Windows
Analysis Report
New Voicemail_Daiichi-Sankyo.html
Overview
General Information
Detection
Score: | 72 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 5276 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "C:\Us ers\user\D esktop\New Voicemail _Daiichi-S ankyo.html " MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6660 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2340 --fi eld-trial- handle=228 0,i,694395 0111535354 216,137454 1935794445 8540,26214 4 /prefetc h:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | Matcher: | ||
Source: | Matcher: |
Source: | File source: | ||
Source: | File source: |
Source: | Tab title: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
System Summary |
---|
Source: | Initial sample: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | HTTP Parser: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
d26p066pn2w0s0.cloudfront.net | 3.161.136.96 | true | false | high | |
cs1100.wpc.omegacdn.net | 152.199.4.44 | true | false |
| unknown |
ip-api.com | 208.95.112.1 | true | false | high | |
www.google.com | 64.233.176.103 | true | false | high | |
aadcdn.msftauth.net | unknown | unknown | false |
| unknown |
logo.clearbit.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false |
| unknown | |
false | high | ||
true | low | ||
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
3.161.136.96 | d26p066pn2w0s0.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
152.199.4.44 | cs1100.wpc.omegacdn.net | United States | 15133 | EDGECASTUS | false | |
208.95.112.1 | ip-api.com | United States | 53334 | TUT-ASUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
64.233.176.103 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.16 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1428650 |
Start date and time: | 2024-04-19 11:12:28 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 43s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowshtmlcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 6 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | New Voicemail_Daiichi-Sankyo.html |
Detection: | MAL |
Classification: | mal72.phis.winHTML@26/22@14/7 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 74.125.138.94, 172.253.124.139, 172.253.124.101, 172.253.124.113, 172.253.124.102, 172.253.124.138, 172.253.124.100, 108.177.122.84, 142.250.9.95, 34.104.35.123, 108.177.122.95, 173.194.219.95, 64.233.185.95, 172.217.215.95, 64.233.176.95, 142.251.15.95, 142.250.105.95, 172.253.124.95, 64.233.177.95, 74.125.138.95, 74.125.136.95, 199.232.210.172, 192.229.211.108, 142.250.9.94, 199.232.214.172, 172.217.215.113, 172.217.215.101, 172.217.215.138, 172.217.215.100, 172.217.215.139, 172.217.215.102
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ajax.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
208.95.112.1 | Get hash | malicious | AgentTesla | Browse |
| |
Get hash | malicious | PureLog Stealer, XWorm | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | Xehook Stealer | Browse |
| ||
Get hash | malicious | Xehook Stealer | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
152.199.4.44 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | TechSupportScam | Browse | |||
Get hash | malicious | HTMLPhisher | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
d26p066pn2w0s0.cloudfront.net | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Fake Captcha, HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
cs1100.wpc.omegacdn.net | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | TechSupportScam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
ip-api.com | Get hash | malicious | AgentTesla | Browse |
| |
Get hash | malicious | PureLog Stealer, XWorm | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | Xehook Stealer | Browse |
| ||
Get hash | malicious | Xehook Stealer | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
AMAZON-02US | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
TUT-ASUS | Get hash | malicious | AgentTesla | Browse |
| |
Get hash | malicious | PureLog Stealer, XWorm | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | Xehook Stealer | Browse |
| ||
Get hash | malicious | Xehook Stealer | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
EDGECASTUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
1138de370e523e824bbca92d049a3777 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Amadey, RedLine, RisePro Stealer | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | FormBook | Browse |
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9812925396174075 |
Encrypted: | false |
SSDEEP: | 48:8FdETogEH5idAKZdA19ehwiZUklqehLy+3:8c3m0y |
MD5: | 57ABAABEC0F678450168A53D8788A177 |
SHA1: | 94CF3E34743CC4594F750015B597D274AE210611 |
SHA-256: | 4F750AFBF9B7CFE34EAD396FF7804BA933924FF4BCDB25388C3E361F033C0D75 |
SHA-512: | BA23FE48686E8F33E35817907CC9BF712A849AD938D8A9E8E2A732595EE6FB039D15193B169823FCAEFC3DAD66250479BCE0EDD4CB22788A0BBCC9E90857BF4E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9955051013213088 |
Encrypted: | false |
SSDEEP: | 48:8pdETogEH5idAKZdA1weh/iZUkAQkqehky+2:8A3k9QVy |
MD5: | CC8157A5EE59CF92CC107DB0C7F0C7AA |
SHA1: | 58DD11A23CA057B793C9A0AA1805E6920E00C6DB |
SHA-256: | 45C14C254727DFC7E87DE938550772DE1BF7326C15BDD7F041689FFAE4A12381 |
SHA-512: | 030208583DAE23C3454436445D420A8B2BA8CF89DB783DD114C1210870A632A2A56C9D8D1576AE9AD2AD532000FA746A3EE040402A221E840A7C0F3BC543A024 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.007922903495509 |
Encrypted: | false |
SSDEEP: | 48:8x5dETogsH5idAKZdA14tseh7sFiZUkmgqeh7s+y+BX:8xQ3Enoy |
MD5: | C3048F0F3BE7F1239F02150E45ED38E0 |
SHA1: | 6526ECF936B7B3575050C8CC7B305C5270BC313B |
SHA-256: | 7EAD3C98FA8A94CD3D6931DABFBC60B9721EAC4FED46EEDB90B4EA564880C75B |
SHA-512: | 84BAE565B8BC4A7AD59BDE6DAA888B920E61BF9E930928F61F36975E4DAB80603E8951E44763510BBF7A865793CE0540890977AC5589794FA44F98E83BA4F94F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9958050819196393 |
Encrypted: | false |
SSDEEP: | 48:8NdETogEH5idAKZdA1vehDiZUkwqehAy+R:8E3v2y |
MD5: | 8DF36450779CB5B9CB116B07B2EFF532 |
SHA1: | DA49A46D4FF7B350975A72BCE2203EDB52EEF990 |
SHA-256: | C8C726413BB06A871509BD59E5BD245A391482485E2058F96D617E3F9484F7AA |
SHA-512: | EF003F8F17A2646F4E29F7124CB9100E964C72CEDD913C2797679073D1BD765F823E61ADA6F7B673E65342A7A2E9D29CAC4EB2B326B0BA1A30665F68B9A05D60 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9829317034251837 |
Encrypted: | false |
SSDEEP: | 48:8MqdETogEH5idAKZdA1hehBiZUk1W1qehyy+C:8U3P9Sy |
MD5: | EF5FA322EF105EA4F96EFC130A44CBB8 |
SHA1: | 3D32E7B356C82FADF1DFA4901C32BFCC6FCEBC2E |
SHA-256: | 2F47DA716656BA0EC577274C98F524D7E2E8E65ACA10BB7C908F54810B2634F5 |
SHA-512: | B5F9D0005E4E9DCB8F6F40D1C27A94629FB3BFBCC2D8568035023552259A5FC51433AD9155B5C5D885CB6FDBA5907C8E497236C15857676A5B5203764B90047D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9947964091986665 |
Encrypted: | false |
SSDEEP: | 48:8fdETogEH5idAKZdA1duT+ehOuTbbiZUk5OjqehOuTboy+yT+:8i3HT/TbxWOvTboy7T |
MD5: | ABF20D633643B0562DC27F893BF2E84B |
SHA1: | AA08B0A67264454F94E9C900296C72A43A5A18B9 |
SHA-256: | 54DC46044F5D86CA6EDCEF3F7E1D9441AE0FA29EFE0A656C8E7CBB9D837A9E88 |
SHA-512: | 58618E1864251AB3E350FDD4085EF3295011911637B45BA1C894D2E32BF0115D2693B354F609ADA577EA652D96A720CA1481EEC7570FBC235E6784A6D41BAFB2 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10674 |
Entropy (8bit): | 7.965280609095081 |
Encrypted: | false |
SSDEEP: | 192:qdF1gV1Hn/z1sUvLWSiYQsl4SvJB/KZ6kgg8NsorTlHbOmcSud:a1gbBDD+4FbkggxqTYZSO |
MD5: | 3F3EDB226B846AAC1DF8F6A25E6BDD96 |
SHA1: | 7B753F82782402750A88047A9225C9662F0A9775 |
SHA-256: | 1BA36DCC366A027145E713377EBFD43CA47D9C9284D24113CAB786CE4F69D4C0 |
SHA-512: | B8BBAE997375A0E75D44CC4008516BFB3516195F0A832ACFAC7F5F6E36748F5AEF3DF3CE433439C4CA457E2FC4DF3ACD016DE14C62074A1DB6107E4375AACFEE |
Malicious: | false |
Reputation: | low |
URL: | https://logo.clearbit.com/daiichi-sankyo.at |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 10674 |
Entropy (8bit): | 7.965280609095081 |
Encrypted: | false |
SSDEEP: | 192:qdF1gV1Hn/z1sUvLWSiYQsl4SvJB/KZ6kgg8NsorTlHbOmcSud:a1gbBDD+4FbkggxqTYZSO |
MD5: | 3F3EDB226B846AAC1DF8F6A25E6BDD96 |
SHA1: | 7B753F82782402750A88047A9225C9662F0A9775 |
SHA-256: | 1BA36DCC366A027145E713377EBFD43CA47D9C9284D24113CAB786CE4F69D4C0 |
SHA-512: | B8BBAE997375A0E75D44CC4008516BFB3516195F0A832ACFAC7F5F6E36748F5AEF3DF3CE433439C4CA457E2FC4DF3ACD016DE14C62074A1DB6107E4375AACFEE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17174 |
Entropy (8bit): | 2.9129715116732746 |
Encrypted: | false |
SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 109 |
Entropy (8bit): | 4.47214660131935 |
Encrypted: | false |
SSDEEP: | 3:YWR4buWsyLMfQxaNmX/QIiEEpGQ48HJHJA6kLrCHY:YWybucxaNmX4Iu34WJHJ0LrEY |
MD5: | 1AC6C77BB7DC8E064C78ED493EF59DEE |
SHA1: | 8631706EC97390E9F5BC41081E0ACD3D8B4EFCDA |
SHA-256: | AC5A15B790FCF58655780CC21293B8706AADD6AA74B089E71AD325FBB7E92F8A |
SHA-512: | CFD268C359E437BC9921230A8E3938BFF91CF134791074E1C46F2EDA6AEB2C0EA11DC2BC51DA9E426CE72AD3BFBAD5489403DE867640DD51F18EF52134DA59BE |
Malicious: | false |
Reputation: | low |
URL: | "http://ip-api.com/json/?fields=status,country,regionName,city,query" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 109 |
Entropy (8bit): | 4.47214660131935 |
Encrypted: | false |
SSDEEP: | 3:YWR4buWsyLMfQxaNmX/QIiEEpGQ48HJHJA6kLrCHY:YWybucxaNmX4Iu34WJHJ0LrEY |
MD5: | 1AC6C77BB7DC8E064C78ED493EF59DEE |
SHA1: | 8631706EC97390E9F5BC41081E0ACD3D8B4EFCDA |
SHA-256: | AC5A15B790FCF58655780CC21293B8706AADD6AA74B089E71AD325FBB7E92F8A |
SHA-512: | CFD268C359E437BC9921230A8E3938BFF91CF134791074E1C46F2EDA6AEB2C0EA11DC2BC51DA9E426CE72AD3BFBAD5489403DE867640DD51F18EF52134DA59BE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1864 |
Entropy (8bit): | 5.222032823730197 |
Encrypted: | false |
SSDEEP: | 48:yvswNIBLBpJawmMH44log6gw/MHm7pJroog6gwkMH9Xog6gwdMHdqdyqog7C:ykfXYx+odPcs9B |
MD5: | BC3D32A696895F78C19DF6C717586A5D |
SHA1: | 9191CB156A30A3ED79C44C0A16C95159E8FF689D |
SHA-256: | 0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68 |
SHA-512: | 8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1864 |
Entropy (8bit): | 5.222032823730197 |
Encrypted: | false |
SSDEEP: | 48:yvswNIBLBpJawmMH44log6gw/MHm7pJroog6gwkMH9Xog6gwdMHdqdyqog7C:ykfXYx+odPcs9B |
MD5: | BC3D32A696895F78C19DF6C717586A5D |
SHA1: | 9191CB156A30A3ED79C44C0A16C95159E8FF689D |
SHA-256: | 0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68 |
SHA-512: | 8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 110554 |
Entropy (8bit): | 5.287120567085247 |
Encrypted: | false |
SSDEEP: | 1536:QpHDgBvguhw+EViazA/PWrF7qvEAFiQcpmU4eCgzc6VUgs:xktA6VUf |
MD5: | CE26137FC0D9B7D7A0D52EBE3A186512 |
SHA1: | B9D7FB3FE7D08F46C2D1153BB47B13809375C663 |
SHA-256: | 1304C5090F063C677A5B3720FE7B97EF4D9EA102E2BDD837CE399DF6057FE385 |
SHA-512: | 6A189C0858A150E6388648895B1950EF31284EA90795E4D45FD7E53F35AA364E49473367FD2142552A145CFC48CA89D8CB13B4F1B9039E050CF4E70026393E0A |
Malicious: | false |
URL: | https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 17174 |
Entropy (8bit): | 2.9129715116732746 |
Encrypted: | false |
SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 88145 |
Entropy (8bit): | 5.291106244832159 |
Encrypted: | false |
SSDEEP: | 1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe |
MD5: | 220AFD743D9E9643852E31A135A9F3AE |
SHA1: | 88523924351BAC0B5D560FE0C5781E2556E7693D |
SHA-256: | 0925E8AD7BD971391A8B1E98BE8E87A6971919EB5B60C196485941C3C1DF089A |
SHA-512: | 6E722FCE1E8553BE592B1A741972C7F5B7B0CDAFCE230E9D2D587D20283482881C96660682E4095A5F14DF45A96EC193A9B222030C53B1B7BBE8312B2EAE440D |
Malicious: | false |
URL: | https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js |
Preview: |
File type: | |
Entropy (8bit): | 5.426233377388408 |
TrID: |
|
File name: | New Voicemail_Daiichi-Sankyo.html |
File size: | 46'797 bytes |
MD5: | fad4e997eaeea62578413ea678476cd9 |
SHA1: | ad0babd4c6385c478c78100139e329dee20be319 |
SHA256: | 05b643d7aed6dfef151821ec1ac1eef67d7a2cf887633eb98a5639405bde79d1 |
SHA512: | ba89538ad6faf974db3b4d49f47430d7f7de1bc05841f7b3ef29a134cd46c89a5788ce04f25fa9ea07018c06b9c8635136f0837d39ce6917f2d6d69a72cfacb0 |
SSDEEP: | 768:/lhXxq+2Qak+KRhz18M7l/lxqahkkRLfPLG:/lxAkJdP6 |
TLSH: | 072394F193938CD58DAAF82FF15D5B53CA20A757DD8B40E030E6E249A7E4F618D622C4 |
File Content Preview: | <script>....var email = "info@daiichi-sankyo.at";....</script>..<html>.. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>Sign in to your account</title>.. <meta http-equiv="X-UA-Compatible" content="IE=edge">.. <me |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 11:13:15.450151920 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:15.450186968 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:15.590888023 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:20.956366062 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:20.956446886 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:20.956528902 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:20.956780910 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:20.956805944 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.287507057 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.288770914 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.288830042 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.290508986 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.290646076 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.294210911 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.294361115 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.294388056 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.294533014 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.337955952 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.338012934 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.387254000 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.488612890 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.488806963 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.488826036 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.488846064 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.488888025 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.488909960 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.488990068 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.488990068 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.488990068 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.488990068 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.489063025 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.489105940 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.489134073 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.489140987 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.489154100 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.489198923 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.489211082 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.489217043 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.489239931 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.489257097 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.489497900 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.489497900 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.592782021 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.592844963 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.592891932 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.592957973 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.592994928 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.592997074 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.593053102 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.593250990 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.593250990 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.593312979 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.593575001 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.632399082 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.632461071 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.632621050 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.632621050 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.632683992 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.632838011 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.684552908 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.684622049 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.684678078 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.684743881 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.684809923 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.684809923 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.697323084 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.697391987 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.697423935 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.697489977 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.697542906 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.697571039 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.697663069 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.698179007 CEST | 49709 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.698239088 CEST | 443 | 49709 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.773855925 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.773936033 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.774053097 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.774425983 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:21.774493933 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:21.899337053 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:21.899406910 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:21.899471998 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:21.899698019 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:21.899725914 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:21.951886892 CEST | 49714 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.069502115 CEST | 80 | 49714 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.069688082 CEST | 49714 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.069886923 CEST | 49714 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.093564987 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.094048023 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.094105959 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.095819950 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.096014023 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.096321106 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.096399069 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.096424103 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.096453905 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.124209881 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.124444962 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.124464989 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.126158953 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.126219988 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.127331972 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.127427101 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.127494097 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.127500057 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.154722929 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.154779911 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.243300915 CEST | 80 | 49714 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.260688066 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.260808945 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.310955048 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.311044931 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.311197996 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.311405897 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.311949968 CEST | 49712 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.311989069 CEST | 443 | 49712 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.318846941 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.318912983 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.319973946 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.320312977 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.320337057 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.377161980 CEST | 49717 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.426307917 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.426347017 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.426434994 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.426640034 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.426651955 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.453943014 CEST | 49714 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.475383997 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.475430012 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.475439072 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.475467920 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.475480080 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.475554943 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.475563049 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.475637913 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.485646009 CEST | 49713 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.485677004 CEST | 443 | 49713 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.497176886 CEST | 80 | 49717 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.497462034 CEST | 49717 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.531807899 CEST | 49717 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.645009995 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.645320892 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.645355940 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.645436049 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.645577908 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.645636082 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.645664930 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.645680904 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.646449089 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.646872997 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.646872997 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.646961927 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.647043943 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.689073086 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.711986065 CEST | 80 | 49717 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.746978045 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.750729084 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.750768900 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.751827002 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.751912117 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.752655983 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.752720118 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.752965927 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.752974033 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.767471075 CEST | 49717 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:22.807718039 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.853179932 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.853486061 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.853517056 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.853575945 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.853626013 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.853651047 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.853738070 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.853790045 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.853790998 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.853853941 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.853868008 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.853945971 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.853946924 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.854017973 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.867470980 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.920341969 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.934353113 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.934369087 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.938062906 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.938095093 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.938158989 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.939104080 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.939308882 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.939560890 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:22.939578056 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:22.940231085 CEST | 49715 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.940298080 CEST | 443 | 49715 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.959897041 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.959940910 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.960002899 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.960028887 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.960095882 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.963965893 CEST | 49718 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.963988066 CEST | 443 | 49718 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.984543085 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.984639883 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.984746933 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.985068083 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:22.985102892 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:22.993730068 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:23.133268118 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.133295059 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.133305073 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.133327961 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.133339882 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.133383989 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:23.133399963 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.133429050 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:23.133431911 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.133486032 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:23.277600050 CEST | 49719 | 443 | 192.168.2.5 | 3.161.136.96 |
Apr 19, 2024 11:13:23.277628899 CEST | 443 | 49719 | 3.161.136.96 | 192.168.2.5 |
Apr 19, 2024 11:13:23.312985897 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.314266920 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.314323902 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.314982891 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.316243887 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.316339016 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.316561937 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.364145994 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.523694038 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.523858070 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.523902893 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.523963928 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.524029970 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.524070978 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.524147987 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.524162054 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.524204969 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:23.524219036 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.524265051 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.564997911 CEST | 49720 | 443 | 192.168.2.5 | 152.199.4.44 |
Apr 19, 2024 11:13:23.565057993 CEST | 443 | 49720 | 152.199.4.44 | 192.168.2.5 |
Apr 19, 2024 11:13:25.057769060 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:25.057883024 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:25.198415995 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:25.378505945 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.378551960 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:25.378650904 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.391072035 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.391097069 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:25.619415998 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:25.622941017 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.622963905 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:25.624510050 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:25.624593019 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.644753933 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.645206928 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:25.697407961 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.697423935 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:25.744271040 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:25.943613052 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:25.943695068 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:25.943991899 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:25.947237015 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:25.947314024 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.177346945 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.177448034 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.180803061 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.180854082 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.181284904 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.228857994 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.314085960 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.356148958 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.422360897 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.422684908 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.422749996 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.422791004 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.422791958 CEST | 49725 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.422821999 CEST | 443 | 49725 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.452172041 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.452250004 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.452354908 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.452873945 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.452951908 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.577272892 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:26.577398062 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:26.673044920 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.673157930 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.674880981 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.674891949 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.675220966 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.676409960 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.724113941 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.879725933 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.879919052 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.880498886 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.931354046 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.931354046 CEST | 49726 | 443 | 192.168.2.5 | 23.216.73.151 |
Apr 19, 2024 11:13:26.931416988 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:26.931459904 CEST | 443 | 49726 | 23.216.73.151 | 192.168.2.5 |
Apr 19, 2024 11:13:35.625842094 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:35.626015902 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:35.626087904 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:35.927213907 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:35.927253008 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:35.927311897 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:35.928636074 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:35.928656101 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:36.452152967 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:36.452222109 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:36.488135099 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:36.488159895 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:36.489173889 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:36.542133093 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:36.693497896 CEST | 49724 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:13:36.693572044 CEST | 443 | 49724 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:13:37.275974989 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.320116997 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.330343008 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.330501080 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.331857920 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.331959963 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.332154989 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.332662106 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.332686901 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.482570887 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.482599974 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606345892 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606406927 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606429100 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606472969 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.606478930 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606499910 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606511116 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.606519938 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606549025 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.606554985 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606568098 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.606604099 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.606735945 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606797934 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.606806993 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.606925964 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:37.607127905 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:37.658158064 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.658245087 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.851428986 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.851512909 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.851979971 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.852057934 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.852650881 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.852695942 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:37.852864981 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:37.852879047 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:38.168582916 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:38.168611050 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:38.168621063 CEST | 49733 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:13:38.168626070 CEST | 443 | 49733 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:13:38.231466055 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:38.231583118 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:38.231940985 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:38.232012033 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:38.232023001 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:38.232049942 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:38.354024887 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:38.354053020 CEST | 443 | 49738 | 23.1.237.91 | 192.168.2.5 |
Apr 19, 2024 11:13:38.354063988 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:38.354105949 CEST | 49738 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 19, 2024 11:13:53.349965096 CEST | 80 | 49717 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:13:53.350050926 CEST | 49717 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:55.073421001 CEST | 49717 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:55.191606045 CEST | 80 | 49717 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:13:56.720273972 CEST | 80 | 49714 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:13:56.720393896 CEST | 49714 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:57.072988033 CEST | 49714 | 80 | 192.168.2.5 | 208.95.112.1 |
Apr 19, 2024 11:13:57.191066027 CEST | 80 | 49714 | 208.95.112.1 | 192.168.2.5 |
Apr 19, 2024 11:14:14.650465012 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:14.650512934 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:14.650609970 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:14.651233912 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:14.651247978 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.176287889 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.176372051 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.180919886 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.180928946 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.181272030 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.193206072 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.240134954 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.685887098 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.685920000 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.685939074 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.686042070 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.686057091 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.686093092 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.686151028 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.686167002 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.697585106 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.697603941 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:15.697720051 CEST | 49741 | 443 | 192.168.2.5 | 20.114.59.183 |
Apr 19, 2024 11:14:15.697726965 CEST | 443 | 49741 | 20.114.59.183 | 192.168.2.5 |
Apr 19, 2024 11:14:25.501027107 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:25.501055956 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:25.501178026 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:25.501498938 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:25.501518011 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:25.720942020 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:25.721443892 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:25.721465111 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:25.722554922 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:25.723469973 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:25.723550081 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:25.775116920 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:35.727801085 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:35.727986097 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Apr 19, 2024 11:14:35.728121996 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:37.081480980 CEST | 49743 | 443 | 192.168.2.5 | 64.233.176.103 |
Apr 19, 2024 11:14:37.081506014 CEST | 443 | 49743 | 64.233.176.103 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 11:13:20.850462914 CEST | 56086 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:20.850609064 CEST | 60607 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:20.861771107 CEST | 53 | 63659 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:20.863090038 CEST | 53 | 49317 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:20.954025984 CEST | 53 | 58516 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:20.955070019 CEST | 53 | 56086 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:20.955868006 CEST | 53 | 60607 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:21.464934111 CEST | 53 | 57256 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:21.772094965 CEST | 58348 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:21.772248030 CEST | 56393 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:21.826343060 CEST | 57746 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:21.826585054 CEST | 50955 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:21.877121925 CEST | 53 | 58348 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:21.898695946 CEST | 53 | 56393 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:21.931967974 CEST | 53 | 57746 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:21.950980902 CEST | 53 | 50955 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.249293089 CEST | 54723 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:22.249439001 CEST | 56131 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:22.315985918 CEST | 64187 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:22.316418886 CEST | 57297 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:22.355999947 CEST | 53 | 54723 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.376616001 CEST | 53 | 56131 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.423719883 CEST | 53 | 64187 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.424701929 CEST | 53 | 57297 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.536375999 CEST | 50442 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:22.536516905 CEST | 65174 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:22.641633987 CEST | 53 | 65174 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:22.644817114 CEST | 53 | 50442 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:25.266690969 CEST | 59470 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:25.266901016 CEST | 50469 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 19, 2024 11:13:25.371376038 CEST | 53 | 50469 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:25.371438026 CEST | 53 | 59470 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:26.859637976 CEST | 53 | 64348 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:39.070983887 CEST | 53 | 61525 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:13:58.115334034 CEST | 53 | 56116 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:14:20.488068104 CEST | 53 | 56028 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:14:21.097372055 CEST | 53 | 54428 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:14:48.743449926 CEST | 53 | 51048 | 1.1.1.1 | 192.168.2.5 |
Apr 19, 2024 11:15:33.384880066 CEST | 53 | 51874 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 19, 2024 11:13:20.850462914 CEST | 192.168.2.5 | 1.1.1.1 | 0x34ef | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:13:20.850609064 CEST | 192.168.2.5 | 1.1.1.1 | 0xcba6 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 11:13:21.772094965 CEST | 192.168.2.5 | 1.1.1.1 | 0x543 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:13:21.772248030 CEST | 192.168.2.5 | 1.1.1.1 | 0x3d56 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 11:13:21.826343060 CEST | 192.168.2.5 | 1.1.1.1 | 0x21e6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:13:21.826585054 CEST | 192.168.2.5 | 1.1.1.1 | 0xd093 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 11:13:22.249293089 CEST | 192.168.2.5 | 1.1.1.1 | 0x2ca7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:13:22.249439001 CEST | 192.168.2.5 | 1.1.1.1 | 0x2f24 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 11:13:22.315985918 CEST | 192.168.2.5 | 1.1.1.1 | 0xda22 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:13:22.316418886 CEST | 192.168.2.5 | 1.1.1.1 | 0x78c7 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 11:13:22.536375999 CEST | 192.168.2.5 | 1.1.1.1 | 0xe4d1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:13:22.536516905 CEST | 192.168.2.5 | 1.1.1.1 | 0x9312 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 19, 2024 11:13:25.266690969 CEST | 192.168.2.5 | 1.1.1.1 | 0x4527 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:13:25.266901016 CEST | 192.168.2.5 | 1.1.1.1 | 0xaee6 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 19, 2024 11:13:20.955070019 CEST | 1.1.1.1 | 192.168.2.5 | 0x34ef | No error (0) | cs1100.wpc.omegacdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:20.955070019 CEST | 1.1.1.1 | 192.168.2.5 | 0x34ef | No error (0) | 152.199.4.44 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:20.955868006 CEST | 1.1.1.1 | 192.168.2.5 | 0xcba6 | No error (0) | cs1100.wpc.omegacdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:21.877121925 CEST | 1.1.1.1 | 192.168.2.5 | 0x543 | No error (0) | d26p066pn2w0s0.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:21.877121925 CEST | 1.1.1.1 | 192.168.2.5 | 0x543 | No error (0) | 3.161.136.96 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:21.877121925 CEST | 1.1.1.1 | 192.168.2.5 | 0x543 | No error (0) | 3.161.136.8 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:21.877121925 CEST | 1.1.1.1 | 192.168.2.5 | 0x543 | No error (0) | 3.161.136.24 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:21.877121925 CEST | 1.1.1.1 | 192.168.2.5 | 0x543 | No error (0) | 3.161.136.44 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:21.898695946 CEST | 1.1.1.1 | 192.168.2.5 | 0x3d56 | No error (0) | d26p066pn2w0s0.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:21.931967974 CEST | 1.1.1.1 | 192.168.2.5 | 0x21e6 | No error (0) | 208.95.112.1 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.355999947 CEST | 1.1.1.1 | 192.168.2.5 | 0x2ca7 | No error (0) | 208.95.112.1 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.423719883 CEST | 1.1.1.1 | 192.168.2.5 | 0xda22 | No error (0) | cs1100.wpc.omegacdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.423719883 CEST | 1.1.1.1 | 192.168.2.5 | 0xda22 | No error (0) | 152.199.4.44 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.424701929 CEST | 1.1.1.1 | 192.168.2.5 | 0x78c7 | No error (0) | cs1100.wpc.omegacdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.641633987 CEST | 1.1.1.1 | 192.168.2.5 | 0x9312 | No error (0) | d26p066pn2w0s0.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.644817114 CEST | 1.1.1.1 | 192.168.2.5 | 0xe4d1 | No error (0) | d26p066pn2w0s0.cloudfront.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.644817114 CEST | 1.1.1.1 | 192.168.2.5 | 0xe4d1 | No error (0) | 3.161.136.96 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.644817114 CEST | 1.1.1.1 | 192.168.2.5 | 0xe4d1 | No error (0) | 3.161.136.44 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.644817114 CEST | 1.1.1.1 | 192.168.2.5 | 0xe4d1 | No error (0) | 3.161.136.24 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:22.644817114 CEST | 1.1.1.1 | 192.168.2.5 | 0xe4d1 | No error (0) | 3.161.136.8 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:25.371376038 CEST | 1.1.1.1 | 192.168.2.5 | 0xaee6 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 19, 2024 11:13:25.371438026 CEST | 1.1.1.1 | 192.168.2.5 | 0x4527 | No error (0) | 64.233.176.103 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:25.371438026 CEST | 1.1.1.1 | 192.168.2.5 | 0x4527 | No error (0) | 64.233.176.105 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:25.371438026 CEST | 1.1.1.1 | 192.168.2.5 | 0x4527 | No error (0) | 64.233.176.104 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:25.371438026 CEST | 1.1.1.1 | 192.168.2.5 | 0x4527 | No error (0) | 64.233.176.106 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:25.371438026 CEST | 1.1.1.1 | 192.168.2.5 | 0x4527 | No error (0) | 64.233.176.147 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:13:25.371438026 CEST | 1.1.1.1 | 192.168.2.5 | 0x4527 | No error (0) | 64.233.176.99 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49714 | 208.95.112.1 | 80 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Apr 19, 2024 11:13:22.069886923 CEST | 326 | OUT | |
Apr 19, 2024 11:13:22.243300915 CEST | 286 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49717 | 208.95.112.1 | 80 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Apr 19, 2024 11:13:22.531807899 CEST | 312 | OUT | |
Apr 19, 2024 11:13:22.711986065 CEST | 286 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49709 | 152.199.4.44 | 443 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:21 UTC | 586 | OUT | |
2024-04-19 09:13:21 UTC | 734 | IN | |
2024-04-19 09:13:21 UTC | 16383 | IN | |
2024-04-19 09:13:21 UTC | 1 | IN | |
2024-04-19 09:13:21 UTC | 16383 | IN | |
2024-04-19 09:13:21 UTC | 16383 | IN | |
2024-04-19 09:13:21 UTC | 16383 | IN | |
2024-04-19 09:13:21 UTC | 16383 | IN | |
2024-04-19 09:13:21 UTC | 4 | IN | |
2024-04-19 09:13:21 UTC | 16383 | IN | |
2024-04-19 09:13:21 UTC | 12251 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49712 | 152.199.4.44 | 443 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:22 UTC | 619 | OUT | |
2024-04-19 09:13:22 UTC | 737 | IN | |
2024-04-19 09:13:22 UTC | 1864 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49713 | 3.161.136.96 | 443 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:22 UTC | 508 | OUT | |
2024-04-19 09:13:22 UTC | 548 | IN | |
2024-04-19 09:13:22 UTC | 10682 | IN | |
2024-04-19 09:13:22 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49715 | 152.199.4.44 | 443 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:22 UTC | 606 | OUT | |
2024-04-19 09:13:22 UTC | 719 | IN | |
2024-04-19 09:13:22 UTC | 16383 | IN | |
2024-04-19 09:13:22 UTC | 791 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49718 | 152.199.4.44 | 443 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:22 UTC | 419 | OUT | |
2024-04-19 09:13:22 UTC | 737 | IN | |
2024-04-19 09:13:22 UTC | 1864 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49719 | 3.161.136.96 | 443 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:22 UTC | 358 | OUT | |
2024-04-19 09:13:23 UTC | 555 | IN | |
2024-04-19 09:13:23 UTC | 10682 | IN | |
2024-04-19 09:13:23 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49720 | 152.199.4.44 | 443 | 6660 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:23 UTC | 406 | OUT | |
2024-04-19 09:13:23 UTC | 719 | IN | |
2024-04-19 09:13:23 UTC | 16383 | IN | |
2024-04-19 09:13:23 UTC | 791 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49725 | 23.216.73.151 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:26 UTC | 161 | OUT | |
2024-04-19 09:13:26 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49726 | 23.216.73.151 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:26 UTC | 239 | OUT | |
2024-04-19 09:13:26 UTC | 531 | IN | |
2024-04-19 09:13:26 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.5 | 49733 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:37 UTC | 306 | OUT | |
2024-04-19 09:13:37 UTC | 560 | IN | |
2024-04-19 09:13:37 UTC | 15824 | IN | |
2024-04-19 09:13:37 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
10 | 192.168.2.5 | 49738 | 23.1.237.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:13:37 UTC | 2148 | OUT | |
2024-04-19 09:13:37 UTC | 1 | OUT | |
2024-04-19 09:13:37 UTC | 2483 | OUT | |
2024-04-19 09:13:38 UTC | 480 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
11 | 192.168.2.5 | 49741 | 20.114.59.183 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 09:14:15 UTC | 306 | OUT | |
2024-04-19 09:14:15 UTC | 560 | IN | |
2024-04-19 09:14:15 UTC | 15824 | IN | |
2024-04-19 09:14:15 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 11:13:16 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 2 |
Start time: | 11:13:18 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |