Windows
Analysis Report
https://usps.mytrackingdq.top/i
Overview
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 6416 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6300 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2036 --fi eld-trial- handle=193 6,i,533861 1534910938 341,190875 8669066727 497,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 3032 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://usps. mytracking dq.top/i" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
www.google.com | 192.178.50.68 | true | false | high | |
usps.mytrackingdq.top | 43.130.14.10 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
192.178.50.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
43.130.14.10 | usps.mytrackingdq.top | Japan | 4249 | LILLY-ASUS | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1432139 |
Start date and time: | 2024-04-26 15:15:30 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 21s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://usps.mytrackingdq.top/i |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@16/10@4/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.64.227, 142.250.217.174, 173.194.212.84, 34.104.35.123, 23.45.182.68, 23.45.182.93, 23.45.182.83, 23.45.182.85, 192.229.211.108, 52.165.164.15, 20.3.187.198, 23.50.112.8, 23.50.112.11, 23.50.112.60, 23.50.112.61, 23.50.112.9, 23.50.112.10, 23.50.112.63, 23.50.112.4, 23.50.112.12, 172.217.3.67, 204.79.197.200, 13.107.21.200
- Excluded domains from analysis (whitelisted): www.bing.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, dual-a-0001.a-msedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, e86303.dscx.akamaiedge.net, edgedl.me.gvt1.com, ocsp.digicert.com, www.bing.com.edgekey.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, www-bing-com.dual-a-0001.a-msedge.net, update.googleapis.com, wwwprod.www-bing-com.akadns.net, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.977006115305019 |
Encrypted: | false |
SSDEEP: | 48:8tdXjT7fPfHTidAKZdA19ehwiZUklqehSy+3:8TnlFy |
MD5: | EAD6EF88BFB18C94BF803BD23817A2B3 |
SHA1: | 426A2F1D1620C3E835873D7E3026999554636AAB |
SHA-256: | A4979E29C92F8F5F5E9886263C8BF4D82EEA383BDFFB9014054791CD5DD3AF31 |
SHA-512: | 0D922F8EAF4CF5DB68A3BCF1672CBF9DCF779E8A88B53FFD079F4CEADF23300700DF004062939419B2649239046A771FECAF8DA516639645EC2722368415C0FB |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9906531494960618 |
Encrypted: | false |
SSDEEP: | 48:8cdXjT7fPfHTidAKZdA1weh/iZUkAQkqeh1y+2:8on/9QQy |
MD5: | 023BBE86D66FA67E4C05894CE870694A |
SHA1: | 797263A0CF2571CFC1ECB58B04A1CB4F4B277544 |
SHA-256: | 256D7D7ADDB50F1D926AB074CE6D4C96242996100FF335955CF4FF260B2334FC |
SHA-512: | 2D343072E29A1C52DB9B577CC3044F792BA7C8FE97C01EF6B03B71A394FA46B8BBA7742D2DFD2DC64742589D113BEEAB68735335B3DF9867F06096F8071C98B0 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.002508064188075 |
Encrypted: | false |
SSDEEP: | 48:8xAdXjT7fsHTidAKZdA14tseh7sFiZUkmgqeh7sry+BX:8x8n+nxy |
MD5: | 42A086BC8B46F71AD75DB9660B3B0BBC |
SHA1: | 90041EE7F76C1B5EB1FC119D99ACED06472D650C |
SHA-256: | 683005F451697A1309980CAE3D65A1CE1D6251594D65AF215270020180A00EC1 |
SHA-512: | 7BED4E7756A5DCB40A5819161EF8A3CC308B55C1FF61B642D4EB29E180A22F17F48CD648EF04065862500CC44ECCE047ACC59C550F9F3F4CD4EA64669E9C24BB |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9917929207570415 |
Encrypted: | false |
SSDEEP: | 48:8FdXjT7fPfHTidAKZdA1vehDiZUkwqehJy+R:8bn8jy |
MD5: | 2319DBA82477B6178071DF624D5E6C80 |
SHA1: | 671B4D46E5D952AC632B1D309AE1F719CB87443B |
SHA-256: | 318B3B1118FE98BB063F78A35BE26EFAB191D48882FBF443388C8B96F85055E4 |
SHA-512: | 9189AEC82DBC5B965A351352B53943D426AC447371051C9AA48850298BCBDECCF6E69A3EA72B5E61CFA1778D7F4FFFEDDDA3A3F208D797EB185B80E2F84BF315 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.980065890482419 |
Encrypted: | false |
SSDEEP: | 48:8PGdXjT7fPfHTidAKZdA1hehBiZUk1W1qehHy+C:8PinM9ny |
MD5: | E428C63BCB20AB75922572FA3F44576D |
SHA1: | 782D7350E6522214A5E7DA644D94B13875FD897C |
SHA-256: | 9F76E60C30213BAF56B7672555819422EE99F5C0A59657E7194C983D6E07BE70 |
SHA-512: | 3CD05EB3AFB0D7C2C5E0C46D14A7CC89E65AC4242B0BA7F32BAC44D5EBA23A4A79CE39F5ED71806333576B7E9084DD700A1B1691D846D48876D8EE86D85B859B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9903471608854577 |
Encrypted: | false |
SSDEEP: | 48:8KXdXjT7fPfHTidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbxy+yT+:8qniT/TbxWOvTbxy7T |
MD5: | 18C7F89A9F555DFEFC40F5283B8FD6B8 |
SHA1: | EF3324AEDB1A91FF2AF050E511D51ECE9CAE2F70 |
SHA-256: | 473CBF29F219357ECF94D5C7C369BEA12CF9281C841D20CDF3A13145ECF51C1B |
SHA-512: | 6310617FF2B1C26DAC6A861E72A03FE522C23AFC747074AE919D0660CC26F0A2FAF38B927E2306A845F616B4C2E9DA3709E965667D1CFE73709C5C7511C71FD7 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9 |
Entropy (8bit): | 2.94770277922009 |
Encrypted: | false |
SSDEEP: | 3:Obn:Obn |
MD5: | 9D1EAD73E678FA2F51A70A933B0BF017 |
SHA1: | D205CBD6783332A212C5AE92D73C77178C2D2F28 |
SHA-256: | 0019DFC4B32D63C1392AA264AED2253C1E0C2FB09216F8E2CC269BBFB8BB49B5 |
SHA-512: | 935B3D516E996F6D25948BA8A54C1B7F70F7F0E3F517E36481FDF0196C2C5CFC2841F86E891F3DF9517746B7FB605DB47CDDED1B8FF78D9482DDAA621DB43A34 |
Malicious: | false |
Reputation: | low |
URL: | https://usps.mytrackingdq.top/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9 |
Entropy (8bit): | 2.94770277922009 |
Encrypted: | false |
SSDEEP: | 3:Obn:Obn |
MD5: | 9D1EAD73E678FA2F51A70A933B0BF017 |
SHA1: | D205CBD6783332A212C5AE92D73C77178C2D2F28 |
SHA-256: | 0019DFC4B32D63C1392AA264AED2253C1E0C2FB09216F8E2CC269BBFB8BB49B5 |
SHA-512: | 935B3D516E996F6D25948BA8A54C1B7F70F7F0E3F517E36481FDF0196C2C5CFC2841F86E891F3DF9517746B7FB605DB47CDDED1B8FF78D9482DDAA621DB43A34 |
Malicious: | false |
Reputation: | low |
URL: | https://usps.mytrackingdq.top/i |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 15:16:13.999258041 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:13.999264002 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:14.108902931 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:23.600965023 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:23.632203102 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:23.733561993 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:25.208262920 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:16:25.208359003 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:26.938308954 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.938349009 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:26.938421011 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939066887 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939090014 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:26.939142942 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939311981 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939332008 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:26.939380884 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939542055 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939558983 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:26.939677954 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939692020 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:26.939807892 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:26.939825058 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.353032112 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.357743025 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.363666058 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.379934072 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.379946947 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.383033037 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.383055925 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.383191109 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.383204937 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.384179115 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.384269953 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.384399891 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.384460926 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.384815931 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.384892941 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.414633989 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.414761066 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.415154934 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.415262938 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.415630102 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.415843964 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.415982008 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.415994883 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.465675116 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.465677023 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.465677977 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.465686083 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.465692043 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:27.512482882 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:27.514241934 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:28.285865068 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:28.286056042 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:28.286117077 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:28.286581993 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.286668062 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:28.286745071 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.287607908 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.287642956 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:28.288487911 CEST | 49710 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:28.288501978 CEST | 443 | 49710 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:28.476413965 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:28.520122051 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:28.678368092 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:28.690715075 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:28.690788984 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:28.690855026 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:28.808221102 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.823421001 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.823435068 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:28.827347994 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:28.827389956 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:28.827428102 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.848680973 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.848890066 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:28.876112938 CEST | 49709 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:16:28.876133919 CEST | 443 | 49709 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:16:28.995749950 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:28.995775938 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:29.105272055 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:32.617360115 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:32.617414951 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:32.617495060 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:32.620399952 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:32.620418072 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:32.882688999 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:32.882775068 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:32.889483929 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:32.889529943 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:32.889899969 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:32.995873928 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.021687031 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.064146996 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.147819996 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.148263931 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.148335934 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.161086082 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.161086082 CEST | 49715 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.161130905 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.161163092 CEST | 443 | 49715 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.391541004 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.391575098 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.391649008 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.400032043 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.400051117 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.667222023 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.667294025 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.701464891 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.701484919 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.702548027 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.704083920 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.748109102 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.912305117 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.912381887 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.912467003 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.936942101 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.936971903 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:33.936985016 CEST | 49716 | 443 | 192.168.2.5 | 23.204.76.112 |
Apr 26, 2024 15:16:33.936990976 CEST | 443 | 49716 | 23.204.76.112 | 192.168.2.5 |
Apr 26, 2024 15:16:34.440243959 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:34.440278053 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:34.440413952 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:34.442745924 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:34.442774057 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:35.177486897 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:35.177588940 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:35.181899071 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:35.181910038 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:35.182327032 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:35.277434111 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:35.605916977 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:35.648123026 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.057228088 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:36.057343006 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:36.057642937 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:36.057673931 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:16:36.057776928 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:36.057980061 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:36.057995081 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083013058 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083049059 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083059072 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083077908 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083086967 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083095074 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083161116 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.083174944 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083189011 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083213091 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.083213091 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.083220005 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083230972 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083256960 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.083256960 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.083262920 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083287001 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.083584070 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.275595903 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:16:36.275615931 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:16:36.383493900 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.383512974 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.383529902 CEST | 49717 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:16:36.383536100 CEST | 443 | 49717 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:16:36.549187899 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:16:36.549282074 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:16:38.700334072 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:38.700428009 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:38.700490952 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:39.951426983 CEST | 49714 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:16:39.951508045 CEST | 443 | 49714 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:16:55.785429001 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:16:55.785609007 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:17:04.654179096 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:17:04.654263020 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:17:04.654304981 CEST | 49722 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:17:04.654325008 CEST | 443 | 49722 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:17:04.654653072 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:17:04.654687881 CEST | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:17:04.654774904 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:17:04.654813051 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:17:04.654990911 CEST | 443 | 49725 | 23.1.237.91 | 192.168.2.5 |
Apr 26, 2024 15:17:04.655066967 CEST | 49725 | 443 | 192.168.2.5 | 23.1.237.91 |
Apr 26, 2024 15:17:12.465538025 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:17:12.465565920 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:17:13.193042994 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:13.193093061 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:13.193319082 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:13.193871021 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:13.193886995 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:13.927534103 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:13.927632093 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:13.930286884 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:13.930304050 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:13.930655003 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:13.941298008 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:13.988137007 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.642513990 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.642540932 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.642555952 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.642623901 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:14.642657042 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.642704964 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:14.643230915 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.643277884 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.643299103 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:14.643306971 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.643342018 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:14.643346071 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.643465042 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:14.650265932 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:14.650290012 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:14.650300980 CEST | 49726 | 443 | 192.168.2.5 | 40.68.123.157 |
Apr 26, 2024 15:17:14.650307894 CEST | 443 | 49726 | 40.68.123.157 | 192.168.2.5 |
Apr 26, 2024 15:17:27.338665009 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:17:27.338757038 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:17:27.338852882 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:17:27.951247931 CEST | 49711 | 443 | 192.168.2.5 | 43.130.14.10 |
Apr 26, 2024 15:17:27.951316118 CEST | 443 | 49711 | 43.130.14.10 | 192.168.2.5 |
Apr 26, 2024 15:17:28.200316906 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:28.200362921 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:28.200499058 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:28.200792074 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:28.200814962 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:28.538558960 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:28.538861036 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:28.538881063 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:28.539196968 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:28.539530039 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:28.539591074 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:28.589730024 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:38.535500050 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:38.535573006 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Apr 26, 2024 15:17:38.535706043 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:39.989392996 CEST | 49728 | 443 | 192.168.2.5 | 192.178.50.68 |
Apr 26, 2024 15:17:39.989418030 CEST | 443 | 49728 | 192.178.50.68 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 26, 2024 15:16:23.868484974 CEST | 53 | 59260 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:16:23.882093906 CEST | 53 | 63153 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:16:24.838056087 CEST | 53 | 55757 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:16:25.330574036 CEST | 57164 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 15:16:25.330727100 CEST | 49922 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 15:16:26.007018089 CEST | 53 | 49922 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:16:26.224180937 CEST | 53 | 57164 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:16:28.155971050 CEST | 54697 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 15:16:28.158710957 CEST | 53108 | 53 | 192.168.2.5 | 1.1.1.1 |
Apr 26, 2024 15:16:28.281552076 CEST | 53 | 54697 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:16:28.285011053 CEST | 53 | 53108 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:16:46.941329002 CEST | 53 | 61428 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:17:07.617134094 CEST | 53 | 60209 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:17:23.472913980 CEST | 53 | 52555 | 1.1.1.1 | 192.168.2.5 |
Apr 26, 2024 15:17:32.555454969 CEST | 53 | 52167 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 26, 2024 15:16:25.330574036 CEST | 192.168.2.5 | 1.1.1.1 | 0x29e1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 15:16:25.330727100 CEST | 192.168.2.5 | 1.1.1.1 | 0x7e3a | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 26, 2024 15:16:28.155971050 CEST | 192.168.2.5 | 1.1.1.1 | 0x3249 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 26, 2024 15:16:28.158710957 CEST | 192.168.2.5 | 1.1.1.1 | 0x614b | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 26, 2024 15:16:26.224180937 CEST | 1.1.1.1 | 192.168.2.5 | 0x29e1 | No error (0) | 43.130.14.10 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 15:16:28.281552076 CEST | 1.1.1.1 | 192.168.2.5 | 0x3249 | No error (0) | 192.178.50.68 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 15:16:28.285011053 CEST | 1.1.1.1 | 192.168.2.5 | 0x614b | No error (0) | 65 | IN (0x0001) | false | |||
Apr 26, 2024 15:16:35.764127016 CEST | 1.1.1.1 | 192.168.2.5 | 0xa022 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 15:16:35.764127016 CEST | 1.1.1.1 | 192.168.2.5 | 0xa022 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 15:16:49.130774021 CEST | 1.1.1.1 | 192.168.2.5 | 0x4579 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 15:16:49.130774021 CEST | 1.1.1.1 | 192.168.2.5 | 0x4579 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 26, 2024 15:17:03.889043093 CEST | 1.1.1.1 | 192.168.2.5 | 0xc6e9 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 26, 2024 15:17:03.889043093 CEST | 1.1.1.1 | 192.168.2.5 | 0xc6e9 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49710 | 43.130.14.10 | 443 | 6300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 13:16:27 UTC | 665 | OUT | |
2024-04-26 13:16:28 UTC | 237 | IN | |
2024-04-26 13:16:28 UTC | 9 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49709 | 43.130.14.10 | 443 | 6300 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 13:16:28 UTC | 599 | OUT | |
2024-04-26 13:16:28 UTC | 237 | IN | |
2024-04-26 13:16:28 UTC | 9 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49715 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 13:16:33 UTC | 161 | OUT | |
2024-04-26 13:16:33 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49716 | 23.204.76.112 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 13:16:33 UTC | 239 | OUT | |
2024-04-26 13:16:33 UTC | 530 | IN | |
2024-04-26 13:16:33 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49717 | 40.68.123.157 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 13:16:35 UTC | 306 | OUT | |
2024-04-26 13:16:36 UTC | 560 | IN | |
2024-04-26 13:16:36 UTC | 15824 | IN | |
2024-04-26 13:16:36 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49726 | 40.68.123.157 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 13:17:13 UTC | 306 | OUT | |
2024-04-26 13:17:14 UTC | 560 | IN | |
2024-04-26 13:17:14 UTC | 15824 | IN | |
2024-04-26 13:17:14 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 15:16:14 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 15:16:22 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 15:16:24 |
Start date: | 26/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |