Edit tour
Windows
Analysis Report
https://teams.microsoft.com/l/chat/0/0?users=carsten.deussing@onlyfy.com
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
URL contains potential PII (phishing indication)
Classification
- System is w10x64
- chrome.exe (PID: 2380 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 4008 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2544 --fi eld-trial- handle=252 0,i,111922 6453529930 3106,50187 3168827740 3197,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6540 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://teams .microsoft .com/l/cha t/0/0?user s=carsten. deussing@o nlyfy.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
Source: | Sample URL: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 142.251.16.104 | true | false | high | |
s-0005.dual-s-msedge.net | 52.123.128.14 | true | false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false |
| unknown | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.251.16.104 | www.google.com | United States | 15169 | GOOGLEUS | false | |
52.123.129.14 | unknown | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
52.123.128.14 | s-0005.dual-s-msedge.net | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false |
IP |
---|
192.168.2.7 |
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1417079 |
Start date and time: | 2024-03-28 15:36:58 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 15s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://teams.microsoft.com/l/chat/0/0?users=carsten.deussing@onlyfy.com |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@19/24@2/6 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.251.167.94, 172.253.122.101, 172.253.122.113, 172.253.122.139, 172.253.122.102, 172.253.122.100, 172.253.122.138, 142.251.111.84, 34.104.35.123, 23.53.35.199, 23.53.35.205, 23.53.35.206, 52.168.117.174, 40.79.141.152, 72.21.81.240, 192.229.211.108, 13.95.31.18, 20.242.39.171, 172.253.122.94, 13.69.239.77, 20.42.65.89, 172.253.62.102, 172.253.62.100, 172.253.62.101, 172.253.62.139, 172.253.62.138, 172.253.62.113
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, browser.events.data.trafficmanager.net, onedscolprdfrc03.francecentral.cloudapp.azure.com, clients2.google.com, ocsp.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, teams-staticscdn.trafficmanager.net, update.googleapis.com, statics.teams.cdn.office.net, clients1.google.com, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com, teams.microsoft.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, statics.teams.cdn.office.net-c.edgesuite.net, onedscolprdeus11.eastus.cloudapp.azure.com, clients.l.google.com, statics.teams.cdn.office.net-c.edgesuite.net.globalredir.akadns.net, onedscolprdneu09.northeurope.cloudapp.azure.com, onedscolprdeus22.eastus.cloudapp.azure.com, browser.pipe.aria.microsoft.com, a1813.dscd.akamai.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
⊘No simulations
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 31054 |
Entropy (8bit): | 5.115262666558672 |
Encrypted: | false |
SSDEEP: | 384:dZJPRAKEMuYgmJT0cISW6Z6qDD6b9nQFFQUR2IVf69AWhLX47SHTlk4nO8FIYTJ8:DE2tUsIW8FhdVG |
MD5: | 62624B374594C5B37AC2840166D36869 |
SHA1: | 4F1ED0D897D0A729DB319A914DDC0607875C39C6 |
SHA-256: | 80270CC751ED1DE7959C538CD7032E811207AF63B73477A446865AA3870ED3F8 |
SHA-512: | CD01101EFAE2A9AF2194AE020B00E68C8F453BA53293CC17618968065001D79E76F729A084E8214F29E82DD11BA8424CD50BCA694EBB476AB65E8246228B40C7 |
Malicious: | false |
Reputation: | low |
URL: | https://statics.teams.cdn.office.net/hashedcss-launcher/launcher.d6cd10b8b26b2130799c.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 46672 |
Entropy (8bit): | 4.699890563164541 |
Encrypted: | false |
SSDEEP: | 768:fnUjUVjWqCODE7ZDP38TsXYfAMoM6wgjnlsuOK8TTI:fnUjkrE7ZDP38T8JZigbGKP |
MD5: | 570F11D9E530B70ED3FCC44B355C1D64 |
SHA1: | 824EF8F872B2E7F86CF5AD2F6FFC6D2EE4018FDE |
SHA-256: | DCDA18533910157B38C266C465CE4E099C77DAC8F2DB94C21BEDE074A5A7583C |
SHA-512: | E0F36108A7D18109BB9A98D3D69D817F18F6AB13144669881179DFDB42BC46BD6DFF6F062F904AF3DD3FE06D4985398AE44E9CBC41E2FE0983C77BF60F3BB427 |
Malicious: | false |
Reputation: | low |
URL: | https://statics.teams.cdn.office.net/hashedassets-launcher/download_teams_desktop.56ea711b4689afe2bd227c93e4ab38ed.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 46672 |
Entropy (8bit): | 4.699890563164541 |
Encrypted: | false |
SSDEEP: | 768:fnUjUVjWqCODE7ZDP38TsXYfAMoM6wgjnlsuOK8TTI:fnUjkrE7ZDP38T8JZigbGKP |
MD5: | 570F11D9E530B70ED3FCC44B355C1D64 |
SHA1: | 824EF8F872B2E7F86CF5AD2F6FFC6D2EE4018FDE |
SHA-256: | DCDA18533910157B38C266C465CE4E099C77DAC8F2DB94C21BEDE074A5A7583C |
SHA-512: | E0F36108A7D18109BB9A98D3D69D817F18F6AB13144669881179DFDB42BC46BD6DFF6F062F904AF3DD3FE06D4985398AE44E9CBC41E2FE0983C77BF60F3BB427 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 72 |
Entropy (8bit): | 4.241202481433726 |
Encrypted: | false |
SSDEEP: | 3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY |
MD5: | 9E576E34B18E986347909C29AE6A82C6 |
SHA1: | 532C767978DC2B55854B3CA2D2DF5B4DB221C934 |
SHA-256: | 88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D |
SHA-512: | 5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 725770 |
Entropy (8bit): | 5.3925246495132155 |
Encrypted: | false |
SSDEEP: | 6144:szoNDcDzTDZqLLWkYx2H2q5Ai07FkmHml9JlsObh1Hk220HbA1hCY8U4UYUKuIax:szoN/07FkmqpNCBgpWx |
MD5: | 377261D8BDAAFDACBF835C54ABE43304 |
SHA1: | 68801D27DFFDFC596D27A321B77AC7C2174295C8 |
SHA-256: | B2498E0ABA1ADD31A95EC3162CBA16997E1BBE75319CB8BCB2A7E6122BBF22B3 |
SHA-512: | E3CB8222B33D31D657CFD78778A0A3DBA24940A904B61F4E07FB9767C294946F3933BA8DBC524E1C3ED4A344FDA029B36CFD251D5CFFE5D3B71D8E0AD78A804C |
Malicious: | false |
Reputation: | low |
URL: | https://statics.teams.cdn.office.net/hashedjs-launcher/launcher.819b698e5c50f53a2465.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 72 |
Entropy (8bit): | 4.241202481433726 |
Encrypted: | false |
SSDEEP: | 3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY |
MD5: | 9E576E34B18E986347909C29AE6A82C6 |
SHA1: | 532C767978DC2B55854B3CA2D2DF5B4DB221C934 |
SHA-256: | 88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D |
SHA-512: | 5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17514 |
Entropy (8bit): | 5.194383164357832 |
Encrypted: | false |
SSDEEP: | 384:0V262CyC63D6UpR6L66646F6Or6f6e2686D6t6b:UVylOUpwWN3M1CmDeEb |
MD5: | BAA8CDEDEF47FD3950E654413765C8E6 |
SHA1: | C618384521AA608E6E895DED423AA5974CEEDFB7 |
SHA-256: | 31534A922F42A7AE5672ED088270BA9BF07689774C375BC23A672614E86883BD |
SHA-512: | 683A0D41A8F73C40ABA73AAD0CD5937A7022C46885058D90FF991EF915A376A8D9D1FC9A8C351363EE81CCD2813AA77A286733CDBDC9A2130785C3BAE82BA423 |
Malicious: | false |
Reputation: | low |
URL: | https://teams.microsoft.com/dl/launcher/attribution.txt |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 91302 |
Entropy (8bit): | 5.083847889045784 |
Encrypted: | false |
SSDEEP: | 1536:59iJX9Lgm9iJX9Lgm9iJX9Lg/jHXZwuumF:54p4p4qXZwuumF |
MD5: | 2B4509D8A869917BBC5CE10982956619 |
SHA1: | DC21BD40ED9B873779F855026F253BDD3322723D |
SHA-256: | 397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822 |
SHA-512: | 2D0A54E85C7BBDD653B1557A3741D44B621876503D6E8B8CFD5FC6BD3047E28B9702DFB132474DD3981174D96F994B46083008A327646C8D16467E80DA164BAB |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17422 |
Entropy (8bit): | 4.977772694466847 |
Encrypted: | false |
SSDEEP: | 384:PhLhehehehnhdZZkybCgKX6v169F7sV4JF3ECGR7sjFtUQkwcuj3egT1gF7OU6dW:PhLhehehehnhdY+CgKqv16LsV4JFUCjm |
MD5: | C45AF9108D78EBFDD1FD1D3D0671173B |
SHA1: | 996EB0B6A2AC293F5A1573E9796F726B9B2F2CB9 |
SHA-256: | CDBA34F6FDDB1F886B11D4F4850CD633332DA1ED2ECB751DA24BBFB889A7140C |
SHA-512: | 0552CDA37E589F4694662585C00EDDE54B8CC52F6B8B10DB7E0C8EA60A97A783FBB110C8CAF8C1F958E52AA928B3EB924CF6EFADB819BA1E4D4566B0A947D742 |
Malicious: | false |
Reputation: | low |
URL: | https://teams.microsoft.com/dl/launcher/launcher.html?url=%2F_%23%2Fl%2Fchat%2F0%2F0%3Fusers%3Dcarsten.deussing%40onlyfy.com&type=chat&deeplinkId=ad8ab334-1102-4686-8081-cb1a1583c8e4&directDl=true&msLaunch=true&enableMobilePage=true |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5621 |
Entropy (8bit): | 4.2543291215767 |
Encrypted: | false |
SSDEEP: | 96:Rf6psAY2NMgC2s2K2U72u+qz3L3K2AtLP5y2YTDzGKOMSH0H2u+qz3LZ:96pNNlC7yu+qYVP42YTDz9S1u+qx |
MD5: | EE0F7622A71A597595C5A8FB2F89A097 |
SHA1: | 0D9768FDBA8B1D89A6DBA27D5CECC27737BF5CDD |
SHA-256: | 433388EFC4567EF14D3FED6F2DA976D457D43D09F6753E289C7FE544E0175281 |
SHA-512: | 55E1161AC6A533B67FA3D073691E936090019B10283BC40F248F47DA38788A7A00FAF307BD5001B6327DAF38F874DC578A0CD212ECCF94520801C37DF668D9FF |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 72 |
Entropy (8bit): | 4.241202481433726 |
Encrypted: | false |
SSDEEP: | 3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY |
MD5: | 9E576E34B18E986347909C29AE6A82C6 |
SHA1: | 532C767978DC2B55854B3CA2D2DF5B4DB221C934 |
SHA-256: | 88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D |
SHA-512: | 5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 91302 |
Entropy (8bit): | 5.083847889045784 |
Encrypted: | false |
SSDEEP: | 1536:59iJX9Lgm9iJX9Lgm9iJX9Lg/jHXZwuumF:54p4p4qXZwuumF |
MD5: | 2B4509D8A869917BBC5CE10982956619 |
SHA1: | DC21BD40ED9B873779F855026F253BDD3322723D |
SHA-256: | 397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822 |
SHA-512: | 2D0A54E85C7BBDD653B1557A3741D44B621876503D6E8B8CFD5FC6BD3047E28B9702DFB132474DD3981174D96F994B46083008A327646C8D16467E80DA164BAB |
Malicious: | false |
Reputation: | low |
URL: | https://statics.teams.cdn.office.net/hashedassets-launcher/favicon/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 91302 |
Entropy (8bit): | 5.083847889045784 |
Encrypted: | false |
SSDEEP: | 1536:59iJX9Lgm9iJX9Lgm9iJX9Lg/jHXZwuumF:54p4p4qXZwuumF |
MD5: | 2B4509D8A869917BBC5CE10982956619 |
SHA1: | DC21BD40ED9B873779F855026F253BDD3322723D |
SHA-256: | 397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822 |
SHA-512: | 2D0A54E85C7BBDD653B1557A3741D44B621876503D6E8B8CFD5FC6BD3047E28B9702DFB132474DD3981174D96F994B46083008A327646C8D16467E80DA164BAB |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 91302 |
Entropy (8bit): | 5.083847889045784 |
Encrypted: | false |
SSDEEP: | 1536:59iJX9Lgm9iJX9Lgm9iJX9Lg/jHXZwuumF:54p4p4qXZwuumF |
MD5: | 2B4509D8A869917BBC5CE10982956619 |
SHA1: | DC21BD40ED9B873779F855026F253BDD3322723D |
SHA-256: | 397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822 |
SHA-512: | 2D0A54E85C7BBDD653B1557A3741D44B621876503D6E8B8CFD5FC6BD3047E28B9702DFB132474DD3981174D96F994B46083008A327646C8D16467E80DA164BAB |
Malicious: | false |
Reputation: | low |
URL: | https://statics.teams.cdn.office.net/hashed/favicon/prod/favicon-f1722d9.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5621 |
Entropy (8bit): | 4.2543291215767 |
Encrypted: | false |
SSDEEP: | 96:Rf6psAY2NMgC2s2K2U72u+qz3L3K2AtLP5y2YTDzGKOMSH0H2u+qz3LZ:96pNNlC7yu+qYVP42YTDz9S1u+qx |
MD5: | EE0F7622A71A597595C5A8FB2F89A097 |
SHA1: | 0D9768FDBA8B1D89A6DBA27D5CECC27737BF5CDD |
SHA-256: | 433388EFC4567EF14D3FED6F2DA976D457D43D09F6753E289C7FE544E0175281 |
SHA-512: | 55E1161AC6A533B67FA3D073691E936090019B10283BC40F248F47DA38788A7A00FAF307BD5001B6327DAF38F874DC578A0CD212ECCF94520801C37DF668D9FF |
Malicious: | false |
Reputation: | low |
URL: | https://statics.teams.cdn.office.net/hashedassets-launcher/logo.9a06a31283bb958af1e6112179685b71.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 72 |
Entropy (8bit): | 4.241202481433726 |
Encrypted: | false |
SSDEEP: | 3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY |
MD5: | 9E576E34B18E986347909C29AE6A82C6 |
SHA1: | 532C767978DC2B55854B3CA2D2DF5B4DB221C934 |
SHA-256: | 88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D |
SHA-512: | 5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124 |
Malicious: | false |
Reputation: | low |
Preview: |
⊘No static file info
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 15:37:46.649754047 CET | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Mar 28, 2024 15:37:57.353204966 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.353250027 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.353372097 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.355082989 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.355115891 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.355195045 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.356210947 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.356226921 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.356513977 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.356529951 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.668978930 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.669405937 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.669430017 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.670792103 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.670867920 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.670907021 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.671458960 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.671471119 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.671964884 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.672032118 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.672182083 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.672189951 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.672560930 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.672642946 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.673424959 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.673484087 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.711657047 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.726913929 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.726931095 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.773231030 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.777091980 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.777199030 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.777251959 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.777735949 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.777755976 CET | 443 | 49736 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.777765989 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.777803898 CET | 49736 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.780189037 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.820240021 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.914760113 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.914773941 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.914793968 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.914974928 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.914989948 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915035009 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.915160894 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915169954 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915194035 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915250063 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.915250063 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.915271044 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915632010 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915638924 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915680885 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.915694952 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915741920 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.915745974 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915755987 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:57.915812016 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.918016911 CET | 49735 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:37:57.918031931 CET | 443 | 49735 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:37:58.358216047 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:37:58.358249903 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:37:58.358319044 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:37:58.358551979 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:37:58.358565092 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:37:58.579811096 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:37:58.580326080 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:37:58.580341101 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:37:58.581386089 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:37:58.581465960 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:37:58.582557917 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:37:58.582653999 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:37:58.631273985 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:37:58.631289005 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:37:58.680999041 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:01.272962093 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:01.272994041 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:01.273062944 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:01.292793036 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:01.292813063 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:01.651979923 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:01.652055979 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:01.662600994 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:01.662606955 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:01.662897110 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:01.713892937 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:01.723352909 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:01.764240026 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.004781008 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.004856110 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.004903078 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.005101919 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.005122900 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.005145073 CET | 49744 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.005151033 CET | 443 | 49744 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.035659075 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.035698891 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.035788059 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.036230087 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.036248922 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.397172928 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.397238016 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.446058989 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.446089983 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.446438074 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.451443911 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.496241093 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.638900995 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.638936043 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.639059067 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.639717102 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.639749050 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.640003920 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.640250921 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.640275002 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.640562057 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.640575886 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.762829065 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.762912989 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.762969017 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.764208078 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.764230013 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.764245033 CET | 49745 | 443 | 192.168.2.4 | 23.221.242.90 |
Mar 28, 2024 15:38:02.764250994 CET | 443 | 49745 | 23.221.242.90 | 192.168.2.4 |
Mar 28, 2024 15:38:02.968997002 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.969561100 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.969588995 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.970674038 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.970747948 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.972939014 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.973001957 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.973438978 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.973449945 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.975270033 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.975529909 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.975543976 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.976609945 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.976663113 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.977453947 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.977519035 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:02.977756977 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:02.977763891 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.023003101 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.023020983 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.071787119 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.071816921 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.071857929 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.071886063 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.071887016 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.071929932 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.073884010 CET | 49749 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.073895931 CET | 443 | 49749 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.080769062 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.080794096 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.080840111 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.080858946 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.080859900 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.080883026 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.080897093 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.080912113 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.080931902 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.080954075 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.175309896 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.175338030 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.175434113 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.175451994 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.175474882 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.175669909 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.176086903 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.176135063 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.176183939 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.176189899 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.176203966 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.176209927 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:03.176321983 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.313047886 CET | 49748 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:03.313067913 CET | 443 | 49748 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:08.581549883 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:08.581626892 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:08.581726074 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:09.512150049 CET | 49739 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:09.512170076 CET | 443 | 49739 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:09.633022070 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:09.633064032 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:09.633248091 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:09.633487940 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:09.633500099 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:09.941107988 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:09.941584110 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:09.941605091 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:09.941970110 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:09.942612886 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:09.942675114 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:09.942753077 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:09.988233089 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:09.994535923 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:09.994575977 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:09.994668007 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:09.996941090 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:09.996953011 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:10.042278051 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.042306900 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.042326927 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.042432070 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.042448997 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.042499065 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.042499065 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.137007952 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.137036085 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.137193918 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.137207985 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.137254000 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.137465954 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.137482882 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.137551069 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.137554884 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.137594938 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.137969017 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.137984037 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.138042927 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.138047934 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.138083935 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.231815100 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.231839895 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.231960058 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.231987000 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.232033968 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.232084036 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.232131958 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.232147932 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.232155085 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.232197046 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.232199907 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.232248068 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.232707977 CET | 49754 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:10.232722998 CET | 443 | 49754 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:10.502923965 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:10.503004074 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:10.506611109 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:10.506618977 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:10.507498026 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:10.680032015 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:10.887554884 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:10.932231903 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218764067 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218796015 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218803883 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218820095 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218835115 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218847036 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218933105 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:11.218933105 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:11.218959093 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218971014 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.218993902 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.219001055 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:11.219021082 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:11.219506025 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:11.244316101 CET | 49756 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:11.244330883 CET | 443 | 49756 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:12.377996922 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.378082991 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.378165007 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.378437996 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.378480911 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.378576040 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.384255886 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.384305000 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.384497881 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.384521008 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.694468021 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.695497036 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.703362942 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.703388929 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.703494072 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.703511953 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.703821898 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.703900099 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.705050945 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.705135107 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.706187010 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.706275940 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.706429958 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.752242088 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.758938074 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.881865025 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.881892920 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.881949902 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.881958008 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.881962061 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.881989002 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.882004976 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.882029057 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.882034063 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.882045984 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.882071972 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.882096052 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.882132053 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.882143974 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.882169962 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:12.882205009 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.907105923 CET | 49762 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:12.907134056 CET | 443 | 49762 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:13.110096931 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:13.156234026 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:13.255551100 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:13.255642891 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:13.255696058 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:13.256061077 CET | 49763 | 443 | 192.168.2.4 | 52.123.128.14 |
Mar 28, 2024 15:38:13.256078959 CET | 443 | 49763 | 52.123.128.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.466181040 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.466226101 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.466321945 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.466865063 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.466878891 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.762090921 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.762495041 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.762530088 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.762897015 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.764962912 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.765053034 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.765486002 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.808238983 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.867270947 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.867314100 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.867327929 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.867424011 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.867464066 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.867521048 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.961437941 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.961464882 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.961561918 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.961592913 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.961671114 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.961910009 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.961929083 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.961982965 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.961992025 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.962016106 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.962034941 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.962445021 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.962470055 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.962505102 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.962511063 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:14.962538004 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:14.962620974 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:15.056638002 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:15.056725979 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:15.056782007 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:15.056834936 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:15.057019949 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:15.057075977 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:15.057089090 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:15.057115078 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:15.057137012 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:15.057171106 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:15.059479952 CET | 49765 | 443 | 192.168.2.4 | 52.123.129.14 |
Mar 28, 2024 15:38:15.059509993 CET | 443 | 49765 | 52.123.129.14 | 192.168.2.4 |
Mar 28, 2024 15:38:48.350404978 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:48.350450039 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:48.350522041 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:48.351032019 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:48.351043940 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:48.864187956 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:48.864269972 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:48.868386030 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:48.868408918 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:48.868710995 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:48.879622936 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:48.924232960 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.364964008 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.364991903 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365008116 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365096092 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:49.365117073 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365130901 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365163088 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:49.365165949 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365186930 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365212917 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:49.365231037 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:49.365237951 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365247965 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.365284920 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:49.371157885 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:49.371172905 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:49.371201992 CET | 49766 | 443 | 192.168.2.4 | 20.114.59.183 |
Mar 28, 2024 15:38:49.371208906 CET | 443 | 49766 | 20.114.59.183 | 192.168.2.4 |
Mar 28, 2024 15:38:58.321351051 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:58.321371078 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:58.321516037 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:58.321728945 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:58.321743011 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:58.529314995 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:58.533061981 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:58.533081055 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:58.533535957 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:58.534029961 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:38:58.534086943 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:38:58.585822105 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:39:08.525646925 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:39:08.525729895 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Mar 28, 2024 15:39:08.525790930 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:39:10.429555893 CET | 49768 | 443 | 192.168.2.4 | 142.251.16.104 |
Mar 28, 2024 15:39:10.429588079 CET | 443 | 49768 | 142.251.16.104 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 28, 2024 15:37:56.207155943 CET | 53 | 65493 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:37:56.798959017 CET | 53 | 55502 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:37:58.261945009 CET | 61189 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 28, 2024 15:37:58.262061119 CET | 55345 | 53 | 192.168.2.4 | 1.1.1.1 |
Mar 28, 2024 15:37:58.356925011 CET | 53 | 55345 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:37:58.357186079 CET | 53 | 61189 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:38:11.565435886 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Mar 28, 2024 15:38:15.611813068 CET | 53 | 57538 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:38:34.363682032 CET | 53 | 59920 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:38:55.607327938 CET | 53 | 53033 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:38:56.919836998 CET | 53 | 57155 | 1.1.1.1 | 192.168.2.4 |
Mar 28, 2024 15:39:24.199894905 CET | 53 | 64677 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 28, 2024 15:37:58.261945009 CET | 192.168.2.4 | 1.1.1.1 | 0x144b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 28, 2024 15:37:58.262061119 CET | 192.168.2.4 | 1.1.1.1 | 0x98fb | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 28, 2024 15:37:57.352360964 CET | 1.1.1.1 | 192.168.2.4 | 0x8cc9 | No error (0) | tmc-g2.tm-4.office.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:57.352360964 CET | 1.1.1.1 | 192.168.2.4 | 0x8cc9 | No error (0) | teams-office-com.s-0005.dual-s-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:57.352566004 CET | 1.1.1.1 | 192.168.2.4 | 0x70cc | No error (0) | tmc-g2.tm-4.office.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:57.352566004 CET | 1.1.1.1 | 192.168.2.4 | 0x70cc | No error (0) | teams-office-com.s-0005.dual-s-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:57.352566004 CET | 1.1.1.1 | 192.168.2.4 | 0x70cc | No error (0) | s-0005.dual-s-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:57.352566004 CET | 1.1.1.1 | 192.168.2.4 | 0x70cc | No error (0) | 52.123.128.14 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:57.352566004 CET | 1.1.1.1 | 192.168.2.4 | 0x70cc | No error (0) | 52.123.129.14 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:58.356925011 CET | 1.1.1.1 | 192.168.2.4 | 0x98fb | No error (0) | 65 | IN (0x0001) | false | |||
Mar 28, 2024 15:37:58.357186079 CET | 1.1.1.1 | 192.168.2.4 | 0x144b | No error (0) | 142.251.16.104 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:58.357186079 CET | 1.1.1.1 | 192.168.2.4 | 0x144b | No error (0) | 142.251.16.106 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:58.357186079 CET | 1.1.1.1 | 192.168.2.4 | 0x144b | No error (0) | 142.251.16.99 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:58.357186079 CET | 1.1.1.1 | 192.168.2.4 | 0x144b | No error (0) | 142.251.16.103 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:58.357186079 CET | 1.1.1.1 | 192.168.2.4 | 0x144b | No error (0) | 142.251.16.105 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:37:58.357186079 CET | 1.1.1.1 | 192.168.2.4 | 0x144b | No error (0) | 142.251.16.147 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:38:02.636605024 CET | 1.1.1.1 | 192.168.2.4 | 0xf21e | No error (0) | s-0005.dual-s-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 28, 2024 15:38:02.636605024 CET | 1.1.1.1 | 192.168.2.4 | 0xf21e | No error (0) | 52.123.129.14 | A (IP address) | IN (0x0001) | false | ||
Mar 28, 2024 15:38:02.636605024 CET | 1.1.1.1 | 192.168.2.4 | 0xf21e | No error (0) | 52.123.128.14 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 52.123.128.14 | 443 | 4008 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 14:37:57 UTC | 837 | OUT | |
2024-03-28 14:37:57 UTC | 875 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49735 | 52.123.128.14 | 443 | 4008 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-03-28 14:37:57 UTC | 1037 | OUT | |
2024-03-28 14:37:57 UTC | 5073 | IN |