Windows
Analysis Report
https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/index.html
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 5348 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 2992 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2156 --fi eld-trial- handle=196 4,i,115111 4068044385 5159,11079 4963100969 00804,2621 44 --disab le-feature s=Optimiza tionGuideM odelDownlo ading,Opti mizationHi nts,Optimi zationHint sFetching, Optimizati onTargetPr ediction / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6256 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http:/// MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6524 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =964 --fie ld-trial-h andle=1980 ,i,9163762 5041985585 28,1025196 5592277980 699,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6420 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://1st28 44kxjperro 04264.z31. web.core.w indows.net /ErW0ind0S mW0Securit y04/index. html" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_TechSupportScam | Yara detected TechSupportScam | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_TechSupportScam | Yara detected TechSupportScam | Joe Security | ||
JoeSecurity_TechSupportScam | Yara detected TechSupportScam | Joe Security | ||
JoeSecurity_TechSupportScam | Yara detected TechSupportScam | Joe Security | ||
JoeSecurity_TechSupportScam | Yara detected TechSupportScam | Joe Security | ||
JoeSecurity_TechSupportScam | Yara detected TechSupportScam | Joe Security |
Click to jump to signature section
Phishing |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Spam, unwanted Advertisements and Ransom Demands |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
userstatics.com | 172.67.208.186 | true | false | unknown | |
www.google.com | 142.250.80.100 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false | unknown | |
windowsupdatebg.s.llnwi.net | 69.164.46.0 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.80.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
172.67.208.186 | userstatics.com | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1432384 |
Start date and time: | 2024-04-27 00:05:11 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 35s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/index.html |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal48.phis.win@23/50@4/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.253.63.84, 142.251.40.238, 142.250.80.99, 34.104.35.123, 13.85.23.86, 69.164.46.0, 192.229.211.108, 20.166.126.56, 20.3.187.198, 20.60.12.161, 142.250.72.106, 142.251.40.202, 142.250.80.74, 142.250.80.106, 142.250.80.42, 142.250.81.234, 142.251.35.170, 142.251.40.170, 142.251.41.10, 142.251.40.106, 142.251.32.106, 142.250.64.106, 142.250.176.202, 142.250.80.10, 142.250.65.234, 142.251.40.138, 20.12.23.50, 142.250.80.67, 142.250.65.238
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/index.html
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 28 |
Entropy (8bit): | 3.8073549220576046 |
Encrypted: | false |
SSDEEP: | 3:OSunSzY:ONSM |
MD5: | FF2838CB6D14FA839F3F099928CE43D8 |
SHA1: | 47CE0FF00DF922E5AA7F4916AA57E31E3D3D6CBA |
SHA-256: | 459F85DDD4EF73994E4EF2A6AEC8F7744B5AF78949B89811D3288342D8302D2E |
SHA-512: | E66EF4B0C4BFCC4E6B6096B7473ECD3F9A8D386C5001A54FE150C59B3A05A02B8B1F935829A952C742819588696562D9C16AF2C2718E70816786943C44510ECE |
Malicious: | false |
Reputation: | low |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwl8F9PEYVqvmRIFDZRU-s8SBQ2UVPrP?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 14751 |
Entropy (8bit): | 7.927919850442063 |
Encrypted: | false |
SSDEEP: | 384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH |
MD5: | 6FCB78E0CD7933A70EEA2CF071F82118 |
SHA1: | 70364BFFD62FE33360ABE70ECC7F7C0541B3B54C |
SHA-256: | 4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86 |
SHA-512: | AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/re.gif |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 249564 |
Entropy (8bit): | 7.897377571977433 |
Encrypted: | false |
SSDEEP: | 6144:LkIquHaZPNdGcujmG4sqEfY/m5W1/ZMMn3wwbPjzU:AIquHs2pszEQ/h3DHw |
MD5: | 21F9110DC5FC07CAEB9D637B9AFD92E1 |
SHA1: | E30D7C2B888490B3E355EABA2AE4B5E254301C5D |
SHA-256: | F58D3C255603EF8B7B5F52AA1B12302712616092A29C5045EA6F60E5749C0A7B |
SHA-512: | 16C9860D283C8ABED0023A70385633C274A98EDBB5AEB34486593A8C0D1AEC7AD7212B83BBA27E4BB69C29C5172F2DB0784EBB90B19904A7453EB0D937E5D074 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 187 |
Entropy (8bit): | 6.13774750591943 |
Encrypted: | false |
SSDEEP: | 3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5 |
MD5: | 271021CFA45940978184BE0489841FD3 |
SHA1: | 201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5 |
SHA-256: | C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41 |
SHA-512: | EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 722 |
Entropy (8bit): | 7.434007974065295 |
Encrypted: | false |
SSDEEP: | 12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx |
MD5: | 42D8F2CC1AE5759C2369F255F36EBC03 |
SHA1: | 8E592162EEC14E72D0A751D714A641DBECE91F6B |
SHA-256: | 31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD |
SHA-512: | 4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/vsc.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 802 |
Entropy (8bit): | 5.116196008067352 |
Encrypted: | false |
SSDEEP: | 24:fDmiCbxNnY7MOrBHslgT9lCuABuoB7HHHHHHHYqmffffffo:7MbxsKlgZ01BuSEqmffffffo |
MD5: | 7AD07AFBB5D23FB6B5349CF3BD70745B |
SHA1: | 6BFF0ECD46ACAE02A1FA558ED763836EF04FE63A |
SHA-256: | 4602324C769340EE4AD1725E1FB84121578F859F2A212DD89D71715AF5DD2D2F |
SHA-512: | 54091EFDB1A9091066341079D863C33C3446F7857AB804BF65B1C0905677638FC9756C063D59E1F632CB6C0A7A2DC8998ED55AC767B1DB705107C2CA120F4E79 |
Malicious: | false |
Reputation: | low |
URL: | https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 39935 |
Entropy (8bit): | 4.962301025965472 |
Encrypted: | false |
SSDEEP: | 768:n5Bl4s1ACnyqhH2CfKxhH2L6PnfJ2vT1haPJUkzjEGKnsqdD:n5Bl4s1ln96/fJs33GKnsqdD |
MD5: | 77FD89C7D69D104021502DB6EEEF370E |
SHA1: | A97CA405520B67EE91A25FF507D021D36EE4837C |
SHA-256: | 8B39BFA11B9B52C726A6F5210BF296C38C63AB031273407FD16F96EC996ED5A1 |
SHA-512: | 671D570C1740DA6BADF4E504E1139255BF55830756DAF07D9799F254B9B4D6873217AF5B768332C42DEC86875B19639B0DD5A24CF4A1DBD2D04014F245CC2BD3 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/index.html |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 187 |
Entropy (8bit): | 6.13774750591943 |
Encrypted: | false |
SSDEEP: | 3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5 |
MD5: | 271021CFA45940978184BE0489841FD3 |
SHA1: | 201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5 |
SHA-256: | C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41 |
SHA-512: | EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/mnc.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 276 |
Entropy (8bit): | 5.44393413565082 |
Encrypted: | false |
SSDEEP: | 6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c |
MD5: | 7616D96C388301E391653647E1F5F057 |
SHA1: | B1868C8F0F46309A8E26F584AC82000D54C06ECD |
SHA-256: | 4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977 |
SHA-512: | C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 168 |
Entropy (8bit): | 5.414614498746933 |
Encrypted: | false |
SSDEEP: | 3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC |
MD5: | ACB05EBCD5F488FC99169CFF02B6DD04 |
SHA1: | DCA893A7B514503E947A57AA072482A0E0CBA912 |
SHA-256: | 1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115 |
SHA-512: | 13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 249564 |
Entropy (8bit): | 7.897377571977433 |
Encrypted: | false |
SSDEEP: | 6144:LkIquHaZPNdGcujmG4sqEfY/m5W1/ZMMn3wwbPjzU:AIquHs2pszEQ/h3DHw |
MD5: | 21F9110DC5FC07CAEB9D637B9AFD92E1 |
SHA1: | E30D7C2B888490B3E355EABA2AE4B5E254301C5D |
SHA-256: | F58D3C255603EF8B7B5F52AA1B12302712616092A29C5045EA6F60E5749C0A7B |
SHA-512: | 16C9860D283C8ABED0023A70385633C274A98EDBB5AEB34486593A8C0D1AEC7AD7212B83BBA27E4BB69C29C5172F2DB0784EBB90B19904A7453EB0D937E5D074 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/f24.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 302554 |
Entropy (8bit): | 5.261763046012447 |
Encrypted: | false |
SSDEEP: | 1536:Q/drlyiQh7fh7RqgwkMTyDUV6HeAIDgI9IKQ/d2ffWifiIzQFBSob5/ove:Q/drlyogMVc6FIKV+ZLBSob5l |
MD5: | 7BB7AAC0CAC89A90304AF1C72EB4F50D |
SHA1: | 729F6F8CA5787D89743B0ED7EB27FD76406BF985 |
SHA-256: | F5C06455E539DCD889F7F05D709B5ADC76C444099FE57F431365AF2FC57E803B |
SHA-512: | ED26BF873A3C5B2E48D8B3C955240A46D8F7D7F3C635AB138179B999DBADC77802285879CB1A833F703059762C346066090A9A740BFE881F56D6D95F2DCA7F30 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/js/emojione.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1380 |
Entropy (8bit): | 5.24191884487594 |
Encrypted: | false |
SSDEEP: | 24:cmuRRkN8KGrWh0eTg7PKNTBUQ4Wj0Uh9iQxZGd7MrWrKkIvIHI+0QS4bgy5wB9zz:KG8KGraVTEwTeWHHiQx0d7WWem1SLy5S |
MD5: | EB9F1C093EB2CE75D6E2258D118AB0CB |
SHA1: | 5CBBE0319D8F5CF862AB15A9DB85F529B29C735B |
SHA-256: | 894B01775217B76DD0159336E0255EC8C870EE27D488916A4BA414A3869ADDEC |
SHA-512: | 55AA8E58AB39036A8F1BF3035521CFA7ED624AFEF6CFDC730853B062DD535A05703C18C68A4358B5FF7C7824EF85C6D62A25EA08207B2718165E97502E315156 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/js/script.compat.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 14751 |
Entropy (8bit): | 7.927919850442063 |
Encrypted: | false |
SSDEEP: | 384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH |
MD5: | 6FCB78E0CD7933A70EEA2CF071F82118 |
SHA1: | 70364BFFD62FE33360ABE70ECC7F7C0541B3B54C |
SHA-256: | 4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86 |
SHA-512: | AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84817 |
Entropy (8bit): | 5.373777901642572 |
Encrypted: | false |
SSDEEP: | 1536:AP1Wk7i6GUHdXXeyQazBu+4HhiO2Id0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:K4UdeJiz6UAIJ8pa98Hrb |
MD5: | 20C129BEDB4A26DB02FC0F54D026C3F5 |
SHA1: | 093B9D2728788DE24A728742070A348B2848573F |
SHA-256: | 436ECC90FAB5ED1034B68A4A0E924E0132D93D9E7FB59B4FE23018EB7D9242C1 |
SHA-512: | 1997641A1DBA92AF7C28FE67C14FC3F89C1E49BE14DD8A8903C3C5D4A4AAE6161B00BF37D02EDA6E8B45F88936C0A7871C1D465036D6F1D18C36ED8D419B78DE |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/js/jquery.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 133 |
Entropy (8bit): | 5.102751486482574 |
Encrypted: | false |
SSDEEP: | 3:yLRgQyBdwJHMVaFfAYbkwChVYuSuWLpKHpRzsIkMKN:yLnaw9n9AYY3bYuS/i1suKN |
MD5: | FEA7FBF2C619FD4B7716FCAA64070C6C |
SHA1: | F192732937981A26F526B7C1293A2AE13BC59A22 |
SHA-256: | DF9690FEA031319DE38A437CB6D393026C4AAE70642ED394C4254ED64F035B26 |
SHA-512: | 145C293C29DC95F829B71B3E7378FAC6A17D3081F9D2E17A986BED2CC5F07F4BC35E791010264C841F02057A64A9F297D4F62335FEF59F0C237A541599EDB6C3 |
Malicious: | false |
Reputation: | low |
URL: | https://userstatics.com/get/script.js?referrer=https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/index.html |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 168 |
Entropy (8bit): | 5.414614498746933 |
Encrypted: | false |
SSDEEP: | 3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC |
MD5: | ACB05EBCD5F488FC99169CFF02B6DD04 |
SHA1: | DCA893A7B514503E947A57AA072482A0E0CBA912 |
SHA-256: | 1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115 |
SHA-512: | 13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/msmm.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 110880 |
Entropy (8bit): | 7.661746713604055 |
Encrypted: | false |
SSDEEP: | 1536:kNX0z78C88TFXqorkeGQwTvkSTOOAMNgcLqtdJgxEaXehWK41SW9scn:l7/3XqorkpTcOOOAmqtdJzaOsycn |
MD5: | 9FE37445A0D397C0FF7910490E78C7AB |
SHA1: | 52A7BC0B40993D523A2D0FCA0CD5B4546751A00F |
SHA-256: | 3ED7BEDBDDDC248C3CF79F2F7B38C04340328D671D3440D54CABA6831E872C8F |
SHA-512: | 74AD11219C2F43D07AF5A1CFE8872580E338AE8971B4F7B4422B3D688B6CF2861136C5F1A7E86B86FF2EACE9D6EEFC1C3DB372C2182B770BFEB1CC9725807D6E |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/media/jp.mp3:2f759d66c8e03f:0 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 8405 |
Entropy (8bit): | 6.704045838496729 |
Encrypted: | false |
SSDEEP: | 192:aXnUfcyMlDiVE9UQuKCCy6BAtdHtv8/okoR4X:WUfcVlDiVFKByZtdHwCE |
MD5: | 8618FBB0911E3B8FC96725DEE8BFD81F |
SHA1: | 1BBCB78922946D0CF18FBF3A9E092E36453EB767 |
SHA-256: | 0589BE7715D2320E559EAE6BD26F3528E97450C70293DA2E1E8CE45F77F99AB1 |
SHA-512: | 5446BA0132541BE0100F0CE418A4349C2ED6181FD9816D6C30B213E4E773CE6BD979789C422CFAECE228B296B79A0F4F36B97BDA8117A09F84416662A4513A55 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/media/beep.mp3:2f759d66c8e7ea:0 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 20103 |
Entropy (8bit): | 4.858046417118563 |
Encrypted: | false |
SSDEEP: | 192:G5pyua9kzmx5XO05bsXsruzG61fMDOe1tFpFabFOoY5x0iJoqmr2VrqeDz7frYYy:apyusTrJmQYgLCx3 |
MD5: | 18C6F466F854925E8D3DD04FC72F42BB |
SHA1: | 23D06844F4D8E74A966ADB6328CFB4637039E812 |
SHA-256: | FA0CE18C1882FBDF4D71D3D73275503CB2DADA1D6A69B2818AC74B995514ED20 |
SHA-512: | A8182F54C0E715DD4307A1082C01E9DBE3ADE85D871522A6C31BFF44283E0C79561FD9ED3017C7EB81B0FA8D57BD0C89A9A5136B577597FC02624103EBBA339D |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/css/tapa.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 364 |
Entropy (8bit): | 7.161449027375991 |
Encrypted: | false |
SSDEEP: | 6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi |
MD5: | E144C3378090087C8CE129A30CB6CB4E |
SHA1: | 59DA5466551DE941D0215E45C54AA2CEAF436BE1 |
SHA-256: | B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A |
SHA-512: | 3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/set.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 722 |
Entropy (8bit): | 7.434007974065295 |
Encrypted: | false |
SSDEEP: | 12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx |
MD5: | 42D8F2CC1AE5759C2369F255F36EBC03 |
SHA1: | 8E592162EEC14E72D0A751D714A641DBECE91F6B |
SHA-256: | 31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD |
SHA-512: | 4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 60044 |
Entropy (8bit): | 5.145139926823033 |
Encrypted: | false |
SSDEEP: | 768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz |
MD5: | 02D223393E00C273EFDCB1ADE8F4F8B1 |
SHA1: | 0CC93B8421D89C24A889642428B363CB831DE78A |
SHA-256: | 79C599DD760CEC0C1621A1AF49D9A2A49DA5D45E1B37D4575BACE0A5E0226582 |
SHA-512: | 339296DF3B6E2080A65488634AA5DED35A15D9BA5EDB8F203B1AA695C62B13302FC2CECFC37CFA04AD2219BAF0BDDAD4414862DDE5E0B71A7923C3C3A3D61F8D |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/js/bootstrap.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 220780 |
Entropy (8bit): | 4.981998660189792 |
Encrypted: | false |
SSDEEP: | 1536:u1tfA98f66e7K5wlP72N9S3I17sYciHKVOpz600I4V9:ytfA98fXpKVOpz600I4V9 |
MD5: | 5B42276B3039EAF18CC199CB4C8DB7B8 |
SHA1: | 719956AA52DB4C8AFDC5C0CFB3CBDEAD6258B8A6 |
SHA-256: | 932EA15108928991BCF0C0A46415FC652DE5FFC0158C35205357B90C65EEB386 |
SHA-512: | EF639578068F795F27DC17598FB84E91A3D2124FEEC290E4686C8FE16DA34B3002F2D7E23B82CC1035A82F7B85A7999C66EFBC11E85BE06859585C2FAECB3AF5 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/css/bootstrap.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 276 |
Entropy (8bit): | 5.44393413565082 |
Encrypted: | false |
SSDEEP: | 6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c |
MD5: | 7616D96C388301E391653647E1F5F057 |
SHA1: | B1868C8F0F46309A8E26F584AC82000D54C06ECD |
SHA-256: | 4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977 |
SHA-512: | C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/bel.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 35689 |
Entropy (8bit): | 7.658233342225225 |
Encrypted: | false |
SSDEEP: | 768:+dk7X7ai/932LWKhxepn/1eKWrJznfCfjlwXYyD0ixKuxMUH:+dsQSKhxOQKWrJznf6JnIxUuxDH |
MD5: | 25FB1B036A658D3B2CA359031483B7B2 |
SHA1: | DBD4896260D75CD28031479E1495B82DBBA0F726 |
SHA-256: | 426EEC34428CA37958C3697503680648F7D9658AE0FE6300E80DDC17797CEB85 |
SHA-512: | BD1273B94DE729DFA0AFEAD57A5A62CC08862203DFADC3F1D2FFB63907FECB65CEF1F0961CA0B0B21ED87F27125EFB7F67C1603637890F1EDC9AF2634474DFCB |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/images/dm.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 27428 |
Entropy (8bit): | 4.747313933055305 |
Encrypted: | false |
SSDEEP: | 384:ci5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:3lr+Klk3YlKfwYUf8l8yQ/T |
MD5: | FD1609EB97E739683ACF23120FD6F6C9 |
SHA1: | 19B2E83FE8DF09B85E74835C398AEFEE816BDFCB |
SHA-256: | CE26D1B76DAE2F3B5D0CCC8D0ECD88D2EDB411101B8A4C5EDC4D9AA7008C9B04 |
SHA-512: | 2183FDCC8AEF88B15048E735EB2D588868AE4CAAD624B4C369F276402188CABA9C962065699798AA27BC4C18AE97E16BF8FCF219D762B73726AFB1A924BABCD2 |
Malicious: | false |
Reputation: | low |
URL: | https://1st2844kxjperro04264.z31.web.core.windows.net/ErW0ind0SmW0Security04/css/font-awesome.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 35689 |
Entropy (8bit): | 7.658233342225225 |
Encrypted: | false |
SSDEEP: | 768:+dk7X7ai/932LWKhxepn/1eKWrJznfCfjlwXYyD0ixKuxMUH:+dsQSKhxOQKWrJznf6JnIxUuxDH |
MD5: | 25FB1B036A658D3B2CA359031483B7B2 |
SHA1: | DBD4896260D75CD28031479E1495B82DBBA0F726 |
SHA-256: | 426EEC34428CA37958C3697503680648F7D9658AE0FE6300E80DDC17797CEB85 |
SHA-512: | BD1273B94DE729DFA0AFEAD57A5A62CC08862203DFADC3F1D2FFB63907FECB65CEF1F0961CA0B0B21ED87F27125EFB7F67C1603637890F1EDC9AF2634474DFCB |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 364 |
Entropy (8bit): | 7.161449027375991 |
Encrypted: | false |
SSDEEP: | 6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi |
MD5: | E144C3378090087C8CE129A30CB6CB4E |
SHA1: | 59DA5466551DE941D0215E45C54AA2CEAF436BE1 |
SHA-256: | B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A |
SHA-512: | 3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A |
Malicious: | false |
Reputation: | low |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 27, 2024 00:05:53.350132942 CEST | 49678 | 443 | 192.168.2.4 | 104.46.162.224 |
Apr 27, 2024 00:05:54.428219080 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 27, 2024 00:06:02.649133921 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.649180889 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.649240017 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.649468899 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.649499893 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.683020115 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.683048964 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.683118105 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.683768034 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.683815002 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.683880091 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.684077024 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.684103012 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.684308052 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.684339046 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.915117979 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.915304899 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.915363073 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.916363001 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.916425943 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.917429924 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.917501926 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.917692900 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.917711973 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.943155050 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.943542957 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.943555117 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.944529057 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.944605112 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.944974899 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.945585012 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.945645094 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.945882082 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.945889950 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.946167946 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.946181059 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.947602987 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.947695017 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.948096991 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.948141098 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:02.948185921 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:02.990432978 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.052884102 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.052898884 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.052910089 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.162262917 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.213742018 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.213865042 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.213932037 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.213996887 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.214946032 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.215002060 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.215075970 CEST | 49733 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.215105057 CEST | 443 | 49733 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.592577934 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.592665911 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.592747927 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.592919111 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.593137980 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.593569040 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.593596935 CEST | 443 | 49734 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.593606949 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.593683958 CEST | 49734 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.596081018 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.596115112 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.596195936 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.596434116 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.596450090 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.678584099 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.678674936 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.678674936 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.678729057 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.679399014 CEST | 49735 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.679435015 CEST | 443 | 49735 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.681108952 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.681200981 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.681284904 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.681561947 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.681577921 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.862390995 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.862709045 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.862728119 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.863006115 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.863385916 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.863439083 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.863651037 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.908121109 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.941653967 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.942123890 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.942166090 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.942954063 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.943561077 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.943628073 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:03.943842888 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:03.984139919 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.098608971 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Apr 27, 2024 00:06:04.126053095 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.126094103 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.126192093 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.126204967 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:04.126219988 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.126267910 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.126279116 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:04.126326084 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:04.203687906 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.203727007 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.203790903 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.203799963 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:04.203816891 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.203898907 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:04.203941107 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:05.917365074 CEST | 49738 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:05.917385101 CEST | 443 | 49738 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:05.926527023 CEST | 49739 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:05.926548004 CEST | 443 | 49739 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:06.281853914 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:06.281934023 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:06.282007933 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:06.282365084 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:06.282398939 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:06.541213989 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:06.541599035 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:06.541661978 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:06.541992903 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:06.542316914 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:06.542390108 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:06.661442041 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:09.723707914 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:09.723809958 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:09.723890066 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:09.728427887 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:09.728466034 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.046798944 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.046881914 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.052170992 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.052217007 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.052411079 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.098627090 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.550729036 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.596116066 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.706927061 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.706988096 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.709394932 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.821367025 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.821367025 CEST | 49743 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.821402073 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.821496964 CEST | 443 | 49743 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.852838993 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.852880955 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:10.853081942 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.853605032 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:10.853634119 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:11.167037010 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:11.167134047 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:11.168430090 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:11.168446064 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:11.168661118 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:11.169629097 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:11.212130070 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:11.479202032 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:11.479266882 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:11.479334116 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:12.634525061 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:12.634573936 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:12.634605885 CEST | 49744 | 443 | 192.168.2.4 | 23.52.162.98 |
Apr 27, 2024 00:06:12.634624958 CEST | 443 | 49744 | 23.52.162.98 | 192.168.2.4 |
Apr 27, 2024 00:06:16.556665897 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:16.556714058 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:16.556960106 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:17.006470919 CEST | 49741 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:06:17.006519079 CEST | 443 | 49741 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:06:38.230036974 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.230081081 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.230149031 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.230801105 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.230827093 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.429059029 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.447140932 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.447170973 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.451097012 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.451184034 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.453207016 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.453392029 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.453689098 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.453704119 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.504779100 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.820461988 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.820708990 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:06:38.820777893 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.822309971 CEST | 49769 | 443 | 192.168.2.4 | 172.67.208.186 |
Apr 27, 2024 00:06:38.822338104 CEST | 443 | 49769 | 172.67.208.186 | 192.168.2.4 |
Apr 27, 2024 00:07:06.493402004 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:06.493437052 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:06.493496895 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:06.493943930 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:06.493959904 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:06.764316082 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:06.814112902 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:06.892581940 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:06.892595053 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:06.893173933 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:06.893460035 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:06.893543005 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:06.944294930 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:12.425193071 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 27, 2024 00:07:12.512130976 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Apr 27, 2024 00:07:12.512150049 CEST | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Apr 27, 2024 00:07:12.512217999 CEST | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Apr 27, 2024 00:07:16.776549101 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:16.776714087 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Apr 27, 2024 00:07:16.776809931 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:17.051136971 CEST | 49805 | 443 | 192.168.2.4 | 142.250.80.100 |
Apr 27, 2024 00:07:17.051158905 CEST | 443 | 49805 | 142.250.80.100 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 27, 2024 00:06:02.069892883 CEST | 53 | 53461 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:02.070187092 CEST | 53 | 58649 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:02.559509039 CEST | 60862 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 27, 2024 00:06:02.559895039 CEST | 58843 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 27, 2024 00:06:02.648377895 CEST | 53 | 58843 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:02.648719072 CEST | 53 | 60862 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:02.887984991 CEST | 53 | 55100 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:20.032556057 CEST | 53 | 50793 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:23.981733084 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Apr 27, 2024 00:06:38.137485981 CEST | 54849 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 27, 2024 00:06:38.137953997 CEST | 52308 | 53 | 192.168.2.4 | 1.1.1.1 |
Apr 27, 2024 00:06:38.228784084 CEST | 53 | 54849 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:38.229374886 CEST | 53 | 52308 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:38.699729919 CEST | 53 | 62744 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:06:40.480295897 CEST | 53 | 55527 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:07:02.466926098 CEST | 53 | 59777 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:07:06.982006073 CEST | 53 | 51010 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:07:35.732465982 CEST | 53 | 58368 | 1.1.1.1 | 192.168.2.4 |
Apr 27, 2024 00:07:37.118370056 CEST | 53 | 56903 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 27, 2024 00:06:02.559509039 CEST | 192.168.2.4 | 1.1.1.1 | 0x56c8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 27, 2024 00:06:02.559895039 CEST | 192.168.2.4 | 1.1.1.1 | 0x20a0 | Standard query (0) | 65 | IN (0x0001) | false | |
Apr 27, 2024 00:06:38.137485981 CEST | 192.168.2.4 | 1.1.1.1 | 0xe781 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 27, 2024 00:06:38.137953997 CEST | 192.168.2.4 | 1.1.1.1 | 0xb35c | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 27, 2024 00:06:02.648377895 CEST | 1.1.1.1 | 192.168.2.4 | 0x20a0 | No error (0) | 65 | IN (0x0001) | false | |||
Apr 27, 2024 00:06:02.648719072 CEST | 1.1.1.1 | 192.168.2.4 | 0x56c8 | No error (0) | 142.250.80.100 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:16.294321060 CEST | 1.1.1.1 | 192.168.2.4 | 0xfffd | No error (0) | 69.164.46.0 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:16.294321060 CEST | 1.1.1.1 | 192.168.2.4 | 0xfffd | No error (0) | 69.164.46.128 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:16.576998949 CEST | 1.1.1.1 | 192.168.2.4 | 0x5118 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:16.576998949 CEST | 1.1.1.1 | 192.168.2.4 | 0x5118 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:29.471023083 CEST | 1.1.1.1 | 192.168.2.4 | 0x56ee | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:29.471023083 CEST | 1.1.1.1 | 192.168.2.4 | 0x56ee | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:38.228784084 CEST | 1.1.1.1 | 192.168.2.4 | 0xe781 | No error (0) | 172.67.208.186 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:38.228784084 CEST | 1.1.1.1 | 192.168.2.4 | 0xe781 | No error (0) | 104.21.53.38 | A (IP address) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:38.229374886 CEST | 1.1.1.1 | 192.168.2.4 | 0xb35c | No error (0) | 65 | IN (0x0001) | false | |||
Apr 27, 2024 00:06:59.038130999 CEST | 1.1.1.1 | 192.168.2.4 | 0x99e8 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Apr 27, 2024 00:06:59.038130999 CEST | 1.1.1.1 | 192.168.2.4 | 0x99e8 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49733 | 142.250.80.100 | 443 | 2992 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:02 UTC | 615 | OUT | |
2024-04-26 22:06:03 UTC | 1703 | IN | |
2024-04-26 22:06:03 UTC | 809 | IN | |
2024-04-26 22:06:03 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49735 | 142.250.80.100 | 443 | 2992 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:02 UTC | 518 | OUT | |
2024-04-26 22:06:03 UTC | 1843 | IN | |
2024-04-26 22:06:03 UTC | 458 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 49734 | 142.250.80.100 | 443 | 2992 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:02 UTC | 353 | OUT | |
2024-04-26 22:06:03 UTC | 1761 | IN | |
2024-04-26 22:06:03 UTC | 417 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 49738 | 142.250.80.100 | 443 | 2992 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:03 UTC | 738 | OUT | |
2024-04-26 22:06:04 UTC | 356 | IN | |
2024-04-26 22:06:04 UTC | 899 | IN | |
2024-04-26 22:06:04 UTC | 1255 | IN | |
2024-04-26 22:06:04 UTC | 959 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 49739 | 142.250.80.100 | 443 | 2992 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:03 UTC | 920 | OUT | |
2024-04-26 22:06:04 UTC | 356 | IN | |
2024-04-26 22:06:04 UTC | 899 | IN | |
2024-04-26 22:06:04 UTC | 1255 | IN | |
2024-04-26 22:06:04 UTC | 1031 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 49743 | 23.52.162.98 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:10 UTC | 161 | OUT | |
2024-04-26 22:06:10 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 49744 | 23.52.162.98 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:11 UTC | 239 | OUT | |
2024-04-26 22:06:11 UTC | 530 | IN | |
2024-04-26 22:06:11 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 49769 | 172.67.208.186 | 443 | 2992 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-04-26 22:06:38 UTC | 654 | OUT | |
2024-04-26 22:06:38 UTC | 823 | IN | |
2024-04-26 22:06:38 UTC | 139 | IN | |
2024-04-26 22:06:38 UTC | 5 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 00:05:55 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 00:05:59 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 00:06:00 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 4 |
Start time: | 00:06:01 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 8 |
Start time: | 00:06:27 |
Start date: | 27/04/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |