Windows
Analysis Report
DOC-Zcns1G_.html
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 1432 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "C:\Us ers\user\D esktop\DOC -Zcns1G_.h tml" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5352 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2124 --fi eld-trial- handle=190 8,i,123311 0543084873 9512,89166 2848374534 3975,26214 4 /prefetc h:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_58 | Yara detected HtmlPhish_58 | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_58 | Yara detected HtmlPhish_58 | Joe Security | ||
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Click to jump to signature section
AV Detection |
---|
Source: | Virustotal: | Perma Link |
Phishing |
---|
Source: | Matcher: | ||
Source: | Matcher: |
Source: | File source: |
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | Tab title: |
Source: | HTTP Parser: |
Source: | Matcher: |
Source: | Matcher: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Virustotal: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Stealing of Sensitive Information |
---|
Source: | HTTP Parser: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
10% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
1% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
part-0013.t-0009.t-msedge.net | 13.107.213.41 | true | false |
| unknown |
www.google.com | 142.250.217.164 | true | false | high | |
iia-p.org | 192.232.216.145 | true | false |
| unknown |
use.fontawesome.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
true |
| low | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
192.232.216.145 | iia-p.org | United States | 46606 | UNIFIEDLAYER-AS-1US | false | |
142.250.217.164 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
13.107.213.41 | part-0013.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false |
IP |
---|
192.168.2.16 |
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431976 |
Start date and time: | 2024-04-26 06:27:14 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 28s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowshtmlcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | DOC-Zcns1G_.html |
Detection: | MAL |
Classification: | mal100.phis.winHTML@26/17@8/6 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.165.195, 142.250.217.238, 173.194.215.84, 34.104.35.123, 142.250.64.170, 172.67.142.245, 104.21.27.152, 142.250.64.138, 172.217.165.202, 172.217.15.202, 172.217.3.74, 192.178.50.42, 142.250.217.202, 142.250.217.170, 142.250.189.138, 142.251.35.234, 142.250.64.202, 192.178.50.74, 142.250.217.234, 199.232.214.172, 192.229.211.108, 142.250.64.163
- Excluded domains from analysis (whitelisted): logincdn.msauth.net, clients1.google.com, fs.microsoft.com, lgincdnmsftuswe2.azureedge.net, accounts.google.com, slscr.update.microsoft.com, ajax.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, use.fontawesome.com.cdn.cloudflare.net, firstparty-azurefd-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, lgincdnmsftuswe2.afd.azureedge.net, clients.l.google.com, optimizationguide-pa.googleapis.com
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
13.107.213.41 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
part-0013.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
UNIFIEDLAYER-AS-1US | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HtmlDropper, HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
MICROSOFT-CORP-MSN-AS-BLOCKUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Phisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | TechSupportScam | Browse |
|
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 86659 |
Entropy (8bit): | 5.36781915816204 |
Encrypted: | false |
SSDEEP: | 1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9 |
MD5: | C9F5AEECA3AD37BF2AA006139B935F0A |
SHA1: | 1055018C28AB41087EF9CCEFE411606893DABEA2 |
SHA-256: | 87083882CC6015984EB0411A99D3981817F5DC5C90BA24F0940420C5548D82DE |
SHA-512: | DCFF2B5C2B8625D3593A7531FF4DDCD633939CC9F7ACFEB79C18A9E6038FDAA99487960075502F159D44F902D965B0B5AED32B41BFA66A1DC07D85B5D5152B58 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1435 |
Entropy (8bit): | 7.8613342322590265 |
Encrypted: | false |
SSDEEP: | 24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY |
MD5: | 9F368BC4580FED907775F31C6B26D6CF |
SHA1: | E393A40B3E337F43057EEE3DE189F197AB056451 |
SHA-256: | 7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36 |
SHA-512: | 0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0 |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 673 |
Entropy (8bit): | 7.6596900876595075 |
Encrypted: | false |
SSDEEP: | 12:Xl0t8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:XFUVpkNK0Rwid81p6btk7LqZ6D |
MD5: | 0E176276362B94279A4492511BFCBD98 |
SHA1: | 389FE6B51F62254BB98939896B8C89EBEFFE2A02 |
SHA-256: | 9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C |
SHA-512: | 8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://logincdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17174 |
Entropy (8bit): | 2.9129715116732746 |
Encrypted: | false |
SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://logincdn.msauth.net/16.000.28595.2/images/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 86927 |
Entropy (8bit): | 5.289226719276158 |
Encrypted: | false |
SSDEEP: | 1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69 |
MD5: | A09E13EE94D51C524B7E2A728C7D4039 |
SHA1: | 0DC32DB4AA9C5F03F3B38C47D883DBD4FED13AAE |
SHA-256: | 160A426FF2894252CD7CEBBDD6D6B7DA8FCD319C65B70468F10B6690C45D02EF |
SHA-512: | F8DA8F95B6ED33542A88AF19028E18AE3D9CE25350A06BFC3FBF433ED2B38FEFA5E639CDDFDAC703FC6CAA7F3313D974B92A3168276B3A016CEB28F27DB0714A |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1435 |
Entropy (8bit): | 7.8613342322590265 |
Encrypted: | false |
SSDEEP: | 24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY |
MD5: | 9F368BC4580FED907775F31C6B26D6CF |
SHA1: | E393A40B3E337F43057EEE3DE189F197AB056451 |
SHA-256: | 7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36 |
SHA-512: | 0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0 |
Malicious: | false |
URL: | https://logincdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 698780 |
Entropy (8bit): | 4.303376707888899 |
Encrypted: | false |
SSDEEP: | 6144:/6omS9C8UjUvDVXE7oc/AH/xpRSnJUiZ63lhD5jm:F9C856/AJpRx5m |
MD5: | BFFC6023835E717C0348C41583E56EBA |
SHA1: | 5EEECA669E300C13EF45B44E2322EA154A1D17D5 |
SHA-256: | D2FEC0E2942F49DD3CAD4650431D550D761F11DDED17834D4835768C2CA730C0 |
SHA-512: | F8A67D30D682FCA3E62667573DE5EF577C8B7D45DB14899FDE750C40DEC789FFB4D5F02003276DCF6417F00B4163236FEAFDD1BA56C43D71E4BB4FFEA2184052 |
Malicious: | false |
URL: | https://use.fontawesome.com/releases/v5.0.9/js/all.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 114178 |
Entropy (8bit): | 3.0100836220795317 |
Encrypted: | false |
SSDEEP: | 1536:Le+O4yEAYXWVX3wZyildbQhyLx3Z/dqLuY09hZaNoQsOMf8iuuoMQw+CwQwfwbw9:q03C |
MD5: | A59B10485D743AAECB180F7CBAFA9E12 |
SHA1: | 3DCF56AC3BD015599E838E1E969AFAEE9B1CE0C3 |
SHA-256: | 1F600FB26B3310DA5013601DE6F43D708F25F5DF91377CA78EA1A82F8344543F |
SHA-512: | 50635AAFD3EDF8AF8A652A2E3796D94D8458EAC184B8206DE4E6C50645F033EE85FDF3736287CA7BABD274259ADB3A914EB6E196A87F57B4A841AFB883BB00D3 |
Malicious: | false |
URL: | https://iia-p.org/lh/o.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 673 |
Entropy (8bit): | 7.6596900876595075 |
Encrypted: | false |
SSDEEP: | 12:Xl0t8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:XFUVpkNK0Rwid81p6btk7LqZ6D |
MD5: | 0E176276362B94279A4492511BFCBD98 |
SHA1: | 389FE6B51F62254BB98939896B8C89EBEFFE2A02 |
SHA-256: | 9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C |
SHA-512: | 8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 17174 |
Entropy (8bit): | 2.9129715116732746 |
Encrypted: | false |
SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 3.462692063418512 |
TrID: |
|
File name: | DOC-Zcns1G_.html |
File size: | 2'190 bytes |
MD5: | 1e32618fcf29bd29fe194054d4d84ca0 |
SHA1: | dbee4324588daf5ccbe2a9b66e15c580ddfbe640 |
SHA256: | 149ed57259e2ed5e5b2b20e84c4ff006ca08c964794df235a933554114a9b930 |
SHA512: | 47faf2f7977e3491e745990f6fa0d63c5e1f657076bd9999d1ec83bb5a5d39f052a9f4deb70ce4d65d563c74901aa282dc66ae11410d3570d21675a1b1146a29 |
SSDEEP: | 48:J4mTGEW7XsHk8J4jMBAArj5YAMTtWLoGzSfATkllGMQ:96EWkk8WIuAiG0Q |
TLSH: | 4441318B43D70E32B8139D51D55E9C51AFFF88E4C5784489B80E72E6ABBEB4C10528DC |
File Content Preview: | <script>. let x = ['3C', '73', '63', '72', '69', '70', '74', '3E', 'A', '20', '20', '20', '20', '64', '6F', '63', '75', '6D', '65', '6E', '74', '2E', '6C', '6F', '63', '61', '74', '69', '6F', '6E', '2E', '68', '72', '65', '66', '3D', '22', '23' |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 06:27:56.648983002 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Apr 26, 2024 06:27:56.742583990 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 06:28:05.979285955 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:05.979352951 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:05.979619980 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:05.980256081 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:05.980288982 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.352855921 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 26, 2024 06:28:06.433516026 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.433883905 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:06.433914900 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.435401917 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.435472965 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:06.436403990 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:06.436499119 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.436754942 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:06.436773062 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.567688942 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:06.869870901 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.869905949 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.869914055 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.869930983 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.869975090 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:06.870045900 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:06.870083094 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:06.999123096 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.088917017 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.088931084 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.088943005 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.089004993 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.089313030 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.089320898 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.089339972 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.089370012 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.089399099 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.089673042 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.089682102 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.089694977 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.089724064 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.089749098 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.125581980 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.125591040 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.125606060 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.125639915 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.125669956 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.308172941 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.308185101 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.308206081 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.308264971 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.308325052 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.308470964 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.308480024 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.308526993 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.308783054 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.308789968 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.308844090 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.309463978 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.309472084 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.309536934 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.309952974 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.309966087 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.310028076 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.344934940 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.344944954 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.345022917 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.345530987 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.345779896 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.526807070 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.526911974 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.527183056 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.527225971 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.527245998 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:07.527276039 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:07.527324915 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.020385981 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.020441055 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:09.020513058 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.020787001 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.020812035 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:09.252676010 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.252743959 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.252800941 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.259814024 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.259838104 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.268919945 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.268961906 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.269020081 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.269480944 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.269490004 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.269536018 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.270216942 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.270232916 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.270556927 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.270567894 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.404648066 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:09.405117035 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.405160904 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:09.406796932 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:09.406896114 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.409244061 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.409333944 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:09.459728003 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.459752083 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:09.508090019 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:09.710622072 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.711101055 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.711129904 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.714730024 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.714804888 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.715339899 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.715481043 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.715487003 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.715538979 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.724617004 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.724904060 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.724932909 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.726418972 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.726480961 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.728327990 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.731260061 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.731268883 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.732978106 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.733042955 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.759608984 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.759623051 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:09.806857109 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:09.969089031 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.969247103 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.969346046 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.969357967 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.970196009 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:09.970319986 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:09.970335960 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.012026072 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.012208939 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.012219906 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.057761908 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.404166937 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.404202938 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.404285908 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.404321909 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.404356003 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.422216892 CEST | 49743 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.422250032 CEST | 443 | 49743 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.453478098 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.453571081 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.453655958 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.454981089 CEST | 49744 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.454998970 CEST | 443 | 49744 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.517039061 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.517075062 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.517133951 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.518013954 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.518027067 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.519798040 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:10.519880056 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:10.519958973 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:10.521855116 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:10.521893978 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:10.591116905 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.591155052 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.591275930 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.591511011 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.591567993 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.591629028 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.591933012 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.591969013 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.592370033 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:10.592384100 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:10.830563068 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:10.830648899 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:10.837759018 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:10.837806940 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:10.838356018 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:10.882056952 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:10.970515013 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.008788109 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.008809090 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.009255886 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.017498970 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.017576933 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.017651081 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.030158043 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.043350935 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.047110081 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.050321102 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.050333977 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.050533056 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.050564051 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.052625895 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.052685976 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.054193020 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.054258108 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.060118914 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.061652899 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.076028109 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.076056004 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.109776020 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.110130072 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.110754967 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.111087084 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.111358881 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.111391068 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.111536026 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.111550093 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.118299961 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.120419025 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.163826942 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.163841963 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.164129972 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.269160986 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.269325018 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.269350052 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.269387007 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.269402981 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.269402981 CEST | 49746 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.269413948 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.269423008 CEST | 443 | 49746 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.309185028 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.309216022 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.309273005 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.309513092 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.309525013 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.341312885 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.341398001 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.341464996 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.341495991 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.341527939 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.341610909 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.342097044 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.342097044 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.342120886 CEST | 443 | 49748 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.342190027 CEST | 49748 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.547620058 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.547653913 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.547787905 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.548006058 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.548017979 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.610275030 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.610356092 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.611571074 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.611581087 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.611902952 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.612972975 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.660113096 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.674393892 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.674748898 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.674809933 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.675448895 CEST | 49747 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.675467968 CEST | 443 | 49747 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726459980 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726480007 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726486921 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726499081 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726505995 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726511002 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726535082 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.726561069 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726572990 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.726613045 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.726618052 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726634979 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.726659060 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.726681948 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.727302074 CEST | 49745 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.727312088 CEST | 443 | 49745 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.787036896 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.787072897 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.787137985 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.787513971 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:11.787535906 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:11.906620026 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.906799078 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:11.906860113 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:11.993172884 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.996148109 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.996166945 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.997625113 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.997680902 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.998142958 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.998219967 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:11.998472929 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:11.998478889 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:12.046991110 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:12.077647924 CEST | 49749 | 443 | 192.168.2.4 | 23.34.16.106 |
Apr 26, 2024 06:28:12.077670097 CEST | 443 | 49749 | 23.34.16.106 | 192.168.2.4 |
Apr 26, 2024 06:28:12.235045910 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.253751040 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:12.253772020 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.254148960 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.254544973 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:12.254611015 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.254885912 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:12.300117970 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.309195042 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:12.309279919 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:12.309343100 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:12.550823927 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:12.601315975 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:12.681801081 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.681824923 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.681840897 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.681885958 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:12.681916952 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.681946039 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:12.681972980 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:12.681989908 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:12.880340099 CEST | 49751 | 443 | 192.168.2.4 | 13.107.213.41 |
Apr 26, 2024 06:28:12.880359888 CEST | 443 | 49751 | 13.107.213.41 | 192.168.2.4 |
Apr 26, 2024 06:28:14.700546980 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:14.700581074 CEST | 443 | 49733 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:14.700611115 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:14.700638056 CEST | 49733 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:16.030915022 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:16.031099081 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:16.031173944 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:16.993650913 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:16.993686914 CEST | 443 | 49742 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:16.993710041 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:16.993740082 CEST | 49742 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:17.551891088 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:17.551971912 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:17.552017927 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:17.853327036 CEST | 49750 | 443 | 192.168.2.4 | 192.232.216.145 |
Apr 26, 2024 06:28:17.853358984 CEST | 443 | 49750 | 192.232.216.145 | 192.168.2.4 |
Apr 26, 2024 06:28:18.955543995 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:18.955586910 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:18.955673933 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:18.956666946 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:18.956712008 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:19.380784035 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:19.380940914 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:19.381009102 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:19.744812965 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:19.744894028 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:19.749202013 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:19.749222994 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:19.749630928 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:19.804034948 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:19.868540049 CEST | 49741 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:28:19.868601084 CEST | 443 | 49741 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:28:20.390938997 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.432120085 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900672913 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900729895 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900749922 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900789022 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900789976 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.900808096 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900810957 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.900825977 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900830984 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.900855064 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.900871038 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.900871992 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.900918007 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.901097059 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.901150942 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:20.901161909 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.901290894 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:20.901818991 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:21.521939039 CEST | 49756 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:21.521970034 CEST | 443 | 49756 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:26.188054085 CEST | 80 | 49723 | 162.222.107.40 | 192.168.2.4 |
Apr 26, 2024 06:28:26.188234091 CEST | 49723 | 80 | 192.168.2.4 | 162.222.107.40 |
Apr 26, 2024 06:28:26.188282013 CEST | 49723 | 80 | 192.168.2.4 | 162.222.107.40 |
Apr 26, 2024 06:28:26.335269928 CEST | 80 | 49723 | 162.222.107.40 | 192.168.2.4 |
Apr 26, 2024 06:28:40.865147114 CEST | 80 | 49724 | 208.111.136.128 | 192.168.2.4 |
Apr 26, 2024 06:28:40.865252018 CEST | 49724 | 80 | 192.168.2.4 | 208.111.136.128 |
Apr 26, 2024 06:28:40.865338087 CEST | 49724 | 80 | 192.168.2.4 | 208.111.136.128 |
Apr 26, 2024 06:28:41.013551950 CEST | 80 | 49724 | 208.111.136.128 | 192.168.2.4 |
Apr 26, 2024 06:28:57.988425970 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:57.988517046 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:57.988663912 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:57.988959074 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:57.988993883 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:58.763953924 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:58.764117956 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:58.769151926 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:58.769176006 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:58.769660950 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:58.779491901 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:58.820122957 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526202917 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526233912 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526333094 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:59.526398897 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526489019 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:59.526663065 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526701927 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526738882 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:59.526757002 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526777029 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.526810884 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:59.526839972 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:59.533523083 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:59.533572912 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:28:59.533602953 CEST | 49768 | 443 | 192.168.2.4 | 40.127.169.103 |
Apr 26, 2024 06:28:59.533618927 CEST | 443 | 49768 | 40.127.169.103 | 192.168.2.4 |
Apr 26, 2024 06:29:08.860757113 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:08.860805988 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:08.860929966 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:08.862350941 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:08.862363100 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:09.310942888 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:09.311456919 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:09.311469078 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:09.312688112 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:09.313142061 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:09.313313007 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:09.366312981 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:19.297224998 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:19.297307968 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Apr 26, 2024 06:29:19.297369003 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:19.890213966 CEST | 49770 | 443 | 192.168.2.4 | 142.250.217.164 |
Apr 26, 2024 06:29:19.890235901 CEST | 443 | 49770 | 142.250.217.164 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 06:28:05.702236891 CEST | 49215 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:05.702238083 CEST | 50704 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:05.831408978 CEST | 53 | 63668 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:05.849617958 CEST | 53 | 52082 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:05.920826912 CEST | 53 | 50704 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:05.993964911 CEST | 53 | 49215 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:06.960975885 CEST | 53 | 54391 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:07.533833027 CEST | 54042 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:07.533952951 CEST | 62728 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:07.679883003 CEST | 53 | 56394 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:08.828058004 CEST | 57301 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:08.862070084 CEST | 55524 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:08.982939959 CEST | 53 | 57301 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:09.009121895 CEST | 53 | 55524 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:11.149976969 CEST | 55345 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:11.150496960 CEST | 52422 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 26, 2024 06:28:11.525706053 CEST | 53 | 55345 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:11.547096968 CEST | 53 | 52422 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:18.051364899 CEST | 53 | 53877 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:24.546422958 CEST | 53 | 61695 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:28:27.174348116 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Apr 26, 2024 06:28:43.636399984 CEST | 53 | 55911 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:29:05.360573053 CEST | 53 | 54199 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:29:06.468096972 CEST | 53 | 50868 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:29:34.260165930 CEST | 53 | 51687 | 1.1.1.1 | 192.168.2.4 |
Apr 26, 2024 06:30:20.748959064 CEST | 53 | 55676 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 26, 2024 06:28:05.994080067 CEST | 192.168.2.4 | 1.1.1.1 | c21b | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 26, 2024 06:28:05.702236891 CEST | 192.168.2.4 | 1.1.1.1 | 0xf7f0 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 06:28:05.702238083 CEST | 192.168.2.4 | 1.1.1.1 | 0x450f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 06:28:07.533833027 CEST | 192.168.2.4 | 1.1.1.1 | 0xb41 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 06:28:07.533952951 CEST | 192.168.2.4 | 1.1.1.1 | 0x2d0f | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 06:28:08.828058004 CEST | 192.168.2.4 | 1.1.1.1 | 0x2b1f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 06:28:08.862070084 CEST | 192.168.2.4 | 1.1.1.1 | 0x3556 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 06:28:11.149976969 CEST | 192.168.2.4 | 1.1.1.1 | 0xaccf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 06:28:11.150496960 CEST | 192.168.2.4 | 1.1.1.1 | 0x54e0 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 26, 2024 06:28:05.920826912 CEST | 1.1.1.1 | 192.168.2.4 | 0x450f | No error (0) | 192.232.216.145 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:07.680696011 CEST | 1.1.1.1 | 192.168.2.4 | 0xb41 | No error (0) | use.fontawesome.com.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:07.682102919 CEST | 1.1.1.1 | 192.168.2.4 | 0x2d0f | No error (0) | use.fontawesome.com.cdn.cloudflare.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:08.982939959 CEST | 1.1.1.1 | 192.168.2.4 | 0x2b1f | No error (0) | 142.250.217.164 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:09.009121895 CEST | 1.1.1.1 | 192.168.2.4 | 0x3556 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 06:28:09.259723902 CEST | 1.1.1.1 | 192.168.2.4 | 0x8a29 | No error (0) | part-0013.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:09.259723902 CEST | 1.1.1.1 | 192.168.2.4 | 0x8a29 | No error (0) | 13.107.213.41 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:09.259723902 CEST | 1.1.1.1 | 192.168.2.4 | 0x8a29 | No error (0) | 13.107.246.41 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:10.589596033 CEST | 1.1.1.1 | 192.168.2.4 | 0x8af7 | No error (0) | part-0013.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:10.589596033 CEST | 1.1.1.1 | 192.168.2.4 | 0x8af7 | No error (0) | 13.107.213.41 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:10.589596033 CEST | 1.1.1.1 | 192.168.2.4 | 0x8af7 | No error (0) | 13.107.246.41 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 06:28:11.525706053 CEST | 1.1.1.1 | 192.168.2.4 | 0xaccf | No error (0) | 192.232.216.145 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49733 | 192.232.216.145 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:06 UTC | 568 | OUT | |
2024-04-26 04:28:06 UTC | 359 | IN | |
2024-04-26 04:28:06 UTC | 7833 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN | |
2024-04-26 04:28:07 UTC | 8000 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49742 | 192.232.216.145 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:09 UTC | 580 | OUT | |
2024-04-26 04:28:09 UTC | 49 | OUT | |
2024-04-26 04:28:11 UTC | 299 | IN | |
2024-04-26 04:28:11 UTC | 46 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49743 | 13.107.213.41 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:09 UTC | 620 | OUT | |
2024-04-26 04:28:10 UTC | 780 | IN | |
2024-04-26 04:28:10 UTC | 1435 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49744 | 13.107.213.41 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:09 UTC | 619 | OUT | |
2024-04-26 04:28:10 UTC | 786 | IN | |
2024-04-26 04:28:10 UTC | 673 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49745 | 13.107.213.41 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:11 UTC | 576 | OUT | |
2024-04-26 04:28:11 UTC | 746 | IN | |
2024-04-26 04:28:11 UTC | 15638 | IN | |
2024-04-26 04:28:11 UTC | 1536 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49748 | 13.107.213.41 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:11 UTC | 420 | OUT | |
2024-04-26 04:28:11 UTC | 779 | IN | |
2024-04-26 04:28:11 UTC | 1435 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49747 | 13.107.213.41 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:11 UTC | 419 | OUT | |
2024-04-26 04:28:11 UTC | 786 | IN | |
2024-04-26 04:28:11 UTC | 673 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49746 | 23.34.16.106 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:11 UTC | 161 | OUT | |
2024-04-26 04:28:11 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.4 | 49749 | 23.34.16.106 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:11 UTC | 239 | OUT | |
2024-04-26 04:28:11 UTC | 773 | IN | |
2024-04-26 04:28:11 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.4 | 49750 | 192.232.216.145 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:11 UTC | 345 | OUT | |
2024-04-26 04:28:12 UTC | 301 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.4 | 49751 | 13.107.213.41 | 443 | 5352 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:12 UTC | 376 | OUT | |
2024-04-26 04:28:12 UTC | 766 | IN | |
2024-04-26 04:28:12 UTC | 15618 | IN | |
2024-04-26 04:28:12 UTC | 1556 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
11 | 192.168.2.4 | 49756 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:20 UTC | 306 | OUT | |
2024-04-26 04:28:20 UTC | 560 | IN | |
2024-04-26 04:28:20 UTC | 15824 | IN | |
2024-04-26 04:28:20 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
12 | 192.168.2.4 | 49768 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 04:28:58 UTC | 306 | OUT | |
2024-04-26 04:28:59 UTC | 560 | IN | |
2024-04-26 04:28:59 UTC | 15824 | IN | |
2024-04-26 04:28:59 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 06:28:00 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 2 |
Start time: | 06:28:04 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |