Play interactive tourEdit tour
Analysis Report http://huehiufkerfpvkm.craetivehc.com/x/ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVz
Overview
General Information
Detection
HTMLPhisher
Score: | 80 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish_10
Phishing site detected (based on image similarity)
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
Invalid T&C link found
Classification
Startup |
---|
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
Dropped Files |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_HtmlPhish_10 | Yara detected HtmlPhish_10 | Joe Security |
Sigma Overview |
---|
No Sigma rule has matched |
---|
Signature Overview |
---|
Click to jump to signature section
Show All Signature Results
AV Detection: |
---|
Antivirus / Scanner detection for submitted sample | Show sources |
Source: | SlashNext: |
Antivirus detection for URL or domain | Show sources |
Source: | SlashNext: |
Phishing: |
---|
Phishing site detected (based on favicon image match) | Show sources |
Source: | Matcher: |
Yara detected HtmlPhish_10 | Show sources |
Source: | File source: |
Phishing site detected (based on image similarity) | Show sources |
Source: | Matcher: | Jump to dropped file |
Phishing site detected (based on logo template match) | Show sources |
Source: | Matcher: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Compliance: |
---|
Uses new MSVCR Dlls | Show sources |
Source: | File opened: | Jump to behavior |
Uses secure TLS version for HTTPS connections | Show sources |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | File opened: | Jump to behavior |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | Process Injection1 | Masquerading1 | OS Credential Dumping | File and Directory Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Encrypted Channel2 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Process Injection1 | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Non-Application Layer Protocol2 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Application Layer Protocol3 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Ingress Tool Transfer1 | SIM Card Swap | Carrier Billing Fraud |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
100% | SlashNext | Fake Login Page type: Phishing & Social Engineering |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
No Antivirus matches |
---|
Domains |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
1% | Virustotal | Browse | ||
1% | Virustotal | Browse |
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | SlashNext | Fake Login Page type: Phishing & Social Engineering | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
docs-sharedourlooksecuredloging.onlinerslog.fit | 40.84.135.214 | true | false |
| unknown |
crt.sectigo.com | 91.199.212.52 | true | false |
| unknown |
huehiufkerfpvkm.craetivehc.com | 20.81.200.229 | true | false | unknown | |
zerossl.crt.sectigo.com | unknown | unknown | false | unknown |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true | unknown | ||
false |
| unknown |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
true |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
20.81.200.229 | unknown | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
40.84.135.214 | unknown | United States | 8075 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
91.199.212.52 | unknown | United Kingdom | 48447 | SECTIGOGB | false |
General Information |
---|
Joe Sandbox Version: | 31.0.0 Emerald |
Analysis ID: | 345082 |
Start date: | 27.01.2021 |
Start time: | 17:14:09 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 3m 14s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://huehiufkerfpvkm.craetivehc.com/x/ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVz |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 15 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal80.phis.win@3/18@4/3 |
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
No simulations |
---|
Joe Sandbox View / Context |
---|
Created / dropped Files |
---|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3506 |
Entropy (8bit): | 7.54155945514523 |
Encrypted: | false |
SSDEEP: | 48:m4qXYiteL8B0wtUJgVXpxi4sVQmjPOZphFRl1P4qXYiteL8B0wtUJgVXpxi4sVQO:StO+0mrZn/T5RptO+0mrZn/T5R+ |
MD5: | 5C8E451E4A7E09535AB02C6301187E84 |
SHA1: | CE337AB88CDAD351169A54668C6651E37D2C3A58 |
SHA-256: | 3BEE4411F74C082D025884DA0688FE633DF567E220D9D17FD2733AF378123E5C |
SHA-512: | 2B7948258DB6C51A266E356B89B7659866220FE916CC051E0C26563E9D729500A73163DA21686FBAB15F9AED9CB240F3658F6F69DF8863FDDE6E8CA81940DA14 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 548 |
Entropy (8bit): | 3.095107598593844 |
Encrypted: | false |
SSDEEP: | 6:kK4EY4qMUjKFgJE5Y7EyUWOJ9jnsKtfY4qMUjKFgJE5Y7EyUWOJ9jn/:wEY4qMUE0WYtBoxnxY4qMUE0WYtBoxn/ |
MD5: | EAA31D5E30E2F185529653528A02185C |
SHA1: | 8D9FCF5C4F5C4D06F3DE4850FBD775CAD61980D0 |
SHA-256: | AA25C54684A02BC189C8EC2480B63B5229F3F2C54737F0904F940EFE367074AD |
SHA-512: | A1EDC6A8B75F7E38416ECD5BE584D2504CD79A483EC574238E92CD05B47B67446793A85F43B34712C96BC3DF80BC1AB1FE097BEFA7E0EB62BE625E7348E0A5C3 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 30296 |
Entropy (8bit): | 1.8499809915792826 |
Encrypted: | false |
SSDEEP: | 96:rlZ5Zt2Xu9WXItXwbfXEovKMX5XqXc9QXgxfXeom6X:rlZ5Zt2+9W4twfURME/+fu8X |
MD5: | 8005B39A115CE6162BE3AA44B5144D0C |
SHA1: | 7B190B9F53C890D430AF829BC7C0F995A7AAF40F |
SHA-256: | F2332F16BC3A5974D47D47ACF91E68AEFBF397907A24D0F59F847BAAFD6611EF |
SHA-512: | 40786C9123BC7FBC914403610041E2582F08BE523F0D42FD5AA460EEF544091600266E59A40039074D3D45B1F8EBE086DB4394CA211FD9220E61B96590A69E3B |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 33368 |
Entropy (8bit): | 2.266230339485313 |
Encrypted: | false |
SSDEEP: | 192:ruZBQ96DksFjx2EkWQMzYbPO80eC0ZD0s0W0f0ufL:r6WoIshgwlzumd8ZYt7MuT |
MD5: | F13AEC1B649C8A2678CAD4FD7B958A13 |
SHA1: | 626099648B60ABCE10856264D729863EEE033AA8 |
SHA-256: | 6B03DEE17A2997D23BF047F7CE0E721DC2B63E53B9DAFFF9A826A478C75B1BA9 |
SHA-512: | 47DF8094D772826D6BB5EC7E1BBAA0360A1F39A8BC6C54B3577B8F334FD93EA09F98F0B4AD9729291139D883EDD428FF3F758B3C0C20910A15A1078CCDBA7A9C |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16984 |
Entropy (8bit): | 1.5640311352383127 |
Encrypted: | false |
SSDEEP: | 48:IwNGcprcGwpaVG4pQxGrapbScrGQpKOG7HpR+sTGIpG:rTZUQH6BBScFAJT+4A |
MD5: | CB05B5A920A18CC364206FDB2A88B7FA |
SHA1: | 1DF2FC99155828967D42D2D206478DB18C576DFB |
SHA-256: | 41246BA932A4C681B4BDE812027B040283904C5E1EC5C9EB51028ED2890AB248 |
SHA-512: | C9B37AEB3DB7EFE08A25E6552D346976F865E917A222441BE0AC9D4F27145ABEA21B827FCBC38EC443C20D7521A0C8612226BA7F3697D7025DAE60F473D0CF3D |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 18356 |
Entropy (8bit): | 3.1144171316444202 |
Encrypted: | false |
SSDEEP: | 48:mP0efaE/EqP0efaE/bqP0efaE/jqP0efaE/tgyyyyyyyyyyyyyIqP0efaE/D/qPR:00M0z0z0w0b0jQQQQQZ |
MD5: | 9E43E23A22D2584F44841947BB9617EA |
SHA1: | B4C939866E13C0B9F1FEEAC81283F32CAC695620 |
SHA-256: | 91D3C714D124D131663AB4105276E05C8F2E7639EF38B50084FB5212D493F44E |
SHA-512: | 2EFD1BEE29133230C0A4E771BBC542CA9D55117AE2102348F2A7806B26DCDE38B23B7F82247BC711DFC6E0468223E45FB6EF548D05995FE3A392F1ACA21847B8 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 31419 |
Entropy (8bit): | 7.838593850267985 |
Encrypted: | false |
SSDEEP: | 768:B2CG6sPLHj1DDtLEHZwbz0yDEr+q5jc0T7KEE:4CG6sTDFRLKZwbzpDEr+Zc7e |
MD5: | B204756661AE1F820ACDBF507B2C0FE7 |
SHA1: | 8BCC62CD820991FE0C4D35C2E397E9D2E225D4A0 |
SHA-256: | A33593E9043EFEFBAF94D9CA220C885CE1C42DD2A7707F30ED072D7D71587DA5 |
SHA-512: | F115CD7216716F759575B0411028CFA56049150F54D2692CF8998E47D82959BA1521CB9462DF6E5496C51B08ED736FFC0CF4BB70C0328099143293CDDB4B570E |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/background.jpg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3651 |
Entropy (8bit): | 4.094801914706141 |
Encrypted: | false |
SSDEEP: | 96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO |
MD5: | EE5C8D9FB6248C938FD0DC19370E90BD |
SHA1: | D01A22720918B781338B5BBF9202B241A5F99EE4 |
SHA-256: | 04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A |
SHA-512: | C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/logo2.svg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 149 |
Entropy (8bit): | 4.69713648664703 |
Encrypted: | false |
SSDEEP: | 3:gnkAqRAdu6/GY7voOkADFoHDtL/QUJYC5LAeKCLr0dTgYBXILn:7AqJm7+mmHhZJBLzKIAgCYL |
MD5: | CA1AE28154FE294016416ECCEB7C618D |
SHA1: | 90DAA9B614BDE0D09C77AD6F395EE106516B9540 |
SHA-256: | FAB2876CD18840FB88240F181D4AE1E03944EC25ED35CC7072797305C3113CB0 |
SHA-512: | C35358C2D01DE5950BB8B8B166CBB5420C38E99EE137E02FE900E083B143FEF16B6C93D14E76731AD06F658D084148FC86EB3A0B57C876D729E4713DBB7E870F |
Malicious: | false |
Reputation: | low |
IE Cache URL: | http://huehiufkerfpvkm.craetivehc.com/x/ZGllZ28uZmVycmVpcm9Ad2l6aW5rLmVz |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17174 |
Entropy (8bit): | 2.9129715116732746 |
Encrypted: | false |
SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/favicon.ico |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 513 |
Entropy (8bit): | 4.720499940334011 |
Encrypted: | false |
SSDEEP: | 12:t4BdU/uRqv6DLfBHKFWJCDLfBSU1pRXIFl+MJ4bADc:t4TU/uRff0EcfIU1XXU+t2c |
MD5: | A9CC2824EF3517B6C4160DCF8FF7D410 |
SHA1: | 8DB9AEBAD84CA6E4225BFDD2458FF3821CC4F064 |
SHA-256: | 34F9DB946E89F031A80DFCA7B16B2B686469C9886441261AE70A44DA1DFA2D58 |
SHA-512: | AA3DDAB0A1CFF9533F9A668ABA4FB5E3D75ED9F8AFF8A1CAA4C29F9126D85FF4529E82712C0119D2E81035D1CE1CC491FF9473384D211317D4D00E0E234AD97F |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/arrow.svg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 915 |
Entropy (8bit): | 3.877322891561989 |
Encrypted: | false |
SSDEEP: | 24:t4CvnAVRf83f1QqCSzGUdiHTVtpRduf1QqCWbVHTVeUV0Uv6f1QqCWbVHTVeUV0W:fnL1QqC4GuiHFXS1QqCWRHQ3V1QqCWRV |
MD5: | 5AC590EE72BFE06A7CECFD75B588AD73 |
SHA1: | DDA2CB89A241BC424746D8CF2A22A35535094611 |
SHA-256: | 6075736EA9C281D69C4A3D78FF97BB61B9416A5809919BABE5A0C5596F99AAEA |
SHA-512: | B9135D934B9EA50B51BB0316E383B114C8F24DFE75FEF11DCBD1C96170EA59202F6BAFE11AAF534CC2F4ED334A8EA4DBE96AF2504130896D6203BFD2DA69138F |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/white_ellipsis.svg |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4896 |
Entropy (8bit): | 3.9126979104150483 |
Encrypted: | false |
SSDEEP: | 48:tcFIqr5Wxn1PWWmvw0vqcRvZ82gBIZflx3v:8Iq1K9WNBnvZGIZPv |
MD5: | 3B84D0C9225D24FC7E5152CB6A2D598F |
SHA1: | 7A5333C492C1BC12C5610C22D619EF9D04E70247 |
SHA-256: | 45364A073B31276BC6EAD8526712AD2B6028094877BF248076FD507432CBAAD8 |
SHA-512: | D1AB93213C0412B9E0CECC784251931130306549BDE99463A27B0DC28A462F72F1EBDA3717460ED54A9A255F3EC7A01D345360192A9D6434F2330ABE515AB9FF |
Malicious: | true |
Yara Hits: |
|
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 101788 |
Entropy (8bit): | 5.304944776832708 |
Encrypted: | false |
SSDEEP: | 1536:QpHDglbuhw+ExmazA/PWrF7qvEAFiQcpmNtuhPyJRD:l74wyJZ |
MD5: | 4DB4A299AE7E73B3CB53351867416D0C |
SHA1: | 36C0DFF7A6742EAD3229E476F05C559069C3080F |
SHA-256: | 10C50B88EBF99FDF813A4CCE86BA218A6E2EA3D266146520529F1E1BDDC5EBD3 |
SHA-512: | 8EB086FC241C314DDD4B15AC6F34DBD61B838E2D7C2B535A02AF2A83A92294AB1C79EB122EFCA8FF648346F4515B35EDEEB13DC5E79EBC2C7E9ACCC4AC5BAA76 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/css/login.css |
Preview: |
|
Process: | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1750 |
Entropy (8bit): | 7.784821733371315 |
Encrypted: | false |
SSDEEP: | 24:W6Yai7i2Tz46sC7PbpHZMYYsOWFzyKgXW0n9/ND1LCgz7AXtew1pcv8m5PRlQXt+:9KtTzx/HxRF+KKWE/B1LCgYXtIZRlN |
MD5: | 533E293F0C8947ADA653B47C00E394E2 |
SHA1: | 0F507BB89C42F937A290D0EEDA3F2E0DBFCAD5C1 |
SHA-256: | B5D587F6C48A9B22BBE97150249E0C0655AC1780BD273431480A22F8A5BFEF6C |
SHA-512: | B91127D6C27E270F7AAB0A83054451FFF4719C587A425F36EC32F4E532CF4E4D74505AAC71ED3629769552924BC9A9C8CB7F73667B0D20EA5AAED587BCD3E179 |
Malicious: | false |
Reputation: | low |
IE Cache URL: | https://docs-sharedourlooksecuredloging.onlinerslog.fit/x/lib/img/logo3.png |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 25441 |
Entropy (8bit): | 0.3245043509657957 |
Encrypted: | false |
SSDEEP: | 24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laAAvOAM:kBqoxxJhHWSVSEabAvOA |
MD5: | DF2958624447487DF004C835F737F326 |
SHA1: | C404AA80B34E07D70249BA53B89B07DEB6559857 |
SHA-256: | E43056E46F864A0D969E2EB30C8D2FC716E2EA8C43059863EDA47403C0958ADB |
SHA-512: | 20AF848CF40C74DC74D5095A2180F02F0E5866B199F7F20594A015D4BF4BAEA82992E9B0BBF2EE984C89F1ACEBC8F57C97F90D49DA77C6B92379EC1E1B2C72AA |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 43818 |
Entropy (8bit): | 0.9608238901188655 |
Encrypted: | false |
SSDEEP: | 192:kBqoxKAuqR+2wqDwfKM80Y0ZD0s0W0f0u:kBqoxKAuqR+2wqDwfKMdBZYt7Mu |
MD5: | 5A52D0F75F0520AF194E4FC9564DF10E |
SHA1: | EF4B17897F8C89C4F566F06F358120EB6085375F |
SHA-256: | 347EE3B7C6AC98ADE4EBD763C295166CBAB4DD90D0A7C329C8621D61914D089F |
SHA-512: | D88C0B69D95F3593DB6BC223170528427291BB35A981D83F8E919ADD6C6A394563BAC6BB7E70C1708FCA5A47BF6AD1E209D6F746D5584B0D800A8997C76576D4 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files\internet explorer\iexplore.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 13029 |
Entropy (8bit): | 0.4791783023883562 |
Encrypted: | false |
SSDEEP: | 24:c9lLh9lLh9lIn9lIn9loUT9loUT9lWUkMp6apOR9ORP7O7Q:kBqoIzlXA |
MD5: | B563C982C2EC8AABB037DF49DD26BA1F |
SHA1: | 91AF55CF61820213E9D781EF947B4DCBEA28DBB1 |
SHA-256: | 8F12BBCD1E5D0C94F5C3BE723DBAAA5B3FB7577E000463E9A8C7799693536819 |
SHA-512: | 824D55BE603680B57A50FB1EAB293F897E39F10F2550FA8CE6D76C53F462A2785422016666EE159A2B77AC910A152B2446F8AE46FB6DFDB9EDA9908735FCF91E |
Malicious: | false |
Reputation: | low |
Preview: |
|
Static File Info |
---|
No static file info |
---|
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 27, 2021 17:15:05.565825939 CET | 49721 | 80 | 192.168.2.5 | 20.81.200.229 |
Jan 27, 2021 17:15:05.565910101 CET | 49720 | 80 | 192.168.2.5 | 20.81.200.229 |
Jan 27, 2021 17:15:05.694519997 CET | 80 | 49721 | 20.81.200.229 | 192.168.2.5 |
Jan 27, 2021 17:15:05.694710016 CET | 49721 | 80 | 192.168.2.5 | 20.81.200.229 |
Jan 27, 2021 17:15:05.694781065 CET | 80 | 49720 | 20.81.200.229 | 192.168.2.5 |
Jan 27, 2021 17:15:05.694871902 CET | 49720 | 80 | 192.168.2.5 | 20.81.200.229 |
Jan 27, 2021 17:15:05.695318937 CET | 49721 | 80 | 192.168.2.5 | 20.81.200.229 |
Jan 27, 2021 17:15:05.889887094 CET | 80 | 49721 | 20.81.200.229 | 192.168.2.5 |
Jan 27, 2021 17:15:06.061757088 CET | 80 | 49721 | 20.81.200.229 | 192.168.2.5 |
Jan 27, 2021 17:15:06.061872959 CET | 49721 | 80 | 192.168.2.5 | 20.81.200.229 |
Jan 27, 2021 17:15:06.591379881 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.594357014 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.745685101 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:06.745804071 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.751168013 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:06.751302004 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.754837990 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.755206108 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.910450935 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:06.910489082 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:06.910557032 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.910593987 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:06.912173986 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:06.912203074 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:06.912344933 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:07.652102947 CET | 49724 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.653048992 CET | 49725 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.716795921 CET | 80 | 49724 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.716835976 CET | 80 | 49725 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.716984987 CET | 49724 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.717055082 CET | 49725 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.762238026 CET | 49725 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.763355017 CET | 49724 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.826227903 CET | 80 | 49725 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.826288939 CET | 80 | 49725 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.826327085 CET | 80 | 49725 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.826467991 CET | 49725 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.827028990 CET | 80 | 49724 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.827099085 CET | 80 | 49724 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.827132940 CET | 80 | 49724 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:07.827265978 CET | 49724 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:07.856863022 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:07.856904030 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:07.857686043 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:08.013705969 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:08.013797045 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:08.014425039 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:08.014508009 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:08.066127062 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:08.422846079 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:08.423005104 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:08.425647020 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:08.637414932 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:10.570102930 CET | 80 | 49724 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:10.570126057 CET | 80 | 49725 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:10.570168972 CET | 49724 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:10.570195913 CET | 49725 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:10.570285082 CET | 49724 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:10.570350885 CET | 49725 | 80 | 192.168.2.5 | 91.199.212.52 |
Jan 27, 2021 17:15:10.634191990 CET | 80 | 49724 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:10.634243011 CET | 80 | 49725 | 91.199.212.52 | 192.168.2.5 |
Jan 27, 2021 17:15:11.558188915 CET | 80 | 49721 | 20.81.200.229 | 192.168.2.5 |
Jan 27, 2021 17:15:11.558337927 CET | 49721 | 80 | 192.168.2.5 | 20.81.200.229 |
Jan 27, 2021 17:15:13.037166119 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.037369967 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.042767048 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.262533903 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.307244062 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.307270050 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.307287931 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.307302952 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.307316065 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.307358980 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.326982021 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.327754021 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.329811096 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.330950975 CET | 49727 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.331463099 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.484667063 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484693050 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484709978 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484725952 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484730005 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.484739065 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484759092 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484767914 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.484781027 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484793901 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484810114 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484812975 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.484827042 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484839916 CET | 443 | 49726 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.484841108 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.484872103 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.484916925 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.485816956 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.485935926 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.486330032 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.486387014 CET | 443 | 49727 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.486458063 CET | 49727 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.486656904 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.486675978 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.486720085 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.486740112 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.486923933 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.487893105 CET | 49727 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.552233934 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639671087 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639693975 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639709949 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639725924 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639741898 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639750957 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639758110 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639775038 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639777899 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639796019 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639811993 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639827013 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639827013 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639843941 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639859915 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639863014 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639877081 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639893055 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639894009 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639915943 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639924049 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639939070 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639946938 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.639956951 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639976025 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.639983892 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.640014887 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.640017033 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.640045881 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.640059948 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.640090942 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.642684937 CET | 443 | 49726 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.642749071 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.642930031 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.643001080 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.643623114 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.643640041 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.643816948 CET | 443 | 49727 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.643877983 CET | 49727 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.644835949 CET | 49727 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.648056984 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.648329973 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.709039927 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.709068060 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.709084988 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.709112883 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.709137917 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.709162951 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795104027 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795139074 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795166016 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795180082 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795201063 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795217991 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795237064 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795238018 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795259953 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795284033 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795308113 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795331955 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795340061 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795357943 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795382977 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795404911 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795412064 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795430899 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795449972 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795454979 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795469046 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795480967 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795491934 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795516968 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795533895 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795543909 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795557976 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795584917 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795593023 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795609951 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795629978 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795641899 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795651913 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795670033 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795675039 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795692921 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795694113 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795721054 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795725107 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795742989 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795768023 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795769930 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795789957 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795814991 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795818090 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795833111 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795845985 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795869112 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795886993 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795895100 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795905113 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795933008 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795943975 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.795975924 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.795979023 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.796004057 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.796017885 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.796026945 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.796050072 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.796080112 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.796117067 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.802630901 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.803050995 CET | 443 | 49726 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.807799101 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.807827950 CET | 443 | 49726 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.807868958 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.807895899 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.861962080 CET | 443 | 49727 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.951170921 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.951205969 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.951229095 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.951257944 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.951309919 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.951318979 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.952486038 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.952522993 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.952541113 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.952553034 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:13.952594995 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.952621937 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:13.952656984 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.199486971 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.207406044 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.356899977 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.356940985 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.356966019 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.356990099 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.356990099 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.357014894 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357023001 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.357040882 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357064962 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357089996 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357093096 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.357112885 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357132912 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.357140064 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357161045 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357176065 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.357182026 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357203960 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357215881 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.357222080 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.357254028 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.357283115 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.363838911 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.363864899 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.363881111 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.363897085 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.363913059 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.363953114 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.363977909 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.518553019 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518584013 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518609047 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518637896 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518640041 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.518660069 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518662930 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.518682003 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518704891 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518718004 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.518728971 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518749952 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.518752098 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518778086 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.518785954 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.518841028 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.674983025 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675005913 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675024033 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675039053 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675057888 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675079107 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675091982 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.675105095 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675127983 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675148964 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:16.675151110 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.675179958 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:16.675205946 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:19.211800098 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:19.211822987 CET | 443 | 49723 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:19.211905956 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:19.211961985 CET | 49723 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:19.312134027 CET | 443 | 49726 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:19.312170029 CET | 443 | 49726 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:19.312290907 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:19.314471960 CET | 49726 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:21.870641947 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:21.870683908 CET | 443 | 49728 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:21.870723009 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:21.870760918 CET | 49728 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:21.871190071 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:21.871220112 CET | 443 | 49722 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:21.871275902 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:21.871330976 CET | 49722 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.117733002 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.274243116 CET | 443 | 49732 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:22.274422884 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.277820110 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.434530973 CET | 443 | 49732 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:22.434562922 CET | 443 | 49732 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:22.434647083 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.434708118 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.454246044 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.611953020 CET | 443 | 49732 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:22.612081051 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.613157988 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:22.771598101 CET | 443 | 49732 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:22.771766901 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:28.279488087 CET | 443 | 49732 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:28.279542923 CET | 443 | 49732 | 40.84.135.214 | 192.168.2.5 |
Jan 27, 2021 17:15:28.279614925 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
Jan 27, 2021 17:15:28.279696941 CET | 49732 | 443 | 192.168.2.5 | 40.84.135.214 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 27, 2021 17:14:59.216414928 CET | 65296 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:14:59.267267942 CET | 53 | 65296 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:00.166466951 CET | 63183 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:00.214437962 CET | 53 | 63183 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:01.147109985 CET | 60151 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:01.195234060 CET | 53 | 60151 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:03.999756098 CET | 56969 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:04.061264038 CET | 53 | 56969 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:05.485532045 CET | 55161 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:05.554894924 CET | 53 | 55161 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:06.528197050 CET | 54757 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:06.588871956 CET | 53 | 54757 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:07.567178965 CET | 49992 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:07.649831057 CET | 53 | 49992 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:19.136082888 CET | 60075 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:19.200200081 CET | 53 | 60075 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:22.034053087 CET | 55016 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:22.112302065 CET | 53 | 55016 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:24.467451096 CET | 64345 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:24.515644073 CET | 53 | 64345 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:31.914210081 CET | 57128 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:31.974792957 CET | 53 | 57128 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:33.994510889 CET | 54791 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:34.050858974 CET | 53 | 54791 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:35.009541035 CET | 54791 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:35.065922022 CET | 53 | 54791 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:35.066243887 CET | 50463 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:35.117003918 CET | 53 | 50463 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:36.008594990 CET | 54791 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:36.069551945 CET | 53 | 54791 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:36.071707010 CET | 50463 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:36.131751060 CET | 53 | 50463 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:37.071106911 CET | 50463 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:37.132862091 CET | 53 | 50463 | 8.8.8.8 | 192.168.2.5 |
Jan 27, 2021 17:15:38.027137041 CET | 54791 | 53 | 192.168.2.5 | 8.8.8.8 |
Jan 27, 2021 17:15:38.085154057 CET | 53 | 54791 | 8.8.8.8 | 192.168.2.5 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Jan 27, 2021 17:15:05.485532045 CET | 192.168.2.5 | 8.8.8.8 | 0x1159 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 27, 2021 17:15:06.528197050 CET | 192.168.2.5 | 8.8.8.8 | 0xfce3 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 27, 2021 17:15:07.567178965 CET | 192.168.2.5 | 8.8.8.8 | 0x5adb | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 27, 2021 17:15:22.034053087 CET | 192.168.2.5 | 8.8.8.8 | 0x2829 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Jan 27, 2021 17:15:05.554894924 CET | 8.8.8.8 | 192.168.2.5 | 0x1159 | No error (0) | 20.81.200.229 | A (IP address) | IN (0x0001) | ||
Jan 27, 2021 17:15:06.588871956 CET | 8.8.8.8 | 192.168.2.5 | 0xfce3 | No error (0) | 40.84.135.214 | A (IP address) | IN (0x0001) | ||
Jan 27, 2021 17:15:07.649831057 CET | 8.8.8.8 | 192.168.2.5 | 0x5adb | No error (0) | crt.sectigo.com | CNAME (Canonical name) | IN (0x0001) | ||
Jan 27, 2021 17:15:07.649831057 CET | 8.8.8.8 | 192.168.2.5 | 0x5adb | No error (0) | 91.199.212.52 | A (IP address) | IN (0x0001) | ||
Jan 27, 2021 17:15:22.112302065 CET | 8.8.8.8 | 192.168.2.5 | 0x2829 | No error (0) | 40.84.135.214 | A (IP address) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.5 | 49721 | 20.81.200.229 | 80 | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 27, 2021 17:15:05.695318937 CET | 40 | OUT | |
Jan 27, 2021 17:15:06.061757088 CET | 41 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.2.5 | 49725 | 91.199.212.52 | 80 | C:\Program Files (x86)\Internet Explorer\iexplore.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 27, 2021 17:15:07.762238026 CET | 47 | OUT | |
Jan 27, 2021 17:15:07.826288939 CET | 49 | IN |