Edit tour
Windows
Analysis Report
https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/4e682efb4a916972a21d789dbb40461d
Overview
General Information
| Sample URL: | https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/4e682efb4a916972a21d789dbb40461d |
| Analysis ID: | 1428964 |
| Infos: | |
 | |
Detection
| Score: | 1 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection
Classification
- System is w10x64
chrome.exe (PID: 4160 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 2000 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2036 --fi eld-trial- handle=190 4,i,106550 5346236861 6655,13429 3457142699 44312,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 5520 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://mail- cloudstati on-us-west -2.prod.hy dra.sophos .com/mail/ api/xgemai l/smart-ba nner/4e682 efb4a91697 2a21d789db b40461d" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Classification label: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | Window detected: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
| mail-spinnaker-1148880338.us-west-2.elb.amazonaws.com | 44.240.188.192 | true | false | high | |
| cloud.sophos.com | 54.171.140.60 | true | false | high | |
| www.google.com | 142.250.105.103 | true | false | high | |
| fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown | |
| windowsupdatebg.s.llnwi.net | 69.164.42.0 | true | false | unknown | |
| mail-cloudstation-us-west-2.prod.hydra.sophos.com | unknown | unknown | false | high |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false | high | ||
| false | high |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | high | |||
| false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 54.171.140.60 | cloud.sophos.com | United States | 16509 | AMAZON-02US | false | |
| 52.51.41.19 | unknown | United States | 16509 | AMAZON-02US | false | |
| 44.240.188.192 | mail-spinnaker-1148880338.us-west-2.elb.amazonaws.com | United States | 16509 | AMAZON-02US | false | |
| 142.250.105.103 | www.google.com | United States | 15169 | GOOGLEUS | false |
| IP |
|---|
| 192.168.2.5 |
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1428964 |
| Start date and time: | 2024-04-19 23:08:04 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 3m 22s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | browseurl.jbs |
| Sample URL: | https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/4e682efb4a916972a21d789dbb40461d |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 7 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Detection: | CLEAN |
| Classification: | clean1.win@18/12@8/6 |
| EGA Information: | Failed |
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.105.113, 142.250.105.101, 142.250.105.102, 142.250.105.139, 142.250.105.138, 142.250.105.100, 64.233.177.94, 142.250.9.84, 34.104.35.123, 52.165.165.26, 192.229.211.108, 69.164.42.0, 20.242.39.171, 23.40.205.58, 23.40.205.56, 23.40.205.59, 23.40.205.18, 23.40.205.83, 23.40.205.67, 23.40.205.66, 23.40.205.49, 23.40.205.57, 142.251.15.94, 23.40.205.19, 23.40.205.24, 23.40.205.34, 23.40.205.43, 23.40.205.33, 23.40.205.11, 23.40.205.51, 23.40.205.26
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/4e682efb4a916972a21d789dbb40461d
⊘No simulations
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.98353658521123 |
| Encrypted: | false |
| SSDEEP: | 48:832dATksvHcidAKZdA19ehwiZUklqehJy+3:83ZvSCy |
| MD5: | 726A8B004CD01DE70DA92648893EC757 |
| SHA1: | 89772567D8E079F99E788BD44836C6357AECA08E |
| SHA-256: | FCC568EA6B02735F5122A905F9BE5D30D1F9FFB0CF6D823C48AE4B4AF21710F7 |
| SHA-512: | 4D7F0BE3CB765F98F02CEC0EEB7370C13A168364B09266AFFE7B8AE3BECEB25A2AC20E60CA326E31E772F14EEC9C832AEA45ABBB52EC1CB0989065F13041586F |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2679 |
| Entropy (8bit): | 3.9969372021376723 |
| Encrypted: | false |
| SSDEEP: | 48:8u2dATksvHcidAKZdA1weh/iZUkAQkqehyy+2:8uZvI9Qjy |
| MD5: | 2144932FD61B93F851C1A35672029188 |
| SHA1: | 6D0F629981742B1A432C1878CCD9A77F4C57A29D |
| SHA-256: | 52E8A729EEF9ACEEAC072283FBD1DA5C8E0483220E0982FABC5185BCE7BE90F2 |
| SHA-512: | 9C53268867E3C205F92EE4963D9246B86290DEC48723C7C38C52D0CBE308BDDE8A12E79BB1B4FC7A54A5FC6C84C22DED27C318164B29FCE1CDDDB743C1E9E174 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2693 |
| Entropy (8bit): | 4.009094422643862 |
| Encrypted: | false |
| SSDEEP: | 48:8xY2dATkssHcidAKZdA14tseh7sFiZUkmgqeh7sky+BX:8xYZvlnmy |
| MD5: | 86F80B2B8A9E0041ADA78404B53B1638 |
| SHA1: | F856B48D1F6A20F2A2202C9F73D2BCC3C660429C |
| SHA-256: | A15C5C1F985E6931EB58DD7D51F95FA219C1284D79FC1C625B78E33543B54F02 |
| SHA-512: | BF6A47F385BC78CF2D0634229D668EC3BFC00DE45374EDC37E9AB977711095D6D7FD329B2F4A99BA424147F77DBD4FA1DEB12336189A1083768FF6658A7F4D1E |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2681 |
| Entropy (8bit): | 3.9969237713582855 |
| Encrypted: | false |
| SSDEEP: | 48:822dATksvHcidAKZdA1vehDiZUkwqeh+y+R:82ZvT8y |
| MD5: | 9B1CF602DED68BDF977438A18398A939 |
| SHA1: | 7B39B0C68C9A2D156405066386DCB5D637499290 |
| SHA-256: | E9DFD8C3DB235931C685AF903D494758BAEFBC4504940BB7232D688F1647E01E |
| SHA-512: | 571DDC9825AB64002A03C5D285D37CF1ED58348D7264D3AA7053EE74EB5FA5802733948565D87745CD0A068CBE8E9C3376F3CBA12E2748E7A737E39CA07BB67A |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2681 |
| Entropy (8bit): | 3.983572137253115 |
| Encrypted: | false |
| SSDEEP: | 48:8G2dATksvHcidAKZdA1hehBiZUk1W1qeh4y+C:8GZvD9Yy |
| MD5: | 2048A2E14E8B3AA8E88BE0E21763D4A3 |
| SHA1: | 913B6334BA24FD451527BFF55524A3EB5699E282 |
| SHA-256: | C2D4BD6D21D8A0209F7DA2DB3A764F9183D2F99F834B443E8ABB184F7A4B9F63 |
| SHA-512: | DFF472C087FFB55674F68AE9A957634A693ACC2A925E0C760AE7C8012E8C0F896C61E61FECE0ABDFB79DAD4E00B497FC1C5C9C338D1E4FF5D9B99567DFDBB5C8 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2683 |
| Entropy (8bit): | 3.997463224757998 |
| Encrypted: | false |
| SSDEEP: | 48:8C2dATksvHcidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbmy+yT+:8CZvzT/TbxWOvTbmy7T |
| MD5: | 8BEB8300165B731A2514C4C0FA547CC3 |
| SHA1: | CC0478C9FE763CFA8E091FA75DB9ADA6084337F4 |
| SHA-256: | 54C74088AC6208CFC55EE150EF2AAD6B24FAE628C9DD193E970736EEB9538338 |
| SHA-512: | 62F780310B6BE912E2A26138EFB6BF7C01AEAC40ECA8B654E9D57EE4C93C36276B3D1836381E8ECB6F1055D54B39288C78E211F68C957F32E14E674A99552AC9 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2551 |
| Entropy (8bit): | 4.663625308248363 |
| Encrypted: | false |
| SSDEEP: | 48:pR/5HMZKQKODSABCVGei00fK+zHAi73iKgVn3:H/x0KQnDQVGvFfK+zmn3 |
| MD5: | 11F5E356B36166E333B76AB8B45D5F0A |
| SHA1: | 121A6193FD41FB9C83A029AF1EF2CF4DBAE8E326 |
| SHA-256: | D3C241AA77EA856244DB7F21028E922D9218A60B163A18FE0058ACC90FB43823 |
| SHA-512: | 878F28C9B00514D17F114B85053EBC839C98C0C53D18AB0DC972EBD5D0759694628B5EE88BEBB2AC482609F009D1C498812C18F7947EEA7EDF8707CDA4E2C40A |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/4e682efb4a916972a21d789dbb40461d/allowBlockConfirm?isSendToLabs=true |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 2582 |
| Entropy (8bit): | 4.681453848126074 |
| Encrypted: | false |
| SSDEEP: | 48:pR/5HMZKQKODSABCWrX0YGaNmqFV5zHD2vKZPF1sc62ncPS:H/x0KQnDQWAYGaNmqFV5zlZP/pgK |
| MD5: | EE575EB7319FE651208F4277248148D2 |
| SHA1: | 70A1AC740D39D6CD6225C463C064CF064935C98F |
| SHA-256: | BDBB122CF1609886D5E70192236935F037CD1DFA884908515C150AD614BC8E4F |
| SHA-512: | 279FCBF4087C3DCB81DF7CCDC5660CFEB7BF18CAEFFE17A52108361C51174496C6881E8C99ABBA0A7D683C8B5D0A74E7C1DD73F976492FF6E5FB7B0821FC810B |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/4e682efb4a916972a21d789dbb40461d |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1534 |
| Entropy (8bit): | 4.93940602637222 |
| Encrypted: | false |
| SSDEEP: | 24:hYj+sQsLPL8cMiwdcQo3lATTAigR2OayfUriP4OVSPDZDXcGuildfELTO6XR5jQq:Ly/MJKQKOTKgByfVgOeDZ7duildfmTOc |
| MD5: | 5FCED270DF1460E365F4330C376E4504 |
| SHA1: | D76C41CAF4BC0BDB3242582718F01DF8021C833E |
| SHA-256: | 00026D3071A5ED97B1ABBED78420D86E77407271541E5762A9333C2DDC462CAA |
| SHA-512: | 106766DBD240F7908371E5F1CF18B2EA70E57BD5BDD7C1969B867C92AE619741964DF01D35904CA76E01D242E1E86C26CEB4982C056A5098EBFFA9929715F968 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/4e682efb4a916972a21d789dbb40461d/allowBlockConfirm |
| Preview: |
⊘No static file info
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Apr 19, 2024 23:08:53.926683903 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:08:53.926697969 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:08:54.036032915 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:03.213076115 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.213170052 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.213259935 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.213696003 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.213761091 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.213829994 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.213954926 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.213989019 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.214220047 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.214255095 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.527525902 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:03.527643919 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:03.637535095 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:03.749855042 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.750211000 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.750242949 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.751121998 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.751384974 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.751425982 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.751671076 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.751741886 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.752805948 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.752912045 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.753011942 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.753021955 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.755382061 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.755553007 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.755914927 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.756369114 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.795442104 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.810878992 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.810920000 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.857908010 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.985358000 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.985385895 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.985452890 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.985589981 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.985589981 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.986546040 CEST | 49710 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:03.986588001 CEST | 443 | 49710 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.124622107 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.124674082 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.124748945 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.124936104 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.124946117 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.772017956 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.772345066 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.772365093 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.773833036 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.773890018 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.775897980 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.775979042 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.776287079 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.776303053 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.823995113 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.993597031 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.993623018 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.993669987 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.993691921 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.993743896 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.993758917 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.993758917 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:04.993804932 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.004061937 CEST | 49714 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.004086971 CEST | 443 | 49714 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.021342993 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.021461010 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.021542072 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.021981001 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.022018909 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.022085905 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.022173882 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:05.144500017 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.144541979 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.144613981 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.145277977 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.145298958 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.168358088 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.168396950 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.168451071 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.169266939 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.169282913 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.391133070 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.391417980 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.391447067 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.392900944 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.392965078 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.441665888 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.442006111 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.442064047 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.443523884 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.444063902 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.444247961 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.444264889 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.444453955 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.484375000 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.757756948 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.758205891 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.798773050 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.799500942 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.799516916 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.803394079 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.803459883 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.804214954 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.804481983 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.804518938 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.808521032 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.808533907 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.855360985 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.855369091 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.855377913 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:05.857932091 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.858092070 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.858146906 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.902251959 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:05.910444975 CEST | 49715 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:05.910507917 CEST | 443 | 49715 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.024607897 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.024636984 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.024696112 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.024714947 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.024769068 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.027786016 CEST | 49716 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.027803898 CEST | 443 | 49716 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.221892118 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.221951008 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.222086906 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.222512007 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.222546101 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.415723085 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.415796041 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.415906906 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.440896988 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.440922976 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.644298077 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.651492119 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.651549101 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.653085947 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.654447079 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.654691935 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.654905081 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.666109085 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.666191101 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.670283079 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.670294046 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.670783997 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.699328899 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:06.714940071 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.843256950 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.884123087 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.948710918 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.948942900 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.949106932 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.949106932 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.949106932 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.986953974 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.986994982 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:06.987380028 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.987894058 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:06.987907887 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.064413071 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.065948963 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.066025019 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:07.066364050 CEST | 49718 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:07.066401958 CEST | 443 | 49718 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.168056011 CEST | 49720 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:07.168090105 CEST | 443 | 49720 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.207544088 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.207613945 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:07.208800077 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:07.208817959 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.209198952 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.210298061 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:07.252130032 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.412571907 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.412724018 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.412786007 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:07.435365915 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:07.435365915 CEST | 49721 | 443 | 192.168.2.5 | 23.44.104.130 |
| Apr 19, 2024 23:09:07.435391903 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:07.435409069 CEST | 443 | 49721 | 23.44.104.130 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.197947979 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.198169947 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.199063063 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.199141979 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.199431896 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.246797085 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.246849060 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.350147009 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.350275040 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.416793108 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.416937113 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.417098999 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:15.563918114 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.564163923 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.583865881 CEST | 49717 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:09:15.583884001 CEST | 443 | 49717 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.619520903 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:15.619597912 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.619704962 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:15.626665115 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:15.626738071 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.659703970 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:15.704155922 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.843281984 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.843358994 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.843857050 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.844055891 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.844573021 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.844650984 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:15.844780922 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.980072021 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.980823040 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:15.980881929 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.981370926 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:15.982142925 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:15.982430935 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.031601906 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:16.291224003 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.291284084 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.291413069 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:16.291424036 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.291479111 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:16.314059019 CEST | 49711 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:16.314090967 CEST | 443 | 49711 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.463157892 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.463195086 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.463274956 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.464534998 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.464572906 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.464643955 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.464792967 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.464811087 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.486382961 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.486463070 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.889633894 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.891782999 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.891813040 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.892301083 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.893693924 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.893770933 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.893987894 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.903616905 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.904057980 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.904084921 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.905215979 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.905905008 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.906076908 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.929868937 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:16.940116882 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:16.972196102 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.314070940 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.314094067 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.314146996 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:17.314147949 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.314173937 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.314186096 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.314202070 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:17.314243078 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:17.317924976 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.317994118 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.318221092 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:17.318259001 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.318511963 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.318878889 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:17.320638895 CEST | 49730 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:17.320650101 CEST | 443 | 49730 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.321597099 CEST | 49731 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:17.321624041 CEST | 443 | 49731 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.347388983 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.347415924 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.347575903 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.348045111 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.348058939 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.350513935 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.350585938 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.350724936 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.351272106 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.351303101 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.765816927 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.766128063 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.766145945 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.767275095 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.767601013 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.767750025 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.767786026 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.773494959 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.773879051 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.773899078 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.774993896 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.775321960 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.775419950 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.775499105 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.808445930 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.824512959 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:17.898870945 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:17.917762995 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:17.917866945 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.917968035 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:17.918226004 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:17.918261051 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:17.940159082 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.080169916 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.080226898 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.080301046 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:18.080360889 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.080391884 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.080539942 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:18.175780058 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.175807953 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.175843954 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.175875902 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.175874949 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:18.175911903 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:18.175923109 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:18.179629087 CEST | 49733 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:18.179651022 CEST | 443 | 49733 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.181857109 CEST | 49727 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:18.181916952 CEST | 443 | 49727 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.197561026 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.197613955 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.197679043 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:18.197693110 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.198486090 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.198577881 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:18.200000048 CEST | 49732 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:18.200010061 CEST | 443 | 49732 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.225107908 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.225203037 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:18.225614071 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.225670099 CEST | 443 | 49726 | 23.1.237.91 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.225680113 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:18.225713968 CEST | 49726 | 443 | 192.168.2.5 | 23.1.237.91 |
| Apr 19, 2024 23:09:18.251873016 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:18.251909971 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.251991034 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:18.252298117 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:18.252315044 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.273324966 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.302623987 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:18.302684069 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.303155899 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.303986073 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:18.304059982 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.345138073 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:09:18.681704044 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.693655014 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:18.693722010 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.695223093 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.695971966 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:18.696149111 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:18.696161985 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.696419001 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:18.747946978 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:19.109719038 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.109805107 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.109826088 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.109883070 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:19.109919071 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.109976053 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.110030890 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.110065937 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.110080004 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:19.110080004 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:19.110080004 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:19.110119104 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:19.110711098 CEST | 49735 | 443 | 192.168.2.5 | 54.171.140.60 |
| Apr 19, 2024 23:09:19.110743999 CEST | 443 | 49735 | 54.171.140.60 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.114798069 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.114831924 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.114891052 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.115083933 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.115098000 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.549752951 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.550019026 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.550040007 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.551517010 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.551853895 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.552000046 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.552310944 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.605214119 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.981343031 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981401920 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981426954 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981463909 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981511116 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.981511116 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.981523037 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981535912 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.981553078 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981633902 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.981652021 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981702089 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.981765032 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.982137918 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.982137918 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:09:19.982153893 CEST | 443 | 49736 | 52.51.41.19 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.982251883 CEST | 49736 | 443 | 192.168.2.5 | 52.51.41.19 |
| Apr 19, 2024 23:10:03.309084892 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:10:03.309140921 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:10:05.123405933 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:05.123485088 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:05.123577118 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:05.123852015 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:05.123878956 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:05.336091995 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:05.336471081 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:05.336507082 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:05.336802959 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:05.337349892 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:05.337414980 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:05.387221098 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:15.356642008 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:15.356774092 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:15.356959105 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:15.576538086 CEST | 49739 | 443 | 192.168.2.5 | 142.250.105.103 |
| Apr 19, 2024 23:10:15.576601028 CEST | 443 | 49739 | 142.250.105.103 | 192.168.2.5 |
| Apr 19, 2024 23:10:19.576803923 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Apr 19, 2024 23:10:19.576982021 CEST | 443 | 49734 | 44.240.188.192 | 192.168.2.5 |
| Apr 19, 2024 23:10:19.577105045 CEST | 49734 | 443 | 192.168.2.5 | 44.240.188.192 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Apr 19, 2024 23:09:01.470432997 CEST | 53 | 52064 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:01.470758915 CEST | 53 | 53733 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:02.081840992 CEST | 53 | 63423 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.086338997 CEST | 57552 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:03.086931944 CEST | 59237 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:03.210541010 CEST | 53 | 57552 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:03.212471008 CEST | 53 | 59237 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.002532959 CEST | 58647 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:04.002855062 CEST | 51499 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:04.120623112 CEST | 53 | 51499 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:04.124075890 CEST | 53 | 58647 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.035229921 CEST | 56616 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:05.035653114 CEST | 57727 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:05.060688019 CEST | 61702 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:05.061203003 CEST | 51653 | 53 | 192.168.2.5 | 1.1.1.1 |
| Apr 19, 2024 23:09:05.143322945 CEST | 53 | 56616 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.143838882 CEST | 53 | 57727 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.165714025 CEST | 53 | 61702 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:05.166197062 CEST | 53 | 51653 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:19.116847992 CEST | 53 | 55370 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:09:38.117310047 CEST | 53 | 62221 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:10:00.660677910 CEST | 53 | 58774 | 1.1.1.1 | 192.168.2.5 |
| Apr 19, 2024 23:10:01.400765896 CEST | 53 | 60854 | 1.1.1.1 | 192.168.2.5 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Apr 19, 2024 23:09:03.086338997 CEST | 192.168.2.5 | 1.1.1.1 | 0xf184 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 19, 2024 23:09:03.086931944 CEST | 192.168.2.5 | 1.1.1.1 | 0x2f3b | Standard query (0) | 65 | IN (0x0001) | false | |
| Apr 19, 2024 23:09:04.002532959 CEST | 192.168.2.5 | 1.1.1.1 | 0x43a6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 19, 2024 23:09:04.002855062 CEST | 192.168.2.5 | 1.1.1.1 | 0x34a5 | Standard query (0) | 65 | IN (0x0001) | false | |
| Apr 19, 2024 23:09:05.035229921 CEST | 192.168.2.5 | 1.1.1.1 | 0x26f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 19, 2024 23:09:05.035653114 CEST | 192.168.2.5 | 1.1.1.1 | 0xa750 | Standard query (0) | 65 | IN (0x0001) | false | |
| Apr 19, 2024 23:09:05.060688019 CEST | 192.168.2.5 | 1.1.1.1 | 0x20f4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Apr 19, 2024 23:09:05.061203003 CEST | 192.168.2.5 | 1.1.1.1 | 0x8c87 | Standard query (0) | 65 | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Apr 19, 2024 23:09:03.210541010 CEST | 1.1.1.1 | 192.168.2.5 | 0xf184 | No error (0) | mail-spinnaker-1148880338.us-west-2.elb.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:03.210541010 CEST | 1.1.1.1 | 192.168.2.5 | 0xf184 | No error (0) | 44.240.188.192 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:03.210541010 CEST | 1.1.1.1 | 192.168.2.5 | 0xf184 | No error (0) | 54.187.126.227 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:03.210541010 CEST | 1.1.1.1 | 192.168.2.5 | 0xf184 | No error (0) | 54.149.22.143 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:03.212471008 CEST | 1.1.1.1 | 192.168.2.5 | 0x2f3b | No error (0) | mail-spinnaker-1148880338.us-west-2.elb.amazonaws.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:04.124075890 CEST | 1.1.1.1 | 192.168.2.5 | 0x43a6 | No error (0) | 54.171.140.60 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:04.124075890 CEST | 1.1.1.1 | 192.168.2.5 | 0x43a6 | No error (0) | 54.154.82.165 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:04.124075890 CEST | 1.1.1.1 | 192.168.2.5 | 0x43a6 | No error (0) | 52.51.41.19 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.143322945 CEST | 1.1.1.1 | 192.168.2.5 | 0x26f3 | No error (0) | 52.51.41.19 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.143322945 CEST | 1.1.1.1 | 192.168.2.5 | 0x26f3 | No error (0) | 54.154.82.165 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.143322945 CEST | 1.1.1.1 | 192.168.2.5 | 0x26f3 | No error (0) | 54.171.140.60 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.165714025 CEST | 1.1.1.1 | 192.168.2.5 | 0x20f4 | No error (0) | 142.250.105.103 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.165714025 CEST | 1.1.1.1 | 192.168.2.5 | 0x20f4 | No error (0) | 142.250.105.105 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.165714025 CEST | 1.1.1.1 | 192.168.2.5 | 0x20f4 | No error (0) | 142.250.105.147 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.165714025 CEST | 1.1.1.1 | 192.168.2.5 | 0x20f4 | No error (0) | 142.250.105.106 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.165714025 CEST | 1.1.1.1 | 192.168.2.5 | 0x20f4 | No error (0) | 142.250.105.99 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.165714025 CEST | 1.1.1.1 | 192.168.2.5 | 0x20f4 | No error (0) | 142.250.105.104 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:05.166197062 CEST | 1.1.1.1 | 192.168.2.5 | 0x8c87 | No error (0) | 65 | IN (0x0001) | false | |||
| Apr 19, 2024 23:09:14.699743032 CEST | 1.1.1.1 | 192.168.2.5 | 0x298b | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:14.699743032 CEST | 1.1.1.1 | 192.168.2.5 | 0x298b | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:15.081643105 CEST | 1.1.1.1 | 192.168.2.5 | 0x7803 | No error (0) | 69.164.42.0 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:53.195636988 CEST | 1.1.1.1 | 192.168.2.5 | 0x6aab | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
| Apr 19, 2024 23:09:53.195636988 CEST | 1.1.1.1 | 192.168.2.5 | 0x6aab | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.5 | 49710 | 44.240.188.192 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:03 UTC | 754 | OUT | |
| 2024-04-19 21:09:03 UTC | 247 | IN | |
| 2024-04-19 21:09:03 UTC | 2582 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.5 | 49714 | 54.171.140.60 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:04 UTC | 623 | OUT | |
| 2024-04-19 21:09:04 UTC | 663 | IN | |
| 2024-04-19 21:09:04 UTC | 4346 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.5 | 49715 | 54.171.140.60 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:05 UTC | 692 | OUT | |
| 2024-04-19 21:09:05 UTC | 537 | IN | |
| 2024-04-19 21:09:05 UTC | 1406 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.5 | 49716 | 52.51.41.19 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:05 UTC | 421 | OUT | |
| 2024-04-19 21:09:06 UTC | 534 | IN | |
| 2024-04-19 21:09:06 UTC | 4346 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.5 | 49718 | 52.51.41.19 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:06 UTC | 424 | OUT | |
| 2024-04-19 21:09:07 UTC | 537 | IN | |
| 2024-04-19 21:09:07 UTC | 1406 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.5 | 49720 | 23.44.104.130 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:06 UTC | 161 | OUT | |
| 2024-04-19 21:09:06 UTC | 467 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.5 | 49721 | 23.44.104.130 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:07 UTC | 239 | OUT | |
| 2024-04-19 21:09:07 UTC | 531 | IN | |
| 2024-04-19 21:09:07 UTC | 55 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 7 | 192.168.2.5 | 49711 | 44.240.188.192 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:15 UTC | 881 | OUT | |
| 2024-04-19 21:09:16 UTC | 247 | IN | |
| 2024-04-19 21:09:16 UTC | 2551 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 8 | 192.168.2.5 | 49726 | 23.1.237.91 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:15 UTC | 2148 | OUT | |
| 2024-04-19 21:09:15 UTC | 1 | OUT | |
| 2024-04-19 21:09:15 UTC | 2483 | OUT | |
| 2024-04-19 21:09:18 UTC | 480 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 9 | 192.168.2.5 | 49730 | 54.171.140.60 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:16 UTC | 689 | OUT | |
| 2024-04-19 21:09:17 UTC | 534 | IN | |
| 2024-04-19 21:09:17 UTC | 4346 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 10 | 192.168.2.5 | 49731 | 54.171.140.60 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:16 UTC | 697 | OUT | |
| 2024-04-19 21:09:17 UTC | 534 | IN | |
| 2024-04-19 21:09:17 UTC | 4709 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 11 | 192.168.2.5 | 49733 | 52.51.41.19 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:17 UTC | 421 | OUT | |
| 2024-04-19 21:09:18 UTC | 534 | IN | |
| 2024-04-19 21:09:18 UTC | 4346 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 12 | 192.168.2.5 | 49732 | 52.51.41.19 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:17 UTC | 429 | OUT | |
| 2024-04-19 21:09:18 UTC | 534 | IN | |
| 2024-04-19 21:09:18 UTC | 4709 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 13 | 192.168.2.5 | 49727 | 44.240.188.192 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:17 UTC | 863 | OUT | |
| 2024-04-19 21:09:18 UTC | 150 | IN | |
| 2024-04-19 21:09:18 UTC | 1534 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 14 | 192.168.2.5 | 49735 | 54.171.140.60 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:18 UTC | 699 | OUT | |
| 2024-04-19 21:09:19 UTC | 534 | IN | |
| 2024-04-19 21:09:19 UTC | 8843 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 15 | 192.168.2.5 | 49736 | 52.51.41.19 | 443 | 2000 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-04-19 21:09:19 UTC | 431 | OUT | |
| 2024-04-19 21:09:19 UTC | 534 | IN | |
| 2024-04-19 21:09:19 UTC | 8843 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
| Target ID: | 0 |
| Start time: | 23:08:55 |
| Start date: | 19/04/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715980000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | false |
| Target ID: | 2 |
| Start time: | 23:08:59 |
| Start date: | 19/04/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715980000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | false |
| Target ID: | 3 |
| Start time: | 23:09:02 |
| Start date: | 19/04/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715980000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | true |
⊘No disassembly