Windows
Analysis Report
https://ia.51.la/go1?id=21661303&rt=1714051081993&rl=1366*768&lang=fr-fr&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1714051081993&tt=desenfumage%20cage%20esuserer%20-%20outlets.shopsale2024deals.com&kw=&cu=https://outlets.shopsale2024deals.com/category?name=desenfumage%20cage%20esuserer
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 6156 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// ia.51.la/g o1?id=2166 1303&rt=17 1405108199 3&rl=1366* 768&lang=f r-fr&ct=un know&pf=1& ins=1&vd=1 &ce=1&cd=2 4&ds=&ing= 1&ekc=&sid =171405108 1993&tt=de senfumage% 20cage%20e suserer%20 -%20outlet s.shopsale 2024deals. com&kw=&cu =https://o utlets.sho psale2024d eals.com/c ategory?na me=desenfu mage%20cag e%20esuser er&pu=http s://fukuok a-ken-ken. co.jp/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6320 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2212 --fi eld-trial- handle=196 8,i,557554 8080990406 021,175911 6793216204 7221,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
2% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
z70hl14r9u8cmv78.aliyunddos1030.com | 203.107.86.226 | true | false | unknown | |
www.google.com | 108.177.122.104 | true | false | high | |
ia.51.la | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
203.107.86.226 | z70hl14r9u8cmv78.aliyunddos1030.com | China | 45102 | CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC | false | |
108.177.122.104 | www.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.17 |
192.168.2.16 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431664 |
Start date and time: | 2024-04-25 15:45:25 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 28s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://ia.51.la/go1?id=21661303&rt=1714051081993&rl=1366*768&lang=fr-fr&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1714051081993&tt=desenfumage%20cage%20esuserer%20-%20outlets.shopsale2024deals.com&kw=&cu=https://outlets.shopsale2024deals.com/category?name=desenfumage%20cage%20esuserer&pu=https://fukuoka-ken-ken.co.jp/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 14 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@17/9@8/5 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.105.94, 64.233.177.102, 64.233.177.113, 64.233.177.138, 64.233.177.100, 64.233.177.101, 64.233.177.139, 74.125.138.84, 34.104.35.123, 173.194.219.94, 64.233.176.101, 64.233.176.102, 64.233.176.139, 64.233.176.100, 64.233.176.138, 64.233.176.113
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, www.gstatic.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.985595582020149 |
Encrypted: | false |
SSDEEP: | 48:8VdgQTA0xb8HqidAKZdA1FehwiZUklqehvy+3:8YQEYb58y |
MD5: | E31D8F52212166D2BA34E2D800772CE8 |
SHA1: | 5D12A477F52E804EFDA9B81FD4226C4BC52C3147 |
SHA-256: | B7DFEBFBD20097F15CC4A7BA4F1C9B7699599EA162CA4095D38B28D2C3804124 |
SHA-512: | B1C44F16A78A499FA19CB0DD4065DA453340971C3A876A02321E83E1AE27D745A81747B4DE10F6A1F15BDE2B0461263CD67877FA599C91C00B63FA2B9FE22200 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 4.001548046719126 |
Encrypted: | false |
SSDEEP: | 48:8tdgQTA0xb8HqidAKZdA1seh/iZUkAQkqehsy+2:8AQEYbP9Qdy |
MD5: | AAD5D18FA09EF005F1B9468A1DC9E735 |
SHA1: | E5727479FE60255CB4B4546819299EC1CCD414A1 |
SHA-256: | DD5A7571E5859C16B66D8FD85209A03F3109B4A6C904DA17330CD0B5B18C537C |
SHA-512: | B6E0502807BFE9A983AF87B0974A17FA920A63E397B39D3723BE53211E80FCBF4AF5E939F2AD8A53BCAE801CBDCE9F9FED1B11778EB98C90B2E276C31CF2B7A5 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.0112904772044695 |
Encrypted: | false |
SSDEEP: | 48:8pdgQTA0xbAHqidAKZdA14meh7sFiZUkmgqeh7sCy+BX:8MQEYbPn4y |
MD5: | C2F8C727B35805BCC9620B59F28587D9 |
SHA1: | 617C9CEDDFDF29FD45F424C1EE6FE120C345B0C8 |
SHA-256: | A4E1D6C1205D0ACF8C537B1CCA5C14B858D2EAC523F12D14E71AAE8ABE133E5B |
SHA-512: | E29883A6DAABCFD6480E257F7E26ADF8FA0EAB822B885EB1387A408FE9916051C7F732DA66420F55002C2B3B4A04B4DE499E79440E2EE068CE352A7875510092 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9997041829810076 |
Encrypted: | false |
SSDEEP: | 48:8UdgQTA0xb8HqidAKZdA1TehDiZUkwqehQy+R:8lQEYb86y |
MD5: | F7262204C462BCCB78EAE3BAAC6DDF7B |
SHA1: | F5BA231FBDAAC4519A618B1FD20B04F82DF8B4E6 |
SHA-256: | 08D8C9510BF2EBD7D0D8AB285FCE4C45497FBF54F1F7FBE2AA353F0FE7A5B398 |
SHA-512: | 246CA3D88C83ACE0B8CADBC54E32712EA331CAAB80321F5DE47F0559E6E5E28934BC46C92BB9F3F9B22BF8DAF8869F53B0F6D9A657E2401202C368A54B65CD92 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9898329221654203 |
Encrypted: | false |
SSDEEP: | 48:8/PdgQTA0xb8HqidAKZdA1dehBiZUk1W1qeh+y+C:8/SQEYbs9ey |
MD5: | 03655C9E22BE3D33A6830F3C58BC3F81 |
SHA1: | CBE288498B754C961783CD4C0A6B170F215F4DA8 |
SHA-256: | 8D6724F6F91B5B10B83176306C59AB2D2C979DA68B3FAF8731FF21AC285A3F02 |
SHA-512: | F0D8BD7DB3BC63253246531CD7C3E8DB4ABAF2FC6C7201276A45FABF033896628F7FE01D823DC744B9447CDA7DCC9EEF7987E8A20AAF5038C8D8FA21C024F1E9 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.000491174584451 |
Encrypted: | false |
SSDEEP: | 48:8TdgQTA0xb8HqidAKZdA1duTeehOuTbbiZUk5OjqehOuTb4y+yT+:8GQEYbeTfTbxWOvTb4y7T |
MD5: | 5F394A53246F082B66CA56A430DD2E29 |
SHA1: | D7D93AF10A8B403BBE513625275F9C4A0AA390FC |
SHA-256: | 3B7F40B8E193C98ACA2D338CC6C8CB2D9846F16186F418636D56172722721DD3 |
SHA-512: | 1CEE18F762D262DD15E7EC1ACEC34446CFF2C6EFCECD8465B3DAF1F6B622E66F6F017538366BCB90A5D491EB586F27E451E92C2662806FEA82455507EB394287 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 946 |
Entropy (8bit): | 4.980676180830287 |
Encrypted: | false |
SSDEEP: | 24:WIkNA/y/TXGdH8N1MgZGuMMMgRMMMMMgBnGkNF:rpq/mHngZGuMMMgRMMMMMgdGm |
MD5: | 0488FACA4C19046B94D07C3EE83CF9D6 |
SHA1: | 02FB8C5E4C3D113F310651A4D021AECC68F79D54 |
SHA-256: | A3FE67E3549FDBC5819762B43C7EFD93B1CAEA734F87A33C909A4E4B2BA4E32B |
SHA-512: | 8880C835D65112CC4CB4DF4167BD77B504E7427B63962127A7EFC4C1229D691B76DCC62E25B1A15AA5CFF127A353260DEEAB475FB731AA3CAB6BDC46868E7C9E |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 946 |
Entropy (8bit): | 4.980676180830287 |
Encrypted: | false |
SSDEEP: | 24:WIkNA/y/TXGdH8N1MgZGuMMMgRMMMMMgBnGkNF:rpq/mHngZGuMMMgRMMMMMgdGm |
MD5: | 0488FACA4C19046B94D07C3EE83CF9D6 |
SHA1: | 02FB8C5E4C3D113F310651A4D021AECC68F79D54 |
SHA-256: | A3FE67E3549FDBC5819762B43C7EFD93B1CAEA734F87A33C909A4E4B2BA4E32B |
SHA-512: | 8880C835D65112CC4CB4DF4167BD77B504E7427B63962127A7EFC4C1229D691B76DCC62E25B1A15AA5CFF127A353260DEEAB475FB731AA3CAB6BDC46868E7C9E |
Malicious: | false |
Reputation: | low |
URL: | https://ia.51.la/favicon.ico |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 25, 2024 15:45:55.989533901 CEST | 49707 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:45:55.989572048 CEST | 443 | 49707 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:45:55.989674091 CEST | 49707 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:45:55.990134001 CEST | 49707 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:45:55.990149021 CEST | 443 | 49707 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:45:55.990458012 CEST | 49708 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:45:55.990524054 CEST | 443 | 49708 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:45:55.992188931 CEST | 49708 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:45:55.992391109 CEST | 49708 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:45:55.992428064 CEST | 443 | 49708 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:45:58.297478914 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 25, 2024 15:45:58.599024057 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 25, 2024 15:45:59.203990936 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 25, 2024 15:46:00.417020082 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 25, 2024 15:46:00.683357954 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:00.683409929 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:00.683509111 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:00.683739901 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:00.683762074 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:00.926078081 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:00.926345110 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:00.926367998 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:00.927829027 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:00.927925110 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:00.929003954 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:00.929089069 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:00.975011110 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:00.975029945 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:01.023010015 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:02.828074932 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 25, 2024 15:46:03.966314077 CEST | 49690 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:04.636367083 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:04.636401892 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:04.636687040 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:04.638489008 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:04.638500929 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:04.876411915 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:04.876499891 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:04.879261971 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:04.879271984 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:04.879760027 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:04.918416023 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:04.960134983 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.087898016 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.088047028 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.088112116 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.088155031 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.088174105 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.088174105 CEST | 49714 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.088182926 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.088188887 CEST | 443 | 49714 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.117795944 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.117834091 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.117914915 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.118175030 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.118189096 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.344284058 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.344398975 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.345549107 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.345561981 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.345920086 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.347394943 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.388123035 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.626343012 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.626424074 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.627283096 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.627355099 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.627376080 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:05.627387047 CEST | 49715 | 443 | 192.168.2.16 | 23.54.200.130 |
Apr 25, 2024 15:46:05.627393007 CEST | 443 | 49715 | 23.54.200.130 | 192.168.2.16 |
Apr 25, 2024 15:46:06.454416037 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 25, 2024 15:46:06.755987883 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 25, 2024 15:46:07.349764109 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:07.349858046 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:07.349962950 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:07.351392031 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:07.351429939 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:07.360977888 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 25, 2024 15:46:07.631978035 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 25, 2024 15:46:08.005310059 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.005404949 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.007915974 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.007946014 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.008459091 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.048005104 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.071623087 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.116134882 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.573992014 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 25, 2024 15:46:08.629342079 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629373074 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629384995 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629404068 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629467964 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629468918 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.629549980 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629592896 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.629616976 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.629616976 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629637003 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629702091 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.629718065 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629738092 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.629848003 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.640423059 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.640477896 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:08.640508890 CEST | 49716 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:08.640522957 CEST | 443 | 49716 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:10.916183949 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:10.916353941 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:10.916419983 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:10.923214912 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:10.985971928 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 25, 2024 15:46:11.226007938 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:11.832937002 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:11.962025881 CEST | 49712 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:46:11.962070942 CEST | 443 | 49712 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:46:13.046006918 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:15.456944942 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:15.792932034 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 25, 2024 15:46:17.244035959 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
Apr 25, 2024 15:46:20.260759115 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:25.404918909 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
Apr 25, 2024 15:46:25.993088007 CEST | 49708 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:25.993093967 CEST | 49707 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:26.040132999 CEST | 443 | 49707 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:26.040158033 CEST | 443 | 49708 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:27.029658079 CEST | 49718 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:27.029681921 CEST | 443 | 49718 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:27.029752016 CEST | 49718 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:27.030013084 CEST | 49719 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:27.030047894 CEST | 443 | 49719 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:27.030108929 CEST | 49719 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:27.030262947 CEST | 49718 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:27.030275106 CEST | 443 | 49718 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:27.030487061 CEST | 49719 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:27.030503988 CEST | 443 | 49719 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:29.864897013 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:46:43.128998995 CEST | 49698 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 25, 2024 15:46:43.129239082 CEST | 49699 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 25, 2024 15:46:43.238230944 CEST | 80 | 49698 | 199.232.214.172 | 192.168.2.16 |
Apr 25, 2024 15:46:43.238251925 CEST | 80 | 49698 | 199.232.214.172 | 192.168.2.16 |
Apr 25, 2024 15:46:43.238332033 CEST | 49698 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 25, 2024 15:46:43.238487959 CEST | 80 | 49699 | 199.232.214.172 | 192.168.2.16 |
Apr 25, 2024 15:46:43.238524914 CEST | 80 | 49699 | 199.232.214.172 | 192.168.2.16 |
Apr 25, 2024 15:46:43.238615990 CEST | 49699 | 80 | 192.168.2.16 | 199.232.214.172 |
Apr 25, 2024 15:46:45.016455889 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:45.016534090 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:45.016627073 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:45.017069101 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:45.017102003 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:45.669137955 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:45.669315100 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:45.670532942 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:45.670574903 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:45.671089888 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:45.672683001 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:45.716119051 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297355890 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297416925 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297461033 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297533035 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.297574043 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297610998 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297614098 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.297657013 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.297693014 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297739983 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297739983 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.297760010 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.297862053 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.297938108 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.303733110 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.303733110 CEST | 49720 | 443 | 192.168.2.16 | 40.68.123.157 |
Apr 25, 2024 15:46:46.303772926 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:46.303807020 CEST | 443 | 49720 | 40.68.123.157 | 192.168.2.16 |
Apr 25, 2024 15:46:57.040061951 CEST | 49718 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:57.040560961 CEST | 49719 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:57.084126949 CEST | 443 | 49718 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:57.088120937 CEST | 443 | 49719 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:59.771786928 CEST | 443 | 49719 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:59.771939993 CEST | 49719 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:46:59.771955013 CEST | 443 | 49719 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:46:59.772008896 CEST | 49719 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:00.635194063 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:00.635243893 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:00.635333061 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:00.635695934 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:00.635716915 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:00.860524893 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:00.860899925 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:00.860960960 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:00.861314058 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:00.861637115 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:00.861710072 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:00.904814005 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:01.784801960 CEST | 443 | 49708 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:01.784919977 CEST | 49708 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:02.388463974 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:02.388550043 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:02.388643026 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:02.388909101 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:02.388957024 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:02.389008045 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:02.389163017 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:02.389208078 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:02.389312029 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:02.389333010 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.549135923 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.549457073 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.549520016 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.550561905 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.550648928 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.551630974 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.551722050 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.551815987 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.551831961 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.558015108 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.558203936 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.558221102 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.561872005 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.561953068 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.562191963 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.562366962 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.596776009 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.612781048 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:03.612796068 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:03.644834995 CEST | 49689 | 443 | 192.168.2.16 | 204.79.197.200 |
Apr 25, 2024 15:47:03.660768032 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:04.501194954 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:04.501291037 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:04.501378059 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:04.502166033 CEST | 49723 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:04.502209902 CEST | 443 | 49723 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:04.539174080 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:04.580118895 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:04.968427896 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:04.968535900 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:04.968611002 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:04.969456911 CEST | 49724 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:04.969487906 CEST | 443 | 49724 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:05.085066080 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:05.085107088 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:05.085172892 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:05.085424900 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:05.085438967 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.224432945 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.224785089 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.224812031 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.228602886 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.228701115 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.228990078 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.229129076 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.229134083 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.229279041 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.280805111 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.280828953 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.328754902 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.731108904 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.731329918 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:06.731412888 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.732158899 CEST | 49725 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:06.732194901 CEST | 443 | 49725 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:10.890485048 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:10.890651941 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:10.890753031 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:11.039753914 CEST | 49707 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:11.039769888 CEST | 443 | 49707 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:11.969474077 CEST | 49722 | 443 | 192.168.2.16 | 108.177.122.104 |
Apr 25, 2024 15:47:11.969543934 CEST | 443 | 49722 | 108.177.122.104 | 192.168.2.16 |
Apr 25, 2024 15:47:32.519098043 CEST | 443 | 49718 | 203.107.86.226 | 192.168.2.16 |
Apr 25, 2024 15:47:32.519259930 CEST | 49718 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:35.381840944 CEST | 49701 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:47:35.491142035 CEST | 80 | 49701 | 192.229.211.108 | 192.168.2.16 |
Apr 25, 2024 15:47:35.491257906 CEST | 49701 | 80 | 192.168.2.16 | 192.229.211.108 |
Apr 25, 2024 15:47:56.047636032 CEST | 49707 | 443 | 192.168.2.16 | 203.107.86.226 |
Apr 25, 2024 15:47:56.047651052 CEST | 443 | 49707 | 203.107.86.226 | 192.168.2.16 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 25, 2024 15:45:55.816855907 CEST | 62990 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:45:55.817014933 CEST | 56707 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:45:55.877929926 CEST | 53 | 62812 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:45:55.928175926 CEST | 53 | 56707 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:45:55.954142094 CEST | 53 | 58141 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:45:55.988713980 CEST | 53 | 62990 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:45:56.572539091 CEST | 53 | 52128 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:46:00.572046041 CEST | 56709 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:46:00.572201014 CEST | 57898 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:46:00.682029009 CEST | 53 | 56709 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:46:00.682419062 CEST | 53 | 57898 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:46:13.543421030 CEST | 53 | 61838 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:46:25.776701927 CEST | 53 | 62790 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:46:32.307143927 CEST | 53 | 54921 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:46:55.135540962 CEST | 53 | 64680 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:46:55.871546030 CEST | 53 | 59364 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:47:02.059317112 CEST | 53315 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:47:02.059546947 CEST | 52307 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:47:02.329181910 CEST | 53 | 53315 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:47:02.503843069 CEST | 53 | 52307 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:47:02.632592916 CEST | 138 | 138 | 192.168.2.16 | 192.168.2.255 |
Apr 25, 2024 15:47:04.972441912 CEST | 53137 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:47:04.972574949 CEST | 50981 | 53 | 192.168.2.16 | 1.1.1.1 |
Apr 25, 2024 15:47:05.084372044 CEST | 53 | 50981 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:47:05.084430933 CEST | 53 | 53137 | 1.1.1.1 | 192.168.2.16 |
Apr 25, 2024 15:47:24.085572004 CEST | 53 | 53796 | 1.1.1.1 | 192.168.2.16 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 25, 2024 15:47:02.503966093 CEST | 192.168.2.16 | 1.1.1.1 | c25e | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 25, 2024 15:45:55.816855907 CEST | 192.168.2.16 | 1.1.1.1 | 0xe1ab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 25, 2024 15:45:55.817014933 CEST | 192.168.2.16 | 1.1.1.1 | 0xe46e | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 25, 2024 15:46:00.572046041 CEST | 192.168.2.16 | 1.1.1.1 | 0x6f90 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 25, 2024 15:46:00.572201014 CEST | 192.168.2.16 | 1.1.1.1 | 0xd540 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 25, 2024 15:47:02.059317112 CEST | 192.168.2.16 | 1.1.1.1 | 0x711a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 25, 2024 15:47:02.059546947 CEST | 192.168.2.16 | 1.1.1.1 | 0x44c3 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 25, 2024 15:47:04.972441912 CEST | 192.168.2.16 | 1.1.1.1 | 0x87a8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 25, 2024 15:47:04.972574949 CEST | 192.168.2.16 | 1.1.1.1 | 0x9600 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 25, 2024 15:45:55.928175926 CEST | 1.1.1.1 | 192.168.2.16 | 0xe46e | No error (0) | z70hl14r9u8cmv78.aliyunddos1030.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 25, 2024 15:45:55.988713980 CEST | 1.1.1.1 | 192.168.2.16 | 0xe1ab | No error (0) | z70hl14r9u8cmv78.aliyunddos1030.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 25, 2024 15:45:55.988713980 CEST | 1.1.1.1 | 192.168.2.16 | 0xe1ab | No error (0) | 203.107.86.226 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:46:00.682029009 CEST | 1.1.1.1 | 192.168.2.16 | 0x6f90 | No error (0) | 108.177.122.104 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:46:00.682029009 CEST | 1.1.1.1 | 192.168.2.16 | 0x6f90 | No error (0) | 108.177.122.99 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:46:00.682029009 CEST | 1.1.1.1 | 192.168.2.16 | 0x6f90 | No error (0) | 108.177.122.103 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:46:00.682029009 CEST | 1.1.1.1 | 192.168.2.16 | 0x6f90 | No error (0) | 108.177.122.106 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:46:00.682029009 CEST | 1.1.1.1 | 192.168.2.16 | 0x6f90 | No error (0) | 108.177.122.105 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:46:00.682029009 CEST | 1.1.1.1 | 192.168.2.16 | 0x6f90 | No error (0) | 108.177.122.147 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:46:00.682419062 CEST | 1.1.1.1 | 192.168.2.16 | 0xd540 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 25, 2024 15:47:02.329181910 CEST | 1.1.1.1 | 192.168.2.16 | 0x711a | No error (0) | z70hl14r9u8cmv78.aliyunddos1030.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 25, 2024 15:47:02.329181910 CEST | 1.1.1.1 | 192.168.2.16 | 0x711a | No error (0) | 203.107.86.226 | A (IP address) | IN (0x0001) | false | ||
Apr 25, 2024 15:47:02.503843069 CEST | 1.1.1.1 | 192.168.2.16 | 0x44c3 | No error (0) | z70hl14r9u8cmv78.aliyunddos1030.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 25, 2024 15:47:05.084372044 CEST | 1.1.1.1 | 192.168.2.16 | 0x9600 | No error (0) | z70hl14r9u8cmv78.aliyunddos1030.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 25, 2024 15:47:05.084430933 CEST | 1.1.1.1 | 192.168.2.16 | 0x87a8 | No error (0) | z70hl14r9u8cmv78.aliyunddos1030.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 25, 2024 15:47:05.084430933 CEST | 1.1.1.1 | 192.168.2.16 | 0x87a8 | No error (0) | 203.107.86.226 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.16 | 49714 | 23.54.200.130 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 13:46:04 UTC | 161 | OUT | |
2024-04-25 13:46:05 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.16 | 49715 | 23.54.200.130 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 13:46:05 UTC | 239 | OUT | |
2024-04-25 13:46:05 UTC | 531 | IN | |
2024-04-25 13:46:05 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.16 | 49716 | 40.68.123.157 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 13:46:08 UTC | 306 | OUT | |
2024-04-25 13:46:08 UTC | 560 | IN | |
2024-04-25 13:46:08 UTC | 15824 | IN | |
2024-04-25 13:46:08 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.16 | 49720 | 40.68.123.157 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 13:46:45 UTC | 306 | OUT | |
2024-04-25 13:46:46 UTC | 560 | IN | |
2024-04-25 13:46:46 UTC | 15824 | IN | |
2024-04-25 13:46:46 UTC | 9633 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.16 | 49723 | 203.107.86.226 | 443 | 6320 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 13:47:03 UTC | 994 | OUT | |
2024-04-25 13:47:04 UTC | 312 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.16 | 49724 | 203.107.86.226 | 443 | 6320 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 13:47:04 UTC | 1046 | OUT | |
2024-04-25 13:47:04 UTC | 202 | IN | |
2024-04-25 13:47:04 UTC | 946 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.16 | 49725 | 203.107.86.226 | 443 | 6320 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-25 13:47:06 UTC | 500 | OUT | |
2024-04-25 13:47:06 UTC | 202 | IN | |
2024-04-25 13:47:06 UTC | 946 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 15:45:54 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 15:45:54 |
Start date: | 25/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |