Windows
Analysis Report
https://147.45.47.87
Overview
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 7056 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// 147.45.47. 87/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6268 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2172 --fi eld-trial- handle=194 8,i,123715 2497137994 0788,13046 3725647791 61318,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 74.125.136.99 | true | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
147.45.47.87 | unknown | Russian Federation | 2895 | FREE-NET-ASFREEnetEU | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
74.125.136.99 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.16 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1428730 |
Start date and time: | 2024-04-19 14:15:37 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 33s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://147.45.47.87 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 14 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@14/13@2/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 64.233.185.94, 64.233.176.102, 64.233.176.139, 64.233.176.138, 64.233.176.100, 64.233.176.101, 64.233.176.113, 64.233.177.84, 34.104.35.123, 172.217.215.94, 142.250.105.139, 142.250.105.101, 142.250.105.100, 142.250.105.102, 142.250.105.113, 142.250.105.138
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: https://147.45.47.87
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.9810165914959033 |
Encrypted: | false |
SSDEEP: | 48:8kOdzT7frHDidAKZdA1FehwiZUklqehey+3:8kaXRty |
MD5: | 43FD3005F744BE0C55C3824E0859435F |
SHA1: | 6974D919449F0D85427825DF2B5EAD1A33F62664 |
SHA-256: | 98F312160F6E5FD9BD8D8B8A1D022ECED36E7E6F9E67567C05BA1613D7F5DC7C |
SHA-512: | 787DD57AC00CA3EE8978AA7C7AB68B8C4391CCFF21A5CA1C71182CD5547036FF14782AA528FFCE1E2DFA24576599C91B74B0B26B39CA0CB45B2AA256DA16B1D6 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 3.996719465608169 |
Encrypted: | false |
SSDEEP: | 48:8uOdzT7frHDidAKZdA1seh/iZUkAQkqehdy+2:8uaXH9Q0y |
MD5: | 59A796AED9F76A43F06FF18E8A3D27FE |
SHA1: | DDAE60A49F26A7BE9C068D303886CA0284E9B8A7 |
SHA-256: | D7F2013349C4EA74496476205BA5C45ABF0C975B05B2E967C8E5071146DB432F |
SHA-512: | 74750271ECED73C8CE6958F5A7914CDA303F59C891711E30DCE7555BC391A3C97B46D21AAFDBA3FE8683536CA1D17D7E51FC2523AA76DFABFCAE6235FB39E822 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.004908867524889 |
Encrypted: | false |
SSDEEP: | 48:8IOdzT7fAHDidAKZdA14meh7sFiZUkmgqeh7s7y+BX:8IaXinRy |
MD5: | 5E99A7F6A81FE26AD41C7BE4D02A8842 |
SHA1: | DBD2C40C224154A8C342170A95832E204E032B6B |
SHA-256: | 220EC9C6F151FDA922453C25F267B394F603E36294789F770DF4D98EED4AAF73 |
SHA-512: | 03864B8EABDEA25D96E7BC5AABCD68F23F1D7AE5FB3BAD86F6FFA7A5F35842BC3F65289FD1FAB687BD226BBBFEAB764218B1E9D14E3CE92D08FF96684307D844 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9960784135368836 |
Encrypted: | false |
SSDEEP: | 48:8WOdzT7frHDidAKZdA1TehDiZUkwqehZy+R:8WaX0jy |
MD5: | AAE1B360C6FA1BE747DF0F5E13ABDFA9 |
SHA1: | EAC8EA02E9E6C17F60B4CCAF965F566CD60259BE |
SHA-256: | B83E28B64A56C52D7FED4E5DB7BB795347D02274D75780D4E788C82B3B3206B2 |
SHA-512: | 8C2A5B9DE621A4DB1F9F0EAB782C75C6EB6B11DB28E1DD71C173DD7C71D9481431811BC096C4792DC964CB098D8C256751A5B59911E63DCC20AE59E1576555E3 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9805256704474967 |
Encrypted: | false |
SSDEEP: | 48:8fOdzT7frHDidAKZdA1dehBiZUk1W1qeh/y+C:8faX09fy |
MD5: | 552E5BEA714BA9E224C12B551DFE5127 |
SHA1: | 692FB6BDCD2ADF49D4EF20E9CCCBDD3FA97872A0 |
SHA-256: | E7C23D1ADAE144B709EFDA079D273B259AD9D8985EF65BF8179486AE801AA18B |
SHA-512: | 4BDF654334B0B10A692E6BCB337A49B62BA318269221417C593A09829BCEC2351D112FB8682EF8DF8206017BB6AA4FF2A7DEF7B29821ACA9EF056DE855AD29DD |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.991998066597501 |
Encrypted: | false |
SSDEEP: | 48:8lOdzT7frHDidAKZdA1duTeehOuTbbiZUk5OjqehOuTbRy+yT+:8laXGTfTbxWOvTbRy7T |
MD5: | E00FBFD0B33E88601F8286B6F5A8E02A |
SHA1: | 4B9F792A0B1A8EB5A364C2D4394243ED828BC779 |
SHA-256: | CD96904DF8A451DD63876D9D5487AE8ED192AFDFBE0AD19C9FE502CC6E57D210 |
SHA-512: | A7153854F1645273782872457E9259BF1B12D6038AE43FAA4C04C7019328FAE77E6C0D3B82F23546475D06C5A87D441EFB5C9BF0A21C692DE6CB5A7263FF18F0 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 275 |
Entropy (8bit): | 5.249744178441575 |
Encrypted: | false |
SSDEEP: | 6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoIRCwpbB8oD:J0+oxBeRmR9etdzRxGezHtpbB8+ |
MD5: | C7B8B21B4A189773C57179676E0B96F0 |
SHA1: | 47810DF9F1BB1BABA0997593AA524ED585919D21 |
SHA-256: | 5AAC3A8A37A5E70CC163FB0DBA3FD3579004E7B8C7885AE3F42D27C2F88E753E |
SHA-512: | 339FE6E78DB7FF1FBF74FEB8EE9E7C80ACEBABA2020E71E29DA025E88812266F4D79889291BFAD2FD050C76F0C34909E28222D1AE32C258222D108FBB9ED619E |
Malicious: | false |
Reputation: | low |
URL: | https://147.45.47.87/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3322 |
Entropy (8bit): | 7.854651820755909 |
Encrypted: | false |
SSDEEP: | 96:PsQYMohEgmJxedUPZnr4u77t4lfuWGFHMt1mbVAu5dWC:PsHMYCekZr4u/mQFst1mKu5MC |
MD5: | 3B026DD0605E5D46688845F7CE6C2DF1 |
SHA1: | 395C14329336735F983E16203E73F00A4E18DAC3 |
SHA-256: | E2E656CCE0AAF97B1C94B01592FCA89088FD771F55768FB69F95E10C0099CF25 |
SHA-512: | AAB3BFDE0FDAC1F3BBB055BF60C104EB3154590FAD827876A1200E04BB13083C80F37388B2E613BAAECC7A3F288904DE787888CF75444BF47C3227A65EB0C9DA |
Malicious: | false |
Reputation: | low |
URL: | https://147.45.47.87/icons/ubuntu-logo.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10671 |
Entropy (8bit): | 4.373603057196099 |
Encrypted: | false |
SSDEEP: | 96:wAL6evwSMhQKrFih8Wdp3667KeQAm+czjJX9059OnBun3nXJgJF2Oiloet2nnSzN:wq6ywSGQKJUnpJKeOJaTE2OiLAI1R |
MD5: | 720999B43A3BE0674180354AC41F20B1 |
SHA1: | 152A75D80C0BDADB382E1CAFE517159CB76A19CC |
SHA-256: | 6FAEF4D5D777FDCAA653766B0AC8B9ED32D0FD87F7DCD79F02FF524DD1B0EB69 |
SHA-512: | DABE86F15DC4273EB536F62E9C2B847C4BBB2DA9F0B87F00D0718D9E29FFDC719153504F60F46ED5FC54231E346B83ECB9D0E8AAD40CF0256ABE9E4CD6A695E6 |
Malicious: | false |
Reputation: | low |
URL: | https://147.45.47.87/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3322 |
Entropy (8bit): | 7.854651820755909 |
Encrypted: | false |
SSDEEP: | 96:PsQYMohEgmJxedUPZnr4u77t4lfuWGFHMt1mbVAu5dWC:PsHMYCekZr4u/mQFst1mKu5MC |
MD5: | 3B026DD0605E5D46688845F7CE6C2DF1 |
SHA1: | 395C14329336735F983E16203E73F00A4E18DAC3 |
SHA-256: | E2E656CCE0AAF97B1C94B01592FCA89088FD771F55768FB69F95E10C0099CF25 |
SHA-512: | AAB3BFDE0FDAC1F3BBB055BF60C104EB3154590FAD827876A1200E04BB13083C80F37388B2E613BAAECC7A3F288904DE787888CF75444BF47C3227A65EB0C9DA |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 14:16:03.482415915 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:03.482507944 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:03.482587099 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:03.483088017 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:03.483127117 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:03.946676016 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:03.947082043 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:03.947141886 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:03.948786020 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:03.948890924 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:03.949733019 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:03.949966908 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:03.949975014 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:03.996121883 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.004007101 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.004041910 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.052016020 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.376588106 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.376617908 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.376629114 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.376694918 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.376709938 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.376756907 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.376769066 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.376811981 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.376844883 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.376892090 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.376945972 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.377393961 CEST | 49698 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.377425909 CEST | 443 | 49698 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.386668921 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.386698961 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.386778116 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.388091087 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.388107061 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.838737011 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.839339018 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.839363098 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.840498924 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.840874910 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.841034889 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:04.841038942 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.841056108 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:04.883030891 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.281565905 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.281599045 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.281676054 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.281683922 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.281734943 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.282840014 CEST | 49702 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.282850981 CEST | 443 | 49702 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.287772894 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.287859917 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.287954092 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.288458109 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.288494110 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.288839102 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.288919926 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.289005995 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.289906979 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.289936066 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.735367060 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.735680103 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.735717058 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.736617088 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.736706972 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.737170935 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.737227917 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.737318993 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.737327099 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.738198996 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.739258051 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.739286900 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.739769936 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.740092039 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.740185022 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.740200043 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.788116932 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:05.790035009 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:05.793181896 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:06.179388046 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:06.179450989 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:06.179552078 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:06.179608107 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:06.179646969 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:06.179670095 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:06.179717064 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:06.180541039 CEST | 49703 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:06.180578947 CEST | 443 | 49703 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:06.181533098 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:06.181714058 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:06.181777954 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:06.182776928 CEST | 49704 | 443 | 192.168.2.16 | 147.45.47.87 |
Apr 19, 2024 14:16:06.182791948 CEST | 443 | 49704 | 147.45.47.87 | 192.168.2.16 |
Apr 19, 2024 14:16:08.176362038 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 14:16:08.395010948 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:08.395057917 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:08.395143032 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:08.395416021 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:08.395433903 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:08.480015039 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 14:16:08.627021074 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:08.627336979 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:08.627357960 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:08.629066944 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:08.629144907 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:08.630379915 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:08.630476952 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:08.685998917 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:08.686013937 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:08.734060049 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:09.086014986 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 14:16:10.291021109 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 14:16:12.704058886 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 14:16:14.507261038 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.507313013 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.507540941 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.509751081 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.509825945 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.739794970 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.740101099 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.743592978 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.743643045 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.744060993 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.779895067 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.824119091 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.936475039 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.936619997 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.936933041 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.936933041 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.936933041 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.974690914 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.974745035 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:14.974966049 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.975192070 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:14.975219011 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.193726063 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.193844080 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:15.195024967 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:15.195053101 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.195405006 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.196682930 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:15.242746115 CEST | 49711 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:15.242784023 CEST | 443 | 49711 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.244113922 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.399755001 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.399898052 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.399974108 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:15.400630951 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:15.400631905 CEST | 49712 | 443 | 192.168.2.16 | 23.63.206.91 |
Apr 19, 2024 14:16:15.400672913 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:15.400701046 CEST | 443 | 49712 | 23.63.206.91 | 192.168.2.16 |
Apr 19, 2024 14:16:16.344278097 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 14:16:16.646013975 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 14:16:17.264004946 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 14:16:17.507031918 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 14:16:18.234097958 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.234194040 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.234316111 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.235316992 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.235358000 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.479017019 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 14:16:18.611793995 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.612003088 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.612582922 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:18.612704992 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:18.612787008 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:18.614418983 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.614447117 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.614857912 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.662647963 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.708117008 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955050945 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955110073 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955130100 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955168962 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955215931 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955233097 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.955312967 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955348015 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955353022 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.955353022 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.955378056 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.955391884 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955419064 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.955437899 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.955450058 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955559969 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.955621004 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.965595961 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.965636969 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:18.965662956 CEST | 49713 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:18.965677023 CEST | 443 | 49713 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:19.662456036 CEST | 49707 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:16:19.662527084 CEST | 443 | 49707 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:16:20.826142073 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 14:16:20.890013933 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 14:16:21.130008936 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 14:16:21.737042904 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 14:16:22.951035023 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 14:16:25.363050938 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 14:16:25.699112892 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 14:16:27.122118950 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 19, 2024 14:16:30.174175024 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 14:16:35.300062895 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 19, 2024 14:16:39.788252115 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 19, 2024 14:16:54.025335073 CEST | 49695 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 14:16:54.025445938 CEST | 49697 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 14:16:54.130016088 CEST | 80 | 49695 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 14:16:54.130085945 CEST | 80 | 49695 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 14:16:54.130158901 CEST | 80 | 49697 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 14:16:54.130201101 CEST | 80 | 49697 | 199.232.214.172 | 192.168.2.16 |
Apr 19, 2024 14:16:54.130337954 CEST | 49695 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 14:16:54.130527973 CEST | 49697 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 19, 2024 14:16:55.326317072 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:55.326387882 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:55.326508045 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:55.327004910 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:55.327045918 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:55.704607010 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:55.704770088 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:55.706600904 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:55.706630945 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:55.707158089 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:55.709439039 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:55.756138086 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062036991 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062098026 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062160969 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062330008 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:56.062330961 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:56.062402010 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062446117 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062516928 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:56.062535048 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062587023 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.062632084 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:56.062673092 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:56.066040039 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:56.066040039 CEST | 49714 | 443 | 192.168.2.16 | 20.12.23.50 |
Apr 19, 2024 14:16:56.066112995 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:16:56.066148043 CEST | 443 | 49714 | 20.12.23.50 | 192.168.2.16 |
Apr 19, 2024 14:17:08.346306086 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:08.346384048 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:08.346504927 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:08.346801043 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:08.346836090 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:08.565237045 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:08.565601110 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:08.565634012 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:08.566725969 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:08.567147017 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:08.567326069 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:08.617019892 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:10.086067915 CEST | 49688 | 443 | 192.168.2.16 | 13.107.21.200 |
Apr 19, 2024 14:17:18.576193094 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:18.576353073 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Apr 19, 2024 14:17:18.576550007 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:19.668451071 CEST | 49716 | 443 | 192.168.2.16 | 74.125.136.99 |
Apr 19, 2024 14:17:19.668487072 CEST | 443 | 49716 | 74.125.136.99 | 192.168.2.16 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2024 14:16:03.548490047 CEST | 53 | 54981 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:16:03.588995934 CEST | 53 | 59621 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:16:04.180053949 CEST | 53 | 61878 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:16:08.289057970 CEST | 60686 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 14:16:08.289294958 CEST | 53603 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 19, 2024 14:16:08.393487930 CEST | 53 | 60686 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:16:08.393568993 CEST | 53 | 53603 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:16:21.060081959 CEST | 53 | 59528 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:16:39.878737926 CEST | 53 | 59520 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:17:02.714498043 CEST | 53 | 51513 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:17:03.530313015 CEST | 53 | 61942 | 1.1.1.1 | 192.168.2.16 |
Apr 19, 2024 14:17:12.529162884 CEST | 138 | 138 | 192.168.2.16 | 192.168.2.255 |
Apr 19, 2024 14:17:31.778481960 CEST | 53 | 52266 | 1.1.1.1 | 192.168.2.16 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 19, 2024 14:16:08.289057970 CEST | 192.168.2.16 | 1.1.1.1 | 0x5963 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2024 14:16:08.289294958 CEST | 192.168.2.16 | 1.1.1.1 | 0x35a5 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 19, 2024 14:16:08.393487930 CEST | 1.1.1.1 | 192.168.2.16 | 0x5963 | No error (0) | 74.125.136.99 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 14:16:08.393487930 CEST | 1.1.1.1 | 192.168.2.16 | 0x5963 | No error (0) | 74.125.136.106 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 14:16:08.393487930 CEST | 1.1.1.1 | 192.168.2.16 | 0x5963 | No error (0) | 74.125.136.104 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 14:16:08.393487930 CEST | 1.1.1.1 | 192.168.2.16 | 0x5963 | No error (0) | 74.125.136.105 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 14:16:08.393487930 CEST | 1.1.1.1 | 192.168.2.16 | 0x5963 | No error (0) | 74.125.136.103 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 14:16:08.393487930 CEST | 1.1.1.1 | 192.168.2.16 | 0x5963 | No error (0) | 74.125.136.147 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2024 14:16:08.393568993 CEST | 1.1.1.1 | 192.168.2.16 | 0x35a5 | No error (0) | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.16 | 49698 | 147.45.47.87 | 443 | 6268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:03 UTC | 655 | OUT | |
2024-04-19 12:16:04 UTC | 274 | IN | |
2024-04-19 12:16:04 UTC | 7918 | IN | |
2024-04-19 12:16:04 UTC | 2753 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.16 | 49702 | 147.45.47.87 | 443 | 6268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:04 UTC | 590 | OUT | |
2024-04-19 12:16:05 UTC | 249 | IN | |
2024-04-19 12:16:05 UTC | 3322 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.16 | 49703 | 147.45.47.87 | 443 | 6268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:05 UTC | 357 | OUT | |
2024-04-19 12:16:06 UTC | 249 | IN | |
2024-04-19 12:16:06 UTC | 3322 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.16 | 49704 | 147.45.47.87 | 443 | 6268 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:05 UTC | 580 | OUT | |
2024-04-19 12:16:06 UTC | 180 | IN | |
2024-04-19 12:16:06 UTC | 275 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.16 | 49711 | 23.63.206.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:14 UTC | 161 | OUT | |
2024-04-19 12:16:14 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.16 | 49712 | 23.63.206.91 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:15 UTC | 239 | OUT | |
2024-04-19 12:16:15 UTC | 531 | IN | |
2024-04-19 12:16:15 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.16 | 49713 | 20.12.23.50 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:18 UTC | 306 | OUT | |
2024-04-19 12:16:18 UTC | 560 | IN | |
2024-04-19 12:16:18 UTC | 15824 | IN | |
2024-04-19 12:16:18 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.16 | 49714 | 20.12.23.50 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-19 12:16:55 UTC | 306 | OUT | |
2024-04-19 12:16:56 UTC | 560 | IN | |
2024-04-19 12:16:56 UTC | 15824 | IN | |
2024-04-19 12:16:56 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 14:16:01 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 14:16:02 |
Start date: | 19/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |