Windows Analysis Report gunzipped.exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
Process Tree |
---|
|
Malware Configuration |
---|
Threatname: Lokibot |
---|
{"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php", "https://jnxxx1.xyz/JRM/w2/fre.php"]}
Yara Overview |
---|
Memory Dumps |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Lokibot_1 | Yara detected Lokibot | Joe Security | ||
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
Loki_1 | Loki Payload | kevoreilly |
| |
Click to see the 34 entries |
Unpacked PEs |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
Loki_1 | Loki Payload | kevoreilly |
| |
Lokibot | detect Lokibot in memory | JPCERT/CC Incident Response Group |
| |
Click to see the 61 entries |
Sigma Overview |
---|
System Summary: |
---|
Sigma detected: Possible Applocker Bypass | Show sources |
Source: | Author: juju4: |
Jbx Signature Overview |
---|
Click to jump to signature section
AV Detection: |
---|
Found malware configuration | Show sources |
Source: | Malware Configuration Extractor: |
Antivirus / Scanner detection for submitted sample | Show sources |
Source: | Avira: |
Machine Learning detection for sample | Show sources |
Source: | Joe Sandbox ML: |
Source: | Avira: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: |
Source: | Code function: | 1_2_00403D74 |
Networking: |
---|
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) | Show sources |
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Performs DNS queries to domains with low reputation | Show sources |
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: |
C2 URLs / IPs found in malware configuration | Show sources |
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: |
Source: | ASN Name: | ||
Source: | ASN Name: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
Source: | Code function: | 1_2_00404ED4 |
System Summary: |
---|
Malicious sample detected (through community Yara rule) | Show sources |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Code function: | 0_2_00007FFA363D17D5 | |
Source: | Code function: | 1_2_0040549C | |
Source: | Code function: | 1_2_004029D4 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Code function: | 1_2_0040650A |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Code function: | 1_2_0040434D |
Source: | Task registration methods: | ||
Source: | Task registration methods: | ||
Source: | Task registration methods: | ||
Source: | Task registration methods: |
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: |
Source: | Section loaded: | Jump to behavior |
Source: | Mutant created: |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: |
Data Obfuscation: |
---|
Yara detected aPLib compressed binary | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Code function: | 0_2_00007FFA363D4191 | |
Source: | Code function: | 0_2_00007FFA363D7975 | |
Source: | Code function: | 1_2_00402AD4 | |
Source: | Code function: | 1_2_00402AFC |
Source: | Static PE information: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Code function: | 1_2_00403D74 |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 1_2_00402B7C |
Source: | Process token adjusted: | Jump to behavior | ||
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 1_2_0040317B |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion: |
---|
Writes to foreign memory regions | Show sources |
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior |
.NET source code references suspicious native API functions | Show sources |
Source: | Reference to suspicious API methods: |
Allocates memory in foreign processes | Show sources |
Source: | Memory allocated: | Jump to behavior |
Injects a PE file into a foreign processes | Show sources |
Source: | Memory written: | Jump to behavior |
Source: | Process created: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Code function: | 1_2_00406069 |
Stealing of Sensitive Information: |
---|
Yara detected Lokibot | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Tries to steal Mail credentials (via file / registry access) | Show sources |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) | Show sources |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Tries to harvest and steal ftp login credentials | Show sources |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Tries to steal Mail credentials (via file registry) | Show sources |
Source: | Code function: | 1_2_0040D069 | |
Source: | Code function: | 1_2_0040D069 |
Tries to harvest and steal browser information (history, passwords, etc) | Show sources |
Source: | File opened: | Jump to behavior |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality: |
---|
Yara detected Lokibot | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Native API1 | Scheduled Task/Job1 | Access Token Manipulation1 | Disable or Modify Tools1 | OS Credential Dumping2 | Account Discovery1 | Remote Services | Archive Collected Data1 | Exfiltration Over Other Network Medium | Ingress Tool Transfer3 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job1 | Boot or Logon Initialization Scripts | Process Injection312 | Deobfuscate/Decode Files or Information1 | Credentials in Registry2 | File and Directory Discovery1 | Remote Desktop Protocol | Data from Local System2 | Exfiltration Over Bluetooth | Encrypted Channel12 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Scheduled Task/Job1 | Obfuscated Files or Information3 | Security Account Manager | System Information Discovery13 | SMB/Windows Admin Shares | Email Collection1 | Automated Exfiltration | Non-Application Layer Protocol3 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Software Packing3 | NTDS | Security Software Discovery11 | Distributed Component Object Model | Input Capture | Scheduled Transfer | Application Layer Protocol114 | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | Masquerading1 | LSA Secrets | Process Discovery1 | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | Virtualization/Sandbox Evasion21 | Cached Domain Credentials | Virtualization/Sandbox Evasion21 | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | Access Token Manipulation1 | DCSync | System Owner/User Discovery1 | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | Process Injection312 | Proc Filesystem | Remote System Discovery1 | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | TR/Dropper.MSIL.Gen | ||
100% | Joe Sandbox ML |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Dropper.MSIL.Gen | Download File | ||
100% | Avira | HEUR/AGEN.1133163 | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File |
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe |
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
jnxxx1.xyz | 104.21.60.171 | true | true | unknown |
Contacted URLs |
---|
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown |
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
Contacted IPs |
---|
General Information |
---|
Joe Sandbox Version: | 34.0.0 Boulder Opal |
Analysis ID: | 553234 |
Start date: | 14.01.2022 |
Start time: | 14:24:17 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 5m 54s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | gunzipped.exe |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 16 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@3/3@60/3 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
Time | Type | Description |
---|---|---|
14:25:21 | API Interceptor |
Joe Sandbox View / Context |
---|
IPs |
---|
No context |
---|
Domains |
---|
No context |
---|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
CLOUDFLARENETUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
CLOUDFLARENETUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
No context |
---|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | C:\Users\user\Desktop\gunzipped.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 654 |
Entropy (8bit): | 5.374391981354885 |
Encrypted: | false |
SSDEEP: | 12:Q3La/KDLI4MWuPTxAIOKbbDLI4MWuPOKN08JOKhap+92n4MNQpN9tv:ML9E4KrgKDE4KGKN08AKh6+84xpNT |
MD5: | C8A62E39DE7A3F805D39384E8BABB1E0 |
SHA1: | B32B1257401F17A2D1D5D3CC1D8C1E072E3FEE31 |
SHA-256: | A7BC127854C5327ABD50C86000BF10586B556A5E085BB23523B07A15DD4C5383 |
SHA-512: | 7DB2825131F5CDA6AF33A179D9F7CD0A206FF34AE50D6E66DE9E99BE2CD1CB985B88C00F0EDE72BBC4467E7E42B5DC6132403AA2EC1A0A7A6D11766C438B10C3 |
Malicious: | true |
Reputation: | moderate, very likely benign file |
Preview: |
|
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:U:U |
MD5: | C4CA4238A0B923820DCC509A6F75849B |
SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
|
Process: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 46 |
Entropy (8bit): | 1.0424600748477153 |
Encrypted: | false |
SSDEEP: | 3:/lbq:4 |
MD5: | 8CB7B7F28464C3FCBAE8A10C46204572 |
SHA1: | 767FE80969EC2E67F54CC1B6D383C76E7859E2DE |
SHA-256: | ED5E3DCEB0A1D68803745084985051C1ED41E11AC611DF8600B1A471F3752E96 |
SHA-512: | 9BA84225FDB6C0FD69AD99B69824EC5B8D2B8FD3BB4610576DB4AD79ADF381F7F82C4C9522EC89F7171907577FAF1B4E70B82364F516CF8BBFED99D2ADEA43AF |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 7.712814063964112 |
TrID: |
|
File name: | gunzipped.exe |
File size: | 207368 |
MD5: | a76b143e354a2ac9f363616ff4f8b239 |
SHA1: | 51bb9b6f0c004d4532ae7f83b58554c924f4d3cc |
SHA256: | d9bad692a869fdb2d3e9ec678e50f27e2dbe2f1fef185a8480df7eb5562d88f0 |
SHA512: | 08caf51783da2b857699ca0063410464e35faeec64a44d4e35ed7e098f5fa6447d36c8a01de7ab9ecbd863e690a910328ccb503e66a9ef679a98031bf5be5369 |
SSDEEP: | 3072:68RW5D8ndLRtj/fs+BrOxK2+pwWS8HaTvhwmo0hb2bRcO4RNNqV45M6/xsmFU3Gz:68rJT6x0Sxvhwmo0hb2bN0vz/lR |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....n.a.................R..........>p... ........@.. .......................@............@................................ |
File Icon |
---|
Icon Hash: | f8e6c6c5d5c4e4e8 |
Static PE Info |
---|
General | |
---|---|
Entrypoint: | 0x42703e |
Entrypoint Section: | .text |
Digitally signed: | true |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED |
DLL Characteristics: | NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT |
Time Stamp: | 0x61E16EDC [Fri Jan 14 12:38:52 2022 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | v4.0.30319 |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Authenticode Signature |
---|
Signature Valid: | false |
Signature Issuer: | CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US |
Signature Validation Error: | The digital signature of the object did not verify |
Error Number: | -2146869232 |
Not Before, Not After |
|
Subject Chain |
|
Version: | 3 |
Thumbprint MD5: | EA2EAC5068FCE34E887927373AB894A0 |
Thumbprint SHA-1: | 9DC17888B5CFAD98B3CB35C1994E96227F061675 |
Thumbprint SHA-256: | 37A8A01D0CF930DCA58E725400AD06DD550970B92F49B0C3A15B321B4E4097DA |
Serial: | 33000001B1DDEDBA54E965B85F0001000001B1 |
Entrypoint Preview |
---|
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Data Directories |
---|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x26fe4 | 0x57 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x2a000 | 0x9600 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x2ec00 | 0x3e08 | .rsrc |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x28000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Sections |
---|
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x25044 | 0x25200 | False | 0.906703756313 | data | 7.8171876408 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
.reloc | 0x28000 | 0xc | 0x200 | False | 0.044921875 | data | 0.101910425663 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
.rsrc | 0x2a000 | 0x9600 | 0x9600 | False | 0.674609375 | data | 6.83137933544 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Resources |
---|
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_ICON | 0x2a1f0 | 0x468 | GLS_BINARY_LSB_FIRST | ||
RT_ICON | 0x2a658 | 0x988 | data | ||
RT_ICON | 0x2afe0 | 0x10a8 | dBase IV DBT of @.DBF, block length 4096, next free block index 40, next free block 57889722, next used block 7558074 | ||
RT_ICON | 0x2c088 | 0x25a8 | dBase IV DBT of `.DBF, block length 9216, next free block index 40, next free block 0, next used block 0 | ||
RT_ICON | 0x2e630 | 0x4b3c | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | ||
RT_GROUP_ICON | 0x3316c | 0x4c | data | ||
RT_VERSION | 0x331b8 | 0x25c | data | ||
RT_MANIFEST | 0x33414 | 0x1ea | XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators |
Imports |
---|
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Version Infos |
---|
Description | Data |
---|---|
Translation | 0x0000 0x04b0 |
LegalCopyright | |
Assembly Version | 0.0.0.0 |
InternalName | LLLOOOLKKIIII.exe |
FileVersion | 0.0.0.0 |
ProductVersion | 0.0.0.0 |
FileDescription | |
OriginalFilename | LLLOOOLKKIIII.exe |
Network Behavior |
---|
Snort IDS Alerts |
---|
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
01/14/22-14:25:18.175313 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:18.175313 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:18.175313 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:18.175313 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:19.900110 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:19.900110 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:19.900110 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:19.900110 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:21.284630 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:21.284630 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:21.284630 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:21.284630 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:23.253971 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:23.253971 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:23.253971 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:23.253971 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:25.064096 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:25.064096 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:25.064096 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:25.064096 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:26.426706 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:26.426706 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:26.426706 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:26.426706 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:27.981180 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:27.981180 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:27.981180 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:27.981180 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:30.190933 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:30.190933 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:30.190933 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:30.190933 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:31.656934 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:31.656934 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:31.656934 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:31.656934 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:33.128240 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:33.128240 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:33.128240 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:33.128240 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:34.630207 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:34.630207 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:34.630207 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:34.630207 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:35.944353 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:35.944353 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:35.944353 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:35.944353 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:37.320518 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:37.320518 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:37.320518 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:37.320518 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:38.912356 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:38.912356 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:38.912356 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:38.912356 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:41.572780 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:41.572780 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:41.572780 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:41.572780 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:43.959684 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:43.959684 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:43.959684 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:43.959684 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:46.505955 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:46.505955 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:46.505955 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:46.505955 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:48.319340 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:48.319340 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:48.319340 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:48.319340 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:50.057956 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:50.057956 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:50.057956 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:50.057956 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:51.752908 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:51.752908 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:51.752908 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:51.752908 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:53.149995 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:53.149995 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:53.149995 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:53.149995 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:54.980188 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:54.980188 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:54.980188 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:54.980188 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:25:57.480514 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:57.480514 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:57.480514 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:57.480514 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:59.305785 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:59.305785 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:59.305785 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:25:59.305785 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:01.263490 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:01.263490 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:01.263490 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:01.263490 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:02.695748 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:02.695748 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:02.695748 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:02.695748 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:04.152079 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:04.152079 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:04.152079 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:04.152079 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:06.129704 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:06.129704 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:06.129704 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:06.129704 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:07.683357 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:07.683357 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:07.683357 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:07.683357 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:10.439183 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:10.439183 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:10.439183 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:10.439183 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:12.298204 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:12.298204 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:12.298204 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:12.298204 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:17.304219 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:17.304219 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:17.304219 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:17.304219 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:21.377816 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:21.377816 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:21.377816 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:21.377816 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:25.951454 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:25.951454 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:25.951454 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:25.951454 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:31.541839 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:31.541839 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:31.541839 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:31.541839 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:35.369697 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:35.369697 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:35.369697 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:35.369697 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:37.609826 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:37.609826 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:37.609826 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:37.609826 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:38.999421 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:38.999421 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:38.999421 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:38.999421 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:40.507004 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:40.507004 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:40.507004 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:40.507004 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:42.324571 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:42.324571 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:42.324571 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:42.324571 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:44.323356 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:44.323356 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:44.323356 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:44.323356 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:45.981353 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:45.981353 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:45.981353 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:45.981353 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:47.483133 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:47.483133 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:47.483133 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:47.483133 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:48.973044 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:48.973044 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:48.973044 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:48.973044 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:50.474064 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:50.474064 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:50.474064 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:50.474064 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:52.091601 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:52.091601 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:52.091601 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:52.091601 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:26:55.192747 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:55.192747 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:55.192747 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:55.192747 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:56.736108 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:56.736108 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:56.736108 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:56.736108 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:58.241653 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:58.241653 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:58.241653 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:26:58.241653 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:01.355495 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:01.355495 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:01.355495 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:01.355495 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:03.312330 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:03.312330 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:03.312330 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:03.312330 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:05.323353 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:05.323353 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:05.323353 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:05.323353 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:08.256759 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:08.256759 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:08.256759 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:08.256759 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:09.950748 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:09.950748 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:09.950748 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:09.950748 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:11.589922 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:11.589922 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:11.589922 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:11.589922 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:13.021372 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:13.021372 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:13.021372 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:13.021372 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:14.416694 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:14.416694 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:14.416694 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:14.416694 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
01/14/22-14:27:15.866209 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:15.866209 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:15.866209 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:15.866209 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:17.283952 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:17.283952 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:17.283952 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:17.283952 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:18.647021 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:18.647021 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:18.647021 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
01/14/22-14:27:18.647021 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 14, 2022 14:25:08.461890936 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462043047 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462141037 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462203979 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462255955 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462275982 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462393045 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462426901 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.462483883 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.478625059 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.478894949 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.478910923 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.478990078 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479005098 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479068041 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479084969 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479099989 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479115009 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479173899 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479190111 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479219913 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479237080 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479252100 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479290009 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.479542017 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479557991 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479573965 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479589939 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479604006 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479620934 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479635954 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479746103 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479762077 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479779005 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479794979 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479819059 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479835987 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479938984 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479955912 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.479990959 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.480096102 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.480113029 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.480129004 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.480144024 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.480175972 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.480190992 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.480218887 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.480235100 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.481970072 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.482047081 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:08.513525963 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:08.513669014 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:18.096652031 CET | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:18.172437906 CET | 80 | 49770 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:18.172559023 CET | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:18.175312996 CET | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:18.259957075 CET | 80 | 49770 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:18.260062933 CET | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:18.348066092 CET | 80 | 49770 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:18.682698011 CET | 80 | 49770 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:18.682831049 CET | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:18.684098005 CET | 80 | 49770 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:18.684140921 CET | 49770 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:18.742661953 CET | 80 | 49770 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:19.841773033 CET | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:19.897301912 CET | 80 | 49771 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:19.897445917 CET | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:19.900110006 CET | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:19.937967062 CET | 80 | 49771 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:19.938043118 CET | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:19.972281933 CET | 80 | 49771 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:20.352523088 CET | 80 | 49771 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:20.352603912 CET | 80 | 49771 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:20.352715969 CET | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:20.352797031 CET | 49771 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:20.443968058 CET | 80 | 49771 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:21.100265980 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100362062 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100455999 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100528002 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100599051 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100646019 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100672007 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100711107 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100743055 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.100778103 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.116976023 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117002010 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117012978 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117023945 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117037058 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117047071 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117058039 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117089987 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117180109 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117206097 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117228031 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117238998 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117290974 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117326975 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117336035 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117383003 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117393970 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117419004 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117429972 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117441893 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117451906 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117530107 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117542028 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117568970 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117578983 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117585897 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117597103 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117643118 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117685080 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117727995 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117738962 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117757082 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117767096 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117803097 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117841959 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117871046 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117897034 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117928028 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117939949 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117963076 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117974997 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.117981911 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118051052 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118062019 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118068933 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118082047 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118089914 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118128061 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118139029 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118149042 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118202925 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118241072 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118326902 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118400097 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.118406057 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118443012 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.118488073 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.155281067 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:21.155425072 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:21.191754103 CET | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:21.281090021 CET | 80 | 49772 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:21.281250000 CET | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:21.284630060 CET | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:21.729773998 CET | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:21.806811094 CET | 80 | 49772 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:22.203110933 CET | 80 | 49772 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:22.203301907 CET | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:22.203527927 CET | 80 | 49772 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:22.203576088 CET | 49772 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:22.294064045 CET | 80 | 49772 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:23.155999899 CET | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:23.250284910 CET | 80 | 49773 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:23.250415087 CET | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:23.253971100 CET | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:23.346724987 CET | 80 | 49773 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:23.346813917 CET | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:23.450628996 CET | 80 | 49773 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:23.789335012 CET | 80 | 49773 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:23.789751053 CET | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:23.789957047 CET | 80 | 49773 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:23.790043116 CET | 49773 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:23.873374939 CET | 80 | 49773 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:25.043798923 CET | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:25.060858965 CET | 80 | 49774 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:25.060986996 CET | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:25.064095974 CET | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:25.081228018 CET | 80 | 49774 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:25.081356049 CET | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:25.098287106 CET | 80 | 49774 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:25.444298029 CET | 80 | 49774 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:25.444322109 CET | 80 | 49774 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:25.444505930 CET | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:25.444576025 CET | 49774 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:25.461621046 CET | 80 | 49774 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:26.187875986 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.188119888 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.188297987 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.188369036 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.188400030 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.188422918 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.188734055 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.188819885 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.189094067 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.189153910 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.189207077 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.204780102 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.204826117 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.204850912 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.204876900 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.204902887 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.204927921 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.204955101 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.204998016 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205024958 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205049992 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205075026 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205126047 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205152988 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205260992 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205286980 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205378056 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205408096 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205434084 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205459118 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205483913 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205512047 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205534935 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205560923 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205585003 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205646038 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205670118 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205780983 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205807924 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205833912 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205888033 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205914021 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205939054 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.205957890 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.206017971 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206044912 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206068993 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206094027 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206176043 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206202984 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206226110 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206252098 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206279039 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206301928 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206409931 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206439018 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206464052 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206538916 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206562042 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206643105 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206670046 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206716061 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206743002 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206871986 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206896067 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206967115 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.206993103 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207036018 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207130909 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207159042 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207181931 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207206964 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207212925 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.207235098 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207258940 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207283974 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207310915 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207334995 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207360983 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207489014 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207514048 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207539082 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.207564116 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.232059956 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.232234955 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.238857985 CET | 443 | 49703 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:25:26.238949060 CET | 49703 | 443 | 192.168.2.4 | 204.79.197.200 |
Jan 14, 2022 14:25:26.388613939 CET | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:26.419080019 CET | 80 | 49775 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:26.419270992 CET | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:26.426706076 CET | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:26.456785917 CET | 80 | 49775 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:26.456890106 CET | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:26.487011909 CET | 80 | 49775 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:26.838350058 CET | 80 | 49775 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:26.838468075 CET | 80 | 49775 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:26.838567972 CET | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:26.838613987 CET | 49775 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:26.868603945 CET | 80 | 49775 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:27.961045027 CET | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:27.978343964 CET | 80 | 49776 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:27.978460073 CET | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:27.981179953 CET | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:27.998245955 CET | 80 | 49776 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:27.998352051 CET | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:28.015265942 CET | 80 | 49776 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:28.344696045 CET | 80 | 49776 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:28.345057964 CET | 80 | 49776 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:28.348674059 CET | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:28.581149101 CET | 49776 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:28.598100901 CET | 80 | 49776 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:30.165427923 CET | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:30.186559916 CET | 80 | 49777 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:30.186744928 CET | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:30.190932989 CET | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:30.212151051 CET | 80 | 49777 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:30.212232113 CET | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:30.238076925 CET | 80 | 49777 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:30.670999050 CET | 80 | 49777 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:30.671042919 CET | 80 | 49777 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:30.671113014 CET | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:30.671174049 CET | 49777 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:30.696882963 CET | 80 | 49777 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:31.628381014 CET | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:31.652892113 CET | 80 | 49778 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:31.653043985 CET | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:31.656934023 CET | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:31.681303024 CET | 80 | 49778 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:31.681468964 CET | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:31.705836058 CET | 80 | 49778 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:32.048904896 CET | 80 | 49778 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:32.048963070 CET | 80 | 49778 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:32.049098015 CET | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:32.049132109 CET | 49778 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:32.073616028 CET | 80 | 49778 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:33.022769928 CET | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:33.120654106 CET | 80 | 49779 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:33.121088982 CET | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:33.128240108 CET | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:33.227130890 CET | 80 | 49779 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:33.227273941 CET | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:33.527707100 CET | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:33.636812925 CET | 80 | 49779 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:33.700928926 CET | 80 | 49779 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:33.701178074 CET | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:33.701201916 CET | 80 | 49779 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:33.701314926 CET | 49779 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:33.798995018 CET | 80 | 49779 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:34.610435963 CET | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:34.627587080 CET | 80 | 49780 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:34.627660036 CET | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:34.630207062 CET | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:34.647053003 CET | 80 | 49780 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:34.647131920 CET | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:34.664019108 CET | 80 | 49780 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:35.002677917 CET | 80 | 49780 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:35.002809048 CET | 80 | 49780 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:35.002890110 CET | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:35.004184008 CET | 49780 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:35.019850016 CET | 80 | 49780 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:35.911545038 CET | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:35.940680981 CET | 80 | 49781 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:35.940833092 CET | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:35.944353104 CET | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:35.973377943 CET | 80 | 49781 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:35.973469973 CET | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:36.002584934 CET | 80 | 49781 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:36.349956036 CET | 80 | 49781 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:36.350013971 CET | 80 | 49781 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:36.350122929 CET | 49781 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:36.379270077 CET | 80 | 49781 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:37.290254116 CET | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:37.317270041 CET | 80 | 49782 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:37.317822933 CET | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:37.320518017 CET | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:37.347434998 CET | 80 | 49782 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:37.351161957 CET | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:37.378110886 CET | 80 | 49782 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:37.702580929 CET | 80 | 49782 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:37.702728033 CET | 80 | 49782 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:37.702728033 CET | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:37.702780962 CET | 49782 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:37.729605913 CET | 80 | 49782 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:38.879698992 CET | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:38.909497023 CET | 80 | 49783 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:38.909621954 CET | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:38.912355900 CET | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:38.942107916 CET | 80 | 49783 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:38.942234039 CET | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:38.972028971 CET | 80 | 49783 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:39.325426102 CET | 80 | 49783 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:39.325563908 CET | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:39.325566053 CET | 80 | 49783 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:39.325633049 CET | 49783 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:39.355474949 CET | 80 | 49783 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:41.531430960 CET | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:41.569806099 CET | 80 | 49786 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:41.569917917 CET | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:41.572779894 CET | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:41.610992908 CET | 80 | 49786 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:41.611071110 CET | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:41.650115967 CET | 80 | 49786 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:41.999090910 CET | 80 | 49786 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:41.999126911 CET | 80 | 49786 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:41.999187946 CET | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:41.999243021 CET | 49786 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:42.037601948 CET | 80 | 49786 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:43.928330898 CET | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:43.952549934 CET | 80 | 49787 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:43.952698946 CET | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:43.959683895 CET | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:43.984132051 CET | 80 | 49787 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:43.984225988 CET | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:44.008908987 CET | 80 | 49787 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:44.329082012 CET | 80 | 49787 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:44.329155922 CET | 80 | 49787 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:44.329281092 CET | 49787 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:44.353625059 CET | 80 | 49787 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:46.468699932 CET | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:46.498197079 CET | 80 | 49788 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:46.498378038 CET | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:46.505954981 CET | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:46.534858942 CET | 80 | 49788 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:46.535011053 CET | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:46.564146996 CET | 80 | 49788 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:46.927402973 CET | 80 | 49788 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:46.927454948 CET | 80 | 49788 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:46.927577972 CET | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:46.927670956 CET | 49788 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:46.956782103 CET | 80 | 49788 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:48.286775112 CET | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:48.316529989 CET | 80 | 49789 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:48.316629887 CET | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:48.319339991 CET | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:48.349266052 CET | 80 | 49789 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:48.349365950 CET | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:48.379653931 CET | 80 | 49789 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:48.711286068 CET | 80 | 49789 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:48.711338043 CET | 80 | 49789 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:48.711486101 CET | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:48.711524010 CET | 49789 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:48.742075920 CET | 80 | 49789 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:50.036998034 CET | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:50.054275036 CET | 80 | 49790 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:50.054542065 CET | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:50.057955980 CET | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:50.075298071 CET | 80 | 49790 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:50.076698065 CET | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:50.094057083 CET | 80 | 49790 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:50.433623075 CET | 80 | 49790 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:50.433671951 CET | 80 | 49790 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:50.433777094 CET | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:50.433835030 CET | 49790 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:50.450978041 CET | 80 | 49790 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:51.719722033 CET | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:51.736747026 CET | 80 | 49791 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:51.736848116 CET | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:51.752907991 CET | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:51.769941092 CET | 80 | 49791 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:51.771976948 CET | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:51.788964033 CET | 80 | 49791 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:52.128684998 CET | 80 | 49791 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:52.129395962 CET | 80 | 49791 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:52.129549026 CET | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:52.129576921 CET | 49791 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:52.146783113 CET | 80 | 49791 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:53.041480064 CET | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:53.131686926 CET | 80 | 49792 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:53.131840944 CET | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:53.149995089 CET | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:53.235912085 CET | 80 | 49792 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:53.236032963 CET | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:53.323843956 CET | 80 | 49792 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:53.673243999 CET | 80 | 49792 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:53.673360109 CET | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:53.673535109 CET | 80 | 49792 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:53.673593998 CET | 49792 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:53.766319990 CET | 80 | 49792 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:54.882421017 CET | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:54.973294020 CET | 80 | 49793 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:54.973609924 CET | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:54.980187893 CET | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:55.073731899 CET | 80 | 49793 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:55.073844910 CET | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:55.388900995 CET | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:55.485395908 CET | 80 | 49793 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:55.532751083 CET | 80 | 49793 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:55.532778025 CET | 80 | 49793 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:55.532861948 CET | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:55.532912970 CET | 49793 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:25:55.633548975 CET | 80 | 49793 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:25:57.450432062 CET | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:57.477722883 CET | 80 | 49794 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:57.477821112 CET | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:57.480514050 CET | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:57.507260084 CET | 80 | 49794 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:57.507500887 CET | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:57.534250975 CET | 80 | 49794 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:57.907254934 CET | 80 | 49794 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:57.907286882 CET | 80 | 49794 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:57.907365084 CET | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:57.907393932 CET | 49794 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:57.934206009 CET | 80 | 49794 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:59.285607100 CET | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:59.302675962 CET | 80 | 49795 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:59.302797079 CET | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:59.305784941 CET | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:59.322745085 CET | 80 | 49795 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:59.322840929 CET | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:59.339775085 CET | 80 | 49795 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:59.466034889 CET | 80 | 49686 | 178.79.242.0 | 192.168.2.4 |
Jan 14, 2022 14:25:59.466160059 CET | 49686 | 80 | 192.168.2.4 | 178.79.242.0 |
Jan 14, 2022 14:25:59.466221094 CET | 49686 | 80 | 192.168.2.4 | 178.79.242.0 |
Jan 14, 2022 14:25:59.486655951 CET | 80 | 49686 | 178.79.242.0 | 192.168.2.4 |
Jan 14, 2022 14:25:59.608274937 CET | 49689 | 80 | 192.168.2.4 | 41.63.96.0 |
Jan 14, 2022 14:25:59.630219936 CET | 80 | 49689 | 41.63.96.0 | 192.168.2.4 |
Jan 14, 2022 14:25:59.630263090 CET | 80 | 49689 | 41.63.96.0 | 192.168.2.4 |
Jan 14, 2022 14:25:59.630341053 CET | 49689 | 80 | 192.168.2.4 | 41.63.96.0 |
Jan 14, 2022 14:25:59.681890011 CET | 80 | 49795 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:59.681927919 CET | 80 | 49795 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:25:59.681974888 CET | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:59.682012081 CET | 49795 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:25:59.699059963 CET | 80 | 49795 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:00.057492971 CET | 80 | 49695 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:26:00.057732105 CET | 49695 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:00.988126040 CET | 49711 | 443 | 192.168.2.4 | 23.211.5.146 |
Jan 14, 2022 14:26:00.988290071 CET | 49712 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:01.052807093 CET | 80 | 49687 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:26:01.052830935 CET | 80 | 49710 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:26:01.054321051 CET | 49687 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:01.054353952 CET | 49710 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:01.224894047 CET | 80 | 49696 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:26:01.224989891 CET | 49696 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:01.226582050 CET | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:01.256784916 CET | 80 | 49796 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:01.256974936 CET | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:01.263489962 CET | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:01.293823957 CET | 80 | 49796 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:01.294467926 CET | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:01.324796915 CET | 80 | 49796 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:01.693718910 CET | 80 | 49796 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:01.693845034 CET | 80 | 49796 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:01.693887949 CET | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:01.693921089 CET | 49796 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:01.724083900 CET | 80 | 49796 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:02.202414989 CET | 80 | 49709 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:26:02.202539921 CET | 49709 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:02.674890995 CET | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:02.691915035 CET | 80 | 49797 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:02.692075968 CET | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:02.695748091 CET | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:02.712707043 CET | 80 | 49797 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:02.712770939 CET | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:02.729760885 CET | 80 | 49797 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:03.051789999 CET | 80 | 49797 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:03.051841974 CET | 80 | 49797 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:03.051985979 CET | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:03.052023888 CET | 49797 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:03.068994999 CET | 80 | 49797 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:04.132368088 CET | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:04.149338007 CET | 80 | 49798 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:04.149437904 CET | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:04.152079105 CET | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:04.168940067 CET | 80 | 49798 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:04.171654940 CET | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:04.188496113 CET | 80 | 49798 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:05.166765928 CET | 80 | 49798 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:05.166811943 CET | 80 | 49798 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:05.166891098 CET | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:05.167771101 CET | 49798 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:05.187027931 CET | 80 | 49798 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:06.096712112 CET | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:06.125792027 CET | 80 | 49800 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:06.126080036 CET | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:06.129703999 CET | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:06.158653975 CET | 80 | 49800 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:06.158782959 CET | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:06.187726974 CET | 80 | 49800 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:06.518989086 CET | 80 | 49800 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:06.519236088 CET | 80 | 49800 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:06.520000935 CET | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:06.520041943 CET | 49800 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:06.548953056 CET | 80 | 49800 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:07.659334898 CET | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:07.676486015 CET | 80 | 49807 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:07.676696062 CET | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:07.683357000 CET | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:07.700326920 CET | 80 | 49807 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:07.700562000 CET | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:07.717406988 CET | 80 | 49807 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:08.067053080 CET | 80 | 49807 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:08.067275047 CET | 80 | 49807 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:08.067347050 CET | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:08.070053101 CET | 49807 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:08.084273100 CET | 80 | 49807 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:09.269391060 CET | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:10.417978048 CET | 80 | 49819 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:10.418109894 CET | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:10.439182997 CET | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:10.534286976 CET | 80 | 49819 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:10.534377098 CET | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:10.630732059 CET | 80 | 49819 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:11.098567963 CET | 80 | 49819 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:11.098707914 CET | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:11.189239979 CET | 80 | 49819 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:11.847198009 CET | 80 | 49819 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:11.847320080 CET | 49819 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:12.197496891 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:12.295299053 CET | 80 | 49834 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:12.295434952 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:12.298203945 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:12.399924040 CET | 80 | 49834 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:12.400031090 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:12.702789068 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:12.802057981 CET | 80 | 49834 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:13.037069082 CET | 80 | 49834 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:13.037170887 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:13.323570013 CET | 80 | 49834 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:13.323796034 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:13.325114012 CET | 49834 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:13.389555931 CET | 80 | 49834 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:17.281042099 CET | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:17.300894022 CET | 80 | 49837 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:17.300976038 CET | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:17.304219007 CET | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:17.321677923 CET | 80 | 49837 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:17.321748972 CET | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:17.338829994 CET | 80 | 49837 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:17.689928055 CET | 80 | 49837 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:17.690191031 CET | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:17.690488100 CET | 80 | 49837 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:17.690752029 CET | 49837 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:17.707195044 CET | 80 | 49837 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:21.271955967 CET | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:21.369967937 CET | 80 | 49839 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:21.370131016 CET | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:21.377815962 CET | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:21.475122929 CET | 80 | 49839 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:21.475260019 CET | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:21.573885918 CET | 80 | 49839 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:21.929169893 CET | 80 | 49839 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:21.929383993 CET | 80 | 49839 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:21.929387093 CET | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:21.929476023 CET | 49839 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:22.025845051 CET | 80 | 49839 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:25.930886030 CET | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:25.947932005 CET | 80 | 49845 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:25.948033094 CET | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:25.951453924 CET | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:25.968436003 CET | 80 | 49845 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:25.968569040 CET | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:25.985608101 CET | 80 | 49845 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:26.320724964 CET | 80 | 49845 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:26.321027040 CET | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:26.321238995 CET | 80 | 49845 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:26.321687937 CET | 49845 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:26.338219881 CET | 80 | 49845 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:31.521516085 CET | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:31.538400888 CET | 80 | 49846 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:31.538482904 CET | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:31.541838884 CET | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:31.558662891 CET | 80 | 49846 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:31.558747053 CET | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:31.575612068 CET | 80 | 49846 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:31.907454967 CET | 80 | 49846 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:31.907594919 CET | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:31.908498049 CET | 80 | 49846 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:31.908627987 CET | 49846 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:31.924557924 CET | 80 | 49846 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:35.274544954 CET | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:35.366327047 CET | 80 | 49847 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:35.366544962 CET | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:35.369697094 CET | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:35.465936899 CET | 80 | 49847 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:35.468916893 CET | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:35.562331915 CET | 80 | 49847 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:35.928399086 CET | 80 | 49847 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:35.928602934 CET | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:35.928903103 CET | 80 | 49847 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:35.928967953 CET | 49847 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:36.029649973 CET | 80 | 49847 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:37.566684961 CET | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:37.605098009 CET | 80 | 49855 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:37.605214119 CET | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:37.609826088 CET | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:37.648226023 CET | 80 | 49855 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:37.648319960 CET | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:37.686709881 CET | 80 | 49855 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:38.051615000 CET | 80 | 49855 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:38.051675081 CET | 80 | 49855 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:38.051748037 CET | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:38.051788092 CET | 49855 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:38.090116024 CET | 80 | 49855 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:38.979736090 CET | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:38.996746063 CET | 80 | 49862 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:38.996934891 CET | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:38.999420881 CET | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:39.016375065 CET | 80 | 49862 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:39.017647982 CET | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:39.034557104 CET | 80 | 49862 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:39.379360914 CET | 80 | 49862 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:39.379529953 CET | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:39.379558086 CET | 80 | 49862 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:39.379651070 CET | 49862 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:39.396361113 CET | 80 | 49862 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:40.484225035 CET | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:40.501403093 CET | 80 | 49870 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:40.501501083 CET | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:40.507004023 CET | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:40.524180889 CET | 80 | 49870 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:40.524266958 CET | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:40.541300058 CET | 80 | 49870 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:40.857378006 CET | 80 | 49870 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:40.857477903 CET | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:40.857505083 CET | 80 | 49870 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:40.857558966 CET | 49870 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:40.874526978 CET | 80 | 49870 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:42.287856102 CET | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:42.317095995 CET | 80 | 49874 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:42.317265987 CET | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:42.324570894 CET | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:42.353796959 CET | 80 | 49874 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:42.353892088 CET | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:42.383074045 CET | 80 | 49874 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:42.731487989 CET | 80 | 49874 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:42.731662989 CET | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:42.731736898 CET | 80 | 49874 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:42.731822968 CET | 49874 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:42.760915995 CET | 80 | 49874 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:44.298357964 CET | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:44.315501928 CET | 80 | 49875 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:44.315630913 CET | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:44.323355913 CET | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:44.340529919 CET | 80 | 49875 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:44.340663910 CET | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:44.357690096 CET | 80 | 49875 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:44.712300062 CET | 80 | 49875 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:44.712415934 CET | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:44.712606907 CET | 80 | 49875 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:44.712677956 CET | 49875 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:44.729314089 CET | 80 | 49875 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:45.957962036 CET | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:45.974941015 CET | 80 | 49876 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:45.975084066 CET | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:45.981353045 CET | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:45.998343945 CET | 80 | 49876 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:45.998447895 CET | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:46.015299082 CET | 80 | 49876 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:46.338185072 CET | 80 | 49876 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:46.338299036 CET | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:46.338330984 CET | 80 | 49876 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:46.338537931 CET | 49876 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:46.355118990 CET | 80 | 49876 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:47.376585007 CET | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:47.474118948 CET | 80 | 49877 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:47.474423885 CET | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:47.483133078 CET | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:47.578716040 CET | 80 | 49877 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:47.578831911 CET | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:47.675643921 CET | 80 | 49877 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:48.047214031 CET | 80 | 49877 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:48.047369957 CET | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:48.047713995 CET | 80 | 49877 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:48.047781944 CET | 49877 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:48.141237974 CET | 80 | 49877 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:48.952578068 CET | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:48.969583988 CET | 80 | 49878 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:48.969734907 CET | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:48.973043919 CET | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:48.990103960 CET | 80 | 49878 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:48.990541935 CET | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:49.007460117 CET | 80 | 49878 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:49.253103018 CET | 49687 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:49.269649029 CET | 80 | 49687 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:26:49.269783020 CET | 49687 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:26:49.336987019 CET | 80 | 49878 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:49.337194920 CET | 80 | 49878 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:49.337346077 CET | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:49.337707996 CET | 49878 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:49.354295015 CET | 80 | 49878 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:50.374344110 CET | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:50.469793081 CET | 80 | 49879 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:50.469898939 CET | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:50.474064112 CET | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:50.571918964 CET | 80 | 49879 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:50.572000980 CET | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:50.668741941 CET | 80 | 49879 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:51.038902998 CET | 80 | 49879 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:51.038928032 CET | 80 | 49879 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:51.039109945 CET | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:51.039176941 CET | 49879 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:51.132672071 CET | 80 | 49879 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:51.991477966 CET | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:52.083719015 CET | 80 | 49880 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:52.083930016 CET | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:52.091600895 CET | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:52.186295033 CET | 80 | 49880 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:52.186388016 CET | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:52.275774956 CET | 80 | 49880 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:52.842978954 CET | 80 | 49880 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:52.843156099 CET | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:53.140511036 CET | 80 | 49880 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:53.140779972 CET | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:53.140841007 CET | 49880 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:26:53.236166954 CET | 80 | 49880 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:26:54.092025042 CET | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:55.189666033 CET | 80 | 49881 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:55.189922094 CET | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:55.192747116 CET | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:55.272069931 CET | 80 | 49881 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:55.272387981 CET | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:55.351213932 CET | 80 | 49881 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:55.731466055 CET | 80 | 49881 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:55.731579065 CET | 80 | 49881 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:55.731714964 CET | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:55.731750011 CET | 49881 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:55.818156958 CET | 80 | 49881 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:56.701184034 CET | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:56.728475094 CET | 80 | 49882 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:56.728688955 CET | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:56.736108065 CET | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:56.763432026 CET | 80 | 49882 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:56.763600111 CET | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:56.790910006 CET | 80 | 49882 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:57.128308058 CET | 80 | 49882 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:57.128493071 CET | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:57.128743887 CET | 80 | 49882 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:57.128810883 CET | 49882 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:57.155812979 CET | 80 | 49882 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:58.155426025 CET | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:58.236694098 CET | 80 | 49883 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:58.239077091 CET | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:58.241652966 CET | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:58.550448895 CET | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:58.649410963 CET | 80 | 49883 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:59.003459930 CET | 80 | 49883 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:59.003598928 CET | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:59.003959894 CET | 80 | 49883 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:26:59.004017115 CET | 49883 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:26:59.077198982 CET | 80 | 49883 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:01.333604097 CET | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:01.352843046 CET | 80 | 49885 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:01.352996111 CET | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:01.355494976 CET | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:01.372490883 CET | 80 | 49885 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:01.372617006 CET | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:01.390853882 CET | 80 | 49885 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:01.400583982 CET | 443 | 49707 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:01.493411064 CET | 80 | 49695 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:01.493514061 CET | 49695 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:01.713457108 CET | 80 | 49885 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:01.713489056 CET | 80 | 49885 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:01.713587999 CET | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:01.716655970 CET | 49885 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:01.732640982 CET | 80 | 49885 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:02.076736927 CET | 443 | 49698 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:02.278592110 CET | 443 | 49701 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:02.489151001 CET | 80 | 49710 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:02.489229918 CET | 49710 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:02.668869972 CET | 80 | 49696 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:02.668955088 CET | 49696 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:02.983283043 CET | 443 | 49693 | 13.107.5.88 | 192.168.2.4 |
Jan 14, 2022 14:27:03.283417940 CET | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:03.304430962 CET | 80 | 49886 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:03.304642916 CET | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:03.312330008 CET | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:03.333656073 CET | 80 | 49886 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:03.333803892 CET | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:03.356978893 CET | 80 | 49886 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:03.642215967 CET | 80 | 49709 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:03.644171000 CET | 49709 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:03.696619987 CET | 80 | 49886 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:03.696655989 CET | 80 | 49886 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:03.696855068 CET | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:03.696911097 CET | 49886 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:03.717552900 CET | 80 | 49886 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:04.753102064 CET | 443 | 49705 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:05.010967970 CET | 443 | 49706 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:05.257639885 CET | 443 | 49692 | 13.107.5.88 | 192.168.2.4 |
Jan 14, 2022 14:27:05.302567959 CET | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:05.319838047 CET | 80 | 49887 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:05.319974899 CET | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:05.323353052 CET | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:05.340454102 CET | 80 | 49887 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:05.340586901 CET | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:05.348468065 CET | 443 | 49702 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:05.357681036 CET | 80 | 49887 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:05.513237000 CET | 443 | 49717 | 13.107.246.254 | 192.168.2.4 |
Jan 14, 2022 14:27:05.702493906 CET | 80 | 49887 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:05.702629089 CET | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:05.702815056 CET | 80 | 49887 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:05.702874899 CET | 49887 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:05.719793081 CET | 80 | 49887 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:06.037482977 CET | 443 | 49700 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:07.351699114 CET | 443 | 49694 | 13.107.42.16 | 192.168.2.4 |
Jan 14, 2022 14:27:07.426646948 CET | 443 | 49697 | 204.79.197.222 | 192.168.2.4 |
Jan 14, 2022 14:27:07.800295115 CET | 443 | 49718 | 13.107.3.254 | 192.168.2.4 |
Jan 14, 2022 14:27:08.236874104 CET | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:08.253911972 CET | 80 | 49888 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:08.254005909 CET | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:08.256758928 CET | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:08.273987055 CET | 80 | 49888 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:08.274077892 CET | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:08.292392969 CET | 80 | 49888 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:08.628438950 CET | 80 | 49888 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:08.628483057 CET | 80 | 49888 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:08.628586054 CET | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:08.628638029 CET | 49888 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:08.647006989 CET | 80 | 49888 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:09.823038101 CET | 443 | 49704 | 204.79.197.200 | 192.168.2.4 |
Jan 14, 2022 14:27:09.930531025 CET | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:09.947597980 CET | 80 | 49889 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:09.947721004 CET | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:09.950747967 CET | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:09.969495058 CET | 80 | 49889 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:09.969602108 CET | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:09.986496925 CET | 80 | 49889 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:10.356292963 CET | 80 | 49889 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:10.356345892 CET | 80 | 49889 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:10.356501102 CET | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:10.356585026 CET | 49889 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:10.373538017 CET | 80 | 49889 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:11.564724922 CET | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:11.581917048 CET | 80 | 49890 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:11.582056999 CET | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:11.589921951 CET | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:11.607029915 CET | 80 | 49890 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:11.607122898 CET | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:11.624135971 CET | 80 | 49890 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:11.970370054 CET | 80 | 49890 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:11.970417023 CET | 80 | 49890 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:11.970608950 CET | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:11.970679045 CET | 49890 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:11.987688065 CET | 80 | 49890 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:12.987725973 CET | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:13.014674902 CET | 80 | 49891 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:13.014820099 CET | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:13.021372080 CET | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:13.048278093 CET | 80 | 49891 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:13.048382998 CET | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:13.079008102 CET | 80 | 49891 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:13.388837099 CET | 80 | 49891 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:13.388972998 CET | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:13.389008045 CET | 80 | 49891 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:13.389067888 CET | 49891 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:13.415857077 CET | 80 | 49891 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:14.379209042 CET | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:14.408823013 CET | 80 | 49892 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:14.408965111 CET | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:14.416693926 CET | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:14.446230888 CET | 80 | 49892 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:14.446366072 CET | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:14.477338076 CET | 80 | 49892 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:14.794965029 CET | 80 | 49892 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:14.795082092 CET | 80 | 49892 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:14.795244932 CET | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:14.795281887 CET | 49892 | 80 | 192.168.2.4 | 172.67.198.111 |
Jan 14, 2022 14:27:14.826872110 CET | 80 | 49892 | 172.67.198.111 | 192.168.2.4 |
Jan 14, 2022 14:27:15.006545067 CET | 80 | 49696 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:15.006650925 CET | 49696 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:15.025695086 CET | 80 | 49710 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:15.025824070 CET | 49710 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:15.101555109 CET | 80 | 49709 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:15.101881981 CET | 49709 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:15.637079000 CET | 80 | 49695 | 93.184.220.29 | 192.168.2.4 |
Jan 14, 2022 14:27:15.637170076 CET | 49695 | 80 | 192.168.2.4 | 93.184.220.29 |
Jan 14, 2022 14:27:15.837182999 CET | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:15.858856916 CET | 80 | 49893 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:15.859010935 CET | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:15.866209030 CET | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:15.887164116 CET | 80 | 49893 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:15.887274981 CET | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:15.908154964 CET | 80 | 49893 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:16.288630009 CET | 80 | 49893 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:16.288815975 CET | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:16.291990995 CET | 80 | 49893 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:16.292149067 CET | 49893 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:16.309900045 CET | 80 | 49893 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:17.259157896 CET | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:17.276221037 CET | 80 | 49894 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:17.276367903 CET | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:17.283951998 CET | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:17.302807093 CET | 80 | 49894 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:17.303031921 CET | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:17.320218086 CET | 80 | 49894 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:17.637202978 CET | 80 | 49894 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:17.637248039 CET | 80 | 49894 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:17.637517929 CET | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:17.637581110 CET | 49894 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:17.654671907 CET | 80 | 49894 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:18.623142958 CET | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:18.640196085 CET | 80 | 49895 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:18.640326977 CET | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:18.647021055 CET | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:18.664036036 CET | 80 | 49895 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:18.664117098 CET | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:18.681006908 CET | 80 | 49895 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:19.002940893 CET | 80 | 49895 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:19.002993107 CET | 80 | 49895 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:19.003146887 CET | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:19.003190994 CET | 49895 | 80 | 192.168.2.4 | 104.21.60.171 |
Jan 14, 2022 14:27:19.020144939 CET | 80 | 49895 | 104.21.60.171 | 192.168.2.4 |
Jan 14, 2022 14:27:21.833481073 CET | 80 | 49704 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.833583117 CET | 49704 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.835242033 CET | 80 | 49703 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.836476088 CET | 49703 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.838269949 CET | 80 | 49702 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.838424921 CET | 49702 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.840432882 CET | 80 | 49700 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.840523005 CET | 49700 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.840677977 CET | 80 | 49699 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.840792894 CET | 49699 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.842271090 CET | 80 | 49701 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.842412949 CET | 49701 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.842525959 CET | 80 | 49698 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.843374968 CET | 49698 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.845333099 CET | 80 | 49696 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.845654964 CET | 80 | 49695 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.845733881 CET | 49696 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.846395969 CET | 49695 | 80 | 192.168.2.4 | 173.222.108.226 |
Jan 14, 2022 14:27:21.849235058 CET | 80 | 49697 | 173.222.108.226 | 192.168.2.4 |
Jan 14, 2022 14:27:21.849308014 CET | 49697 | 80 | 192.168.2.4 | 173.222.108.226 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 14, 2022 14:25:18.056624889 CET | 53097 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:18.082303047 CET | 53 | 53097 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:19.820640087 CET | 49257 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:19.840229034 CET | 53 | 49257 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:21.168129921 CET | 62389 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:21.190475941 CET | 53 | 62389 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:23.134006977 CET | 49910 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:23.153997898 CET | 53 | 49910 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:25.017433882 CET | 55854 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:25.042206049 CET | 53 | 55854 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:26.369333982 CET | 64549 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:26.386985064 CET | 53 | 64549 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:27.930038929 CET | 63153 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:27.955796957 CET | 53 | 63153 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:30.142900944 CET | 52991 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:30.163605928 CET | 53 | 52991 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:31.608867884 CET | 53700 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:31.626277924 CET | 53 | 53700 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:32.993509054 CET | 51726 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:33.019890070 CET | 53 | 51726 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:34.589889050 CET | 56794 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:34.609421015 CET | 53 | 56794 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:35.890702963 CET | 56534 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:35.910164118 CET | 53 | 56534 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:37.271411896 CET | 56627 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:37.289113045 CET | 53 | 56627 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:38.860811949 CET | 56621 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:38.878523111 CET | 53 | 56621 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:41.510195971 CET | 64078 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:41.529974937 CET | 53 | 64078 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:43.901807070 CET | 64801 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:43.926961899 CET | 53 | 64801 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:46.438158035 CET | 61721 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:46.466119051 CET | 53 | 61721 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:48.264461994 CET | 51255 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:48.285516024 CET | 53 | 51255 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:50.015372992 CET | 61522 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:50.034662008 CET | 53 | 61522 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:51.699372053 CET | 52337 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:51.718610048 CET | 53 | 52337 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:53.013324976 CET | 55046 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:53.040281057 CET | 53 | 55046 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:54.860903025 CET | 49612 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:54.880390882 CET | 53 | 49612 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:57.426099062 CET | 49285 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:57.448802948 CET | 53 | 49285 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:25:59.264833927 CET | 50601 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:25:59.284394979 CET | 53 | 50601 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:01.205447912 CET | 60875 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:01.225044012 CET | 53 | 60875 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:02.654102087 CET | 56448 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:02.673482895 CET | 53 | 56448 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:04.113353968 CET | 59172 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:04.130435944 CET | 53 | 59172 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:06.077826977 CET | 60579 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:06.095539093 CET | 53 | 60579 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:07.638314962 CET | 59794 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:07.657782078 CET | 53 | 59794 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:09.248760939 CET | 60689 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:09.268064976 CET | 53 | 60689 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:12.172061920 CET | 50904 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:12.191605091 CET | 53 | 50904 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:17.260008097 CET | 57525 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:17.279648066 CET | 53 | 57525 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:21.247929096 CET | 53418 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:21.269567013 CET | 53 | 53418 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:25.912548065 CET | 62833 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:25.929693937 CET | 53 | 62833 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:31.500365019 CET | 59260 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:31.519778967 CET | 53 | 59260 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:35.253140926 CET | 49944 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:35.270370007 CET | 53 | 49944 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:37.545703888 CET | 63300 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:37.565352917 CET | 53 | 63300 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:38.956957102 CET | 61449 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:38.978286028 CET | 53 | 61449 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:40.463562965 CET | 51275 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:40.482383013 CET | 53 | 51275 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:42.266510963 CET | 63492 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:42.286091089 CET | 53 | 63492 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:44.275732040 CET | 58945 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:44.295249939 CET | 53 | 58945 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:45.937252998 CET | 60779 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:45.956788063 CET | 53 | 60779 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:47.353239059 CET | 64014 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:47.373985052 CET | 53 | 64014 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:48.931447029 CET | 57091 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:48.950748920 CET | 53 | 57091 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:50.353661060 CET | 55904 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:50.373054981 CET | 53 | 55904 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:51.968323946 CET | 52109 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:51.989608049 CET | 53 | 52109 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:54.071371078 CET | 54450 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:54.090604067 CET | 53 | 54450 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:56.679383039 CET | 49374 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:56.698745012 CET | 53 | 49374 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:26:58.131524086 CET | 50436 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:26:58.151236057 CET | 53 | 50436 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:01.310575962 CET | 54256 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:01.331875086 CET | 53 | 54256 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:03.261573076 CET | 52189 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:03.280853987 CET | 53 | 52189 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:05.280379057 CET | 56131 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:05.299772978 CET | 53 | 56131 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:08.216839075 CET | 62992 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:08.235579014 CET | 53 | 62992 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:09.910355091 CET | 54432 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:09.929234028 CET | 53 | 54432 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:11.542715073 CET | 57227 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:11.562249899 CET | 53 | 57227 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:12.968863964 CET | 58383 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:12.986362934 CET | 53 | 58383 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:14.357517004 CET | 63136 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:14.377444029 CET | 53 | 63136 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:15.818676949 CET | 50911 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:15.835823059 CET | 53 | 50911 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:17.237107992 CET | 63409 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:17.256669044 CET | 53 | 63409 | 8.8.8.8 | 192.168.2.4 |
Jan 14, 2022 14:27:18.602826118 CET | 59185 | 53 | 192.168.2.4 | 8.8.8.8 |
Jan 14, 2022 14:27:18.622642994 CET | 53 | 59185 | 8.8.8.8 | 192.168.2.4 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Jan 14, 2022 14:25:18.056624889 CET | 192.168.2.4 | 8.8.8.8 | 0x8e89 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:19.820640087 CET | 192.168.2.4 | 8.8.8.8 | 0x97d3 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:21.168129921 CET | 192.168.2.4 | 8.8.8.8 | 0x8b03 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:23.134006977 CET | 192.168.2.4 | 8.8.8.8 | 0xace4 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:25.017433882 CET | 192.168.2.4 | 8.8.8.8 | 0xfc4c | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:26.369333982 CET | 192.168.2.4 | 8.8.8.8 | 0xcf70 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:27.930038929 CET | 192.168.2.4 | 8.8.8.8 | 0x4ff7 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:30.142900944 CET | 192.168.2.4 | 8.8.8.8 | 0x7f97 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:31.608867884 CET | 192.168.2.4 | 8.8.8.8 | 0x731b | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:32.993509054 CET | 192.168.2.4 | 8.8.8.8 | 0x6663 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:34.589889050 CET | 192.168.2.4 | 8.8.8.8 | 0xb93a | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:35.890702963 CET | 192.168.2.4 | 8.8.8.8 | 0x29d6 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:37.271411896 CET | 192.168.2.4 | 8.8.8.8 | 0xe5c | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:38.860811949 CET | 192.168.2.4 | 8.8.8.8 | 0x15c | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:41.510195971 CET | 192.168.2.4 | 8.8.8.8 | 0x6840 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:43.901807070 CET | 192.168.2.4 | 8.8.8.8 | 0x6af4 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:46.438158035 CET | 192.168.2.4 | 8.8.8.8 | 0x605a | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:48.264461994 CET | 192.168.2.4 | 8.8.8.8 | 0x2f61 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:50.015372992 CET | 192.168.2.4 | 8.8.8.8 | 0x1305 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:51.699372053 CET | 192.168.2.4 | 8.8.8.8 | 0xc8a9 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:53.013324976 CET | 192.168.2.4 | 8.8.8.8 | 0xb114 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:54.860903025 CET | 192.168.2.4 | 8.8.8.8 | 0x763d | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:57.426099062 CET | 192.168.2.4 | 8.8.8.8 | 0x4a3c | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:25:59.264833927 CET | 192.168.2.4 | 8.8.8.8 | 0x64ef | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:01.205447912 CET | 192.168.2.4 | 8.8.8.8 | 0x2e50 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:02.654102087 CET | 192.168.2.4 | 8.8.8.8 | 0x59d9 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:04.113353968 CET | 192.168.2.4 | 8.8.8.8 | 0xacb9 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:06.077826977 CET | 192.168.2.4 | 8.8.8.8 | 0x9f0b | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:07.638314962 CET | 192.168.2.4 | 8.8.8.8 | 0x4d46 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:09.248760939 CET | 192.168.2.4 | 8.8.8.8 | 0x5fee | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:12.172061920 CET | 192.168.2.4 | 8.8.8.8 | 0x575a | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:17.260008097 CET | 192.168.2.4 | 8.8.8.8 | 0xa3ce | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:21.247929096 CET | 192.168.2.4 | 8.8.8.8 | 0xe127 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:25.912548065 CET | 192.168.2.4 | 8.8.8.8 | 0x5d13 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:31.500365019 CET | 192.168.2.4 | 8.8.8.8 | 0x21b9 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:35.253140926 CET | 192.168.2.4 | 8.8.8.8 | 0xb7fa | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:37.545703888 CET | 192.168.2.4 | 8.8.8.8 | 0xd6ba | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:38.956957102 CET | 192.168.2.4 | 8.8.8.8 | 0x3fe | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:40.463562965 CET | 192.168.2.4 | 8.8.8.8 | 0x330e | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:42.266510963 CET | 192.168.2.4 | 8.8.8.8 | 0x7f5d | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:44.275732040 CET | 192.168.2.4 | 8.8.8.8 | 0xcb02 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:45.937252998 CET | 192.168.2.4 | 8.8.8.8 | 0x6dfb | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:47.353239059 CET | 192.168.2.4 | 8.8.8.8 | 0x2a39 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:48.931447029 CET | 192.168.2.4 | 8.8.8.8 | 0x61e6 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:50.353661060 CET | 192.168.2.4 | 8.8.8.8 | 0xd717 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:51.968323946 CET | 192.168.2.4 | 8.8.8.8 | 0xbdac | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:54.071371078 CET | 192.168.2.4 | 8.8.8.8 | 0x6bf6 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:56.679383039 CET | 192.168.2.4 | 8.8.8.8 | 0x57ef | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:26:58.131524086 CET | 192.168.2.4 | 8.8.8.8 | 0xfb1e | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:01.310575962 CET | 192.168.2.4 | 8.8.8.8 | 0x2659 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:03.261573076 CET | 192.168.2.4 | 8.8.8.8 | 0xb719 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:05.280379057 CET | 192.168.2.4 | 8.8.8.8 | 0x3b77 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:08.216839075 CET | 192.168.2.4 | 8.8.8.8 | 0x80bc | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:09.910355091 CET | 192.168.2.4 | 8.8.8.8 | 0xec4d | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:11.542715073 CET | 192.168.2.4 | 8.8.8.8 | 0xc52a | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:12.968863964 CET | 192.168.2.4 | 8.8.8.8 | 0x830c | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:14.357517004 CET | 192.168.2.4 | 8.8.8.8 | 0x5f51 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:15.818676949 CET | 192.168.2.4 | 8.8.8.8 | 0x6800 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:17.237107992 CET | 192.168.2.4 | 8.8.8.8 | 0x4719 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jan 14, 2022 14:27:18.602826118 CET | 192.168.2.4 | 8.8.8.8 | 0xbe8a | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Jan 14, 2022 14:25:18.082303047 CET | 8.8.8.8 | 192.168.2.4 | 0x8e89 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:18.082303047 CET | 8.8.8.8 | 192.168.2.4 | 0x8e89 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:19.840229034 CET | 8.8.8.8 | 192.168.2.4 | 0x97d3 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:19.840229034 CET | 8.8.8.8 | 192.168.2.4 | 0x97d3 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:21.190475941 CET | 8.8.8.8 | 192.168.2.4 | 0x8b03 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:21.190475941 CET | 8.8.8.8 | 192.168.2.4 | 0x8b03 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:23.153997898 CET | 8.8.8.8 | 192.168.2.4 | 0xace4 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:23.153997898 CET | 8.8.8.8 | 192.168.2.4 | 0xace4 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:25.042206049 CET | 8.8.8.8 | 192.168.2.4 | 0xfc4c | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:25.042206049 CET | 8.8.8.8 | 192.168.2.4 | 0xfc4c | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:26.386985064 CET | 8.8.8.8 | 192.168.2.4 | 0xcf70 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:26.386985064 CET | 8.8.8.8 | 192.168.2.4 | 0xcf70 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:27.955796957 CET | 8.8.8.8 | 192.168.2.4 | 0x4ff7 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:27.955796957 CET | 8.8.8.8 | 192.168.2.4 | 0x4ff7 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:30.163605928 CET | 8.8.8.8 | 192.168.2.4 | 0x7f97 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:30.163605928 CET | 8.8.8.8 | 192.168.2.4 | 0x7f97 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:31.626277924 CET | 8.8.8.8 | 192.168.2.4 | 0x731b | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:31.626277924 CET | 8.8.8.8 | 192.168.2.4 | 0x731b | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:33.019890070 CET | 8.8.8.8 | 192.168.2.4 | 0x6663 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:33.019890070 CET | 8.8.8.8 | 192.168.2.4 | 0x6663 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:34.609421015 CET | 8.8.8.8 | 192.168.2.4 | 0xb93a | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:34.609421015 CET | 8.8.8.8 | 192.168.2.4 | 0xb93a | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:35.910164118 CET | 8.8.8.8 | 192.168.2.4 | 0x29d6 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:35.910164118 CET | 8.8.8.8 | 192.168.2.4 | 0x29d6 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:37.289113045 CET | 8.8.8.8 | 192.168.2.4 | 0xe5c | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:37.289113045 CET | 8.8.8.8 | 192.168.2.4 | 0xe5c | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:38.878523111 CET | 8.8.8.8 | 192.168.2.4 | 0x15c | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:38.878523111 CET | 8.8.8.8 | 192.168.2.4 | 0x15c | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:41.529974937 CET | 8.8.8.8 | 192.168.2.4 | 0x6840 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:41.529974937 CET | 8.8.8.8 | 192.168.2.4 | 0x6840 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:43.926961899 CET | 8.8.8.8 | 192.168.2.4 | 0x6af4 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:43.926961899 CET | 8.8.8.8 | 192.168.2.4 | 0x6af4 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:46.466119051 CET | 8.8.8.8 | 192.168.2.4 | 0x605a | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:46.466119051 CET | 8.8.8.8 | 192.168.2.4 | 0x605a | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:48.285516024 CET | 8.8.8.8 | 192.168.2.4 | 0x2f61 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:48.285516024 CET | 8.8.8.8 | 192.168.2.4 | 0x2f61 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:50.034662008 CET | 8.8.8.8 | 192.168.2.4 | 0x1305 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:50.034662008 CET | 8.8.8.8 | 192.168.2.4 | 0x1305 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:51.718610048 CET | 8.8.8.8 | 192.168.2.4 | 0xc8a9 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:51.718610048 CET | 8.8.8.8 | 192.168.2.4 | 0xc8a9 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:53.040281057 CET | 8.8.8.8 | 192.168.2.4 | 0xb114 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:53.040281057 CET | 8.8.8.8 | 192.168.2.4 | 0xb114 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:54.880390882 CET | 8.8.8.8 | 192.168.2.4 | 0x763d | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:54.880390882 CET | 8.8.8.8 | 192.168.2.4 | 0x763d | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:57.448802948 CET | 8.8.8.8 | 192.168.2.4 | 0x4a3c | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:57.448802948 CET | 8.8.8.8 | 192.168.2.4 | 0x4a3c | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:59.284394979 CET | 8.8.8.8 | 192.168.2.4 | 0x64ef | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:25:59.284394979 CET | 8.8.8.8 | 192.168.2.4 | 0x64ef | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:01.225044012 CET | 8.8.8.8 | 192.168.2.4 | 0x2e50 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:01.225044012 CET | 8.8.8.8 | 192.168.2.4 | 0x2e50 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:02.673482895 CET | 8.8.8.8 | 192.168.2.4 | 0x59d9 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:02.673482895 CET | 8.8.8.8 | 192.168.2.4 | 0x59d9 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:04.130435944 CET | 8.8.8.8 | 192.168.2.4 | 0xacb9 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:04.130435944 CET | 8.8.8.8 | 192.168.2.4 | 0xacb9 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:06.095539093 CET | 8.8.8.8 | 192.168.2.4 | 0x9f0b | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:06.095539093 CET | 8.8.8.8 | 192.168.2.4 | 0x9f0b | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:07.657782078 CET | 8.8.8.8 | 192.168.2.4 | 0x4d46 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:07.657782078 CET | 8.8.8.8 | 192.168.2.4 | 0x4d46 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:09.268064976 CET | 8.8.8.8 | 192.168.2.4 | 0x5fee | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:09.268064976 CET | 8.8.8.8 | 192.168.2.4 | 0x5fee | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:12.191605091 CET | 8.8.8.8 | 192.168.2.4 | 0x575a | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:12.191605091 CET | 8.8.8.8 | 192.168.2.4 | 0x575a | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:17.279648066 CET | 8.8.8.8 | 192.168.2.4 | 0xa3ce | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:17.279648066 CET | 8.8.8.8 | 192.168.2.4 | 0xa3ce | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:21.269567013 CET | 8.8.8.8 | 192.168.2.4 | 0xe127 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:21.269567013 CET | 8.8.8.8 | 192.168.2.4 | 0xe127 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:25.929693937 CET | 8.8.8.8 | 192.168.2.4 | 0x5d13 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:25.929693937 CET | 8.8.8.8 | 192.168.2.4 | 0x5d13 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:31.519778967 CET | 8.8.8.8 | 192.168.2.4 | 0x21b9 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:31.519778967 CET | 8.8.8.8 | 192.168.2.4 | 0x21b9 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:35.270370007 CET | 8.8.8.8 | 192.168.2.4 | 0xb7fa | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:35.270370007 CET | 8.8.8.8 | 192.168.2.4 | 0xb7fa | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:37.565352917 CET | 8.8.8.8 | 192.168.2.4 | 0xd6ba | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:37.565352917 CET | 8.8.8.8 | 192.168.2.4 | 0xd6ba | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:38.978286028 CET | 8.8.8.8 | 192.168.2.4 | 0x3fe | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:38.978286028 CET | 8.8.8.8 | 192.168.2.4 | 0x3fe | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:40.482383013 CET | 8.8.8.8 | 192.168.2.4 | 0x330e | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:40.482383013 CET | 8.8.8.8 | 192.168.2.4 | 0x330e | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:42.286091089 CET | 8.8.8.8 | 192.168.2.4 | 0x7f5d | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:42.286091089 CET | 8.8.8.8 | 192.168.2.4 | 0x7f5d | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:44.295249939 CET | 8.8.8.8 | 192.168.2.4 | 0xcb02 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:44.295249939 CET | 8.8.8.8 | 192.168.2.4 | 0xcb02 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:45.956788063 CET | 8.8.8.8 | 192.168.2.4 | 0x6dfb | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:45.956788063 CET | 8.8.8.8 | 192.168.2.4 | 0x6dfb | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:47.373985052 CET | 8.8.8.8 | 192.168.2.4 | 0x2a39 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:47.373985052 CET | 8.8.8.8 | 192.168.2.4 | 0x2a39 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:48.950748920 CET | 8.8.8.8 | 192.168.2.4 | 0x61e6 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:48.950748920 CET | 8.8.8.8 | 192.168.2.4 | 0x61e6 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:50.373054981 CET | 8.8.8.8 | 192.168.2.4 | 0xd717 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:50.373054981 CET | 8.8.8.8 | 192.168.2.4 | 0xd717 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:51.989608049 CET | 8.8.8.8 | 192.168.2.4 | 0xbdac | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:51.989608049 CET | 8.8.8.8 | 192.168.2.4 | 0xbdac | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:54.090604067 CET | 8.8.8.8 | 192.168.2.4 | 0x6bf6 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:54.090604067 CET | 8.8.8.8 | 192.168.2.4 | 0x6bf6 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:56.698745012 CET | 8.8.8.8 | 192.168.2.4 | 0x57ef | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:56.698745012 CET | 8.8.8.8 | 192.168.2.4 | 0x57ef | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:58.151236057 CET | 8.8.8.8 | 192.168.2.4 | 0xfb1e | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:26:58.151236057 CET | 8.8.8.8 | 192.168.2.4 | 0xfb1e | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:01.331875086 CET | 8.8.8.8 | 192.168.2.4 | 0x2659 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:01.331875086 CET | 8.8.8.8 | 192.168.2.4 | 0x2659 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:03.280853987 CET | 8.8.8.8 | 192.168.2.4 | 0xb719 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:03.280853987 CET | 8.8.8.8 | 192.168.2.4 | 0xb719 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:05.299772978 CET | 8.8.8.8 | 192.168.2.4 | 0x3b77 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:05.299772978 CET | 8.8.8.8 | 192.168.2.4 | 0x3b77 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:08.235579014 CET | 8.8.8.8 | 192.168.2.4 | 0x80bc | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:08.235579014 CET | 8.8.8.8 | 192.168.2.4 | 0x80bc | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:09.929234028 CET | 8.8.8.8 | 192.168.2.4 | 0xec4d | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:09.929234028 CET | 8.8.8.8 | 192.168.2.4 | 0xec4d | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:11.562249899 CET | 8.8.8.8 | 192.168.2.4 | 0xc52a | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:11.562249899 CET | 8.8.8.8 | 192.168.2.4 | 0xc52a | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:12.986362934 CET | 8.8.8.8 | 192.168.2.4 | 0x830c | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:12.986362934 CET | 8.8.8.8 | 192.168.2.4 | 0x830c | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:14.377444029 CET | 8.8.8.8 | 192.168.2.4 | 0x5f51 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:14.377444029 CET | 8.8.8.8 | 192.168.2.4 | 0x5f51 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:15.835823059 CET | 8.8.8.8 | 192.168.2.4 | 0x6800 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:15.835823059 CET | 8.8.8.8 | 192.168.2.4 | 0x6800 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:17.256669044 CET | 8.8.8.8 | 192.168.2.4 | 0x4719 | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:17.256669044 CET | 8.8.8.8 | 192.168.2.4 | 0x4719 | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:18.622642994 CET | 8.8.8.8 | 192.168.2.4 | 0xbe8a | No error (0) | 104.21.60.171 | A (IP address) | IN (0x0001) | ||
Jan 14, 2022 14:27:18.622642994 CET | 8.8.8.8 | 192.168.2.4 | 0xbe8a | No error (0) | 172.67.198.111 | A (IP address) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.4 | 49770 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:18.175312996 CET | 1136 | OUT | |
Jan 14, 2022 14:25:18.260062933 CET | 1136 | OUT | |
Jan 14, 2022 14:25:18.682698011 CET | 1137 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.2.4 | 49771 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:19.900110006 CET | 1138 | OUT | |
Jan 14, 2022 14:25:19.938043118 CET | 1138 | OUT | |
Jan 14, 2022 14:25:20.352523088 CET | 1139 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
10 | 192.168.2.4 | 49780 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:34.630207062 CET | 1339 | OUT | |
Jan 14, 2022 14:25:34.647131920 CET | 1339 | OUT | |
Jan 14, 2022 14:25:35.002677917 CET | 1340 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
11 | 192.168.2.4 | 49781 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:35.944353104 CET | 1341 | OUT | |
Jan 14, 2022 14:25:35.973469973 CET | 1341 | OUT | |
Jan 14, 2022 14:25:36.349956036 CET | 1342 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
12 | 192.168.2.4 | 49782 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:37.320518017 CET | 1343 | OUT | |
Jan 14, 2022 14:25:37.351161957 CET | 1343 | OUT | |
Jan 14, 2022 14:25:37.702580929 CET | 1344 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
13 | 192.168.2.4 | 49783 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:38.912355900 CET | 1345 | OUT | |
Jan 14, 2022 14:25:38.942234039 CET | 1345 | OUT | |
Jan 14, 2022 14:25:39.325426102 CET | 1346 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
14 | 192.168.2.4 | 49786 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:41.572779894 CET | 1369 | OUT | |
Jan 14, 2022 14:25:41.611071110 CET | 1369 | OUT | |
Jan 14, 2022 14:25:41.999090910 CET | 1370 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
15 | 192.168.2.4 | 49787 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:43.959683895 CET | 1371 | OUT | |
Jan 14, 2022 14:25:43.984225988 CET | 1371 | OUT | |
Jan 14, 2022 14:25:44.329082012 CET | 1372 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
16 | 192.168.2.4 | 49788 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:46.505954981 CET | 1373 | OUT | |
Jan 14, 2022 14:25:46.535011053 CET | 1373 | OUT | |
Jan 14, 2022 14:25:46.927402973 CET | 1374 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
17 | 192.168.2.4 | 49789 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:48.319339991 CET | 1375 | OUT | |
Jan 14, 2022 14:25:48.349365950 CET | 1375 | OUT | |
Jan 14, 2022 14:25:48.711286068 CET | 1376 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
18 | 192.168.2.4 | 49790 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:50.057955980 CET | 1377 | OUT | |
Jan 14, 2022 14:25:50.076698065 CET | 1377 | OUT | |
Jan 14, 2022 14:25:50.433623075 CET | 1378 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
19 | 192.168.2.4 | 49791 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:51.752907991 CET | 1379 | OUT | |
Jan 14, 2022 14:25:51.771976948 CET | 1379 | OUT | |
Jan 14, 2022 14:25:52.128684998 CET | 1380 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
2 | 192.168.2.4 | 49772 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:21.284630060 CET | 1235 | OUT | |
Jan 14, 2022 14:25:21.729773998 CET | 1235 | OUT | |
Jan 14, 2022 14:25:22.203110933 CET | 1236 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
20 | 192.168.2.4 | 49792 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:53.149995089 CET | 1380 | OUT | |
Jan 14, 2022 14:25:53.236032963 CET | 1381 | OUT | |
Jan 14, 2022 14:25:53.673243999 CET | 1381 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
21 | 192.168.2.4 | 49793 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:54.980187893 CET | 1382 | OUT | |
Jan 14, 2022 14:25:55.073844910 CET | 1383 | OUT | |
Jan 14, 2022 14:25:55.388900995 CET | 1383 | OUT | |
Jan 14, 2022 14:25:55.532751083 CET | 1384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
22 | 192.168.2.4 | 49794 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:57.480514050 CET | 1384 | OUT | |
Jan 14, 2022 14:25:57.507500887 CET | 1385 | OUT | |
Jan 14, 2022 14:25:57.907254934 CET | 1385 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
23 | 192.168.2.4 | 49795 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:59.305784941 CET | 1386 | OUT | |
Jan 14, 2022 14:25:59.322840929 CET | 1387 | OUT | |
Jan 14, 2022 14:25:59.681890011 CET | 1388 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
24 | 192.168.2.4 | 49796 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:01.263489962 CET | 1389 | OUT | |
Jan 14, 2022 14:26:01.294467926 CET | 1389 | OUT | |
Jan 14, 2022 14:26:01.693718910 CET | 1390 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
25 | 192.168.2.4 | 49797 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:02.695748091 CET | 1391 | OUT | |
Jan 14, 2022 14:26:02.712770939 CET | 1391 | OUT | |
Jan 14, 2022 14:26:03.051789999 CET | 1392 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
26 | 192.168.2.4 | 49798 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:04.152079105 CET | 1393 | OUT | |
Jan 14, 2022 14:26:04.171654940 CET | 1393 | OUT | |
Jan 14, 2022 14:26:05.166765928 CET | 1394 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
27 | 192.168.2.4 | 49800 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:06.129703999 CET | 1401 | OUT | |
Jan 14, 2022 14:26:06.158782959 CET | 1401 | OUT | |
Jan 14, 2022 14:26:06.518989086 CET | 1444 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
28 | 192.168.2.4 | 49807 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:07.683357000 CET | 1543 | OUT | |
Jan 14, 2022 14:26:07.700562000 CET | 1544 | OUT | |
Jan 14, 2022 14:26:08.067053080 CET | 1626 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
29 | 192.168.2.4 | 49819 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:10.439182997 CET | 1958 | OUT | |
Jan 14, 2022 14:26:10.534377098 CET | 1960 | OUT | |
Jan 14, 2022 14:26:11.098567963 CET | 2156 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
3 | 192.168.2.4 | 49773 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:23.253971100 CET | 1236 | OUT | |
Jan 14, 2022 14:25:23.346813917 CET | 1237 | OUT | |
Jan 14, 2022 14:25:23.789335012 CET | 1237 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
30 | 192.168.2.4 | 49834 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:12.298203945 CET | 2182 | OUT | |
Jan 14, 2022 14:26:12.400031090 CET | 2182 | OUT | |
Jan 14, 2022 14:26:12.702789068 CET | 2183 | OUT | |
Jan 14, 2022 14:26:13.323570013 CET | 2183 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
31 | 192.168.2.4 | 49837 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:17.304219007 CET | 2194 | OUT | |
Jan 14, 2022 14:26:17.321748972 CET | 2194 | OUT | |
Jan 14, 2022 14:26:17.689928055 CET | 2224 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
32 | 192.168.2.4 | 49839 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:21.377815962 CET | 2246 | OUT | |
Jan 14, 2022 14:26:21.475260019 CET | 2246 | OUT | |
Jan 14, 2022 14:26:21.929169893 CET | 2247 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
33 | 192.168.2.4 | 49845 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:25.951453924 CET | 3591 | OUT | |
Jan 14, 2022 14:26:25.968569040 CET | 3916 | OUT | |
Jan 14, 2022 14:26:26.320724964 CET | 5895 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
34 | 192.168.2.4 | 49846 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:31.541838884 CET | 10009 | OUT | |
Jan 14, 2022 14:26:31.558747053 CET | 10009 | OUT | |
Jan 14, 2022 14:26:31.907454967 CET | 10010 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
35 | 192.168.2.4 | 49847 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:35.369697094 CET | 10011 | OUT | |
Jan 14, 2022 14:26:35.468916893 CET | 10011 | OUT | |
Jan 14, 2022 14:26:35.928399086 CET | 10012 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
36 | 192.168.2.4 | 49855 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:37.609826088 CET | 10794 | OUT | |
Jan 14, 2022 14:26:37.648319960 CET | 10795 | OUT | |
Jan 14, 2022 14:26:38.051615000 CET | 10801 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
37 | 192.168.2.4 | 49862 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:38.999420881 CET | 10812 | OUT | |
Jan 14, 2022 14:26:39.017647982 CET | 10813 | OUT | |
Jan 14, 2022 14:26:39.379360914 CET | 10817 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
38 | 192.168.2.4 | 49870 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:40.507004023 CET | 10831 | OUT | |
Jan 14, 2022 14:26:40.524266958 CET | 10831 | OUT | |
Jan 14, 2022 14:26:40.857378006 CET | 10835 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
39 | 192.168.2.4 | 49874 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:42.324570894 CET | 10839 | OUT | |
Jan 14, 2022 14:26:42.353892088 CET | 10840 | OUT | |
Jan 14, 2022 14:26:42.731487989 CET | 10840 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
4 | 192.168.2.4 | 49774 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:25.064095974 CET | 1238 | OUT | |
Jan 14, 2022 14:25:25.081356049 CET | 1239 | OUT | |
Jan 14, 2022 14:25:25.444298029 CET | 1239 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
40 | 192.168.2.4 | 49875 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:44.323355913 CET | 10841 | OUT | |
Jan 14, 2022 14:26:44.340663910 CET | 10841 | OUT | |
Jan 14, 2022 14:26:44.712300062 CET | 10842 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
41 | 192.168.2.4 | 49876 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:45.981353045 CET | 10843 | OUT | |
Jan 14, 2022 14:26:45.998447895 CET | 10843 | OUT | |
Jan 14, 2022 14:26:46.338185072 CET | 10844 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
42 | 192.168.2.4 | 49877 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:47.483133078 CET | 10845 | OUT | |
Jan 14, 2022 14:26:47.578831911 CET | 10845 | OUT | |
Jan 14, 2022 14:26:48.047214031 CET | 10846 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
43 | 192.168.2.4 | 49878 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:48.973043919 CET | 10847 | OUT | |
Jan 14, 2022 14:26:48.990541935 CET | 10847 | OUT | |
Jan 14, 2022 14:26:49.336987019 CET | 10848 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
44 | 192.168.2.4 | 49879 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:50.474064112 CET | 10849 | OUT | |
Jan 14, 2022 14:26:50.572000980 CET | 10849 | OUT | |
Jan 14, 2022 14:26:51.038902998 CET | 10850 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
45 | 192.168.2.4 | 49880 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:52.091600895 CET | 10851 | OUT | |
Jan 14, 2022 14:26:52.186388016 CET | 10851 | OUT | |
Jan 14, 2022 14:26:53.140511036 CET | 10852 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
46 | 192.168.2.4 | 49881 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:55.192747116 CET | 10853 | OUT | |
Jan 14, 2022 14:26:55.272387981 CET | 10853 | OUT | |
Jan 14, 2022 14:26:55.731466055 CET | 10854 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
47 | 192.168.2.4 | 49882 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:56.736108065 CET | 10855 | OUT | |
Jan 14, 2022 14:26:56.763600111 CET | 10855 | OUT | |
Jan 14, 2022 14:26:57.128308058 CET | 10856 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
48 | 192.168.2.4 | 49883 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:26:58.241652966 CET | 10856 | OUT | |
Jan 14, 2022 14:26:58.550448895 CET | 10857 | OUT | |
Jan 14, 2022 14:26:59.003459930 CET | 10857 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
49 | 192.168.2.4 | 49885 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:01.355494976 CET | 10867 | OUT | |
Jan 14, 2022 14:27:01.372617006 CET | 10867 | OUT | |
Jan 14, 2022 14:27:01.713457108 CET | 10868 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
5 | 192.168.2.4 | 49775 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:26.426706076 CET | 1329 | OUT | |
Jan 14, 2022 14:25:26.456890106 CET | 1330 | OUT | |
Jan 14, 2022 14:25:26.838350058 CET | 1330 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
50 | 192.168.2.4 | 49886 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:03.312330008 CET | 10869 | OUT | |
Jan 14, 2022 14:27:03.333803892 CET | 10869 | OUT | |
Jan 14, 2022 14:27:03.696619987 CET | 10870 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
51 | 192.168.2.4 | 49887 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:05.323353052 CET | 10871 | OUT | |
Jan 14, 2022 14:27:05.340586901 CET | 10871 | OUT | |
Jan 14, 2022 14:27:05.702493906 CET | 10872 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
52 | 192.168.2.4 | 49888 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:08.256758928 CET | 10873 | OUT | |
Jan 14, 2022 14:27:08.274077892 CET | 10874 | OUT | |
Jan 14, 2022 14:27:08.628438950 CET | 10874 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
53 | 192.168.2.4 | 49889 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:09.950747967 CET | 10875 | OUT | |
Jan 14, 2022 14:27:09.969602108 CET | 10876 | OUT | |
Jan 14, 2022 14:27:10.356292963 CET | 10876 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
54 | 192.168.2.4 | 49890 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:11.589921951 CET | 10877 | OUT | |
Jan 14, 2022 14:27:11.607122898 CET | 10878 | OUT | |
Jan 14, 2022 14:27:11.970370054 CET | 10878 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
55 | 192.168.2.4 | 49891 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:13.021372080 CET | 10879 | OUT | |
Jan 14, 2022 14:27:13.048382998 CET | 10879 | OUT | |
Jan 14, 2022 14:27:13.388837099 CET | 10880 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
56 | 192.168.2.4 | 49892 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:14.416693926 CET | 10881 | OUT | |
Jan 14, 2022 14:27:14.446366072 CET | 10881 | OUT | |
Jan 14, 2022 14:27:14.794965029 CET | 10882 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
57 | 192.168.2.4 | 49893 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:15.866209030 CET | 10883 | OUT | |
Jan 14, 2022 14:27:15.887274981 CET | 10884 | OUT | |
Jan 14, 2022 14:27:16.288630009 CET | 10884 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
58 | 192.168.2.4 | 49894 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:17.283951998 CET | 10885 | OUT | |
Jan 14, 2022 14:27:17.303031921 CET | 10885 | OUT | |
Jan 14, 2022 14:27:17.637202978 CET | 10886 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
59 | 192.168.2.4 | 49895 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:27:18.647021055 CET | 10887 | OUT | |
Jan 14, 2022 14:27:18.664117098 CET | 10887 | OUT | |
Jan 14, 2022 14:27:19.002940893 CET | 10888 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
6 | 192.168.2.4 | 49776 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:27.981179953 CET | 1331 | OUT | |
Jan 14, 2022 14:25:27.998352051 CET | 1332 | OUT | |
Jan 14, 2022 14:25:28.344696045 CET | 1332 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
7 | 192.168.2.4 | 49777 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:30.190932989 CET | 1333 | OUT | |
Jan 14, 2022 14:25:30.212232113 CET | 1333 | OUT | |
Jan 14, 2022 14:25:30.670999050 CET | 1334 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
8 | 192.168.2.4 | 49778 | 104.21.60.171 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:31.656934023 CET | 1335 | OUT | |
Jan 14, 2022 14:25:31.681468964 CET | 1335 | OUT | |
Jan 14, 2022 14:25:32.048904896 CET | 1336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
9 | 192.168.2.4 | 49779 | 172.67.198.111 | 80 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Jan 14, 2022 14:25:33.128240108 CET | 1337 | OUT | |
Jan 14, 2022 14:25:33.227273941 CET | 1337 | OUT | |
Jan 14, 2022 14:25:33.527707100 CET | 1337 | OUT | |
Jan 14, 2022 14:25:33.700928926 CET | 1338 | IN |
Code Manipulations |
---|
Statistics |
---|
CPU Usage |
---|
Click to jump to process
Memory Usage |
---|
Click to jump to process
High Level Behavior Distribution |
---|
back
Click to dive into process behavior distribution
Behavior |
---|
Click to jump to process
System Behavior |
---|
General |
---|
Start time: | 14:25:12 |
Start date: | 14/01/2022 |
Path: | C:\Users\user\Desktop\gunzipped.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x3f0000 |
File size: | 207368 bytes |
MD5 hash: | A76B143E354A2AC9F363616FF4F8B239 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | .Net C# or VB.NET |
Yara matches: |
|
Reputation: | low |
General |
---|
Start time: | 14:25:14 |
Start date: | 14/01/2022 |
Path: | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x510000 |
File size: | 261728 bytes |
MD5 hash: | D621FD77BD585874F9686D3A76462EF1 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Disassembly |
---|
Code Analysis |
---|
Execution Graph |
---|
Execution Coverage: | 21.4% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 0% |
Total number of Nodes: | 13 |
Total number of Limit Nodes: | 0 |
Graph
Executed Functions |
---|
Function 00007FFA363D17D5, Relevance: .8, Instructions: 763COMMON
Control-flow Graph |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FFA363D8E0D, Relevance: 3.3, APIs: 2, Instructions: 329memorythreadCOMMON
Control-flow Graph |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FFA363D8069, Relevance: 2.0, APIs: 1, Instructions: 537processCOMMON
Control-flow Graph |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FFA363D8AAD, Relevance: 1.7, APIs: 1, Instructions: 213injectionCOMMON
Control-flow Graph |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FFA36450D64, Relevance: .1, Instructions: 72COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FFA36450B08, Relevance: .1, Instructions: 70COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FFA36450524, Relevance: .1, Instructions: 57COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|
Execution Graph |
---|
Execution Coverage: | 31.3% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 4.4% |
Total number of Nodes: | 1846 |
Total number of Limit Nodes: | 92 |
Graph
Executed Functions |
---|
Function 00403D74, Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 200fileCOMMON
Control-flow Graph |
---|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 78% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402B7C, Relevance: 3.0, APIs: 2, Instructions: 20memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406069, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404ED4, Relevance: 1.5, APIs: 1, Instructions: 9networkCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph |
---|
C-Code - Quality: 75% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph |
---|
C-Code - Quality: 37% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004040BB, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 129filememoryCOMMON
Control-flow Graph |
---|
C-Code - Quality: 74% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00413866, Relevance: 4.6, APIs: 3, Instructions: 147synchronizationCOMMON
C-Code - Quality: 79% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004042CF, Relevance: 4.6, APIs: 3, Instructions: 60fileCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00412D31, Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 178threadCOMMON
C-Code - Quality: 34% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402C03, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 13libraryloaderCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 92% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00402BAB, Relevance: 3.0, APIs: 2, Instructions: 11memoryCOMMON
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004060BD, Relevance: 1.6, APIs: 1, Instructions: 53COMMON
C-Code - Quality: 40% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403C62, Relevance: 1.5, APIs: 1, Instructions: 24COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040642C, Relevance: 1.5, APIs: 1, Instructions: 18COMMON
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403BD0, Relevance: 1.5, APIs: 1, Instructions: 14COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040427D, Relevance: 1.5, APIs: 1, Instructions: 13COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403C40, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403C08, Relevance: 1.5, APIs: 1, Instructions: 12fileCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403BEF, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403BB7, Relevance: 1.5, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403B64, Relevance: 1.5, APIs: 1, Instructions: 11COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00404DE5, Relevance: 1.5, APIs: 1, Instructions: 6COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00403F9E, Relevance: 1.3, APIs: 1, Instructions: 16COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00406472, Relevance: 1.3, APIs: 1, Instructions: 12sleepCOMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 004058EA, Relevance: 1.3, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00405924, Relevance: 1.3, APIs: 1, Instructions: 12COMMON
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Non-executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040D069, Relevance: 12.6, Strings: 10, Instructions: 138COMMON
C-Code - Quality: 88% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0040317B, Relevance: .0, Instructions: 46COMMON
C-Code - Quality: 90% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |