Edit tour
macOS
Analysis Report
Install FxFactory 8.0.15.pkg
Overview
General Information
Detection
Score: | 2 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Reads hardware related sysctl values
Reads the systems OS release and/or type
Reads the systems hostname
Uses CFNetwork bundle containing interfaces for network communication (HTTP, sockets, and Bonjour)
Uses Security framework containing interfaces for system-level user authentication and authorization
Classification
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1427954 |
Start date and time: | 2024-04-18 11:33:19 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 37s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultmacfilecookbook.jbs |
Analysis system description: | Virtual Machine, Mojave (Office 16 16.27, Java 11.0.2+9, Adobe Reader 2019.010.20099) |
macOS major version: | 10.14 |
CPU architecture: | x86_64 |
Analysis Mode: | default |
Sample name: | Install FxFactory 8.0.15.pkg |
Detection: | CLEAN |
Classification: | clean2.macPKG@0/3@3/0 |
- Excluded IPs from analysis (whitelisted): 17.137.170.2, 23.62.177.105, 17.253.83.197, 17.253.83.195, 23.62.128.29, 17.57.21.63, 17.253.83.204, 17.253.83.203, 17.253.83.206
- Excluded domains from analysis (whitelisted): e11408.d.akamaiedge.net, mesu-cdn.apple.com.akadns.net, updates.cdn-apple.com.akadns.net, e673.dsce9.akamaiedge.net, lcdn-locator-usms11.apple.com.akadns.net, help-ar.apple.com.edgekey.net, lb._dns-sd._udp.0.11.168.192.in-addr.arpa, mesu-cdn.origin-apple.com.akadns.net, lcdn-locator.apple.com.akadns.net, help.origin-apple.com.akadns.net, radarsubmissions.apple.com.akadns.net, lcdn-locator.apple.com, mesu.g.aaplimg.com, updates.g.aaplimg.com, radarsubmissions.apple.com, itunes.apple.com.edgekey.net, help.apple.com, mesu.apple.com, init.itunes.apple.com, init-cdn.itunes-apple.com.akadns.net
Command: | open "/Users/bernard/Desktop/Install FxFactory 8.0.15.pkg" |
PID: | 621 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | |
Standard Error: |
- System is macvm-mojave
- mono-sgen32 New Fork (PID: 621, Parent: 537)
- xpcproxy New Fork (PID: 622, Parent: 1)
- xpcproxy New Fork (PID: 635, Parent: 1)
- xpcproxy New Fork (PID: 653, Parent: 1)
- cleanup
⊘No yara matches
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | CFNetwork info plist opened: | Jump to behavior |
Source: | Security framework info plist opened: | Jump to behavior |
Source: | AppleKeyboardLayouts info plist opened: | Jump to behavior |
Source: | Binary or memory string: |
Source: | Sysctl read request: | Jump to behavior | ||
Source: | Sysctl read request: | Jump to behavior | ||
Source: | Sysctl read request: | Jump to behavior | ||
Source: | Sysctl read request: | Jump to behavior |
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior |
Source: | Sysctl requested: | Jump to behavior |
Source: | System or server version plist file read: | Jump to behavior | ||
Source: | System or server version plist file read: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | 1 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | 31 System Information Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse |
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
apis.apple.map.fastly.net | 151.101.3.6 | true | false |
| unknown |
updates.cdn-apple.com | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
151.101.3.6 | apis.apple.map.fastly.net | United States | 54113 | FASTLYUS | false | |
151.101.131.6 | unknown | United States | 54113 | FASTLYUS | false | |
151.101.67.6 | unknown | United States | 54113 | FASTLYUS | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
151.101.3.6 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | DDosia | Browse | |||
151.101.131.6 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | DDosia | Browse | |||
151.101.67.6 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | AMOS Stealer | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
apis.apple.map.fastly.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
FASTLYUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
FASTLYUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
FASTLYUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
5c118da645babe52f060d0754256a73c | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
Process: | /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer |
File Type: | |
Category: | dropped |
Size (bytes): | 64 |
Entropy (8bit): | 4.722678031846025 |
Encrypted: | false |
SSDEEP: | 3:tRJEFUBRoiBX2XWcZVRWOv:uNgXVcZOA |
MD5: | 30EF4A0151F1213634D37AB9FE0E418B |
SHA1: | D99A03E77D2F982AD2C4A7BEC8F1C107115E4292 |
SHA-256: | 6022AD1AE993BAC4FFB613D1B158A5A4A4AD2BBA2536F32045553464EAD7C74A |
SHA-512: | 98E5B6A6342B48F6E5C0DF1D1F32E4117AC4BE3CEFDFA8DD890B23D2867336AFBC24D5AEB4D2EECF64DB7C0FF3104D0CC516BC3A85D7D5BA5115DFC49B62596D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer |
File Type: | |
Category: | dropped |
Size (bytes): | 48908 |
Entropy (8bit): | 3.533814637805397 |
Encrypted: | false |
SSDEEP: | 384:xSMdGleGkIG7FF3theSMVXBD0tgcNrGB5pBfbouR6/chQOnGqwc2U+v+h/:8MdGleOhpBouRwchQOnGqwc2U+v+h/ |
MD5: | 0E4A0D1CEB2AF6F0F8D0167CE77BE2D3 |
SHA1: | 414BA4C1DC5FC8BF53D550E296FD6F5AD669918C |
SHA-256: | CCA093BCFC65E25DD77C849866E110DF72526DFFBE29D76E11E29C7D888A4030 |
SHA-512: | 1DC5282D27C49A4B6F921BA5DFC88B8C1D32289DF00DD866F9AC6669A5A8D99AFEDA614BFFC7CF61A44375AE73E09CD52606B443B63636977C9CD2EF4FA68A20 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer |
File Type: | |
Category: | dropped |
Size (bytes): | 4404 |
Entropy (8bit): | 3.5110922853353324 |
Encrypted: | false |
SSDEEP: | 24:mFkXs98w/mBr53CEb9ujBbCYoVeA7uBEUMy733Ka2VCneWHrUZRJkWnJI4FNMOQS:m6Xsh+CLjL3Pe3T5FFEfEn8xiYuuSsS |
MD5: | D3A1859E6EC593505CC882E6DEF48FC8 |
SHA1: | F8E6728E3E9DE477A75706FAA95CEAD9CE13CB32 |
SHA-256: | 3EBAFA97782204A4A1D75CFEC22E15FCDEAB45B65BAB3B3E65508707E034A16C |
SHA-512: | EA2A749B105759EA33408186B417359DEFFB4A3A5ED0533CB26B459C16BB3524D67EDE5C9CF0D5098921C0C0A9313FB9C2672F1E5BA48810EDA548FA3209E818 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
File type: | |
Entropy (8bit): | 7.993203991758305 |
TrID: |
|
File name: | Install FxFactory 8.0.15.pkg |
File size: | 32'980'468 bytes |
MD5: | d0b6dea52fb7260db0ad4eeb0398756a |
SHA1: | d0b0ba9d4e6c33f1e42f6655e53eab5630cd93e3 |
SHA256: | 12d8180c4b86515d7229c3abc7f1dd0e2a14c11d1fab7a975ca3cd5d81142f51 |
SHA512: | b7ebe46be07bdca7bc04b2734067c64a23b904477eefe1c0f0cc1dd8313c11fef418bd216e56bebc79205684f88ebb84ffd9deb09fdd6e71e4da916f25260030 |
SSDEEP: | 786432:nNzH358QkhGUUB4uOQ/PogfBO5XcgRqpchOK9a5Yz7rWlZT:15FGLUT/PoaO5sggpe9mYz7yT |
TLSH: | F377338C3D65716BBD434372214EA3EEAF01663FC41384B93181C1E5EB9CD91A98B6B7 |
File Content Preview: | xar!...........o......R.....x..\i..0......z?..8.^M.*.I.....o..B.$..._.faf.....^i>T...m.....$..........Q......_....{Q...:6[.........._./.e..?_n..o...oe...A..o....&.......bO...Z.nRl._....?.....Z.|......_....Si....o..E..v.................!..#E?v......,...... |
File Path | File Attributes | File Size |
Distribution | 4'571 bytes | |
FxFactory.pkg | D | bytes |
FxFactory.pkg/Bom | 344'202 bytes | |
FxFactory.pkg/PackageInfo | 2'911 bytes | |
FxFactory.pkg/Payload | 32'831'018 bytes | |
FxFactory.pkg/Scripts | D | bytes |
FxFactory.pkg/Scripts/postinstall | 6'480 bytes | |
Resources | D | bytes |
Resources/background | 17'083 bytes | |
Resources/en.lproj | D | bytes |
Resources/en.lproj/Localizable.strings | 488 bytes | |
Resources/en.lproj/license.html | 15'275 bytes | |
Resources/en.lproj/welcome.html | 646 bytes |
File path: | Distribution |
File size: | 4'571 bytes |
File type: | XML 1.0 document, ASCII text |
File path: | FxFactory.pkg/Bom |
File size: | 344'202 bytes |
File type: | Mac OS X bill of materials (BOM) file |
File path: | FxFactory.pkg/PackageInfo |
File size: | 2'911 bytes |
File type: | ASCII text |
File path: | FxFactory.pkg/Payload |
File size: | 32'831'018 bytes |
File type: | gzip compressed data, from Unix, original size modulo 2^32 81285120 |
File path: | Resources/background |
File size: | 17'083 bytes |
File type: | ISO Media, HEIF Image HEVC Main or Main Still Picture Profile |
File path: | FxFactory.pkg/Scripts/postinstall |
File size: | 6'480 bytes |
File type: | POSIX shell script, ASCII text executable, with very long lines (331) |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 18, 2024 11:34:22.889929056 CEST | 443 | 49348 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:22.889993906 CEST | 443 | 49348 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:22.890897989 CEST | 49348 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:22.917459965 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:22.918231010 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:22.919075966 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.084171057 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.085832119 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.085918903 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.085985899 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.086049080 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.086097956 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.086144924 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.086193085 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.086240053 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.087794065 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.087857008 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.088064909 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.088123083 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.088206053 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.088896990 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.094763041 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.125895977 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.157072067 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.157390118 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.157460928 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.157742023 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.159651041 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.259783030 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.259886980 CEST | 443 | 49349 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.260471106 CEST | 49349 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.290842056 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.291768074 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.294044971 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.426006079 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.426076889 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.426124096 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.426172972 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.426790953 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.427345037 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.435655117 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.436722994 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.445199013 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.445991039 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.454729080 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.459188938 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.460642099 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.460721970 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.460779905 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.460833073 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.460875034 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.462126970 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.462198019 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.462198019 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.462486029 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.464013100 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.464632034 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.472333908 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.473722935 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.474564075 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.483220100 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.492598057 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.494693995 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.502219915 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.503139019 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.511710882 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.521199942 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.522365093 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.530684948 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.531882048 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.540218115 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.549668074 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.550441027 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.559250116 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.560923100 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.568366051 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.578015089 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.579847097 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.637023926 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.637041092 CEST | 443 | 49351 | 151.101.67.6 | 192.168.11.12 |
Apr 18, 2024 11:34:23.637742996 CEST | 49351 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 18, 2024 11:34:23.695368052 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.696053982 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.700076103 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.709566116 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.711016893 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:23.719096899 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:23.721013069 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:24.808665037 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:24.897469044 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:24.907401085 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:25.077553988 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:25.166241884 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:25.167248011 CEST | 49347 | 443 | 192.168.11.12 | 17.248.193.18 |
Apr 18, 2024 11:34:25.176111937 CEST | 443 | 49347 | 17.248.193.18 | 192.168.11.12 |
Apr 18, 2024 11:34:25.412791014 CEST | 49327 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 18, 2024 11:34:25.414182901 CEST | 49327 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 18, 2024 11:34:25.680476904 CEST | 443 | 49327 | 17.248.193.16 | 192.168.11.12 |
Apr 18, 2024 11:34:25.681354046 CEST | 49327 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 18, 2024 11:34:25.681677103 CEST | 443 | 49327 | 17.248.193.16 | 192.168.11.12 |
Apr 18, 2024 11:35:00.020555019 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.020673990 CEST | 443 | 49368 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.021240950 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.026819944 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.026897907 CEST | 443 | 49368 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.390997887 CEST | 443 | 49368 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.391628981 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.391809940 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.457684040 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.457911015 CEST | 443 | 49368 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.458496094 CEST | 443 | 49368 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.458647966 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.459131956 CEST | 49368 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.558309078 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.558361053 CEST | 443 | 49371 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.559006929 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.560467005 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.560489893 CEST | 443 | 49371 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.897871971 CEST | 443 | 49371 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.898691893 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.898843050 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.965780973 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.965972900 CEST | 443 | 49371 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.966474056 CEST | 443 | 49371 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:00.966608047 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:00.967211962 CEST | 49371 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.328109026 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.328246117 CEST | 443 | 49380 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:02.329252958 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.330203056 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.330329895 CEST | 443 | 49380 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:02.677438974 CEST | 443 | 49380 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:02.678423882 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.678472996 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.686642885 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.686896086 CEST | 443 | 49380 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:02.687444925 CEST | 443 | 49380 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:02.687606096 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:02.688242912 CEST | 49380 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.310648918 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.310771942 CEST | 443 | 49397 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:23.311609030 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.312625885 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.312719107 CEST | 443 | 49397 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:23.656649113 CEST | 443 | 49397 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:23.657465935 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.657465935 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.662887096 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.663032055 CEST | 443 | 49397 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:23.663311005 CEST | 443 | 49397 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:23.663588047 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.663958073 CEST | 49397 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.678303003 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.678389072 CEST | 443 | 49398 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:23.679157019 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.679934978 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:23.679970980 CEST | 443 | 49398 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.023823023 CEST | 443 | 49398 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.024660110 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.024660110 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.032589912 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.032877922 CEST | 443 | 49398 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.033534050 CEST | 443 | 49398 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.033554077 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.034233093 CEST | 49398 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.156994104 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.157114983 CEST | 443 | 49399 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.158092976 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.159723043 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.159816027 CEST | 443 | 49399 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.512145996 CEST | 443 | 49399 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.513103008 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.513103008 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.521817923 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.522103071 CEST | 443 | 49399 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.522772074 CEST | 443 | 49399 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.522782087 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.523324013 CEST | 49399 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.549139023 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.549262047 CEST | 443 | 49400 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.550414085 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.551522970 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.551615953 CEST | 443 | 49400 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.890553951 CEST | 443 | 49400 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.891496897 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.891496897 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.904675007 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.904797077 CEST | 443 | 49400 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.905010939 CEST | 443 | 49400 | 151.101.3.6 | 192.168.11.12 |
Apr 18, 2024 11:35:24.905663013 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:35:24.905663013 CEST | 49400 | 443 | 192.168.11.12 | 151.101.3.6 |
Apr 18, 2024 11:36:28.606481075 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:28.606620073 CEST | 443 | 49401 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:28.607460022 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:28.608167887 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:28.608273983 CEST | 443 | 49401 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:28.951687098 CEST | 443 | 49401 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:28.952553988 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:28.952653885 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:28.970700026 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:28.970940113 CEST | 443 | 49401 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:28.971537113 CEST | 443 | 49401 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:28.971636057 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:28.972598076 CEST | 49401 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.022799015 CEST | 49402 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.022939920 CEST | 443 | 49402 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.023741007 CEST | 49402 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.025476933 CEST | 49402 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.025588036 CEST | 443 | 49402 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.374275923 CEST | 443 | 49402 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.375263929 CEST | 49402 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.375263929 CEST | 49402 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.385977983 CEST | 49402 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.386272907 CEST | 443 | 49402 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.386894941 CEST | 49402 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.402746916 CEST | 49403 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.402868032 CEST | 443 | 49403 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.403825045 CEST | 49403 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.404771090 CEST | 49403 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.404884100 CEST | 443 | 49403 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.749994993 CEST | 443 | 49403 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.750783920 CEST | 49403 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.750817060 CEST | 49403 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.759984970 CEST | 49403 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.760266066 CEST | 443 | 49403 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.760838032 CEST | 49403 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.779764891 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.779864073 CEST | 443 | 49404 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:29.780859947 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.781747103 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:29.781861067 CEST | 443 | 49404 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:30.124685049 CEST | 443 | 49404 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:30.125557899 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:30.125557899 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:30.130681992 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:30.130748987 CEST | 443 | 49404 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:30.130858898 CEST | 443 | 49404 | 151.101.131.6 | 192.168.11.12 |
Apr 18, 2024 11:36:30.131413937 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 18, 2024 11:36:30.131413937 CEST | 49404 | 443 | 192.168.11.12 | 151.101.131.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 18, 2024 11:34:43.885720015 CEST | 53 | 52458 | 1.1.1.1 | 192.168.11.12 |
Apr 18, 2024 11:34:59.841782093 CEST | 55762 | 53 | 192.168.11.12 | 1.1.1.1 |
Apr 18, 2024 11:35:00.007544041 CEST | 53 | 55762 | 1.1.1.1 | 192.168.11.12 |
Apr 18, 2024 11:35:03.842838049 CEST | 137 | 137 | 192.168.11.12 | 192.168.11.255 |
Apr 18, 2024 11:35:03.843257904 CEST | 137 | 137 | 192.168.11.12 | 192.168.11.255 |
Apr 18, 2024 11:35:05.712007999 CEST | 55483 | 53 | 192.168.11.12 | 1.1.1.1 |
Apr 18, 2024 11:36:28.434896946 CEST | 57691 | 53 | 192.168.11.12 | 1.1.1.1 |
Apr 18, 2024 11:36:28.601254940 CEST | 53 | 57691 | 1.1.1.1 | 192.168.11.12 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 18, 2024 11:35:07.019207001 CEST | 192.168.11.12 | 1.1.1.1 | 3a3d | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 18, 2024 11:34:59.841782093 CEST | 192.168.11.12 | 1.1.1.1 | 0xa7d1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 18, 2024 11:35:05.712007999 CEST | 192.168.11.12 | 1.1.1.1 | 0x68c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 18, 2024 11:36:28.434896946 CEST | 192.168.11.12 | 1.1.1.1 | 0x15fa | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 18, 2024 11:35:00.007544041 CEST | 1.1.1.1 | 192.168.11.12 | 0xa7d1 | No error (0) | 151.101.3.6 | A (IP address) | IN (0x0001) | false | ||
Apr 18, 2024 11:35:00.007544041 CEST | 1.1.1.1 | 192.168.11.12 | 0xa7d1 | No error (0) | 151.101.67.6 | A (IP address) | IN (0x0001) | false | ||
Apr 18, 2024 11:35:00.007544041 CEST | 1.1.1.1 | 192.168.11.12 | 0xa7d1 | No error (0) | 151.101.195.6 | A (IP address) | IN (0x0001) | false | ||
Apr 18, 2024 11:35:00.007544041 CEST | 1.1.1.1 | 192.168.11.12 | 0xa7d1 | No error (0) | 151.101.131.6 | A (IP address) | IN (0x0001) | false | ||
Apr 18, 2024 11:35:05.879187107 CEST | 1.1.1.1 | 192.168.11.12 | 0x68c | No error (0) | updates.cdn-apple.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 18, 2024 11:36:28.601254940 CEST | 1.1.1.1 | 192.168.11.12 | 0x15fa | No error (0) | 151.101.131.6 | A (IP address) | IN (0x0001) | false | ||
Apr 18, 2024 11:36:28.601254940 CEST | 1.1.1.1 | 192.168.11.12 | 0x15fa | No error (0) | 151.101.67.6 | A (IP address) | IN (0x0001) | false | ||
Apr 18, 2024 11:36:28.601254940 CEST | 1.1.1.1 | 192.168.11.12 | 0x15fa | No error (0) | 151.101.3.6 | A (IP address) | IN (0x0001) | false | ||
Apr 18, 2024 11:36:28.601254940 CEST | 1.1.1.1 | 192.168.11.12 | 0x15fa | No error (0) | 151.101.195.6 | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Apr 18, 2024 11:34:23.085985899 CEST | 151.101.67.6 | 443 | 192.168.11.12 | 49349 | CN=bag.itunes.apple.com, O=Apple Inc., L=Cupertino, ST=California, C=US, SERIALNUMBER=C0806592, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Nov 27 22:00:02 CET 2023 Wed Apr 29 14:54:50 CEST 2020 | Sat May 25 23:10:02 CEST 2024 Thu Apr 11 01:59:59 CEST 2030 | 771,49196-49195-49188-49187-49162-49161-52393-49200-49199-49192-49191-49172-49171-52392-157-156-61-60-53-47-49160-49170-10,65281-0-23-13-5-13172-18-16-11-10,29-23-24-25,0 | 5c118da645babe52f060d0754256a73c |
CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Wed Apr 29 14:54:50 CEST 2020 | Thu Apr 11 01:59:59 CEST 2030 | |||||||
Apr 18, 2024 11:34:23.460779905 CEST | 151.101.67.6 | 443 | 192.168.11.12 | 49351 | CN=bag.itunes.apple.com, O=Apple Inc., L=Cupertino, ST=California, C=US, SERIALNUMBER=C0806592, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Nov 27 22:00:02 CET 2023 Wed Apr 29 14:54:50 CEST 2020 | Sat May 25 23:10:02 CEST 2024 Thu Apr 11 01:59:59 CEST 2030 | 771,49196-49195-49188-49187-49162-49161-52393-49200-49199-49192-49191-49172-49171-52392-157-156-61-60-53-47-49160-49170-10,65281-0-23-13-5-13172-18-16-11-10,29-23-24-25,0 | 5c118da645babe52f060d0754256a73c |
CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Wed Apr 29 14:54:50 CEST 2020 | Thu Apr 11 01:59:59 CEST 2030 |
System Behavior
Start time (UTC): | 09:34:32 |
Start date (UTC): | 18/04/2024 |
Path: | /Library/Frameworks/Mono.framework/Versions/4.4.2/bin/mono-sgen32 |
Arguments: | - |
File size: | 3722408 bytes |
MD5 hash: | 8910349f44a940d8d79318367855b236 |
Start time (UTC): | 09:34:32 |
Start date (UTC): | 18/04/2024 |
Path: | /usr/bin/open |
Arguments: | /usr/bin/open /Users/bernard/Desktop/Install FxFactory 8.0.15.pkg |
File size: | 105952 bytes |
MD5 hash: | 34bd93241fa5d2aee225941b1ca14fa4 |
Start time (UTC): | 09:34:32 |
Start date (UTC): | 18/04/2024 |
Path: | /usr/libexec/xpcproxy |
Arguments: | - |
File size: | 44048 bytes |
MD5 hash: | 4764d9eafe6b7dac23253a9f8b7f73d6 |
Start time (UTC): | 09:34:32 |
Start date (UTC): | 18/04/2024 |
Path: | /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer |
Arguments: | /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer |
File size: | 294864 bytes |
MD5 hash: | 50c84168359b295c12427b3461315322 |
Start time (UTC): | 09:34:46 |
Start date (UTC): | 18/04/2024 |
Path: | /usr/libexec/xpcproxy |
Arguments: | - |
File size: | 44048 bytes |
MD5 hash: | 4764d9eafe6b7dac23253a9f8b7f73d6 |
Start time (UTC): | 09:34:46 |
Start date (UTC): | 18/04/2024 |
Path: | /usr/libexec/nsurlstoraged |
Arguments: | /usr/libexec/nsurlstoraged --privileged |
File size: | 246624 bytes |
MD5 hash: | 321b0a40e24b45f0af49ba42742b3f64 |
Start time (UTC): | 09:35:34 |
Start date (UTC): | 18/04/2024 |
Path: | /usr/libexec/xpcproxy |
Arguments: | - |
File size: | 44048 bytes |
MD5 hash: | 4764d9eafe6b7dac23253a9f8b7f73d6 |
Start time (UTC): | 09:35:34 |
Start date (UTC): | 18/04/2024 |
Path: | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd |
Arguments: | /System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd |
File size: | 24768 bytes |
MD5 hash: | 4a55e40799072bad8663cf8f5d2d845a |