Play interactive tourEdit tour
Windows Analysis Report Fec9qUX4at.exe
Overview
General Information
Detection
GuLoader Remcos
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Found malware configuration
GuLoader behavior detected
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Yara detected GuLoader
Yara detected Remcos RAT
C2 URLs / IPs found in malware configuration
Contains functionality to detect hardware virtualization (CPUID execution measurement)
Creates autostart registry keys with suspicious values (likely registry only malware)
Deletes itself after installation
Detected RDTSC dummy instruction sequence (likely for instruction hammering)
Hides threads from debuggers
Installs a global keyboard hook
Machine Learning detection for dropped file
Machine Learning detection for sample
Sigma detected: Suspicious Script Execution From Temp Folder
Sigma detected: WScript or CScript Dropper
Tries to detect Any.run
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to detect virtualization through RDTSC time measurements
Uses dynamic DNS services
Abnormal high CPU Usage
Checks if the current process is being debugged
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to read the PEB
Creates a DirectInput object (often for capturing keystrokes)
Creates a process in suspended mode (likely to inject code)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Drops PE files
Found WSH timer for Javascript or VBS script (likely evasive script)
Internet Provider seen in connection with other malware
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains strange resources
Sample file is different than original file name gathered from version info
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Classification
Process Tree |
---|
|
Malware Configuration |
---|
Threatname: GuLoader |
---|
{"Payload URL": "http://101.99.94.119/WEALTH_fkWglQyCXO188.bin"}
Yara Overview |
---|
Memory Dumps |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_GuLoader_2 | Yara detected GuLoader | Joe Security | ||
JoeSecurity_Remcos | Yara detected Remcos RAT | Joe Security |
Sigma Overview |
---|
System Summary: |
---|
Sigma detected: Suspicious Script Execution From Temp Folder | Show sources |
Source: | Author: Florian Roth, Max Altgelt: |
Sigma detected: WScript or CScript Dropper | Show sources |
Source: | Author: Margaritis Dimitrios (idea), Florian Roth (rule), oscd.community: |
Jbx Signature Overview |
---|
Click to jump to signature section
Show All Signature Results
AV Detection: |
---|
Found malware configuration | Show sources |
Source: | Malware Configuration Extractor: |
Multi AV Scanner detection for dropped file | Show sources |
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Multi AV Scanner detection for submitted file | Show sources |
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Yara detected Remcos RAT | Show sources |
Source: | File source: |
Machine Learning detection for dropped file | Show sources |
Source: | Joe Sandbox ML: |
Machine Learning detection for sample | Show sources |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Networking: |
---|
C2 URLs / IPs found in malware configuration | Show sources |
Source: | URLs: |
Uses dynamic DNS services | Show sources |
Source: | DNS query: |
Source: | TCP traffic: |
Source: | ASN Name: |
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Key, Mouse, Clipboard, Microphone and Screen Capturing: |
---|
Installs a global keyboard hook | Show sources |
Source: | Windows user hook set: | Jump to behavior |
Source: | Binary or memory string: |
E-Banking Fraud: |
---|
Yara detected Remcos RAT | Show sources |
Source: | File source: |
System Summary: |
---|
Source: | Process Stats: |
Source: | Code function: | 0_2_04F5586A | |
Source: | Code function: | 0_2_04F505E0 | |
Source: | Code function: | 0_2_04F509C7 | |
Source: | Code function: | 0_2_04F58F67 | |
Source: | Code function: | 0_2_04F542D5 | |
Source: | Code function: | 0_2_04F558D5 | |
Source: | Code function: | 0_2_04F54693 | |
Source: | Code function: | 0_2_04F54A46 | |
Source: | Code function: | 0_2_04F54A2D | |
Source: | Code function: | 0_2_04F54C15 | |
Source: | Code function: | 0_2_04F58FBB | |
Source: | Code function: | 0_2_04F5475A |
Source: | Code function: | 0_2_00401144 | |
Source: | Code function: | 0_2_04F584C9 | |
Source: | Code function: | 0_2_04F5209D | |
Source: | Code function: | 0_2_04F50C76 | |
Source: | Code function: | 0_2_04F55661 | |
Source: | Code function: | 0_2_04F5586A | |
Source: | Code function: | 0_2_04F505E0 | |
Source: | Code function: | 0_2_04F509C7 | |
Source: | Code function: | 0_2_04F59577 | |
Source: | Code function: | 0_2_04F52559 | |
Source: | Code function: | 0_2_04F542D5 | |
Source: | Code function: | 0_2_04F514D1 | |
Source: | Code function: | 0_2_04F514D9 | |
Source: | Code function: | 0_2_04F506D9 | |
Source: | Code function: | 0_2_04F50CC2 | |
Source: | Code function: | 0_2_04F510C2 | |
Source: | Code function: | 0_2_04F520C2 | |
Source: | Code function: | 0_2_04F538B9 | |
Source: | Code function: | 0_2_04F57AA5 | |
Source: | Code function: | 0_2_04F57EAD | |
Source: | Code function: | 0_2_04F52AAE | |
Source: | Code function: | 0_2_04F54693 | |
Source: | Code function: | 0_2_04F54292 | |
Source: | Code function: | 0_2_04F58C9D | |
Source: | Code function: | 0_2_04F53051 | |
Source: | Code function: | 0_2_04F55C5C | |
Source: | Code function: | 0_2_04F54A46 | |
Source: | Code function: | 0_2_04F5864F | |
Source: | Code function: | 0_2_04F53424 | |
Source: | Code function: | 0_2_04F54A2D | |
Source: | Code function: | 0_2_04F54C15 | |
Source: | Code function: | 0_2_04F55E11 | |
Source: | Code function: | 0_2_04F5380C | |
Source: | Code function: | 0_2_04F585F7 | |
Source: | Code function: | 0_2_04F50BE6 | |
Source: | Code function: | 0_2_04F53FDB | |
Source: | Code function: | 0_2_04F577CC | |
Source: | Code function: | 0_2_04F53996 | |
Source: | Code function: | 0_2_04F51D86 | |
Source: | Code function: | 0_2_04F58181 | |
Source: | Code function: | 0_2_04F51D8F | |
Source: | Code function: | 0_2_04F52D7C | |
Source: | Code function: | 0_2_04F57F61 | |
Source: | Code function: | 0_2_04F58355 | |
Source: | Code function: | 0_2_04F58759 | |
Source: | Code function: | 0_2_04F5475A | |
Source: | Code function: | 0_2_04F5215A | |
Source: | Code function: | 0_2_04F5293E | |
Source: | Code function: | 0_2_04F52138 |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Process created: |
Source: | Static PE information: |
Source: | Section loaded: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | Virustotal: | ||
Source: | ReversingLabs: |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Data Obfuscation: |
---|
Yara detected GuLoader | Show sources |
Source: | File source: |
Source: | Code function: | 0_2_00407CF8 |
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | File created: | Jump to dropped file |
Boot Survival: |
---|
Creates autostart registry keys with suspicious values (likely registry only malware) | Show sources |
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior |
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection: |
---|
Deletes itself after installation | Show sources |
Source: | File deleted: | Jump to behavior |
Source: | Registry key monitored for changes: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion: |
---|
Contains functionality to detect hardware virtualization (CPUID execution measurement) | Show sources |
Source: | Code function: | 0_2_04F50C76 |
Detected RDTSC dummy instruction sequence (likely for instruction hammering) | Show sources |
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: |
Tries to detect Any.run | Show sources |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) | Show sources |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Tries to detect virtualization through RDTSC time measurements | Show sources |
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: | ||
Source: | RDTSC instruction interceptor: |
Source: | Code function: | 0_2_04F50C76 |
Source: | Window found: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | System information queried: | Jump to behavior |
Anti Debugging: |
---|
Hides threads from debuggers | Show sources |
Source: | Thread information set: | Jump to behavior | ||
Source: | Thread information set: | Jump to behavior | ||
Source: | Thread information set: | Jump to behavior |
Source: | Process queried: | Jump to behavior | ||
Source: | Process queried: | Jump to behavior |
Source: | Code function: | 0_2_04F50C76 |
Source: | Code function: | 0_2_04F55BFE |
Source: | Code function: | 0_2_04F5546D | |
Source: | Code function: | 0_2_04F5864F | |
Source: | Code function: | 0_2_04F5380C | |
Source: | Code function: | 0_2_04F585F7 | |
Source: | Code function: | 0_2_04F579C6 | |
Source: | Code function: | 0_2_04F573B7 | |
Source: | Code function: | 0_2_04F52D7C | |
Source: | Code function: | 0_2_04F58355 |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information: |
---|
GuLoader behavior detected | Show sources |
Source: | Signature Results: |
Yara detected Remcos RAT | Show sources |
Source: | File source: |
Remote Access Functionality: |
---|
Yara detected Remcos RAT | Show sources |
Source: | File source: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Scripting11 | Registry Run Keys / Startup Folder11 | Process Injection12 | Masquerading1 | Input Capture111 | Query Registry1 | Remote Services | Input Capture111 | Exfiltration Over Other Network Medium | Encrypted Channel1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Registry Run Keys / Startup Folder11 | Virtualization/Sandbox Evasion21 | LSASS Memory | Security Software Discovery721 | Remote Desktop Protocol | Archive Collected Data1 | Exfiltration Over Bluetooth | Non-Standard Port1 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Process Injection12 | Security Account Manager | Virtualization/Sandbox Evasion21 | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Ingress Tool Transfer1 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Scripting11 | NTDS | Process Discovery1 | Distributed Component Object Model | Input Capture | Scheduled Transfer | Non-Application Layer Protocol2 | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | Obfuscated Files or Information2 | LSA Secrets | Remote System Discovery1 | SSH | Keylogging | Data Transfer Size Limits | Application Layer Protocol212 | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | Software Packing1 | Cached Domain Credentials | File and Directory Discovery1 | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | File Deletion1 | DCSync | System Information Discovery33 | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
29% | Virustotal | Browse | ||
13% | ReversingLabs | Win32.Trojan.Vebzenpak | ||
100% | Joe Sandbox ML |
Dropped Files |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML | |||
29% | Virustotal | Browse | ||
13% | ReversingLabs | Win32.Trojan.Vebzenpak |
Unpacked PE Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
wealthyrem.ddns.net | 194.5.97.128 | true | true | unknown |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
194.5.97.128 | wealthyrem.ddns.net | Netherlands | 208476 | DANILENKODE | true | |
101.99.94.119 | unknown | Malaysia | 45839 | SHINJIRU-MY-AS-APShinjiruTechnologySdnBhdMY | true |
General Information |
---|
Joe Sandbox Version: | 33.0.0 White Diamond |
Analysis ID: | 458355 |
Start date: | 03.08.2021 |
Start time: | 09:49:14 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 13m 0s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | Fec9qUX4at.exe |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Run name: | Suspected Instruction Hammering Hide Perf |
Number of analysed new started processes analysed: | 41 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@5/4@1/2 |
EGA Information: | Failed |
HDC Information: |
|
HCA Information: | Failed |
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
Time | Type | Description |
---|---|---|
09:51:07 | Autostart | |
09:51:16 | Autostart |
Joe Sandbox View / Context |
---|
IPs |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
194.5.97.128 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
101.99.94.119 | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Domains |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
wealthyrem.ddns.net | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
DANILENKODE | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
No context |
---|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | C:\Users\user\Desktop\Fec9qUX4at.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 114688 |
Entropy (8bit): | 6.638949072783339 |
Encrypted: | false |
SSDEEP: | 1536:BUS3/zw2m3c39SYeXvmgU2sIMflWub4cL51tY4SQmiPYElZ943ckw2mUS3/:BT/zM3c3bcBsIMfQuDaSZS3ckYT/ |
MD5: | 2046B941817392E3815535FCCB1F39DC |
SHA1: | 843D243A71131BAF9FBE0FCF4BA129F51EE74C8F |
SHA-256: | C0D3DA1CEFD1A979C8B8CE102FD5D3FF090779F72F4D1098EB383CBBB3480BEE |
SHA-512: | ECF0B711C41619DCF9073F1CD4C769CC106B04AAEC40881FC11CBF8686989DA512A9C2EE2683A90B99DDDB1F4A762CF4DF512663519BC9035BBC6D0FD90F9571 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
|
Process: | C:\Users\user\Desktop\Fec9qUX4at.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 119 |
Entropy (8bit): | 5.094609879657231 |
Encrypted: | false |
SSDEEP: | 3:jfF+m8nhvF3mRDWXp5cViE2J5xAIzkiw9igECHM:jFqhv9IWXp+N23ffiijl |
MD5: | 1198AD996993F1C8082084F3CD83DD3C |
SHA1: | A841D5A9CA764F8C58EC10FF368C6BD1637E8929 |
SHA-256: | 59227CBFDE96895E1D019A879F7155EF36FE091AB03BEA825C51D9A8A625D6F2 |
SHA-512: | AB29D0F0FEB1D196E2218958495B39A327CBA2F921EFAB0EA2C09C8E2D42EF2692021A282EC2987E3998369C1876A083933C37FDC50B3C4A0C769513953FAF13 |
Malicious: | true |
Reputation: | low |
Preview: |
|
Process: | C:\Users\user\Desktop\Fec9qUX4at.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 468 |
Entropy (8bit): | 3.5093499207031558 |
Encrypted: | false |
SSDEEP: | 12:xQ4lA2++ugypjBQMPURF3Sbx34Q3Dk3Sbx349Hz/0aimi:7a2+SDTzQTkz9Aait |
MD5: | 903888A33CC9516D5548F046C7D902EC |
SHA1: | D654ADD97768AB9E06A2AC428090BE3E2F0512F6 |
SHA-256: | 75E4262158D66A77E7496606D466EA6CF1333BCE20D429F1E066A2935FD77F0A |
SHA-512: | B6BED5DEF33123948A338F1AA65D5D69505487FEF121524C575708894699B0D17A1AA4D3F7C6D1F89CB9730A28C9F20292A5E714F3F2CE2E9D515EB763B45751 |
Malicious: | true |
Reputation: | low |
Preview: |
|
Process: | C:\Users\user\Desktop\Fec9qUX4at.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 148 |
Entropy (8bit): | 3.353136862680169 |
Encrypted: | false |
SSDEEP: | 3:rklKlmuHlKfUFqlDl5JWRal2Jl+7R0DAlBG4LNQblovDl9il:IlKIuFK8Fql55YcIeeDAlybW/G |
MD5: | 23B5A5F0892EDE3E544D530B672DB71C |
SHA1: | 675F67E5EF80E1868950B6362B54BF367DDA258E |
SHA-256: | 64A5071CE344184BECC0650D8D6432E0CB0271BAF633BDA82E337D736B13EB01 |
SHA-512: | 03369524C6F224DEA70E9CDEE92DFD71214E6C3B99EC4FE0B09A7F3D69A4F30D67CC6FB2DA9ECA4ED4A4C7572B8E96131321B9B73AE767491BDE4F4CB045C46F |
Malicious: | false |
Reputation: | low |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 6.638949072783339 |
TrID: |
|
File name: | Fec9qUX4at.exe |
File size: | 114688 |
MD5: | 2046b941817392e3815535fccb1f39dc |
SHA1: | 843d243a71131baf9fbe0fcf4ba129f51ee74c8f |
SHA256: | c0d3da1cefd1a979c8b8ce102fd5d3ff090779f72f4d1098eb383cbbb3480bee |
SHA512: | ecf0b711c41619dcf9073f1cd4c769cc106b04aaec40881fc11cbf8686989da512a9c2ee2683a90b99dddb1f4a762cf4df512663519bc9035bbc6d0fd90f9571 |
SSDEEP: | 1536:BUS3/zw2m3c39SYeXvmgU2sIMflWub4cL51tY4SQmiPYElZ943ckw2mUS3/:BT/zM3c3bcBsIMfQuDaSZS3ckYT/ |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........#...B...B...B..L^...B...`...B...d...B..Rich.B..........PE..L....(.U.................@..........D........P....@................ |
File Icon |
---|
Icon Hash: | d5d5959595959595 |
Static PE Info |
---|
General | |
---|---|
Entrypoint: | 0x401144 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED |
DLL Characteristics: | |
Time Stamp: | 0x558D28E4 [Fri Jun 26 10:26:44 2015 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | 5565993a5a9f2bfb76f28ab304be6bc1 |
Entrypoint Preview |
---|
Instruction |
---|
push 00406B44h |
call 00007F9040EB35D5h |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
xor byte ptr [eax], al |
add byte ptr [eax], al |
inc eax |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add ch, dh |
pop ss |
clc |
pop edx |
push B944FDC7h |
mov ebx, 52105E67h |
cmp edx, dword ptr [eax] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add dword ptr [eax], eax |
add byte ptr [eax], al |
inc edx |
add byte ptr [esi], al |
push eax |
add dword ptr [ecx], 53h |
inc ebp |
inc ebx |
inc ebp |
push ebx |
push ebx |
dec ecx |
dec edi |
dec esi |
inc ecx |
dec esp |
dec ecx |
push ebx |
push esp |
add byte ptr [ebx], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
dec esp |
xor dword ptr [eax], eax |
pop es |
jo 00007F9040EB3614h |
inc edx |
sub cl, ah |
imul eax, dword ptr [eax+41h], 81h |
or bl, byte ptr [ebx-03CA9598h] |
mov esi, 05B7FAFFh |
or dl, byte ptr [ebp-48h] |
inc esi |
mov cl, 74h |
and dword ptr [ecx], ecx |
jbe 00007F9040EB356Ah |
jnle 00007F9040EB35F1h |
cmp cl, byte ptr [edi-53h] |
xor ebx, dword ptr [ecx-48EE309Ah] |
or al, 00h |
stosb |
add byte ptr [eax-2Dh], ah |
xchg eax, ebx |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
push esp |
pop ecx |
add byte ptr [eax], al |
sub al, 58h |
add byte ptr [eax], al |
add byte ptr [ecx], dl |
add byte ptr [ebx+4Bh], dl |
push edx |
dec ebp |
dec ecx |
dec esi |
inc esp |
inc esp |
inc ebp |
dec esp |
dec ecx |
dec esi |
inc edi |
inc ebp |
push edx |
dec esi |
inc ebp |
add byte ptr [00000001h], cl |
Data Directories |
---|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x14b64 | 0x28 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x17000 | 0x5b92 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x228 | 0x20 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x1000 | 0x7c | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Sections |
---|
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x13de4 | 0x14000 | False | 0.648803710938 | data | 7.05513425915 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
.data | 0x15000 | 0x115c | 0x1000 | False | 0.00634765625 | data | 0.0 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ |
.rsrc | 0x17000 | 0x5b92 | 0x6000 | False | 0.545776367188 | data | 6.0293757353 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Resources |
---|
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_ICON | 0x1bcea | 0xea8 | data | ||
RT_ICON | 0x1b442 | 0x8a8 | dBase IV DBT of @.DBF, block length 1024, next free block index 40, next free block 532795385, next used block 536862194 | ||
RT_ICON | 0x1aeda | 0x568 | GLS_BINARY_LSB_FIRST | ||
RT_ICON | 0x18932 | 0x25a8 | data | ||
RT_ICON | 0x1788a | 0x10a8 | data | ||
RT_ICON | 0x17422 | 0x468 | GLS_BINARY_LSB_FIRST | ||
RT_GROUP_ICON | 0x173c8 | 0x5a | data | ||
RT_VERSION | 0x171e0 | 0x1e8 | data | Chinese | Taiwan |
Imports |
---|
DLL | Import |
---|---|
MSVBVM60.DLL | _CIcos, _adj_fptan, _adj_fdiv_m64, _adj_fprem1, __vbaHresultCheckObj, _adj_fdiv_m32, _adj_fdiv_m16i, _adj_fdivr_m16i, _CIsin, __vbaChkstk, EVENT_SINK_AddRef, _adj_fpatan, EVENT_SINK_Release, _CIsqrt, EVENT_SINK_QueryInterface, __vbaExceptHandler, _adj_fprem, _adj_fdivr_m64, __vbaFPException, _CIlog, __vbaErrorOverflow, _adj_fdiv_m32i, _adj_fdivr_m32i, _adj_fdivr_m32, _adj_fdiv_r, _CIatan, _allmul, _CItan, _CIexp |
Version Infos |
---|
Description | Data |
---|---|
Translation | 0x0404 0x04b0 |
ProductVersion | 1.00 |
InternalName | CLUBWOMAN |
FileVersion | 1.00 |
OriginalFilename | CLUBWOMAN.exe |
ProductName | REFOUNDING |
Possible Origin |
---|
Language of compilation system | Country where language is spoken | Map |
---|---|---|
Chinese | Taiwan |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 3, 2021 09:52:02.509993076 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.554785967 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.554905891 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.599960089 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.600111008 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.647567034 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.647619009 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.647640944 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.647659063 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.647680044 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.647818089 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.694133997 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694166899 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694184065 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694204092 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694253922 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694274902 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694294930 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694318056 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.694372892 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.694441080 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.743522882 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743558884 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743583918 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743613005 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743634939 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743655920 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743676901 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743699074 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743721008 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743742943 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743767977 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743789911 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743813038 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743833065 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743854046 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.743875980 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.745096922 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.790580988 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790736914 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790760040 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790779114 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790800095 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790815115 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790817976 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.790831089 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790852070 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790873051 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790884018 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.790891886 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790911913 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790936947 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790947914 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.790960073 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790982008 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.790997028 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.791003942 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.791019917 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.791030884 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.791043997 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.791065931 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.791078091 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.791088104 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.791102886 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.791110992 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.791138887 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.791165113 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.839260101 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839301109 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839318037 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839340925 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839361906 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839384079 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839407921 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839432001 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839456081 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839478970 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839503050 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839524031 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839545965 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839570045 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839596033 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839618921 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839639902 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839663982 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839685917 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839709044 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839730978 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839752913 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839778900 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839802980 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839827061 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839850903 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839874029 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839896917 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.839917898 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.841974020 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842142105 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.842166901 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.842551947 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842581987 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842597961 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842633009 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842655897 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842675924 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842695951 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842715979 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.842735052 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.846889973 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.887871027 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.887917995 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.887943029 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.887964964 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.887989044 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888015032 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888035059 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888039112 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888071060 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888096094 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888114929 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888132095 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888156891 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888156891 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888159990 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888183117 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888183117 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888206959 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888206959 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888231993 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888236046 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888256073 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888258934 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888284922 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888288021 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888310909 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888319969 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888336897 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888359070 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888361931 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888386011 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888395071 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888411999 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888420105 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888437986 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888458014 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888463974 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888489962 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888490915 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888516903 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888518095 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888541937 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888542891 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888569117 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888570070 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888592005 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888592958 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888616085 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888617039 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888638020 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888639927 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888659000 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888669014 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888686895 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888700008 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888712883 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888721943 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888736010 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888746023 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888761044 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.888771057 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.888814926 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.891968012 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892007113 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892030001 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892050982 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892071962 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892093897 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892113924 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892138958 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892153025 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.892163992 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892188072 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892210007 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892234087 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892236948 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.892257929 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.892258883 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.892288923 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.892332077 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936501980 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936551094 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936578035 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936604023 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936629057 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936654091 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936665058 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936678886 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936702013 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936706066 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936737061 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936744928 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936764956 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936788082 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936790943 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936816931 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936830044 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936842918 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936856031 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936868906 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936892986 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936894894 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936920881 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936923027 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936947107 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936952114 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.936978102 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.936980009 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937005043 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937007904 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937027931 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937033892 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937055111 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937061071 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937079906 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937088013 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937098026 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937114954 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937124014 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937135935 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937149048 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937165022 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937174082 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937191010 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937212944 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937216997 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937238932 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937243938 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937267065 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937272072 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937298059 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937304020 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937325001 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937325954 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937350035 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937350988 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937375069 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937377930 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937403917 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937426090 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937428951 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937433004 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937453985 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937465906 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937479973 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.937491894 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.937534094 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.939178944 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939224958 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939250946 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939280033 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939304113 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939328909 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939338923 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.939356089 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939382076 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939404011 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.939405918 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939433098 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939435959 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.939460039 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939471960 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.939490080 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939513922 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.939517021 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.939551115 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.939591885 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.984806061 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984843969 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984868050 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984889030 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984908104 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.984910011 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984931946 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984947920 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.984961987 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984982967 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.984985113 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985009909 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985011101 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985035896 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985054970 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985057116 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985080004 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985100031 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985100985 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985121965 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985131979 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985161066 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985183954 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985197067 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985246897 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985260963 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985286951 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985302925 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985306978 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985328913 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985346079 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985351086 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985380888 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985395908 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985414982 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985419989 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985445023 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985445976 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985466957 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985470057 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985493898 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985501051 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985518932 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985527992 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985543966 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985548019 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985567093 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985574961 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985591888 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985594988 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985616922 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985618114 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985642910 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985642910 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985668898 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985671997 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985691071 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985694885 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985713959 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985723019 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985739946 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.985753059 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.985789061 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987111092 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987179041 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987204075 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987226963 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987247944 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987251043 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987268925 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987287045 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987292051 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987313986 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987334013 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987338066 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987353086 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987379074 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987385988 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987401009 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987417936 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987423897 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987442017 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987447977 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:02.987476110 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:02.987500906 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.032501936 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.032546997 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.032587051 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.032612085 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.032655001 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.032696009 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.033401012 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033437967 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033459902 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033485889 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033507109 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033525944 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.033531904 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033555031 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033576965 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033597946 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033615112 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033615112 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.033633947 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033684015 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033705950 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033727884 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033750057 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033895016 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.033906937 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.033937931 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033966064 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.033998966 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034007072 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034030914 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034038067 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034050941 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034060955 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034075022 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034085035 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034101009 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034117937 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034123898 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034145117 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034152031 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034164906 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034177065 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034188986 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034209967 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034209967 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034234047 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034255981 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034276009 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034276009 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034301043 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034343958 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034447908 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034473896 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034486055 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034511089 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034521103 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034548044 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034559011 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034571886 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.034589052 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.034605026 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.035096884 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035161972 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035186052 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035190105 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.035209894 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035226107 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.035232067 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035249949 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.035260916 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035283089 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035285950 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.035305023 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035319090 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.035326958 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.035337925 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.035373926 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.079540014 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.079577923 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.079595089 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.079619884 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.079642057 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.079679966 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.079747915 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.081828117 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.081864119 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.081887007 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.081908941 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.081929922 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.081950903 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.081952095 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.081971884 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.081990004 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.081994057 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082016945 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082029104 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082041025 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082062006 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082063913 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082088947 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082138062 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082154036 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082173109 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082191944 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082199097 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082214117 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082223892 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082236052 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082259893 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082264900 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082282066 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082302094 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082312107 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082324028 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082345009 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082348108 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082366943 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082371950 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082406998 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082741976 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082772970 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082803965 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082828999 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082830906 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082856894 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082859993 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082880020 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082890987 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082905054 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082915068 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082928896 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082952976 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082962036 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082973003 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.082989931 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.082993031 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083017111 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083029032 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083039045 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083055973 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083090067 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083213091 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083287001 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083308935 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083329916 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083352089 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083355904 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083374023 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083393097 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083396912 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083412886 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083430052 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083435059 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083451033 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083458900 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.083487988 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.083513021 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.126316071 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.126363993 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.126389027 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.126411915 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.126435995 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.126564026 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.128482103 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128521919 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128549099 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128571987 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128593922 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128606081 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.128612995 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128622055 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.128632069 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128648996 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128664017 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128715992 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128743887 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128786087 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128808022 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128829956 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128851891 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128864050 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.128878117 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128901958 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128925085 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128957033 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.128961086 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.128981113 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.129003048 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.129004955 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.129026890 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.129029989 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.129049063 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:03.129071951 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.129096031 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:03.848718882 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:03.895325899 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:03.896202087 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:03.906464100 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:03.957334995 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:04.003839016 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:04.049552917 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:04.066673040 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:04.135514975 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:04.135736942 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:04.200131893 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:04.225843906 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:04.229080915 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:04.309437037 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:08.172015905 CEST | 80 | 49732 | 101.99.94.119 | 192.168.2.3 |
Aug 3, 2021 09:52:08.172178030 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:14.229147911 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:14.233493090 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:14.307416916 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:14.684644938 CEST | 39200 | 49733 | 194.5.97.128 | 192.168.2.3 |
Aug 3, 2021 09:52:14.738715887 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
Aug 3, 2021 09:52:18.370467901 CEST | 49732 | 80 | 192.168.2.3 | 101.99.94.119 |
Aug 3, 2021 09:52:18.370568037 CEST | 49733 | 39200 | 192.168.2.3 | 194.5.97.128 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Aug 3, 2021 09:50:02.068259001 CEST | 49199 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:02.100552082 CEST | 50620 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:02.103404999 CEST | 53 | 49199 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:02.135581970 CEST | 53 | 50620 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:03.751369953 CEST | 64938 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:03.779362917 CEST | 53 | 64938 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:04.804028034 CEST | 60152 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:04.829040051 CEST | 53 | 60152 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:05.845832109 CEST | 57544 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:05.873245955 CEST | 53 | 57544 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:07.138077021 CEST | 55984 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:07.162651062 CEST | 53 | 55984 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:08.450983047 CEST | 64185 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:08.484448910 CEST | 53 | 64185 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:09.460745096 CEST | 65110 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:09.493299961 CEST | 53 | 65110 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:10.580183983 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:10.605452061 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:11.391868114 CEST | 63492 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:11.425403118 CEST | 53 | 63492 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:12.533147097 CEST | 60831 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:12.558248997 CEST | 53 | 60831 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:13.693217039 CEST | 60100 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:13.721752882 CEST | 53 | 60100 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:16.217385054 CEST | 53195 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:16.243992090 CEST | 53 | 53195 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:16.909429073 CEST | 50141 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:16.936829090 CEST | 53 | 50141 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:17.741444111 CEST | 53023 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:17.772319078 CEST | 53 | 53023 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:18.457809925 CEST | 49563 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:18.485790014 CEST | 53 | 49563 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:19.433485031 CEST | 51352 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:19.462393999 CEST | 53 | 51352 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:32.419984102 CEST | 59349 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:32.456270933 CEST | 53 | 59349 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:37.631396055 CEST | 57084 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:37.673178911 CEST | 53 | 57084 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:53.027306080 CEST | 58823 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:53.056313038 CEST | 53 | 58823 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:54.184706926 CEST | 57568 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:54.212661028 CEST | 53 | 57568 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:50:54.829355955 CEST | 50540 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:50:54.865000963 CEST | 53 | 50540 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:51:06.332206964 CEST | 54366 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:51:06.374577045 CEST | 53 | 54366 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:51:08.099805117 CEST | 53034 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:51:08.132152081 CEST | 53 | 53034 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:51:19.998214006 CEST | 57762 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:51:20.048595905 CEST | 53 | 57762 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:51:26.368093014 CEST | 55435 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:51:26.406167984 CEST | 53 | 55435 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:51:54.770961046 CEST | 50713 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:51:54.819643021 CEST | 53 | 50713 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:51:58.437495947 CEST | 56132 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:51:58.479460001 CEST | 53 | 56132 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:03.800883055 CEST | 58987 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:03.835515976 CEST | 53 | 58987 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:55.178214073 CEST | 56579 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:55.246586084 CEST | 53 | 56579 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:55.928847075 CEST | 60633 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:55.966856003 CEST | 53 | 60633 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:56.515408993 CEST | 61292 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:56.555078983 CEST | 53 | 61292 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:56.991461039 CEST | 63619 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:57.026705980 CEST | 53 | 63619 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:57.575887918 CEST | 64938 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:57.608617067 CEST | 53 | 64938 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:58.152482986 CEST | 61946 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:58.190172911 CEST | 53 | 61946 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:58.831623077 CEST | 64910 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:52:58.865165949 CEST | 53 | 64910 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:52:59.994276047 CEST | 52123 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:53:00.027309895 CEST | 53 | 52123 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:53:00.936120987 CEST | 56130 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:53:00.971250057 CEST | 53 | 56130 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:53:01.997314930 CEST | 56338 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:53:02.031568050 CEST | 53 | 56338 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:54:54.472569942 CEST | 59420 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:54:54.508253098 CEST | 53 | 59420 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:54:54.953653097 CEST | 58784 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:54:54.986418009 CEST | 53 | 58784 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:54:59.222904921 CEST | 63978 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:54:59.255475998 CEST | 53 | 63978 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:55:03.005989075 CEST | 62938 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:55:03.039793015 CEST | 53 | 62938 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:55:03.251657009 CEST | 55708 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:55:03.295259953 CEST | 53 | 55708 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:57:24.651887894 CEST | 56803 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:57:24.652589083 CEST | 57145 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:57:24.687371016 CEST | 53 | 56803 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:57:24.688313007 CEST | 53 | 57145 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:57:25.117799997 CEST | 55359 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:57:25.151722908 CEST | 53 | 55359 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:57:25.615422964 CEST | 58306 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:57:25.683232069 CEST | 53 | 58306 | 8.8.8.8 | 192.168.2.3 |
Aug 3, 2021 09:57:58.535772085 CEST | 64124 | 53 | 192.168.2.3 | 8.8.8.8 |
Aug 3, 2021 09:57:58.584244967 CEST | 53 | 64124 | 8.8.8.8 | 192.168.2.3 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Aug 3, 2021 09:52:03.800883055 CEST | 192.168.2.3 | 8.8.8.8 | 0xdf97 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Aug 3, 2021 09:52:03.835515976 CEST | 8.8.8.8 | 192.168.2.3 | 0xdf97 | No error (0) | 194.5.97.128 | A (IP address) | IN (0x0001) | ||
Aug 3, 2021 09:54:54.508253098 CEST | 8.8.8.8 | 192.168.2.3 | 0xf46a | No error (0) | www.tm.a.prd.aadg.akadns.net | CNAME (Canonical name) | IN (0x0001) | ||
Aug 3, 2021 09:57:25.151722908 CEST | 8.8.8.8 | 192.168.2.3 | 0xd836 | No error (0) | www.tm.a.prd.aadg.akadns.net | CNAME (Canonical name) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.3 | 49732 | 101.99.94.119 | 80 | C:\Users\user\Desktop\Fec9qUX4at.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Aug 3, 2021 09:52:02.600111008 CEST | 7678 | OUT | |
Aug 3, 2021 09:52:02.647567034 CEST | 7679 | IN |