Windows
Analysis Report
http://d1lfch1kat8a9g.cloudfront.net
Overview
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 6248 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 4368 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2108 --fi eld-trial- handle=187 2,i,281383 6013340844 784,136173 7100984135 466,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- chrome.exe (PID: 5040 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://d1lfch 1kat8a9g.c loudfront. net" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 74.125.136.103 | true | false | high | |
d1lfch1kat8a9g.cloudfront.net | 54.230.139.92 | true | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
54.230.139.92 | d1lfch1kat8a9g.cloudfront.net | United States | 16509 | AMAZON-02US | false | |
74.125.136.103 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.16 |
192.168.2.6 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430397 |
Start date and time: | 2024-04-23 16:04:38 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 25s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://d1lfch1kat8a9g.cloudfront.net |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 8 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@17/4@6/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.215.94, 142.250.105.139, 142.250.105.100, 142.250.105.101, 142.250.105.138, 142.250.105.102, 142.250.105.113, 172.253.124.84, 34.104.35.123, 40.127.169.103, 13.85.23.206, 40.68.123.157, 23.207.202.19, 23.207.202.24, 23.207.202.6, 23.207.202.8, 23.207.202.12, 23.207.202.15, 23.207.202.18, 23.207.202.14, 23.207.202.16, 142.250.105.94
- Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: http://d1lfch1kat8a9g.cloudfront.net
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 146 |
Entropy (8bit): | 4.840658488077 |
Encrypted: | false |
SSDEEP: | 3:vFWWMNHU8LdgCfIqZj+Rfc0jAbWWUTkKFOXckAmSb3FS9KgqLn:TMVBd/IqZjKXjLWae/oRjg6n |
MD5: | 40A481F43CA93BBBDD18621B439EA397 |
SHA1: | 14D3E0410423ED5F02262322C8296F509DCF4661 |
SHA-256: | 95769EB326E23B8CD1B7A9B82D884A713A9724F49B2794AC5B967D8CD706DE83 |
SHA-512: | 19701AD4A5157A503BBEF4B2A654FD37830704CF6BCA1DBE58A6B7946D6ABAC490CD1747AD8332C297CD6A446655B1F01740F4FDC0D10194ACA7CB349B7E14BA |
Malicious: | false |
Reputation: | low |
URL: | https://d1lfch1kat8a9g.cloudfront.net/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 146 |
Entropy (8bit): | 4.840658488077 |
Encrypted: | false |
SSDEEP: | 3:vFWWMNHU8LdgCfIqZj+Rfc0jAbWWUTkKFOXckAmSb3FS9KgqLn:TMVBd/IqZjKXjLWae/oRjg6n |
MD5: | 40A481F43CA93BBBDD18621B439EA397 |
SHA1: | 14D3E0410423ED5F02262322C8296F509DCF4661 |
SHA-256: | 95769EB326E23B8CD1B7A9B82D884A713A9724F49B2794AC5B967D8CD706DE83 |
SHA-512: | 19701AD4A5157A503BBEF4B2A654FD37830704CF6BCA1DBE58A6B7946D6ABAC490CD1747AD8332C297CD6A446655B1F01740F4FDC0D10194ACA7CB349B7E14BA |
Malicious: | false |
Reputation: | low |
URL: | https://d1lfch1kat8a9g.cloudfront.net/ |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 23, 2024 16:05:24.759110928 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:24.759125948 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:25.055876017 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:33.299274921 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.299330950 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.299411058 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.300143003 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.300158978 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.684711933 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.684875965 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.691656113 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.691682100 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.692132950 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.695017099 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.695082903 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.695090055 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.695235968 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.736129999 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.817158937 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.817264080 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:33.817378998 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.817720890 CEST | 49720 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:33.817737103 CEST | 443 | 49720 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:34.369716883 CEST | 49721 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.372170925 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:34.372172117 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:34.437985897 CEST | 49722 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.474008083 CEST | 80 | 49721 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.474081039 CEST | 49721 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.474848032 CEST | 49721 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.542422056 CEST | 80 | 49722 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.542496920 CEST | 49722 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.579138041 CEST | 80 | 49721 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.579408884 CEST | 80 | 49721 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.622967005 CEST | 49721 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.663141012 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:34.734740973 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.734797955 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.734867096 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.735827923 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.735853910 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.957621098 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.958354950 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.958389044 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.960041046 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.960119963 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.973153114 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.973263025 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:34.974186897 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:34.974217892 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:35.024236917 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:35.159487009 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:35.159604073 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:35.159971952 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:35.160398006 CEST | 49723 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:35.160432100 CEST | 443 | 49723 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:35.868976116 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:35.869026899 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:35.869225979 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:35.887713909 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:35.887742043 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.061623096 CEST | 443 | 49706 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:36.061748981 CEST | 49706 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:36.104202986 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.121299982 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:36.121335030 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.121969938 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.122597933 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:36.122684002 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.123101950 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:36.164149046 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.292671919 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.292711973 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:36.292800903 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.293380976 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.293394089 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:36.312432051 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.312515020 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.312562943 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:36.316777945 CEST | 49725 | 443 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:05:36.316787004 CEST | 443 | 49725 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:05:36.512017965 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:36.512294054 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.512311935 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:36.513358116 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:36.513430119 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.516791105 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.516865015 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:36.569371939 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.569390059 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:36.616250992 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:36.996783972 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:36.996834040 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:36.996908903 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:36.998758078 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:36.998774052 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.247689009 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.248486042 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.256171942 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.256200075 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.256563902 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.304202080 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.351705074 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.392118931 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.469032049 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.469208002 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.470540047 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.580910921 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.580961943 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.581000090 CEST | 49727 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.581016064 CEST | 443 | 49727 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.641967058 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.642024040 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.642098904 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.642606020 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.642623901 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.891702890 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.891813040 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.894140959 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.894151926 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.894407988 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:37.896430016 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:37.940126896 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:38.125221968 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:38.125401974 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:38.125469923 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:38.149851084 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:38.149851084 CEST | 49728 | 443 | 192.168.2.6 | 23.221.242.90 |
Apr 23, 2024 16:05:38.149923086 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:38.149933100 CEST | 443 | 49728 | 23.221.242.90 | 192.168.2.6 |
Apr 23, 2024 16:05:40.316206932 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:40.316248894 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:40.316472054 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:40.317361116 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:40.317373991 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:40.698463917 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:40.698597908 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:40.978920937 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:40.978956938 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:40.979463100 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:40.988909960 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:40.989025116 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:40.989037991 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:40.989211082 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:41.032140017 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:41.111128092 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:41.111264944 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:41.111346960 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:41.111597061 CEST | 49729 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:41.111633062 CEST | 443 | 49729 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:46.509032965 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:46.509120941 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:46.509269953 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:46.585073948 CEST | 49726 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:05:46.585107088 CEST | 443 | 49726 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:05:46.709856033 CEST | 49706 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:46.711139917 CEST | 49706 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:46.715827942 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:46.715858936 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:46.715925932 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:46.757397890 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:46.757426977 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:46.862201929 CEST | 443 | 49706 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:46.863445044 CEST | 443 | 49706 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.071146965 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.071235895 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.178675890 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.178709030 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.179090023 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.179277897 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.181822062 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.181858063 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.183532000 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.224117041 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.451406002 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.451498032 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.451972008 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.452020884 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.452217102 CEST | 443 | 49731 | 173.222.162.64 | 192.168.2.6 |
Apr 23, 2024 16:05:47.452270031 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:47.452291012 CEST | 49731 | 443 | 192.168.2.6 | 173.222.162.64 |
Apr 23, 2024 16:05:50.846390009 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:50.846427917 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:50.846504927 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:50.847220898 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:50.847234011 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.219748020 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.219820023 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:51.221792936 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:51.221798897 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.222038031 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.224140882 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:51.224241972 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:51.224247932 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.224392891 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:51.268137932 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.346482038 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.346689939 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:05:51.346757889 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:51.346934080 CEST | 49732 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:05:51.346950054 CEST | 443 | 49732 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:04.610506058 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:04.610563993 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:04.610877037 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:04.611511946 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:04.611526012 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:04.647387028 CEST | 80 | 49722 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:06:04.647454023 CEST | 49722 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:06:04.983510971 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:04.983583927 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:04.985821962 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:04.985831976 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:04.986109972 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:04.988203049 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:04.988322020 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:04.988326073 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:04.988492966 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:05.036118984 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:05.110816002 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:05.110902071 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:05.111090899 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:05.111246109 CEST | 49733 | 443 | 192.168.2.6 | 52.159.127.243 |
Apr 23, 2024 16:06:05.111258984 CEST | 443 | 49733 | 52.159.127.243 | 192.168.2.6 |
Apr 23, 2024 16:06:06.172842979 CEST | 49722 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:06:06.277076006 CEST | 80 | 49722 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:06:19.590950966 CEST | 49721 | 80 | 192.168.2.6 | 54.230.139.92 |
Apr 23, 2024 16:06:19.695173025 CEST | 80 | 49721 | 54.230.139.92 | 192.168.2.6 |
Apr 23, 2024 16:06:25.733937979 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:25.734000921 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:25.734106064 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:25.734982014 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:25.735013008 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.108299971 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.108390093 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:26.114300966 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:26.114312887 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.114577055 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.119541883 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:26.119858027 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:26.119864941 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.120338917 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:26.164159060 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.242130995 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.242217064 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:26.242304087 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:26.243036985 CEST | 49736 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:26.243077993 CEST | 443 | 49736 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:36.256386995 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:36.256417990 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:36.256573915 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:36.256767988 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:36.256784916 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:36.475135088 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:36.519753933 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:36.519783974 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:36.521223068 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:36.521908998 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:36.522097111 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:36.570822954 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:46.481995106 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:46.482084990 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:46.482129097 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:48.119287014 CEST | 49738 | 443 | 192.168.2.6 | 74.125.136.103 |
Apr 23, 2024 16:06:48.119321108 CEST | 443 | 49738 | 74.125.136.103 | 192.168.2.6 |
Apr 23, 2024 16:06:55.173528910 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.173578024 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.173832893 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.174710035 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.174724102 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.546952009 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.547041893 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.549319029 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.549330950 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.551624060 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.553647995 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.553698063 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.553703070 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.553844929 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.596124887 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.676294088 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.676387072 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Apr 23, 2024 16:06:55.676448107 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.676687002 CEST | 49739 | 443 | 192.168.2.6 | 20.25.241.18 |
Apr 23, 2024 16:06:55.676697969 CEST | 443 | 49739 | 20.25.241.18 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 23, 2024 16:05:31.765044928 CEST | 53 | 51623 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:31.950804949 CEST | 53 | 65283 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:32.555248022 CEST | 53 | 57317 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:34.259398937 CEST | 57734 | 53 | 192.168.2.6 | 1.1.1.1 |
Apr 23, 2024 16:05:34.262432098 CEST | 53095 | 53 | 192.168.2.6 | 1.1.1.1 |
Apr 23, 2024 16:05:34.364898920 CEST | 53 | 57734 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:34.368470907 CEST | 53 | 53095 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:34.605751038 CEST | 59396 | 53 | 192.168.2.6 | 1.1.1.1 |
Apr 23, 2024 16:05:34.605894089 CEST | 52454 | 53 | 192.168.2.6 | 1.1.1.1 |
Apr 23, 2024 16:05:34.711544991 CEST | 53 | 52454 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:34.713277102 CEST | 53 | 59396 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:36.185327053 CEST | 52727 | 53 | 192.168.2.6 | 1.1.1.1 |
Apr 23, 2024 16:05:36.185733080 CEST | 52705 | 53 | 192.168.2.6 | 1.1.1.1 |
Apr 23, 2024 16:05:36.290227890 CEST | 53 | 52727 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:36.290596008 CEST | 53 | 52705 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:05:49.824812889 CEST | 53 | 49560 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:06:08.980554104 CEST | 53 | 53013 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:06:31.745595932 CEST | 53 | 60769 | 1.1.1.1 | 192.168.2.6 |
Apr 23, 2024 16:06:32.275032997 CEST | 53 | 52975 | 1.1.1.1 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 23, 2024 16:05:34.259398937 CEST | 192.168.2.6 | 1.1.1.1 | 0xb978 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 16:05:34.262432098 CEST | 192.168.2.6 | 1.1.1.1 | 0xcb2c | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 23, 2024 16:05:34.605751038 CEST | 192.168.2.6 | 1.1.1.1 | 0x2530 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 16:05:34.605894089 CEST | 192.168.2.6 | 1.1.1.1 | 0x391a | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 23, 2024 16:05:36.185327053 CEST | 192.168.2.6 | 1.1.1.1 | 0x46f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 16:05:36.185733080 CEST | 192.168.2.6 | 1.1.1.1 | 0x50cc | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 23, 2024 16:05:34.364898920 CEST | 1.1.1.1 | 192.168.2.6 | 0xb978 | No error (0) | 54.230.139.92 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:34.364898920 CEST | 1.1.1.1 | 192.168.2.6 | 0xb978 | No error (0) | 54.230.139.109 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:34.364898920 CEST | 1.1.1.1 | 192.168.2.6 | 0xb978 | No error (0) | 54.230.139.63 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:34.364898920 CEST | 1.1.1.1 | 192.168.2.6 | 0xb978 | No error (0) | 54.230.139.136 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:34.713277102 CEST | 1.1.1.1 | 192.168.2.6 | 0x2530 | No error (0) | 54.230.139.92 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:34.713277102 CEST | 1.1.1.1 | 192.168.2.6 | 0x2530 | No error (0) | 54.230.139.136 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:34.713277102 CEST | 1.1.1.1 | 192.168.2.6 | 0x2530 | No error (0) | 54.230.139.63 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:34.713277102 CEST | 1.1.1.1 | 192.168.2.6 | 0x2530 | No error (0) | 54.230.139.109 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:36.290227890 CEST | 1.1.1.1 | 192.168.2.6 | 0x46f3 | No error (0) | 74.125.136.103 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:36.290227890 CEST | 1.1.1.1 | 192.168.2.6 | 0x46f3 | No error (0) | 74.125.136.104 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:36.290227890 CEST | 1.1.1.1 | 192.168.2.6 | 0x46f3 | No error (0) | 74.125.136.105 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:36.290227890 CEST | 1.1.1.1 | 192.168.2.6 | 0x46f3 | No error (0) | 74.125.136.106 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:36.290227890 CEST | 1.1.1.1 | 192.168.2.6 | 0x46f3 | No error (0) | 74.125.136.147 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:36.290227890 CEST | 1.1.1.1 | 192.168.2.6 | 0x46f3 | No error (0) | 74.125.136.99 | A (IP address) | IN (0x0001) | false | ||
Apr 23, 2024 16:05:36.290596008 CEST | 1.1.1.1 | 192.168.2.6 | 0x50cc | No error (0) | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.6 | 49721 | 54.230.139.92 | 80 | 4368 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Apr 23, 2024 16:05:34.474848032 CEST | 444 | OUT | |
Apr 23, 2024 16:05:34.579408884 CEST | 593 | IN | |
Apr 23, 2024 16:06:19.590950966 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
0 | 192.168.2.6 | 49720 | 52.159.127.243 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:33 UTC | 71 | OUT | |
2024-04-23 14:05:33 UTC | 249 | OUT | |
2024-04-23 14:05:33 UTC | 1076 | OUT | |
2024-04-23 14:05:33 UTC | 218 | OUT | |
2024-04-23 14:05:33 UTC | 14 | IN | |
2024-04-23 14:05:33 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49723 | 54.230.139.92 | 443 | 4368 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:34 UTC | 672 | OUT | |
2024-04-23 14:05:35 UTC | 359 | IN | |
2024-04-23 14:05:35 UTC | 146 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.6 | 49725 | 54.230.139.92 | 443 | 4368 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:36 UTC | 614 | OUT | |
2024-04-23 14:05:36 UTC | 359 | IN | |
2024-04-23 14:05:36 UTC | 146 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.6 | 49727 | 23.221.242.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:37 UTC | 161 | OUT | |
2024-04-23 14:05:37 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.6 | 49728 | 23.221.242.90 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:37 UTC | 239 | OUT | |
2024-04-23 14:05:38 UTC | 773 | IN | |
2024-04-23 14:05:38 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
5 | 192.168.2.6 | 49729 | 52.159.127.243 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:40 UTC | 71 | OUT | |
2024-04-23 14:05:40 UTC | 249 | OUT | |
2024-04-23 14:05:40 UTC | 1076 | OUT | |
2024-04-23 14:05:40 UTC | 218 | OUT | |
2024-04-23 14:05:41 UTC | 14 | IN | |
2024-04-23 14:05:41 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
6 | 192.168.2.6 | 49731 | 173.222.162.64 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:47 UTC | 2256 | OUT | |
2024-04-23 14:05:47 UTC | 1 | OUT | |
2024-04-23 14:05:47 UTC | 515 | OUT | |
2024-04-23 14:05:47 UTC | 480 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
7 | 192.168.2.6 | 49732 | 52.159.127.243 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:05:51 UTC | 71 | OUT | |
2024-04-23 14:05:51 UTC | 249 | OUT | |
2024-04-23 14:05:51 UTC | 1076 | OUT | |
2024-04-23 14:05:51 UTC | 218 | OUT | |
2024-04-23 14:05:51 UTC | 14 | IN | |
2024-04-23 14:05:51 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
8 | 192.168.2.6 | 49733 | 52.159.127.243 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:06:04 UTC | 71 | OUT | |
2024-04-23 14:06:04 UTC | 249 | OUT | |
2024-04-23 14:06:04 UTC | 1076 | OUT | |
2024-04-23 14:06:04 UTC | 218 | OUT | |
2024-04-23 14:06:05 UTC | 14 | IN | |
2024-04-23 14:06:05 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
9 | 192.168.2.6 | 49736 | 20.25.241.18 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:06:26 UTC | 71 | OUT | |
2024-04-23 14:06:26 UTC | 249 | OUT | |
2024-04-23 14:06:26 UTC | 1076 | OUT | |
2024-04-23 14:06:26 UTC | 218 | OUT | |
2024-04-23 14:06:26 UTC | 14 | IN | |
2024-04-23 14:06:26 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
10 | 192.168.2.6 | 49739 | 20.25.241.18 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-23 14:06:55 UTC | 71 | OUT | |
2024-04-23 14:06:55 UTC | 249 | OUT | |
2024-04-23 14:06:55 UTC | 1076 | OUT | |
2024-04-23 14:06:55 UTC | 218 | OUT | |
2024-04-23 14:06:55 UTC | 14 | IN | |
2024-04-23 14:06:55 UTC | 58 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 16:05:25 |
Start date: | 23/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 16:05:29 |
Start date: | 23/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 16:05:32 |
Start date: | 23/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |