2023 15:47:03.003756046 CEST | 3475 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
3 | 192.168.2.3 | 49762 | 115.88.24.200 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:36.901483059 CEST | 2703 | OUT | |
Sep 1, 2023 15:46:36.901549101 CEST | 2703 | OUT | |
Sep 1, 2023 15:46:38.146894932 CEST | 2710 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
4 | 192.168.2.3 | 49764 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:38.756346941 CEST | 2711 | OUT | |
Sep 1, 2023 15:46:38.756386042 CEST | 2711 | OUT | |
Sep 1, 2023 15:46:38.971018076 CEST | 2712 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
5 | 192.168.2.3 | 49765 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:40.454894066 CEST | 2713 | OUT | |
Sep 1, 2023 15:46:40.454977989 CEST | 2713 | OUT | |
Sep 1, 2023 15:46:40.666369915 CEST | 2714 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
6 | 192.168.2.3 | 49766 | 123.140.161.243 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:41.158391953 CEST | 2715 | OUT | |
Sep 1, 2023 15:46:41.158472061 CEST | 2715 | OUT | |
Sep 1, 2023 15:46:42.489564896 CEST | 2716 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
7 | 192.168.2.3 | 49767 | 123.140.161.243 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:42.816653967 CEST | 2717 | OUT | |
Sep 1, 2023 15:46:42.816700935 CEST | 2717 | OUT | |
Sep 1, 2023 15:46:44.046610117 CEST | 2718 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
8 | 192.168.2.3 | 49768 | 188.36.122.174 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:44.166945934 CEST | 2719 | OUT | |
Sep 1, 2023 15:46:44.166985035 CEST | 2719 | OUT | |
Sep 1, 2023 15:46:44.392565012 CEST | 2719 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
9 | 192.168.2.3 | 49769 | 123.140.161.243 | 80 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Sep 1, 2023 15:46:44.696122885 CEST | 2720 | OUT | |
Sep 1, 2023 15:46:44.696160078 CEST | 2721 | OUT | |
Sep 1, 2023 15:46:45.907716036 CEST | 2721 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.3 | 49770 | 80.66.203.53 | 443 | C:\Windows\explorer.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-09-01 13:46:46 UTC | 0 | OUT | |
2023-09-01 13:46:46 UTC | 0 | IN | |
2023-09-01 13:46:46 UTC | 0 | IN | |
2023-09-01 13:46:46 UTC | 8 | IN | |
2023-09-01 13:46:46 UTC | 8 | IN | |
2023-09-01 13:46:46 UTC | 8 | IN | |
2023-09-01 13:46:46 UTC | 16 | IN | |
2023-09-01 13:46:46 UTC | 16 | IN | |
2023-09-01 13:46:46 UTC | 16 | IN | |
2023-09-01 13:46:46 UTC | 24 | IN | |
2023-09-01 13:46:46 UTC | 24 | IN | |
2023-09-01 13:46:46 UTC | 24 | IN | |
2023-09-01 13:46:46 UTC | 32 | IN | |
2023-09-01 13:46:46 UTC | 32 | IN | |
2023-09-01 13:46:46 UTC | 32 | IN | |
2023-09-01 13:46:46 UTC | 40 | IN | |
2023-09-01 13:46:46 UTC | 40 | IN | |
2023-09-01 13:46:46 UTC | 40 | IN | |
2023-09-01 13:46:46 UTC | 48 | IN | |
2023-09-01 13:46:46 UTC | 48 | IN | |
2023-09-01 13:46:46 UTC | 48 | IN | |
2023-09-01 13:46:46 UTC | 56 | IN | |
2023-09-01 13:46:46 UTC | 56 | IN | |
2023-09-01 13:46:46 UTC | 56 | IN | |
2023-09-01 13:46:46 UTC | 64 | IN | |
2023-09-01 13:46:46 UTC | 64 | IN | |
2023-09-01 13:46:46 UTC | 72 | IN | |
2023-09-01 13:46:46 UTC | 72 | IN | |
2023-09-01 13:46:46 UTC | 80 | IN | |
2023-09-01 13:46:46 UTC | 80 | IN | |
2023-09-01 13:46:46 UTC | 80 | IN | |
2023-09-01 13:46:46 UTC | 88 | IN | |
2023-09-01 13:46:46 UTC | 88 | IN | |
2023-09-01 13:46:46 UTC | 88 | IN | |
2023-09-01 13:46:46 UTC | 96 | IN | |
2023-09-01 13:46:46 UTC | 96 | IN | |
2023-09-01 13:46:46 UTC | 96 | IN | |
2023-09-01 13:46:46 UTC | 104 | IN | |
2023-09-01 13:46:46 UTC | 104 | IN | |
2023-09-01 13:46:46 UTC | 104 | IN | |
2023-09-01 13:46:46 UTC | 112 | IN | |
2023-09-01 13:46:46 UTC | 112 | IN | |
2023-09-01 13:46:46 UTC | 112 | IN | |
2023-09-01 13:46:46 UTC | 120 | IN | |
2023-09-01 13:46:46 UTC | 120 | IN | |
2023-09-01 13:46:46 UTC | 120 | IN | |
2023-09-01 13:46:46 UTC | 128 | IN | |
2023-09-01 13:46:46 UTC | 128 | IN | |
2023-09-01 13:46:46 UTC | 136 | IN | |
2023-09-01 13:46:46 UTC | 136 | IN | |
2023-09-01 13:46:46 UTC | 144 | IN | |
2023-09-01 13:46:46 UTC | 144 | IN | |
2023-09-01 13:46:46 UTC | 144 | IN | |
2023-09-01 13:46:46 UTC | 152 | IN | |
2023-09-01 13:46:46 UTC | 152 | IN | |
2023-09-01 13:46:46 UTC | 152 | IN | |
2023-09-01 13:46:46 UTC | 160 | IN | |
2023-09-01 13:46:46 UTC | 160 | IN | |
2023-09-01 13:46:46 UTC | 160 | IN | |
2023-09-01 13:46:46 UTC | 168 | IN | |
2023-09-01 13:46:46 UTC | 168 | IN | |
2023-09-01 13:46:46 UTC | 168 | IN | |
2023-09-01 13:46:46 UTC | 176 | IN | |
2023-09-01 13:46:46 UTC | 176 | IN | |
2023-09-01 13:46:46 UTC | 176 | IN | |
2023-09-01 13:46:46 UTC | 184 | IN | |
2023-09-01 13:46:46 UTC | 184 | IN | |
2023-09-01 13:46:46 UTC | 184 | IN | |
2023-09-01 13:46:46 UTC | 192 | IN | |
2023-09-01 13:46:46 UTC | 192 | IN | |
2023-09-01 13:46:46 UTC | 200 | IN | |
2023-09-01 13:46:46 UTC | 200 | IN | |
2023-09-01 13:46:46 UTC | 208 | IN | |
2023-09-01 13:46:46 UTC | 208 | IN | |
2023-09-01 13:46:46 UTC | 208 | IN | |
2023-09-01 13:46:46 UTC | 216 | IN | |
2023-09-01 13:46:46 UTC | 216 | IN | |
2023-09-01 13:46:46 UTC | 216 | IN | |
2023-09-01 13:46:46 UTC | 224 | IN | |
2023-09-01 13:46:46 UTC | 224 | IN | |
2023-09-01 13:46:46 UTC | 224 | IN | |
2023-09-01 13:46:46 UTC | 232 | IN | |
2023-09-01 13:46:46 UTC | 232 | IN | |
2023-09-01 13:46:46 UTC | 232 | IN | |
2023-09-01 13:46:46 UTC | 240 | IN | |
2023-09-01 13:46:46 UTC | 240 | IN | |
2023-09-01 13:46:46 UTC | 240 | IN | |
2023-09-01 13:46:46 UTC | 248 | IN | |
2023-09-01 13:46:46 UTC | 248 | IN | |
2023-09-01 13:46:46 UTC | 248 | IN | |
2023-09-01 13:46:46 UTC | 256 | IN | |
2023-09-01 13:46:46 UTC | 256 | IN | |
2023-09-01 13:46:46 UTC | 264 | IN | |
2023-09-01 13:46:46 UTC | 264 | IN | |
2023-09-01 13:46:46 UTC | 272 | IN | |
2023-09-01 13:46:46 UTC | 272 | IN | |
2023-09-01 13:46:46 UTC | 272 | IN | |
2023-09-01 13:46:46 UTC | 280 | IN | |
2023-09-01 13:46:46 UTC | 280 | IN | |
2023-09-01 13:46:46 UTC | 280 | IN | |
2023-09-01 13:46:46 UTC | 288 | IN | |
2023-09-01 13:46:46 UTC | 288 | IN | |
2023-09-01 13:46:46 UTC | 288 | IN | |
2023-09-01 13:46:46 UTC | 296 | IN | |
2023-09-01 13:46:46 UTC | 296 | IN | |
2023-09-01 13:46:46 UTC | 296 | IN | |
2023-09-01 13:46:46 UTC | 304 | IN | |
2023-09-01 13:46:46 UTC | 304 | IN | |
2023-09-01 13:46:46 UTC | 304 | IN | |
2023-09-01 13:46:46 UTC | 312 | IN | |
2023-09-01 13:46:46 UTC | 312 | IN | |
2023-09-01 13:46:46 UTC | 312 | IN | |
2023-09-01 13:46:46 UTC | 320 | IN | |
2023-09-01 13:46:46 UTC | 320 | IN | |
2023-09-01 13:46:46 UTC | 328 | IN | |
2023-09-01 13:46:46 UTC | 328 | IN | |
2023-09-01 13:46:46 UTC | 336 | IN | |
2023-09-01 13:46:46 UTC | 336 | IN | |
2023-09-01 13:46:46 UTC | 336 | IN | |
2023-09-01 13:46:46 UTC | 344 | IN | |
2023-09-01 13:46:46 UTC | 344 | IN | |
2023-09-01 13:46:46 UTC | 344 | IN | |
2023-09-01 13:46:46 UTC | 352 | IN | |
2023-09-01 13:46:46 UTC | 352 | IN | |
2023-09-01 13:46:46 UTC | 352 | IN | |
2023-09-01 13:46:46 UTC | 360 | IN | |
2023-09-01 13:46:46 UTC | 360 | IN | |
2023-09-01 13:46:46 UTC | 360 | IN | |
2023-09-01 13:46:46 UTC | 368 | IN | |
2023-09-01 13:46:46 UTC | 368 | IN | |
2023-09-01 13:46:46 UTC | 368 | IN | |
2023-09-01 13:46:46 UTC | 376 | IN | |
2023-09-01 13:46:46 UTC | 376 | IN | |
2023-09-01 13:46:46 UTC | 376 | IN | |
2023-09-01 13:46:46 UTC | 384 | IN | |
2023-09-01 13:46:46 UTC | 384 | IN | |
2023-09-01 13:46:46 UTC | 392 | IN | |
2023-09-01 13:46:46 UTC | 392 | IN | |
2023-09-01 13:46:46 UTC | 400 | IN | |
2023-09-01 13:46:46 UTC | 400 | IN | |
2023-09-01 13:46:46 UTC | 400 | IN | |
2023-09-01 13:46:46 UTC | 408 | IN | |
2023-09-01 13:46:46 UTC | 408 | IN | |
2023-09-01 13:46:46 UTC | 408 | IN | |
2023-09-01 13:46:46 UTC | 416 | IN | |
2023-09-01 13:46:46 UTC | 416 | IN | |
2023-09-01 13:46:46 UTC | 416 | IN | |
2023-09-01 13:46:46 UTC | 424 | IN | |
2023-09-01 13:46:46 UTC | 424 | IN | |
2023-09-01 13:46:46 UTC | 424 | IN | |
2023-09-01 13:46:46 UTC | 432 | IN | |
2023-09-01 13:46:46 UTC | 432 | IN | |
2023-09-01 13:46:46 UTC | 432 | IN | |
2023-09-01 13:46:46 UTC | 440 | IN | |
2023-09-01 13:46:46 UTC | 440 | IN | |
2023-09-01 13:46:46 UTC | 440 | IN | |
2023-09-01 13:46:46 UTC | 448 | IN | |
2023-09-01 13:46:46 UTC | 448 | IN | |
2023-09-01 13:46:46 UTC | 456 | IN | |
2023-09-01 13:46:46 UTC | 456 | IN | |
2023-09-01 13:46:46 UTC | 464 | IN | |
2023-09-01 13:46:46 UTC | 464 | IN | |
2023-09-01 13:46:46 UTC | 464 | IN | |
2023-09-01 13:46:46 UTC | 472 | IN | |
2023-09-01 13:46:46 UTC | 472 | IN | |
2023-09-01 13:46:46 UTC | 472 | IN | |
2023-09-01 13:46:46 UTC | 480 | IN | |
2023-09-01 13:46:46 UTC | 480 | IN | |
2023-09-01 13:46:46 UTC | 480 | IN | |
2023-09-01 13:46:46 UTC | 488 | IN | |
2023-09-01 13:46:46 UTC | 488 | IN | |
2023-09-01 13:46:46 UTC | 488 | IN | |
2023-09-01 13:46:46 UTC | 496 | IN | |
2023-09-01 13:46:46 UTC | 496 | IN | |
2023-09-01 13:46:46 UTC | 496 | IN | |
2023-09-01 13:46:46 UTC | 504 | IN | |
2023-09-01 13:46:46 UTC | 504 | IN | |
2023-09-01 13:46:46 UTC | 504 | IN | |
2023-09-01 13:46:46 UTC | 512 | IN | |
2023-09-01 13:46:46 UTC | 512 | IN | |
2023-09-01 13:46:46 UTC | 520 | IN | |
2023-09-01 13:46:46 UTC | 520 | IN | |
2023-09-01 13:46:46 UTC | 528 | IN | |
2023-09-01 13:46:46 UTC | 528 | IN | |
2023-09-01 13:46:46 UTC | 528 | IN | |
2023-09-01 13:46:46 UTC | 536 | IN | |
2023-09-01 13:46:46 UTC | 536 | IN | |
2023-09-01 13:46:46 UTC | 536 | IN | |
2023-09-01 13:46:46 UTC | 544 | IN | |
2023-09-01 13:46:46 UTC | 544 | IN | |
2023-09-01 13:46:46 UTC | 544 | IN | |
2023-09-01 13:46:46 UTC | 552 | IN | |
2023-09-01 13:46:46 UTC | 552 | IN | |
2023-09-01 13:46:46 UTC | 552 | IN | |
2023-09-01 13:46:46 UTC | 560 | IN | |
2023-09-01 13:46:46 UTC | 560 | IN | |
2023-09-01 13:46:46 UTC | 560 | IN | |
2023-09-01 13:46:46 UTC | 568 | IN | |
2023-09-01 13:46:46 UTC | 568 | IN | |
2023-09-01 13:46:46 UTC | 568 | IN | |
2023-09-01 13:46:46 UTC | 576 | IN | |
2023-09-01 13:46:46 UTC | 577 | IN | |
2023-09-01 13:46:46 UTC | 585 | IN | |
2023-09-01 13:46:46 UTC | 585 | IN | |
2023-09-01 13:46:46 UTC | 593 | IN | |
2023-09-01 13:46:46 UTC | 593 | IN | |
2023-09-01 13:46:46 UTC | 593 | IN | |
2023-09-01 13:46:46 UTC | 601 | IN | |
2023-09-01 13:46:46 UTC | 601 | IN | |
2023-09-01 13:46:46 UTC | 601 | IN | |
2023-09-01 13:46:46 UTC | 609 | IN | |
2023-09-01 13:46:46 UTC | 609 | IN | |
2023-09-01 13:46:46 UTC | 609 | IN | |
2023-09-01 13:46:46 UTC | 617 | IN | |
2023-09-01 13:46:46 UTC | 617 | IN | |
2023-09-01 13:46:46 UTC | 617 | IN | |
2023-09-01 13:46:46 UTC | 625 | IN | |
2023-09-01 13:46:46 UTC | 625 | IN | |
2023-09-01 13:46:46 UTC | 625 | IN | |
2023-09-01 13:46:46 UTC | 633 | IN | |
2023-09-01 13:46:46 UTC | 633 | IN | |
2023-09-01 13:46:46 UTC | 633 | IN | |
2023-09-01 13:46:46 UTC | 641 | IN | |
2023-09-01 13:46:46 UTC | 641 | IN | |
2023-09-01 13:46:46 UTC | 649 | IN | |
2023-09-01 13:46:47 UTC | 649 | IN | |
2023-09-01 13:46:47 UTC | 657 | IN | |
2023-09-01 13:46:47 UTC | 657 | IN | |
2023-09-01 13:46:47 UTC | 657 | IN | |
2023-09-01 13:46:47 UTC | 665 | IN | |
2023-09-01 13:46:47 UTC | 665 | IN | |
2023-09-01 13:46:47 UTC | 665 | IN | |
2023-09-01 13:46:47 UTC | 673 | IN | |
2023-09-01 13:46:47 UTC | 673 | IN | |
2023-09-01 13:46:47 UTC | 673 | IN | |
2023-09-01 13:46:47 UTC | 681 | IN | |
2023-09-01 13:46:47 UTC | 681 | IN | |
2023-09-01 13:46:47 UTC | 681 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 15:45:26 |
Start date: | 01/09/2023 |
Path: | C:\Users\user\Desktop\file.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 395'776 bytes |
MD5 hash: | 059AA5219C81CCEC4D257337C885C9E5 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 13 |
Start time: | 15:46:10 |
Start date: | 01/09/2023 |
Path: | C:\Windows\explorer.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff763730000 |
File size: | 3'933'184 bytes |
MD5 hash: | AD5296B280E8F522A8A897C96BAB0E1D |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 18 |
Start time: | 15:46:33 |
Start date: | 01/09/2023 |
Path: | C:\Users\user\AppData\Roaming\crtauus |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 395'776 bytes |
MD5 hash: | 059AA5219C81CCEC4D257337C885C9E5 |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 19 |
Start time: | 15:46:46 |
Start date: | 01/09/2023 |
Path: | C:\Users\user\AppData\Local\Temp\953E.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 703'488 bytes |
MD5 hash: | 33AE73E6DED24C1427D538C8EBA2B5DD |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 26 |
Start time: | 15:47:21 |
Start date: | 01/09/2023 |
Path: | C:\Users\user\AppData\Local\Temp\953E.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 703'488 bytes |
MD5 hash: | 33AE73E6DED24C1427D538C8EBA2B5DD |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | true |
Execution Graph
Execution Coverage: | 2.2% |
Dynamic/Decrypted Code Coverage: | 7.2% |
Signature Coverage: | 18.6% |
Total number of Nodes: | 893 |
Total number of Limit Nodes: | 17 |
Graph
Function 004018C1 Relevance: 12.2, APIs: 8, Instructions: 215sleepCOMMON
Control-flow Graph
C-Code - Quality: 27% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 40% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 40% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 39% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 40% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 41% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 35% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004016A3 Relevance: 1.6, APIs: 1, Instructions: 75nativeCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040F09C Relevance: 6.1, APIs: 4, Instructions: 84COMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040B046 Relevance: 1.5, APIs: 1, Instructions: 20memoryCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040188C Relevance: 1.3, APIs: 1, Instructions: 64sleepCOMMON
Control-flow Graph
C-Code - Quality: 37% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401897 Relevance: 1.3, APIs: 1, Instructions: 59sleepCOMMON
Control-flow Graph
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004018A5 Relevance: 1.3, APIs: 1, Instructions: 54sleepCOMMON
C-Code - Quality: 50% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004018BA Relevance: 1.3, APIs: 1, Instructions: 49sleepCOMMON
C-Code - Quality: 16% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004018D0 Relevance: 1.3, APIs: 1, Instructions: 48sleepCOMMON
C-Code - Quality: 27% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 78% |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041393C Relevance: .4, Instructions: 384COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0041351C Relevance: .4, Instructions: 378COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00413110 Relevance: .4, Instructions: 361COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00412D3C Relevance: .4, Instructions: 351COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403244 Relevance: .1, Instructions: 62COMMON
C-Code - Quality: 82% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004027CB Relevance: .0, Instructions: 41COMMONCrypto
C-Code - Quality: 34% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401423 Relevance: .0, Instructions: 11COMMON
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040E125 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 204COMMONLIBRARYCODE
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D0B1 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 57COMMONLIBRARYCODE
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040908C Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 31COMMONLIBRARYCODE
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00411A87 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47COMMONLIBRARYCODE
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004102B0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMONLIBRARYCODE
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 2.6% |
Dynamic/Decrypted Code Coverage: | 8.4% |
Signature Coverage: | 0.7% |
Total number of Nodes: | 905 |
Total number of Limit Nodes: | 18 |
Graph
Function 004018C1 Relevance: 12.2, APIs: 8, Instructions: 215sleepCOMMON
Control-flow Graph
C-Code - Quality: 27% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 40% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 40% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 39% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 40% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 41% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 35% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04076AB6 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004016A3 Relevance: 1.6, APIs: 1, Instructions: 75nativeCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040F09C Relevance: 6.1, APIs: 4, Instructions: 84COMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040B046 Relevance: 1.5, APIs: 1, Instructions: 20memoryCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040188C Relevance: 1.3, APIs: 1, Instructions: 64sleepCOMMON
Control-flow Graph
C-Code - Quality: 37% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401897 Relevance: 1.3, APIs: 1, Instructions: 59sleepCOMMON
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004018A5 Relevance: 1.3, APIs: 1, Instructions: 54sleepCOMMON
C-Code - Quality: 50% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004018BA Relevance: 1.3, APIs: 1, Instructions: 49sleepCOMMON
C-Code - Quality: 16% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04076775 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004018D0 Relevance: 1.3, APIs: 1, Instructions: 48sleepCOMMON
C-Code - Quality: 27% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04076393 Relevance: .1, Instructions: 61COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040E125 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 204COMMONLIBRARYCODE
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D0B1 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 57COMMONLIBRARYCODE
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040908C Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 31COMMONLIBRARYCODE
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00411A87 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47COMMONLIBRARYCODE
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004102B0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMONLIBRARYCODE
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 6.1% |
Dynamic/Decrypted Code Coverage: | 42.9% |
Signature Coverage: | 8.8% |
Total number of Nodes: | 91 |
Total number of Limit Nodes: | 8 |
Graph
Function 00409543 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 78memorylibrarynativeCOMMON
Control-flow Graph
C-Code - Quality: 89% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040AEA4 Relevance: 3.0, APIs: 2, Instructions: 32COMMON
Control-flow Graph
C-Code - Quality: 94% |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0404003C Relevance: 12.8, APIs: 5, Strings: 2, Instructions: 515memoryCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405C4C Relevance: 12.1, APIs: 8, Instructions: 78memoryCOMMON
Control-flow Graph
C-Code - Quality: 63% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 89% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00407AB9 Relevance: 6.1, APIs: 4, Instructions: 59memoryCOMMON
Control-flow Graph
C-Code - Quality: 87% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 59% |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 42% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
C-Code - Quality: 88% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04040E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00401352 Relevance: 1.5, APIs: 1, Instructions: 29memoryCOMMON
Control-flow Graph
C-Code - Quality: 50% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040135E Relevance: 1.5, APIs: 1, Instructions: 28memoryCOMMON
Control-flow Graph
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04040920 Relevance: 1.5, APIs: 1, Instructions: 4COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 040497A9 Relevance: 10.6, APIs: 7, Instructions: 78memorylibrarynativeCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 040497AA Relevance: 10.6, APIs: 7, Instructions: 78memorylibrarynativeCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 76% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 80% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 84% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004082B6 Relevance: 4.5, APIs: 3, Instructions: 43memoryCOMMON
C-Code - Quality: 36% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040803E Relevance: 2.5, APIs: 2, Instructions: 13memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040B453 Relevance: 1.6, APIs: 1, Instructions: 119COMMON
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 95% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 04045EB3 Relevance: 12.1, APIs: 8, Instructions: 78memoryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D1F6 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 169libraryCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004023F2 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 82libraryCOMMON
C-Code - Quality: 42% |
|
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 75% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0404129F Relevance: 6.0, APIs: 4, Instructions: 37COMMON
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 91% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403AEE Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15synchronizationCOMMON
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |