Windows
Analysis Report
https://ipfs.io/ipfs/QmTvMGRn6QMQAMwSucv8UUTX3cyS4DrLuUTMvDui8TsJNN
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 6756 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 1412 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2392 --fi eld-trial- handle=234 8,i,498375 2092659349 319,118549 1677458858 7079,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 2352 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://ipfs. io/ipfs/Qm TvMGRn6QMQ AMwSucv8UU TX3cyS4DrL uUTMvDui8T sJNN" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
AV Detection |
---|
Source: | SlashNext: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
100% | SlashNext | Credential Stealing type: Phishing & Social Engineering |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 192.178.50.36 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown | |
ipfs.io | 209.94.90.1 | true | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
192.178.50.36 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
209.94.90.1 | ipfs.io | United States | 40680 | PROTOCOLUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1432047 |
Start date and time: | 2024-04-26 10:58:55 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 3s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://ipfs.io/ipfs/QmTvMGRn6QMQAMwSucv8UUTX3cyS4DrLuUTMvDui8TsJNN |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.win@16/14@4/4 |
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.64.195, 192.178.50.46, 173.194.215.84, 34.104.35.123, 142.251.35.227, 172.217.15.202, 172.217.165.195, 52.165.165.26, 199.232.210.172, 23.45.182.68, 23.45.182.97, 192.229.211.108, 13.95.31.18, 20.242.39.171, 142.250.217.227, 72.21.81.240
- Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, a767.dspw65.akamai.net, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, www.gstatic.com, glb.sls.prod.dcat.dsp.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9746538066960375 |
Encrypted: | false |
SSDEEP: | 48:8nALdiTuakH+idAKZdA19ehwiZUklqehNy+3:8nx/Zqy |
MD5: | D526CEFDDABB25C7478A430BF5F5C280 |
SHA1: | 2BDA4D5B2807871809304ADADA61DDDB2C5800B8 |
SHA-256: | 43F4B8355036AF415D3B3CF858B268DAA4BE608E4C2849C74B7D0F287E703E0F |
SHA-512: | 050D65FFEE01E3DF61780D470C8D98FAA4A1D077F74E7B99CFADFF9CC4BF89764B06B535AAB247B80D8D2A9A36990A9FAA411A1B5879D8E3B914EE23876FA024 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.984636524379107 |
Encrypted: | false |
SSDEEP: | 48:8JdiTuakH+idAKZdA1weh/iZUkAQkqehay+2:8u/L9QDy |
MD5: | 5772D3E22FD0B68E7CF11D56A90A5F1A |
SHA1: | 6BBA23081D899950AE3CCA4BA805929F48B8CB65 |
SHA-256: | E5C500A8A7A63F4A9FBF50718F945E0DF911DBDBF139C5D133C960DB28E61AF0 |
SHA-512: | 7E4EC40E180C48D63046905157D46C6BB3092DC37A3C0F7BC2DD09C7E82E95D8A00411DBC85DF00E3E39AED8DAEBC9C5C64A3E4411D677FDBD08FB21089DF36D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 3.999064893339045 |
Encrypted: | false |
SSDEEP: | 48:8xDdiTuasH+idAKZdA14tseh7sFiZUkmgqeh7sQy+BX:8xQ/znuy |
MD5: | 2F20FBB498D66A65472A8C40D1928749 |
SHA1: | 596649256508A59C829E62FA5EDADDF187E3D427 |
SHA-256: | 38E45FCA72582BA824476B60E9C9D025C563DDD9B5DF4B97440201201AF66B17 |
SHA-512: | 38ABFBF836BC7C1F5720383514BD19689BEF8C07BBB96E015F4A19FA44E791645DC56988773FBB67F06343FC95B698C1F591165B085B444AC2E557CD04D3AB9B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9854295910039466 |
Encrypted: | false |
SSDEEP: | 48:8cdiTuakH+idAKZdA1vehDiZUkwqehWy+R:8B/IYy |
MD5: | D500727E3D69AB994A1CE8FA3CA3595B |
SHA1: | B653B7E0FCCF74CB2DFDE828D83BC1AAD73C6AB0 |
SHA-256: | 34B49531709788DF0449DE46D37A74D18A89C7940E03DA81EF220D6820ECF935 |
SHA-512: | 7E7173C7EB1561BC4B4928860A7E20DCF05B1AE1994178136906281D6DBCA6C5517A75C134478994F6AC9197D4AC21DBC4CA841A5B4417ADDC51A8ADF72FD0CB |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9762236069208035 |
Encrypted: | false |
SSDEEP: | 48:8KdiTuakH+idAKZdA1hehBiZUk1W1qehky+C:8v/Y9Ey |
MD5: | 7005020C50188E6D1FCF617630D8A1FD |
SHA1: | 4666C2D14412B92E10B75E372A13C3C6D5BBB7DF |
SHA-256: | 84E66B396944551FC8D6D6B13BB3501EA56419D70B28C3C6C50DE41CD6406C33 |
SHA-512: | 6032A3A79889674A3A2929A9D4FAE61174DF16F1385523D65506CD6FF1C2F6F1600547AAF89D2CB147418328895431253040C4EB306CBB596B80557416EF3BE1 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.988942631331056 |
Encrypted: | false |
SSDEEP: | 48:8YdiTuakH+idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbuy+yT+:8d/2T/TbxWOvTbuy7T |
MD5: | AC351DCF91C80F91FBD04168838F5E9C |
SHA1: | 33F6AFBF59D1D34B331CA533F0EBE830F4313EAD |
SHA-256: | 8270921A7EFB9189069374F69135473155C8DBC200AB8E53D251D5F901C5172C |
SHA-512: | 89D5674E9DE4D24CAE59F46F836EDA17CEF73A62188946826BA410EF723BD1C1CCF884F09A04126E936956496748F603AB2F28DA34F430D9DC137A4BC055AAD4 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4633 |
Entropy (8bit): | 5.11612899370178 |
Encrypted: | false |
SSDEEP: | 96:845fmI0oTiODSC5QIPUcDOR7xpOlyocF4RkVCI6W:8OfmIPDSC5QWOR7xpUiOkVCI6W |
MD5: | 4759EEC5181FB70BD7C8574BF80024F9 |
SHA1: | BBBAC228FF60397D49E7C6B62D4D568843F0BB31 |
SHA-256: | 27DE8659031A8FD690880BFBD9E905FD5F94A7EFF36D89CF48504D3E9F87825D |
SHA-512: | F0CAA2B1B212D25562FE0D2CE681B8295927908E94EE34E4647F528B6477860D079A6CF5786B82E49E4C403FAA17D9D23718FF7BD148C0BC6223197FF5A9167D |
Malicious: | false |
Reputation: | low |
URL: | https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/demo__ltr.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 152508 |
Entropy (8bit): | 5.701854171003312 |
Encrypted: | false |
SSDEEP: | 3072:W3Qa30iCEAaVupOdkiA4Cwx78InO2mZuy6Nz:W31upskiAobnO2mAy2 |
MD5: | 35E862DBA0E5333C7BCB69FBB8DE543C |
SHA1: | 15057E4561FB2D40E9083F9A453C3A71A8EF5658 |
SHA-256: | 4D7FED4F1018A09DC9FDC1FB9E0741C502725B1BB9AE9AB2B7CEE3491E378B32 |
SHA-512: | 0DB126DFFA8E790D473ABC7B2476D1AB6B406AA915FA1A12273944D44BA503915E15935958F47EBE9199C5B7B2F460B55E6FB0555C132D85163BE9BE200C0FB7 |
Malicious: | false |
Reputation: | low |
URL: | https://ipfs.io/ipfs/QmTvMGRn6QMQAMwSucv8UUTX3cyS4DrLuUTMvDui8TsJNN |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15740 |
Entropy (8bit): | 7.9866977438851 |
Encrypted: | false |
SSDEEP: | 384:RRlYHoE1mbF2cZgh17dAdJ0mB1cpOxvLTcZjh1LOz:JYIB2Sg/dYui1XBHwG |
MD5: | B9C29351C46F3E8C8631C4002457F48A |
SHA1: | E57E59C5780995FF2937AB2B511A769212974A87 |
SHA-256: | F75911313E1C7802C23345AB57E754D87801581706780C993FB23FF4E0FE62EF |
SHA-512: | 487AC3FD483F8EA131989857BCF1782C295AC72022BC2EBD4BF19001433D6DB65000E192E58B7A6F70F627D15C58F9FED9BA5FE0216363354BEC5A396299DAD9 |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2190 |
Entropy (8bit): | 5.379739749404308 |
Encrypted: | false |
SSDEEP: | 48:1OWNalOWNJFZKOWNPOWNO3yOWNtAOWNeRVc+umOWNhN0oD:1OWNalOWNJFZKOWNPOWNO3yOWN+OWNS9 |
MD5: | A836A503574CA8049144CE0F91323B1F |
SHA1: | BEBB999E6080AC870FC8E8530BD3161F0292407E |
SHA-256: | 94BD3BD035DD4F59E16DD14EE9D7F60A836A86D11C788F6CEB886C4B47893C78 |
SHA-512: | 1ED199E5F7C667F8CE7364532F020FAD3A7ABA9F96F0CD874769C97F9244A4A68615ED92D7299580D75EBDB289431BDC489A2CF7149D8D76399161B4B52DEC6B |
Malicious: | false |
Reputation: | low |
URL: | https://fonts.googleapis.com/css?family=Roboto:300 |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 10:59:39.096560955 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 10:59:39.097637892 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 10:59:39.190289974 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 10:59:47.419393063 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.419428110 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.419500113 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.419976950 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.420021057 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.420079947 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.420252085 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.420262098 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.420406103 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.420423031 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.683936119 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.684201956 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.684228897 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.685116053 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.685180902 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.690819979 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.690901041 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.691270113 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.691278934 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.695756912 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.696113110 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.696125984 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.697710037 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.697805882 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.699006081 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.699089050 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.833707094 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.845001936 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:47.845016956 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.045337915 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.078682899 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.078747034 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.078778028 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.078820944 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.078830957 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.078866959 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.078886986 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.078938007 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.078978062 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.078985929 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.079063892 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.079102993 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.079108953 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.099986076 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100172997 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.100203991 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100238085 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100311995 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.100332975 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100610018 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100636005 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100651979 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.100656986 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100666046 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.100694895 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.101330996 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.101367950 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.101382017 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.101387978 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.101428032 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.101433039 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.102190971 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.102243900 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.102248907 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.102381945 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.102425098 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.102431059 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.103077888 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.103100061 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.103127003 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.103135109 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.103178978 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.103183985 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104013920 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104037046 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104064941 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104065895 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.104072094 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104110956 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.104118109 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104156017 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.104172945 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104868889 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104912043 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.104918003 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104957104 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.104998112 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.105003119 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.105782986 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.105806112 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.105830908 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.105838060 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.105874062 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.106625080 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.106689930 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.177124977 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.177218914 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:48.177329063 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.177503109 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.177525043 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:48.203644037 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.203757048 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.203927994 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.204030037 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.224952936 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.225047112 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.225836992 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.225892067 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.226017952 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.226064920 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.226316929 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.226377964 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.227230072 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.227286100 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.227425098 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.227482080 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.228498936 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.228571892 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.228749990 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.228806019 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.230153084 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.230211973 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.230295897 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.230339050 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.230438948 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.230483055 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.231695890 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.231754065 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.231889963 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.231935978 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.232258081 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.232315063 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.273318052 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.273415089 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.273514032 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.273570061 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.328723907 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.328825951 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.328906059 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.328923941 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.328942060 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.328959942 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.328968048 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.328977108 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.329015017 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.329807997 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.329890013 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.330533981 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.330610037 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.330616951 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.330678940 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.330698967 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.330741882 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.331137896 CEST | 49710 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 10:59:48.331155062 CEST | 443 | 49710 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.505502939 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:48.505786896 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.505852938 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:48.506725073 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:48.506798983 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.507786989 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.507850885 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:48.644843102 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.644902945 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:48.840967894 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 10:59:48.841006994 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:48.872184992 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 10:59:48.872186899 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 10:59:50.071686029 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.071829081 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.071933031 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.074229002 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.074259043 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.240320921 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 10:59:50.240436077 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 10:59:50.340476990 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.340569019 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.344558954 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.344578981 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.344917059 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.387605906 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.443643093 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.484148979 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.595149040 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.595243931 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.595352888 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.595479965 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.595513105 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.595552921 CEST | 49716 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.595570087 CEST | 443 | 49716 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.631069899 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.631128073 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.631206036 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.643552065 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.643582106 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.898238897 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.898344040 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.901861906 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.901870966 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.902215004 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:50.904979944 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:50.952116013 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:51.147793055 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:51.147871971 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:51.147977114 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:51.148963928 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:51.149010897 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:51.149044037 CEST | 49718 | 443 | 192.168.2.5 | 23.193.120.112 |
Apr 26, 2024 10:59:51.149060011 CEST | 443 | 49718 | 23.193.120.112 | 192.168.2.5 |
Apr 26, 2024 10:59:58.493015051 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:58.493086100 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 10:59:58.493215084 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:59.615410089 CEST | 49713 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 10:59:59.615462065 CEST | 443 | 49713 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:00.496685982 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 11:00:00.496872902 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 11:00:00.497313976 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 11:00:00.497345924 CEST | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 11:00:00.497661114 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 11:00:00.498034000 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 11:00:00.498047113 CEST | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 11:00:00.683067083 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 11:00:00.683103085 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 11:00:00.899418116 CEST | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 11:00:00.899502993 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 11:00:02.673157930 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 11:00:02.673310995 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 11:00:02.673365116 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 11:00:03.250713110 CEST | 49709 | 443 | 192.168.2.5 | 209.94.90.1 |
Apr 26, 2024 11:00:03.250751972 CEST | 443 | 49709 | 209.94.90.1 | 192.168.2.5 |
Apr 26, 2024 11:00:20.078217983 CEST | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 11:00:20.078316927 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 11:00:48.113668919 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:48.113745928 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:48.113924980 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:48.116564989 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:48.116602898 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:48.506247044 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:48.506674051 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:48.506711006 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:48.507826090 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:48.512551069 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:48.512645006 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:48.564577103 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:58.521357059 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:58.521425962 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Apr 26, 2024 11:00:58.521509886 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:59.610686064 CEST | 49730 | 443 | 192.168.2.5 | 192.178.50.36 |
Apr 26, 2024 11:00:59.610722065 CEST | 443 | 49730 | 192.178.50.36 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 10:59:44.362756968 CEST | 53 | 56094 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:44.635621071 CEST | 53 | 57779 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:45.683600903 CEST | 53 | 51470 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.291609049 CEST | 52821 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 10:59:47.291769028 CEST | 50313 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 10:59:47.418011904 CEST | 53 | 52821 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:47.418438911 CEST | 53 | 50313 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.046565056 CEST | 61263 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 10:59:48.046761990 CEST | 62219 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 10:59:48.171555042 CEST | 53 | 61263 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.171757936 CEST | 53 | 62219 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:48.217623949 CEST | 53 | 58364 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:49.206866026 CEST | 53 | 58689 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 10:59:50.099607944 CEST | 53 | 62603 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 11:00:03.376542091 CEST | 53 | 62210 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 11:00:22.158967972 CEST | 53 | 54130 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 11:00:43.865118980 CEST | 53 | 57676 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 11:00:45.007841110 CEST | 53 | 55452 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 26, 2024 10:59:47.291609049 CEST | 192.168.2.5 | 1.1.1.1 | 0xe652 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 10:59:47.291769028 CEST | 192.168.2.5 | 1.1.1.1 | 0xc71f | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 10:59:48.046565056 CEST | 192.168.2.5 | 1.1.1.1 | 0x5911 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 10:59:48.046761990 CEST | 192.168.2.5 | 1.1.1.1 | 0x3c94 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 26, 2024 10:59:47.418011904 CEST | 1.1.1.1 | 192.168.2.5 | 0xe652 | No error (0) | 209.94.90.1 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 10:59:47.418438911 CEST | 1.1.1.1 | 192.168.2.5 | 0xc71f | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 10:59:48.171555042 CEST | 1.1.1.1 | 192.168.2.5 | 0x5911 | No error (0) | 192.178.50.36 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 10:59:48.171757936 CEST | 1.1.1.1 | 192.168.2.5 | 0x3c94 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 11:00:00.198550940 CEST | 1.1.1.1 | 192.168.2.5 | 0x643b | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 11:00:00.198550940 CEST | 1.1.1.1 | 192.168.2.5 | 0x643b | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 11:00:13.454015017 CEST | 1.1.1.1 | 192.168.2.5 | 0xf4c6 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 11:00:13.454015017 CEST | 1.1.1.1 | 192.168.2.5 | 0xf4c6 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 11:00:37.251137018 CEST | 1.1.1.1 | 192.168.2.5 | 0x40df | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 11:00:37.251137018 CEST | 1.1.1.1 | 192.168.2.5 | 0x40df | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 11:00:57.107304096 CEST | 1.1.1.1 | 192.168.2.5 | 0x26ac | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 11:00:57.107304096 CEST | 1.1.1.1 | 192.168.2.5 | 0x26ac | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49710 | 209.94.90.1 | 443 | 1412 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 08:59:47 UTC | 701 | OUT | |
2024-04-26 08:59:48 UTC | 1033 | IN | |
2024-04-26 08:59:48 UTC | 336 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN | |
2024-04-26 08:59:48 UTC | 189 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN | |
2024-04-26 08:59:48 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49716 | 23.193.120.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 08:59:50 UTC | 161 | OUT | |
2024-04-26 08:59:50 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49718 | 23.193.120.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 08:59:50 UTC | 239 | OUT | |
2024-04-26 08:59:51 UTC | 530 | IN | |
2024-04-26 08:59:51 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 10:59:39 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 10:59:42 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 10:59:44 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |