Windows
Analysis Report
INV.2022LB0362 FORM CO (2).exe
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- INV.2022LB0362 FORM CO (2).exe (PID: 6092 cmdline:
C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0) - INV.2022LB0362 FORM CO (2).exe (PID: 2240 cmdline:
C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0) - INV.2022LB0362 FORM CO (2).exe (PID: 5164 cmdline:
C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0) - INV.2022LB0362 FORM CO (2).exe (PID: 6132 cmdline:
C:\Users\u ser\Deskto p\INV.2022 LB0362 FOR M CO (2).e xe MD5: BAED30AEA51E6000571219633AA745B0)
- cleanup
{"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php", "http://sempersim.su/gm11/fre.php"]}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Lokibot_1 | Yara detected Lokibot | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
Windows_Trojan_Lokibot_0f421617 | unknown | unknown |
| |
Click to see the 27 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
SUSP_XORed_URL_in_EXE | Detects an XORed URL in an executable | Florian Roth |
| |
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
Windows_Trojan_Lokibot_0f421617 | unknown | unknown |
| |
Loki_1 | Loki Payload | kevoreilly |
| |
Click to see the 43 entries |
Timestamp: | 192.168.2.395.213.216.20249705802024318 11/30/22-00:54:20.168790 |
SID: | 2024318 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249702802021641 11/30/22-00:54:14.871390 |
SID: | 2021641 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249738802024313 11/30/22-00:55:23.450513 |
SID: | 2024313 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249734802825766 11/30/22-00:55:16.065951 |
SID: | 2825766 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497272025483 11/30/22-00:55:04.982566 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49727 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249741802024313 11/30/22-00:55:29.247109 |
SID: | 2024313 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249701802825766 11/30/22-00:54:12.581436 |
SID: | 2825766 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249749802025381 11/30/22-00:55:43.976237 |
SID: | 2025381 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249759802825766 11/30/22-00:56:01.042444 |
SID: | 2825766 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249738802024318 11/30/22-00:55:23.450513 |
SID: | 2024318 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249735802021641 11/30/22-00:55:17.863854 |
SID: | 2021641 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249705802024313 11/30/22-00:54:20.168790 |
SID: | 2024313 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249741802024318 11/30/22-00:55:29.247109 |
SID: | 2024318 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497232025483 11/30/22-00:54:57.894669 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49723 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249752802025381 11/30/22-00:55:49.378987 |
SID: | 2025381 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249716802025381 11/30/22-00:54:43.829219 |
SID: | 2025381 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249707802021641 11/30/22-00:54:24.716724 |
SID: | 2021641 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249757802025381 11/30/22-00:55:58.948901 |
SID: | 2025381 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249730802021641 11/30/22-00:55:08.823725 |
SID: | 2021641 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.861416532014169 11/30/22-00:55:12.379224 |
SID: | 2014169 |
Source Port: | 61416 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.860088532014169 11/30/22-00:55:21.529314 |
SID: | 2014169 |
Source Port: | 60088 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249713802024313 11/30/22-00:54:37.979213 |
SID: | 2024313 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249726802825766 11/30/22-00:55:01.673863 |
SID: | 2825766 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249713802024318 11/30/22-00:54:37.979213 |
SID: | 2024318 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.857743532014169 11/30/22-00:55:08.735474 |
SID: | 2014169 |
Source Port: | 57743 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249754802825766 11/30/22-00:55:53.496270 |
SID: | 2825766 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497572025483 11/30/22-00:55:59.773200 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49757 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249744802025381 11/30/22-00:55:34.401351 |
SID: | 2025381 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.859820532014169 11/30/22-00:55:29.162121 |
SID: | 2014169 |
Source Port: | 59820 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.853305532014169 11/30/22-00:54:54.648302 |
SID: | 2014169 |
Source Port: | 53305 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497532025483 11/30/22-00:55:52.887247 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49753 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249708802025381 11/30/22-00:54:26.803652 |
SID: | 2025381 |
Source Port: | 49708 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497162025483 11/30/22-00:54:45.204539 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49716 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497382025483 11/30/22-00:55:24.982216 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49738 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249758802024313 11/30/22-00:56:00.034214 |
SID: | 2024313 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249755802021641 11/30/22-00:55:55.653974 |
SID: | 2021641 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497302025483 11/30/22-00:55:10.337695 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49730 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497342025483 11/30/22-00:55:17.565495 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49734 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249758802024318 11/30/22-00:56:00.034214 |
SID: | 2024318 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.852387532014169 11/30/22-00:54:14.412323 |
SID: | 2014169 |
Source Port: | 52387 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249721802024318 11/30/22-00:54:53.572062 |
SID: | 2024318 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249727802021641 11/30/22-00:55:03.486766 |
SID: | 2021641 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249750802021641 11/30/22-00:55:45.758418 |
SID: | 2021641 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497122025483 11/30/22-00:54:37.552263 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49712 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249718802825766 11/30/22-00:54:47.592007 |
SID: | 2825766 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.851992532014169 11/30/22-00:55:36.286012 |
SID: | 2014169 |
Source Port: | 51992 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.860625532014169 11/30/22-00:54:18.863516 |
SID: | 2014169 |
Source Port: | 60625 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249736802025381 11/30/22-00:55:19.643476 |
SID: | 2025381 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249721802024313 11/30/22-00:54:53.572062 |
SID: | 2024313 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249746802825766 11/30/22-00:55:38.275174 |
SID: | 2825766 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249722802021641 11/30/22-00:54:54.732179 |
SID: | 2021641 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249699802025381 11/30/22-00:54:07.324934 |
SID: | 2025381 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249714802021641 11/30/22-00:54:39.977728 |
SID: | 2021641 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497492025483 11/30/22-00:55:45.483574 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49749 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249712802025381 11/30/22-00:54:35.972913 |
SID: | 2025381 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.857840532014169 11/30/22-00:54:09.401173 |
SID: | 2014169 |
Source Port: | 57840 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.858301532014169 11/30/22-00:55:42.001541 |
SID: | 2014169 |
Source Port: | 58301 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249740802025381 11/30/22-00:55:27.193434 |
SID: | 2025381 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497422025483 11/30/22-00:55:32.668199 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49742 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.863562532014169 11/30/22-00:55:23.368358 |
SID: | 2014169 |
Source Port: | 63562 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497412025483 11/30/22-00:55:30.821604 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49741 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.850784532014169 11/30/22-00:55:55.557056 |
SID: | 2014169 |
Source Port: | 50784 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249723802021641 11/30/22-00:54:56.463103 |
SID: | 2021641 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249713802825766 11/30/22-00:54:37.979213 |
SID: | 2825766 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249726802024313 11/30/22-00:55:01.673863 |
SID: | 2024313 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249728802025381 11/30/22-00:55:05.285201 |
SID: | 2025381 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249726802024318 11/30/22-00:55:01.673863 |
SID: | 2024318 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249737802025381 11/30/22-00:55:21.614296 |
SID: | 2025381 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497112025483 11/30/22-00:54:35.462242 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49711 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.856949532014169 11/30/22-00:54:59.841953 |
SID: | 2014169 |
Source Port: | 56949 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249753802024318 11/30/22-00:55:51.242717 |
SID: | 2024318 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249753802024313 11/30/22-00:55:51.242717 |
SID: | 2024313 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497082025483 11/30/22-00:54:28.382639 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49708 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249714802825766 11/30/22-00:54:39.977728 |
SID: | 2825766 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249725802024313 11/30/22-00:54:59.930841 |
SID: | 2024313 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249756802025381 11/30/22-00:55:57.533680 |
SID: | 2025381 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.860825532014169 11/30/22-00:55:59.940841 |
SID: | 2014169 |
Source Port: | 60825 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249754802024313 11/30/22-00:55:53.496270 |
SID: | 2024313 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249748802021641 11/30/22-00:55:42.098367 |
SID: | 2021641 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249725802024318 11/30/22-00:54:59.930841 |
SID: | 2024318 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249742802021641 11/30/22-00:55:31.101064 |
SID: | 2021641 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249755802825766 11/30/22-00:55:55.653974 |
SID: | 2825766 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249754802024318 11/30/22-00:55:53.496270 |
SID: | 2024318 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249709802025381 11/30/22-00:54:29.164231 |
SID: | 2025381 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.849977532014169 11/30/22-00:54:06.875981 |
SID: | 2014169 |
Source Port: | 49977 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.856924532014169 11/30/22-00:54:16.879287 |
SID: | 2014169 |
Source Port: | 56924 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249700802024317 11/30/22-00:54:09.487691 |
SID: | 2024317 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249739802825766 11/30/22-00:55:25.267085 |
SID: | 2825766 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.860582532014169 11/30/22-00:54:28.778637 |
SID: | 2014169 |
Source Port: | 60582 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497192025483 11/30/22-00:54:51.280995 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49719 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.864595532014169 11/30/22-00:55:31.020256 |
SID: | 2014169 |
Source Port: | 64595 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249742802825766 11/30/22-00:55:31.101064 |
SID: | 2825766 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249700802024312 11/30/22-00:54:09.487691 |
SID: | 2024312 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249711802025381 11/30/22-00:54:33.859062 |
SID: | 2025381 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.860767532014169 11/30/22-00:54:45.460012 |
SID: | 2014169 |
Source Port: | 60767 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249739802021641 11/30/22-00:55:25.267085 |
SID: | 2021641 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249724802025381 11/30/22-00:54:58.184483 |
SID: | 2025381 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249751802021641 11/30/22-00:55:47.279515 |
SID: | 2021641 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249758802825766 11/30/22-00:56:00.034214 |
SID: | 2825766 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249710802021641 11/30/22-00:54:31.910937 |
SID: | 2021641 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249711802021641 11/30/22-00:54:33.859062 |
SID: | 2021641 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.849201532014169 11/30/22-00:56:00.958664 |
SID: | 2014169 |
Source Port: | 49201 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249729802024313 11/30/22-00:55:07.068054 |
SID: | 2024313 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249758802025381 11/30/22-00:56:00.034214 |
SID: | 2025381 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497262025483 11/30/22-00:55:03.204141 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49726 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249743802025381 11/30/22-00:55:32.962709 |
SID: | 2025381 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249729802024318 11/30/22-00:55:07.068054 |
SID: | 2024318 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249744802021641 11/30/22-00:55:34.401351 |
SID: | 2021641 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249726802021641 11/30/22-00:55:01.673863 |
SID: | 2021641 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249750802024313 11/30/22-00:55:45.758418 |
SID: | 2024313 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249710802825766 11/30/22-00:54:31.910937 |
SID: | 2825766 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497222025483 11/30/22-00:54:56.166551 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49722 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249750802024318 11/30/22-00:55:45.758418 |
SID: | 2024318 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249699802021641 11/30/22-00:54:07.324934 |
SID: | 2021641 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497202025483 11/30/22-00:54:53.259308 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49720 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249701802021641 11/30/22-00:54:12.581436 |
SID: | 2021641 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.853623532014169 11/30/22-00:55:10.547934 |
SID: | 2014169 |
Source Port: | 53623 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249754802021641 11/30/22-00:55:53.496270 |
SID: | 2021641 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249715802025381 11/30/22-00:54:42.060768 |
SID: | 2025381 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.852955532014169 11/30/22-00:54:26.705694 |
SID: | 2014169 |
Source Port: | 52955 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249740802024313 11/30/22-00:55:27.193434 |
SID: | 2024313 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249740802024318 11/30/22-00:55:27.193434 |
SID: | 2024318 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249738802025381 11/30/22-00:55:23.450513 |
SID: | 2025381 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249731802021641 11/30/22-00:55:10.632751 |
SID: | 2021641 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249752802021641 11/30/22-00:55:49.378987 |
SID: | 2021641 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249703802021641 11/30/22-00:54:16.960834 |
SID: | 2021641 |
Source Port: | 49703 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249712802024313 11/30/22-00:54:35.972913 |
SID: | 2024313 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249727802825766 11/30/22-00:55:03.486766 |
SID: | 2825766 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249717802025381 11/30/22-00:54:45.540558 |
SID: | 2025381 |
Source Port: | 49717 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.859581532014169 11/30/22-00:55:17.784201 |
SID: | 2014169 |
Source Port: | 59581 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249712802024318 11/30/22-00:54:35.972913 |
SID: | 2024318 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497312025483 11/30/22-00:55:12.166821 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49731 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249739802024313 11/30/22-00:55:25.267085 |
SID: | 2024313 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249725802025381 11/30/22-00:54:59.930841 |
SID: | 2025381 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.849166532014169 11/30/22-00:55:40.126118 |
SID: | 2014169 |
Source Port: | 49166 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.860749532014169 11/30/22-00:54:58.103973 |
SID: | 2014169 |
Source Port: | 60749 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497052025483 11/30/22-00:54:21.783216 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49705 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.853975532014169 11/30/22-00:54:22.160619 |
SID: | 2014169 |
Source Port: | 53975 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249753802025381 11/30/22-00:55:51.242717 |
SID: | 2025381 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249757802021641 11/30/22-00:55:58.948901 |
SID: | 2021641 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249716802021641 11/30/22-00:54:43.829219 |
SID: | 2021641 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249739802024318 11/30/22-00:55:25.267085 |
SID: | 2024318 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249741802825766 11/30/22-00:55:29.247109 |
SID: | 2825766 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249700802825766 11/30/22-00:54:09.487691 |
SID: | 2825766 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249720802024313 11/30/22-00:54:51.608521 |
SID: | 2024313 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249708802024318 11/30/22-00:54:26.803652 |
SID: | 2024318 |
Source Port: | 49708 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497482025483 11/30/22-00:55:43.661913 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49748 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249731802825766 11/30/22-00:55:10.632751 |
SID: | 2825766 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249702802024313 11/30/22-00:54:14.871390 |
SID: | 2024313 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249720802024318 11/30/22-00:54:51.608521 |
SID: | 2024318 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249737802825766 11/30/22-00:55:21.614296 |
SID: | 2825766 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249702802024318 11/30/22-00:54:14.871390 |
SID: | 2024318 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249719802825766 11/30/22-00:54:49.641508 |
SID: | 2825766 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.863446532014169 11/30/22-00:55:43.898414 |
SID: | 2014169 |
Source Port: | 63446 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497092025483 11/30/22-00:54:30.691043 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49709 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497432025483 11/30/22-00:55:34.122250 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49743 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249708802024313 11/30/22-00:54:26.803652 |
SID: | 2024313 |
Source Port: | 49708 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.858119532014169 11/30/22-00:55:38.197046 |
SID: | 2014169 |
Source Port: | 58119 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.857990532014169 11/30/22-00:54:11.706174 |
SID: | 2014169 |
Source Port: | 57990 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249759802024318 11/30/22-00:56:01.042444 |
SID: | 2024318 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249709802825766 11/30/22-00:54:29.164231 |
SID: | 2825766 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249730802024313 11/30/22-00:55:08.823725 |
SID: | 2024313 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249745802025381 11/30/22-00:55:36.377571 |
SID: | 2025381 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249724802021641 11/30/22-00:54:58.184483 |
SID: | 2021641 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249759802024313 11/30/22-00:56:01.042444 |
SID: | 2024313 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249703802825766 11/30/22-00:54:16.960834 |
SID: | 2825766 |
Source Port: | 49703 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249704802025381 11/30/22-00:54:18.966132 |
SID: | 2025381 |
Source Port: | 49704 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497152025483 11/30/22-00:54:43.541337 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49715 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249730802024318 11/30/22-00:55:08.823725 |
SID: | 2024318 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249718802024318 11/30/22-00:54:47.592007 |
SID: | 2024318 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.864121532014169 11/30/22-00:55:57.444180 |
SID: | 2014169 |
Source Port: | 64121 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249719802021641 11/30/22-00:54:49.641508 |
SID: | 2021641 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249721802825766 11/30/22-00:54:53.572062 |
SID: | 2825766 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497042025483 11/30/22-00:54:19.714505 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49704 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249747802021641 11/30/22-00:55:40.214633 |
SID: | 2021641 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.849874532014169 11/30/22-00:55:45.675021 |
SID: | 2014169 |
Source Port: | 49874 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249722802025381 11/30/22-00:54:54.732179 |
SID: | 2025381 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249718802024313 11/30/22-00:54:47.592007 |
SID: | 2024313 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.853428532014169 11/30/22-00:55:25.189214 |
SID: | 2014169 |
Source Port: | 53428 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249736802024318 11/30/22-00:55:19.643476 |
SID: | 2024318 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249736802024313 11/30/22-00:55:19.643476 |
SID: | 2024313 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249732802025381 11/30/22-00:55:12.457821 |
SID: | 2025381 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497592025483 11/30/22-00:56:01.793951 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49759 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249746802024318 11/30/22-00:55:38.275174 |
SID: | 2024318 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249749802024318 11/30/22-00:55:43.976237 |
SID: | 2024318 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249737802021641 11/30/22-00:55:21.614296 |
SID: | 2021641 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249746802024313 11/30/22-00:55:38.275174 |
SID: | 2024313 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497542025483 11/30/22-00:55:55.161061 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49754 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249735802025381 11/30/22-00:55:17.863854 |
SID: | 2025381 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249706802021641 11/30/22-00:54:22.484255 |
SID: | 2021641 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249734802021641 11/30/22-00:55:16.065951 |
SID: | 2021641 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249699802825766 11/30/22-00:54:07.324934 |
SID: | 2825766 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497322025483 11/30/22-00:55:13.950022 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49732 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497372025483 11/30/22-00:55:23.147009 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49737 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249749802024313 11/30/22-00:55:43.976237 |
SID: | 2024313 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249748802025381 11/30/22-00:55:42.098367 |
SID: | 2025381 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497212025483 11/30/22-00:54:54.418787 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49721 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497102025483 11/30/22-00:54:33.459515 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49710 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249733802024313 11/30/22-00:55:14.244291 |
SID: | 2024313 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249707802025381 11/30/22-00:54:24.716724 |
SID: | 2025381 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249733802024318 11/30/22-00:55:14.244291 |
SID: | 2024318 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.851139532014169 11/30/22-00:54:24.370686 |
SID: | 2014169 |
Source Port: | 51139 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249721802021641 11/30/22-00:54:53.572062 |
SID: | 2021641 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249747802825766 11/30/22-00:55:40.214633 |
SID: | 2825766 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249706802825766 11/30/22-00:54:22.484255 |
SID: | 2825766 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249709802021641 11/30/22-00:54:29.164231 |
SID: | 2021641 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.855638532014169 11/30/22-00:54:39.891168 |
SID: | 2014169 |
Source Port: | 55638 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.853466532014169 11/30/22-00:55:06.970990 |
SID: | 2014169 |
Source Port: | 53466 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249717802021641 11/30/22-00:54:45.540558 |
SID: | 2021641 |
Source Port: | 49717 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.864823532014169 11/30/22-00:55:34.318234 |
SID: | 2014169 |
Source Port: | 64823 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249706802025381 11/30/22-00:54:22.484255 |
SID: | 2025381 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249716802825766 11/30/22-00:54:43.829219 |
SID: | 2825766 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249720802021641 11/30/22-00:54:51.608521 |
SID: | 2021641 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.865017532014169 11/30/22-00:55:05.186135 |
SID: | 2014169 |
Source Port: | 65017 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249734802025381 11/30/22-00:55:16.065951 |
SID: | 2025381 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249723802024318 11/30/22-00:54:56.463103 |
SID: | 2024318 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.864602532014169 11/30/22-00:55:53.393350 |
SID: | 2014169 |
Source Port: | 64602 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497252025483 11/30/22-00:55:01.390776 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49725 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497292025483 11/30/22-00:55:08.539654 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49729 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249723802024313 11/30/22-00:54:56.463103 |
SID: | 2024313 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.853848532014169 11/30/22-00:54:49.539403 |
SID: | 2014169 |
Source Port: | 53848 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249744802825766 11/30/22-00:55:34.401351 |
SID: | 2825766 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.865107532014169 11/30/22-00:54:47.470066 |
SID: | 2014169 |
Source Port: | 65107 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249739802025381 11/30/22-00:55:25.267085 |
SID: | 2025381 |
Source Port: | 49739 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249712802021641 11/30/22-00:54:35.972913 |
SID: | 2021641 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249753802021641 11/30/22-00:55:51.242717 |
SID: | 2021641 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249725802021641 11/30/22-00:54:59.930841 |
SID: | 2021641 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249748802024318 11/30/22-00:55:42.098367 |
SID: | 2024318 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249731802024313 11/30/22-00:55:10.632751 |
SID: | 2024313 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249748802024313 11/30/22-00:55:42.098367 |
SID: | 2024313 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.865196532014169 11/30/22-00:55:14.166464 |
SID: | 2014169 |
Source Port: | 65196 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249731802024318 11/30/22-00:55:10.632751 |
SID: | 2024318 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249708802825766 11/30/22-00:54:26.803652 |
SID: | 2825766 |
Source Port: | 49708 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249749802825766 11/30/22-00:55:43.976237 |
SID: | 2825766 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249743802024313 11/30/22-00:55:32.962709 |
SID: | 2024313 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249757802825766 11/30/22-00:55:58.948901 |
SID: | 2825766 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249743802024318 11/30/22-00:55:32.962709 |
SID: | 2024318 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249728802024318 11/30/22-00:55:05.285201 |
SID: | 2024318 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249750802025381 11/30/22-00:55:45.758418 |
SID: | 2025381 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249700802021641 11/30/22-00:54:09.487691 |
SID: | 2021641 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249728802024313 11/30/22-00:55:05.285201 |
SID: | 2024313 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249714802025381 11/30/22-00:54:39.977728 |
SID: | 2025381 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249724802825766 11/30/22-00:54:58.184483 |
SID: | 2825766 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249719802025381 11/30/22-00:54:49.641508 |
SID: | 2025381 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249756802024318 11/30/22-00:55:57.533680 |
SID: | 2024318 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249742802025381 11/30/22-00:55:31.101064 |
SID: | 2025381 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249733802021641 11/30/22-00:55:14.244291 |
SID: | 2021641 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249729802825766 11/30/22-00:55:07.068054 |
SID: | 2825766 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.857704532014169 11/30/22-00:54:41.979608 |
SID: | 2014169 |
Source Port: | 57704 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249715802024318 11/30/22-00:54:42.060768 |
SID: | 2024318 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249752802825766 11/30/22-00:55:49.378987 |
SID: | 2825766 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249756802024313 11/30/22-00:55:57.533680 |
SID: | 2024313 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249715802024313 11/30/22-00:54:42.060768 |
SID: | 2024313 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249751802024313 11/30/22-00:55:47.279515 |
SID: | 2024313 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249711802825766 11/30/22-00:54:33.859062 |
SID: | 2825766 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249751802024318 11/30/22-00:55:47.279515 |
SID: | 2024318 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249710802024318 11/30/22-00:54:31.910937 |
SID: | 2024318 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249710802024313 11/30/22-00:54:31.910937 |
SID: | 2024313 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249747802025381 11/30/22-00:55:40.214633 |
SID: | 2025381 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249701802025381 11/30/22-00:54:12.581436 |
SID: | 2025381 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249755802025381 11/30/22-00:55:55.653974 |
SID: | 2025381 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249729802021641 11/30/22-00:55:07.068054 |
SID: | 2021641 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497442025483 11/30/22-00:55:36.086250 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49744 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249735802024318 11/30/22-00:55:17.863854 |
SID: | 2024318 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.853049532014169 11/30/22-00:55:19.563471 |
SID: | 2014169 |
Source Port: | 53049 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249735802024313 11/30/22-00:55:17.863854 |
SID: | 2024313 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249744802024313 11/30/22-00:55:34.401351 |
SID: | 2024313 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497472025483 11/30/22-00:55:41.771804 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49747 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249744802024318 11/30/22-00:55:34.401351 |
SID: | 2024318 |
Source Port: | 49744 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249741802021641 11/30/22-00:55:29.247109 |
SID: | 2021641 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249704802825766 11/30/22-00:54:18.966132 |
SID: | 2825766 |
Source Port: | 49704 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249746802025381 11/30/22-00:55:38.275174 |
SID: | 2025381 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249732802021641 11/30/22-00:55:12.457821 |
SID: | 2021641 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249699802024312 11/30/22-00:54:07.324934 |
SID: | 2024312 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249707802024313 11/30/22-00:54:24.716724 |
SID: | 2024313 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497062025483 11/30/22-00:54:24.053489 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49706 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497502025483 11/30/22-00:55:46.963833 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49750 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249699802024317 11/30/22-00:54:07.324934 |
SID: | 2024317 |
Source Port: | 49699 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249727802025381 11/30/22-00:55:03.486766 |
SID: | 2025381 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.865511532014169 11/30/22-00:55:27.103034 |
SID: | 2014169 |
Source Port: | 65511 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.864967532014169 11/30/22-00:55:58.869049 |
SID: | 2014169 |
Source Port: | 64967 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249721802025381 11/30/22-00:54:53.572062 |
SID: | 2025381 |
Source Port: | 49721 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249707802024318 11/30/22-00:54:24.716724 |
SID: | 2024318 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249713802021641 11/30/22-00:54:37.979213 |
SID: | 2021641 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249732802825766 11/30/22-00:55:12.457821 |
SID: | 2825766 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249751802825766 11/30/22-00:55:47.279515 |
SID: | 2825766 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497552025483 11/30/22-00:55:57.270722 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49755 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497582025483 11/30/22-00:56:00.797031 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49758 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497362025483 11/30/22-00:55:21.118367 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49736 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249703802024318 11/30/22-00:54:16.960834 |
SID: | 2024318 |
Source Port: | 49703 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249702802025381 11/30/22-00:54:14.871390 |
SID: | 2025381 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249703802024313 11/30/22-00:54:16.960834 |
SID: | 2024313 |
Source Port: | 49703 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.857134532014169 11/30/22-00:54:31.820802 |
SID: | 2014169 |
Source Port: | 57134 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249758802021641 11/30/22-00:56:00.034214 |
SID: | 2021641 |
Source Port: | 49758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.858691532014169 11/30/22-00:54:53.455722 |
SID: | 2014169 |
Source Port: | 58691 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249736802825766 11/30/22-00:55:19.643476 |
SID: | 2825766 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249705802025381 11/30/22-00:54:20.168790 |
SID: | 2025381 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497332025483 11/30/22-00:55:15.751744 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49733 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249745802825766 11/30/22-00:55:36.377571 |
SID: | 2825766 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497032025483 11/30/22-00:54:18.541620 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49703 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497142025483 11/30/22-00:54:41.602416 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49714 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249716802024313 11/30/22-00:54:43.829219 |
SID: | 2024313 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.859433532014169 11/30/22-00:54:56.376062 |
SID: | 2014169 |
Source Port: | 59433 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249757802024313 11/30/22-00:55:58.948901 |
SID: | 2024313 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249717802825766 11/30/22-00:54:45.540558 |
SID: | 2825766 |
Source Port: | 49717 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249722802024313 11/30/22-00:54:54.732179 |
SID: | 2024313 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249716802024318 11/30/22-00:54:43.829219 |
SID: | 2024318 |
Source Port: | 49716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249759802025381 11/30/22-00:56:01.042444 |
SID: | 2025381 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249757802024318 11/30/22-00:55:58.948901 |
SID: | 2024318 |
Source Port: | 49757 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249723802825766 11/30/22-00:54:56.463103 |
SID: | 2825766 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249718802025381 11/30/22-00:54:47.592007 |
SID: | 2025381 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249730802025381 11/30/22-00:55:08.823725 |
SID: | 2025381 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249704802021641 11/30/22-00:54:18.966132 |
SID: | 2021641 |
Source Port: | 49704 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249722802024318 11/30/22-00:54:54.732179 |
SID: | 2024318 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249745802021641 11/30/22-00:55:36.377571 |
SID: | 2021641 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249714802024313 11/30/22-00:54:39.977728 |
SID: | 2024313 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249725802825766 11/30/22-00:54:59.930841 |
SID: | 2825766 |
Source Port: | 49725 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249700802025381 11/30/22-00:54:09.487691 |
SID: | 2025381 |
Source Port: | 49700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249714802024318 11/30/22-00:54:39.977728 |
SID: | 2024318 |
Source Port: | 49714 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.858708532014169 11/30/22-00:55:15.985743 |
SID: | 2014169 |
Source Port: | 58708 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497282025483 11/30/22-00:55:06.759571 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49728 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249732802024318 11/30/22-00:55:12.457821 |
SID: | 2024318 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249707802825766 11/30/22-00:54:24.716724 |
SID: | 2825766 |
Source Port: | 49707 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497242025483 11/30/22-00:54:59.594972 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49724 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249732802024313 11/30/22-00:55:12.457821 |
SID: | 2024313 |
Source Port: | 49732 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249708802021641 11/30/22-00:54:26.803652 |
SID: | 2021641 |
Source Port: | 49708 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249724802024318 11/30/22-00:54:58.184483 |
SID: | 2024318 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249759802021641 11/30/22-00:56:01.042444 |
SID: | 2021641 |
Source Port: | 49759 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249751802025381 11/30/22-00:55:47.279515 |
SID: | 2025381 |
Source Port: | 49751 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249724802024313 11/30/22-00:54:58.184483 |
SID: | 2024313 |
Source Port: | 49724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249710802025381 11/30/22-00:54:31.910937 |
SID: | 2025381 |
Source Port: | 49710 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249715802825766 11/30/22-00:54:42.060768 |
SID: | 2825766 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249747802024318 11/30/22-00:55:40.214633 |
SID: | 2024318 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249747802024313 11/30/22-00:55:40.214633 |
SID: | 2024313 |
Source Port: | 49747 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249719802024313 11/30/22-00:54:49.641508 |
SID: | 2024313 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249743802825766 11/30/22-00:55:32.962709 |
SID: | 2825766 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.857571532014169 11/30/22-00:54:51.528645 |
SID: | 2014169 |
Source Port: | 57571 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249719802024318 11/30/22-00:54:49.641508 |
SID: | 2024318 |
Source Port: | 49719 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249742802024318 11/30/22-00:55:31.101064 |
SID: | 2024318 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.859636532014169 11/30/22-00:54:37.879679 |
SID: | 2014169 |
Source Port: | 59636 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249720802825766 11/30/22-00:54:51.608521 |
SID: | 2825766 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249742802024313 11/30/22-00:55:31.101064 |
SID: | 2024313 |
Source Port: | 49742 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249718802021641 11/30/22-00:54:47.592007 |
SID: | 2021641 |
Source Port: | 49718 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249733802025381 11/30/22-00:55:14.244291 |
SID: | 2025381 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249736802021641 11/30/22-00:55:19.643476 |
SID: | 2021641 |
Source Port: | 49736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249746802021641 11/30/22-00:55:38.275174 |
SID: | 2021641 |
Source Port: | 49746 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249734802024318 11/30/22-00:55:16.065951 |
SID: | 2024318 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249723802025381 11/30/22-00:54:56.463103 |
SID: | 2025381 |
Source Port: | 49723 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249748802825766 11/30/22-00:55:42.098367 |
SID: | 2825766 |
Source Port: | 49748 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249737802024313 11/30/22-00:55:21.614296 |
SID: | 2024313 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497562025483 11/30/22-00:55:58.723099 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49756 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249702802825766 11/30/22-00:54:14.871390 |
SID: | 2825766 |
Source Port: | 49702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249737802024318 11/30/22-00:55:21.614296 |
SID: | 2024318 |
Source Port: | 49737 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249730802825766 11/30/22-00:55:08.823725 |
SID: | 2825766 |
Source Port: | 49730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249706802024313 11/30/22-00:54:22.484255 |
SID: | 2024313 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249734802024313 11/30/22-00:55:16.065951 |
SID: | 2024313 |
Source Port: | 49734 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497352025483 11/30/22-00:55:19.347023 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49735 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249706802024318 11/30/22-00:54:22.484255 |
SID: | 2024318 |
Source Port: | 49706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497522025483 11/30/22-00:55:50.930381 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49752 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497172025483 11/30/22-00:54:47.032787 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49717 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249733802825766 11/30/22-00:55:14.244291 |
SID: | 2825766 |
Source Port: | 49733 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497392025483 11/30/22-00:55:26.908255 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49739 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249720802025381 11/30/22-00:54:51.608521 |
SID: | 2025381 |
Source Port: | 49720 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249749802021641 11/30/22-00:55:43.976237 |
SID: | 2021641 |
Source Port: | 49749 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.865320532014169 11/30/22-00:54:43.751689 |
SID: | 2014169 |
Source Port: | 65320 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249735802825766 11/30/22-00:55:17.863854 |
SID: | 2825766 |
Source Port: | 49735 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.852079532014169 11/30/22-00:55:32.870195 |
SID: | 2014169 |
Source Port: | 52079 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497012025483 11/30/22-00:54:14.085146 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49701 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249731802025381 11/30/22-00:55:10.632751 |
SID: | 2025381 |
Source Port: | 49731 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249709802024318 11/30/22-00:54:29.164231 |
SID: | 2024318 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249745802024318 11/30/22-00:55:36.377571 |
SID: | 2024318 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249709802024313 11/30/22-00:54:29.164231 |
SID: | 2024313 |
Source Port: | 49709 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249705802825766 11/30/22-00:54:20.168790 |
SID: | 2825766 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249745802024313 11/30/22-00:55:36.377571 |
SID: | 2024313 |
Source Port: | 49745 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249704802024318 11/30/22-00:54:18.966132 |
SID: | 2024318 |
Source Port: | 49704 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249704802024313 11/30/22-00:54:18.966132 |
SID: | 2024313 |
Source Port: | 49704 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249717802024313 11/30/22-00:54:45.540558 |
SID: | 2024313 |
Source Port: | 49717 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249722802825766 11/30/22-00:54:54.732179 |
SID: | 2825766 |
Source Port: | 49722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249703802025381 11/30/22-00:54:16.960834 |
SID: | 2025381 |
Source Port: | 49703 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.849302532014169 11/30/22-00:54:20.078245 |
SID: | 2014169 |
Source Port: | 49302 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249711802024313 11/30/22-00:54:33.859062 |
SID: | 2024313 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249728802825766 11/30/22-00:55:05.285201 |
SID: | 2825766 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249705802021641 11/30/22-00:54:20.168790 |
SID: | 2021641 |
Source Port: | 49705 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249711802024318 11/30/22-00:54:33.859062 |
SID: | 2024318 |
Source Port: | 49711 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249738802021641 11/30/22-00:55:23.450513 |
SID: | 2021641 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.865385532014169 11/30/22-00:55:49.289719 |
SID: | 2014169 |
Source Port: | 65385 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249740802825766 11/30/22-00:55:27.193434 |
SID: | 2825766 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497452025483 11/30/22-00:55:37.973570 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49745 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497462025483 11/30/22-00:55:39.906968 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49746 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497402025483 11/30/22-00:55:28.902821 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49740 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249717802024318 11/30/22-00:54:45.540558 |
SID: | 2024318 |
Source Port: | 49717 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249701802024313 11/30/22-00:54:12.581436 |
SID: | 2024313 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249738802825766 11/30/22-00:55:23.450513 |
SID: | 2825766 |
Source Port: | 49738 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497132025483 11/30/22-00:54:39.587400 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49713 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249701802024318 11/30/22-00:54:12.581436 |
SID: | 2024318 |
Source Port: | 49701 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249756802825766 11/30/22-00:55:57.533680 |
SID: | 2825766 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497022025483 11/30/22-00:54:16.469088 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49702 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249750802825766 11/30/22-00:55:45.758418 |
SID: | 2825766 |
Source Port: | 49750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249743802021641 11/30/22-00:55:32.962709 |
SID: | 2021641 |
Source Port: | 49743 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249740802021641 11/30/22-00:55:27.193434 |
SID: | 2021641 |
Source Port: | 49740 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249729802025381 11/30/22-00:55:07.068054 |
SID: | 2025381 |
Source Port: | 49729 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249752802024313 11/30/22-00:55:49.378987 |
SID: | 2024313 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249741802025381 11/30/22-00:55:29.247109 |
SID: | 2025381 |
Source Port: | 49741 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249726802025381 11/30/22-00:55:01.673863 |
SID: | 2025381 |
Source Port: | 49726 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249752802024318 11/30/22-00:55:49.378987 |
SID: | 2024318 |
Source Port: | 49752 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.856042532014169 11/30/22-00:54:35.894646 |
SID: | 2014169 |
Source Port: | 56042 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.853844532014169 11/30/22-00:55:03.396283 |
SID: | 2014169 |
Source Port: | 53844 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.38.8.8.862050532014169 11/30/22-00:54:33.763792 |
SID: | 2014169 |
Source Port: | 62050 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249728802021641 11/30/22-00:55:05.285201 |
SID: | 2021641 |
Source Port: | 49728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497512025483 11/30/22-00:55:49.068855 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49751 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249755802024318 11/30/22-00:55:55.653974 |
SID: | 2024318 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 95.213.216.202192.168.2.380497182025483 11/30/22-00:54:49.052316 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49718 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.852547532014169 11/30/22-00:55:01.596754 |
SID: | 2014169 |
Source Port: | 52547 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249755802024313 11/30/22-00:55:55.653974 |
SID: | 2024313 |
Source Port: | 49755 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249727802024318 11/30/22-00:55:03.486766 |
SID: | 2024318 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249713802025381 11/30/22-00:54:37.979213 |
SID: | 2025381 |
Source Port: | 49713 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249756802021641 11/30/22-00:55:57.533680 |
SID: | 2021641 |
Source Port: | 49756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.865459532014169 11/30/22-00:55:47.178193 |
SID: | 2014169 |
Source Port: | 65459 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 95.213.216.202192.168.2.380497072025483 11/30/22-00:54:26.372322 |
SID: | 2025483 |
Source Port: | 80 |
Destination Port: | 49707 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249715802021641 11/30/22-00:54:42.060768 |
SID: | 2021641 |
Source Port: | 49715 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249712802825766 11/30/22-00:54:35.972913 |
SID: | 2825766 |
Source Port: | 49712 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249753802825766 11/30/22-00:55:51.242717 |
SID: | 2825766 |
Source Port: | 49753 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.38.8.8.854153532014169 11/30/22-00:55:51.152832 |
SID: | 2014169 |
Source Port: | 54153 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | Potentially Bad Traffic |
Timestamp: | 192.168.2.395.213.216.20249754802025381 11/30/22-00:55:53.496270 |
SID: | 2025381 |
Source Port: | 49754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.395.213.216.20249727802024313 11/30/22-00:55:03.486766 |
SID: | 2024313 |
Source Port: | 49727 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Avira URL Cloud: |
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link |
Source: | Joe Sandbox ML: |
Source: | Malware Configuration Extractor: |
Source: | Static PE information: |
Source: | Static PE information: |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: |
Source: | ASN Name: |
Source: | IP Address: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Code function: | 0_2_00FAC164 | |
Source: | Code function: | 0_2_00FAE5B0 | |
Source: | Code function: | 0_2_00FAE5A0 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | ReversingLabs: | ||
Source: | Virustotal: |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Static file information: | |||
Source: | Section loaded: | Jump to behavior |
Source: | Mutant created: |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Data Obfuscation |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | File source: | ||
Source: | File source: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Process token adjusted: | Jump to behavior | ||
Source: | Process token adjusted: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | 11 Process Injection | 1 Masquerading | 2 OS Credential Dumping | 11 Security Software Discovery | Remote Services | 1 Email Collection | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Disable or Modify Tools | 1 Credentials in Registry | 1 Process Discovery | Remote Desktop Protocol | 1 Archive Collected Data | Exfiltration Over Bluetooth | 2 Non-Application Layer Protocol | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | 21 Virtualization/Sandbox Evasion | Security Account Manager | 21 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | 2 Data from Local System | Automated Exfiltration | 112 Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | 11 Process Injection | NTDS | 1 Remote System Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 1 Obfuscated Files or Information | LSA Secrets | 13 System Information Discovery | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | 12 Software Packing | Cached Domain Credentials | System Owner/User Discovery | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | 1 Timestomp | DCSync | Network Sniffing | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
71% | ReversingLabs | ByteCode-MSIL.Trojan.AgentTesla | ||
56% | Virustotal | Browse | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File | ||
100% | Avira | TR/Crypt.XPACK.Gen | Download File |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
25% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
25% | Virustotal | Browse | ||
100% | Avira URL Cloud | malware |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
sempersim.su | 95.213.216.202 | true | true |
| unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
95.213.216.202 | sempersim.su | Russian Federation | 49505 | SELECTELRU | true |
Joe Sandbox Version: | 36.0.0 Rainbow Opal |
Analysis ID: | 756310 |
Start date and time: | 2022-11-30 00:53:06 +01:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 5m 33s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | INV.2022LB0362 FORM CO (2).exe |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 15 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@7/3@61/1 |
EGA Information: |
|
HDC Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 8.238.190.126, 8.241.126.249, 8.241.121.126, 8.253.204.249, 8.253.204.120
- Excluded domains from analysis (whitelisted): fg.download.windowsupdate.com.c.footprint.net, fs.microsoft.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtAllocateVirtualMemory calls found.
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Time | Type | Description |
---|---|---|
00:54:02 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
95.213.216.202 | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
sempersim.su | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
SELECTELRU | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\INV.2022LB0362 FORM CO (2).exe.log
Download File
Process: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1216 |
Entropy (8bit): | 5.355304211458859 |
Encrypted: | false |
SSDEEP: | 24:MLUE4K5E4Ks2E1qE4qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4x84j:MIHK5HKXE1qHiYHKhQnoPtHoxHhAHKzr |
MD5: | FED34146BF2F2FA59DCF8702FCC8232E |
SHA1: | B03BFEA175989D989850CF06FE5E7BBF56EAA00A |
SHA-256: | 123BE4E3590609A008E85501243AF5BC53FA0C26C82A92881B8879524F8C0D5C |
SHA-512: | 1CC89F2ED1DBD70628FA1DC41A32BA0BFA3E81EAE1A1CF3C5F6A48F2DA0BF1F21A5001B8A18B04043C5B8FE4FBE663068D86AA8C4BD8E17933F75687C3178FF6 |
Malicious: | true |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:U:U |
MD5: | C4CA4238A0B923820DCC509A6F75849B |
SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\414045e2d09286d5db2581e0d955d358_d06ed635-68f6-4e9a-955c-4899f5f57b9a
Download File
Process: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
File Type: | |
Category: | dropped |
Size (bytes): | 46 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | D898504A722BFF1524134C6AB6A5EAA5 |
SHA1: | E0FDC90C2CA2A0219C99D2758E68C18875A3E11E |
SHA-256: | 878F32F76B159494F5A39F9321616C6068CDB82E88DF89BCC739BBC1EA78E1F9 |
SHA-512: | 26A4398BFFB0C0AEF9A6EC53CD3367A2D0ABF2F70097F711BBBF1E9E32FD9F1A72121691BB6A39EEB55D596EDD527934E541B4DEFB3B1426B1D1A6429804DC61 |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
File type: | |
Entropy (8bit): | 7.565543571702018 |
TrID: |
|
File name: | INV.2022LB0362 FORM CO (2).exe |
File size: | 865280 |
MD5: | baed30aea51e6000571219633aa745b0 |
SHA1: | d7e3b155c00245a7f867dd2fb4c06cb7be6ec3f7 |
SHA256: | 57520e51bb0820741b7883926800223886c491a8a5ddd517a49b0e2cc752fb18 |
SHA512: | 4f19e423fc1bdbba152a570e5382bd2eabdf04ca335cdc1ed286287740c153c7a34d3a661abaf01f124870f9bd3de2e9321e66114f5bedea16131bd77de2b786 |
SSDEEP: | 24576:GM+L74mBfNUstzoB1ERZcSMI2PmVl9kiYxM9aE3r8JN:F+RiSMHmgu9HI |
TLSH: | 91054A4F2B7FDEF0EA245CFB221457039D3651DABA8BCA7883984BC660F161C5B74864 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....k................0..*..........vH... ...`....@.. ....................................@................................ |
Icon Hash: | 00828e8e8686b000 |
Entrypoint: | 0x4d4876 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0xDBD76B81 [Sat Nov 16 23:34:25 2086 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xd4824 | 0x4f | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd6000 | 0x5cc | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xd8000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xd4808 | 0x1c | .text |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0xd287c | 0xd2a00 | False | 0.8132742952522255 | data | 7.568253289628953 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rsrc | 0xd6000 | 0x5cc | 0x600 | False | 0.4264322916666667 | data | 4.114856973981248 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xd8000 | 0xc | 0x200 | False | 0.044921875 | data | 0.10191042566270775 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_VERSION | 0xd6090 | 0x33c | data | ||
RT_MANIFEST | 0xd63dc | 0x1ea | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
192.168.2.395.213.216.20249705802024318 11/30/22-00:54:20.168790 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249702802021641 11/30/22-00:54:14.871390 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249738802024313 11/30/22-00:55:23.450513 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249734802825766 11/30/22-00:55:16.065951 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497272025483 11/30/22-00:55:04.982566 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249741802024313 11/30/22-00:55:29.247109 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249701802825766 11/30/22-00:54:12.581436 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249749802025381 11/30/22-00:55:43.976237 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249759802825766 11/30/22-00:56:01.042444 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249738802024318 11/30/22-00:55:23.450513 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249735802021641 11/30/22-00:55:17.863854 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249705802024313 11/30/22-00:54:20.168790 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249741802024318 11/30/22-00:55:29.247109 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497232025483 11/30/22-00:54:57.894669 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249752802025381 11/30/22-00:55:49.378987 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249716802025381 11/30/22-00:54:43.829219 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249707802021641 11/30/22-00:54:24.716724 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249757802025381 11/30/22-00:55:58.948901 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249730802021641 11/30/22-00:55:08.823725 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.861416532014169 11/30/22-00:55:12.379224 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 61416 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.860088532014169 11/30/22-00:55:21.529314 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60088 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249713802024313 11/30/22-00:54:37.979213 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249726802825766 11/30/22-00:55:01.673863 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249713802024318 11/30/22-00:54:37.979213 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.857743532014169 11/30/22-00:55:08.735474 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57743 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249754802825766 11/30/22-00:55:53.496270 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497572025483 11/30/22-00:55:59.773200 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249744802025381 11/30/22-00:55:34.401351 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.859820532014169 11/30/22-00:55:29.162121 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59820 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.853305532014169 11/30/22-00:54:54.648302 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53305 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497532025483 11/30/22-00:55:52.887247 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249708802025381 11/30/22-00:54:26.803652 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497162025483 11/30/22-00:54:45.204539 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497382025483 11/30/22-00:55:24.982216 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249758802024313 11/30/22-00:56:00.034214 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249755802021641 11/30/22-00:55:55.653974 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497302025483 11/30/22-00:55:10.337695 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497342025483 11/30/22-00:55:17.565495 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249758802024318 11/30/22-00:56:00.034214 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.852387532014169 11/30/22-00:54:14.412323 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52387 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249721802024318 11/30/22-00:54:53.572062 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249727802021641 11/30/22-00:55:03.486766 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249750802021641 11/30/22-00:55:45.758418 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497122025483 11/30/22-00:54:37.552263 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249718802825766 11/30/22-00:54:47.592007 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.851992532014169 11/30/22-00:55:36.286012 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 51992 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.860625532014169 11/30/22-00:54:18.863516 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60625 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249736802025381 11/30/22-00:55:19.643476 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249721802024313 11/30/22-00:54:53.572062 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249746802825766 11/30/22-00:55:38.275174 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249722802021641 11/30/22-00:54:54.732179 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249699802025381 11/30/22-00:54:07.324934 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249714802021641 11/30/22-00:54:39.977728 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497492025483 11/30/22-00:55:45.483574 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249712802025381 11/30/22-00:54:35.972913 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.857840532014169 11/30/22-00:54:09.401173 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57840 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.858301532014169 11/30/22-00:55:42.001541 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58301 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249740802025381 11/30/22-00:55:27.193434 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497422025483 11/30/22-00:55:32.668199 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
192.168.2.38.8.8.863562532014169 11/30/22-00:55:23.368358 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 63562 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497412025483 11/30/22-00:55:30.821604 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
192.168.2.38.8.8.850784532014169 11/30/22-00:55:55.557056 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 50784 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249723802021641 11/30/22-00:54:56.463103 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249713802825766 11/30/22-00:54:37.979213 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249726802024313 11/30/22-00:55:01.673863 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249728802025381 11/30/22-00:55:05.285201 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249726802024318 11/30/22-00:55:01.673863 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249737802025381 11/30/22-00:55:21.614296 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497112025483 11/30/22-00:54:35.462242 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
192.168.2.38.8.8.856949532014169 11/30/22-00:54:59.841953 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56949 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249753802024318 11/30/22-00:55:51.242717 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249753802024313 11/30/22-00:55:51.242717 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497082025483 11/30/22-00:54:28.382639 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249714802825766 11/30/22-00:54:39.977728 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249725802024313 11/30/22-00:54:59.930841 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249756802025381 11/30/22-00:55:57.533680 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.860825532014169 11/30/22-00:55:59.940841 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60825 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249754802024313 11/30/22-00:55:53.496270 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249748802021641 11/30/22-00:55:42.098367 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249725802024318 11/30/22-00:54:59.930841 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249742802021641 11/30/22-00:55:31.101064 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249755802825766 11/30/22-00:55:55.653974 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249754802024318 11/30/22-00:55:53.496270 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249709802025381 11/30/22-00:54:29.164231 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.849977532014169 11/30/22-00:54:06.875981 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49977 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.856924532014169 11/30/22-00:54:16.879287 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56924 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249700802024317 11/30/22-00:54:09.487691 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249739802825766 11/30/22-00:55:25.267085 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.860582532014169 11/30/22-00:54:28.778637 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60582 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497192025483 11/30/22-00:54:51.280995 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
192.168.2.38.8.8.864595532014169 11/30/22-00:55:31.020256 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64595 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249742802825766 11/30/22-00:55:31.101064 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249700802024312 11/30/22-00:54:09.487691 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249711802025381 11/30/22-00:54:33.859062 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.860767532014169 11/30/22-00:54:45.460012 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60767 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249739802021641 11/30/22-00:55:25.267085 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249724802025381 11/30/22-00:54:58.184483 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249751802021641 11/30/22-00:55:47.279515 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249758802825766 11/30/22-00:56:00.034214 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249710802021641 11/30/22-00:54:31.910937 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249711802021641 11/30/22-00:54:33.859062 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.849201532014169 11/30/22-00:56:00.958664 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49201 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249729802024313 11/30/22-00:55:07.068054 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249758802025381 11/30/22-00:56:00.034214 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497262025483 11/30/22-00:55:03.204141 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249743802025381 11/30/22-00:55:32.962709 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249729802024318 11/30/22-00:55:07.068054 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249744802021641 11/30/22-00:55:34.401351 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249726802021641 11/30/22-00:55:01.673863 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249750802024313 11/30/22-00:55:45.758418 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249710802825766 11/30/22-00:54:31.910937 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497222025483 11/30/22-00:54:56.166551 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249750802024318 11/30/22-00:55:45.758418 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249699802021641 11/30/22-00:54:07.324934 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497202025483 11/30/22-00:54:53.259308 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249701802021641 11/30/22-00:54:12.581436 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.853623532014169 11/30/22-00:55:10.547934 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53623 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249754802021641 11/30/22-00:55:53.496270 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249715802025381 11/30/22-00:54:42.060768 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.852955532014169 11/30/22-00:54:26.705694 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52955 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249740802024313 11/30/22-00:55:27.193434 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249740802024318 11/30/22-00:55:27.193434 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249738802025381 11/30/22-00:55:23.450513 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249731802021641 11/30/22-00:55:10.632751 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249752802021641 11/30/22-00:55:49.378987 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249703802021641 11/30/22-00:54:16.960834 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249712802024313 11/30/22-00:54:35.972913 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249727802825766 11/30/22-00:55:03.486766 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249717802025381 11/30/22-00:54:45.540558 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.859581532014169 11/30/22-00:55:17.784201 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59581 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249712802024318 11/30/22-00:54:35.972913 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497312025483 11/30/22-00:55:12.166821 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249739802024313 11/30/22-00:55:25.267085 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249725802025381 11/30/22-00:54:59.930841 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.849166532014169 11/30/22-00:55:40.126118 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49166 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.860749532014169 11/30/22-00:54:58.103973 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 60749 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497052025483 11/30/22-00:54:21.783216 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
192.168.2.38.8.8.853975532014169 11/30/22-00:54:22.160619 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53975 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249753802025381 11/30/22-00:55:51.242717 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249757802021641 11/30/22-00:55:58.948901 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249716802021641 11/30/22-00:54:43.829219 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249739802024318 11/30/22-00:55:25.267085 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249741802825766 11/30/22-00:55:29.247109 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249700802825766 11/30/22-00:54:09.487691 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249720802024313 11/30/22-00:54:51.608521 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249708802024318 11/30/22-00:54:26.803652 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497482025483 11/30/22-00:55:43.661913 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249731802825766 11/30/22-00:55:10.632751 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249702802024313 11/30/22-00:54:14.871390 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249720802024318 11/30/22-00:54:51.608521 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249737802825766 11/30/22-00:55:21.614296 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249702802024318 11/30/22-00:54:14.871390 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249719802825766 11/30/22-00:54:49.641508 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.863446532014169 11/30/22-00:55:43.898414 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 63446 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497092025483 11/30/22-00:54:30.691043 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497432025483 11/30/22-00:55:34.122250 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249708802024313 11/30/22-00:54:26.803652 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.858119532014169 11/30/22-00:55:38.197046 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58119 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.857990532014169 11/30/22-00:54:11.706174 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57990 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249759802024318 11/30/22-00:56:01.042444 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249709802825766 11/30/22-00:54:29.164231 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249730802024313 11/30/22-00:55:08.823725 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249745802025381 11/30/22-00:55:36.377571 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249724802021641 11/30/22-00:54:58.184483 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249759802024313 11/30/22-00:56:01.042444 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249703802825766 11/30/22-00:54:16.960834 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249704802025381 11/30/22-00:54:18.966132 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497152025483 11/30/22-00:54:43.541337 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249730802024318 11/30/22-00:55:08.823725 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249718802024318 11/30/22-00:54:47.592007 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.864121532014169 11/30/22-00:55:57.444180 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64121 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249719802021641 11/30/22-00:54:49.641508 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249721802825766 11/30/22-00:54:53.572062 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497042025483 11/30/22-00:54:19.714505 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249747802021641 11/30/22-00:55:40.214633 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.849874532014169 11/30/22-00:55:45.675021 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49874 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249722802025381 11/30/22-00:54:54.732179 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249718802024313 11/30/22-00:54:47.592007 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.853428532014169 11/30/22-00:55:25.189214 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53428 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249736802024318 11/30/22-00:55:19.643476 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249736802024313 11/30/22-00:55:19.643476 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249732802025381 11/30/22-00:55:12.457821 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497592025483 11/30/22-00:56:01.793951 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249746802024318 11/30/22-00:55:38.275174 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249749802024318 11/30/22-00:55:43.976237 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249737802021641 11/30/22-00:55:21.614296 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249746802024313 11/30/22-00:55:38.275174 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497542025483 11/30/22-00:55:55.161061 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249735802025381 11/30/22-00:55:17.863854 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249706802021641 11/30/22-00:54:22.484255 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249734802021641 11/30/22-00:55:16.065951 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249699802825766 11/30/22-00:54:07.324934 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497322025483 11/30/22-00:55:13.950022 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497372025483 11/30/22-00:55:23.147009 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249749802024313 11/30/22-00:55:43.976237 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249748802025381 11/30/22-00:55:42.098367 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497212025483 11/30/22-00:54:54.418787 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497102025483 11/30/22-00:54:33.459515 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249733802024313 11/30/22-00:55:14.244291 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249707802025381 11/30/22-00:54:24.716724 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249733802024318 11/30/22-00:55:14.244291 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.851139532014169 11/30/22-00:54:24.370686 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 51139 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249721802021641 11/30/22-00:54:53.572062 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249747802825766 11/30/22-00:55:40.214633 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249706802825766 11/30/22-00:54:22.484255 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249709802021641 11/30/22-00:54:29.164231 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.855638532014169 11/30/22-00:54:39.891168 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 55638 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.853466532014169 11/30/22-00:55:06.970990 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53466 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249717802021641 11/30/22-00:54:45.540558 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.864823532014169 11/30/22-00:55:34.318234 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64823 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249706802025381 11/30/22-00:54:22.484255 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249716802825766 11/30/22-00:54:43.829219 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249720802021641 11/30/22-00:54:51.608521 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.865017532014169 11/30/22-00:55:05.186135 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65017 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249734802025381 11/30/22-00:55:16.065951 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249723802024318 11/30/22-00:54:56.463103 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.864602532014169 11/30/22-00:55:53.393350 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64602 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497252025483 11/30/22-00:55:01.390776 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497292025483 11/30/22-00:55:08.539654 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249723802024313 11/30/22-00:54:56.463103 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.853848532014169 11/30/22-00:54:49.539403 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53848 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249744802825766 11/30/22-00:55:34.401351 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.865107532014169 11/30/22-00:54:47.470066 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65107 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249739802025381 11/30/22-00:55:25.267085 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249712802021641 11/30/22-00:54:35.972913 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249753802021641 11/30/22-00:55:51.242717 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249725802021641 11/30/22-00:54:59.930841 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249748802024318 11/30/22-00:55:42.098367 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249731802024313 11/30/22-00:55:10.632751 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249748802024313 11/30/22-00:55:42.098367 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.865196532014169 11/30/22-00:55:14.166464 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65196 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249731802024318 11/30/22-00:55:10.632751 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249708802825766 11/30/22-00:54:26.803652 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249749802825766 11/30/22-00:55:43.976237 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249743802024313 11/30/22-00:55:32.962709 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249757802825766 11/30/22-00:55:58.948901 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249743802024318 11/30/22-00:55:32.962709 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249728802024318 11/30/22-00:55:05.285201 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249750802025381 11/30/22-00:55:45.758418 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249700802021641 11/30/22-00:54:09.487691 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249728802024313 11/30/22-00:55:05.285201 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249714802025381 11/30/22-00:54:39.977728 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249724802825766 11/30/22-00:54:58.184483 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249719802025381 11/30/22-00:54:49.641508 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249756802024318 11/30/22-00:55:57.533680 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249742802025381 11/30/22-00:55:31.101064 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249733802021641 11/30/22-00:55:14.244291 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249729802825766 11/30/22-00:55:07.068054 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.857704532014169 11/30/22-00:54:41.979608 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57704 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249715802024318 11/30/22-00:54:42.060768 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249752802825766 11/30/22-00:55:49.378987 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249756802024313 11/30/22-00:55:57.533680 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249715802024313 11/30/22-00:54:42.060768 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249751802024313 11/30/22-00:55:47.279515 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249711802825766 11/30/22-00:54:33.859062 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249751802024318 11/30/22-00:55:47.279515 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249710802024318 11/30/22-00:54:31.910937 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249710802024313 11/30/22-00:54:31.910937 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249747802025381 11/30/22-00:55:40.214633 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249701802025381 11/30/22-00:54:12.581436 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249755802025381 11/30/22-00:55:55.653974 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249729802021641 11/30/22-00:55:07.068054 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497442025483 11/30/22-00:55:36.086250 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249735802024318 11/30/22-00:55:17.863854 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.853049532014169 11/30/22-00:55:19.563471 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53049 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249735802024313 11/30/22-00:55:17.863854 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249744802024313 11/30/22-00:55:34.401351 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497472025483 11/30/22-00:55:41.771804 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249744802024318 11/30/22-00:55:34.401351 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249741802021641 11/30/22-00:55:29.247109 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249704802825766 11/30/22-00:54:18.966132 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249746802025381 11/30/22-00:55:38.275174 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249732802021641 11/30/22-00:55:12.457821 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249699802024312 11/30/22-00:54:07.324934 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249707802024313 11/30/22-00:54:24.716724 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497062025483 11/30/22-00:54:24.053489 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497502025483 11/30/22-00:55:46.963833 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249699802024317 11/30/22-00:54:07.324934 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249727802025381 11/30/22-00:55:03.486766 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.865511532014169 11/30/22-00:55:27.103034 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65511 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.864967532014169 11/30/22-00:55:58.869049 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 64967 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249721802025381 11/30/22-00:54:53.572062 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249707802024318 11/30/22-00:54:24.716724 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249713802021641 11/30/22-00:54:37.979213 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249732802825766 11/30/22-00:55:12.457821 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249751802825766 11/30/22-00:55:47.279515 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497552025483 11/30/22-00:55:57.270722 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497582025483 11/30/22-00:56:00.797031 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497362025483 11/30/22-00:55:21.118367 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249703802024318 11/30/22-00:54:16.960834 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249702802025381 11/30/22-00:54:14.871390 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249703802024313 11/30/22-00:54:16.960834 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.857134532014169 11/30/22-00:54:31.820802 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57134 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249758802021641 11/30/22-00:56:00.034214 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.858691532014169 11/30/22-00:54:53.455722 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58691 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249736802825766 11/30/22-00:55:19.643476 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249705802025381 11/30/22-00:54:20.168790 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497332025483 11/30/22-00:55:15.751744 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249745802825766 11/30/22-00:55:36.377571 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497032025483 11/30/22-00:54:18.541620 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497142025483 11/30/22-00:54:41.602416 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249716802024313 11/30/22-00:54:43.829219 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.859433532014169 11/30/22-00:54:56.376062 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59433 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249757802024313 11/30/22-00:55:58.948901 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249717802825766 11/30/22-00:54:45.540558 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249722802024313 11/30/22-00:54:54.732179 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249716802024318 11/30/22-00:54:43.829219 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249759802025381 11/30/22-00:56:01.042444 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249757802024318 11/30/22-00:55:58.948901 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249723802825766 11/30/22-00:54:56.463103 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249718802025381 11/30/22-00:54:47.592007 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249730802025381 11/30/22-00:55:08.823725 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249704802021641 11/30/22-00:54:18.966132 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249722802024318 11/30/22-00:54:54.732179 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249745802021641 11/30/22-00:55:36.377571 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249714802024313 11/30/22-00:54:39.977728 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249725802825766 11/30/22-00:54:59.930841 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249700802025381 11/30/22-00:54:09.487691 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249714802024318 11/30/22-00:54:39.977728 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.858708532014169 11/30/22-00:55:15.985743 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 58708 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497282025483 11/30/22-00:55:06.759571 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249732802024318 11/30/22-00:55:12.457821 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249707802825766 11/30/22-00:54:24.716724 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497242025483 11/30/22-00:54:59.594972 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249732802024313 11/30/22-00:55:12.457821 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249708802021641 11/30/22-00:54:26.803652 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249724802024318 11/30/22-00:54:58.184483 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249759802021641 11/30/22-00:56:01.042444 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249751802025381 11/30/22-00:55:47.279515 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249724802024313 11/30/22-00:54:58.184483 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249710802025381 11/30/22-00:54:31.910937 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249715802825766 11/30/22-00:54:42.060768 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249747802024318 11/30/22-00:55:40.214633 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249747802024313 11/30/22-00:55:40.214633 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249719802024313 11/30/22-00:54:49.641508 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249743802825766 11/30/22-00:55:32.962709 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.857571532014169 11/30/22-00:54:51.528645 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 57571 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249719802024318 11/30/22-00:54:49.641508 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249742802024318 11/30/22-00:55:31.101064 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.859636532014169 11/30/22-00:54:37.879679 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 59636 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249720802825766 11/30/22-00:54:51.608521 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249742802024313 11/30/22-00:55:31.101064 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249718802021641 11/30/22-00:54:47.592007 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249733802025381 11/30/22-00:55:14.244291 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249736802021641 11/30/22-00:55:19.643476 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249746802021641 11/30/22-00:55:38.275174 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249734802024318 11/30/22-00:55:16.065951 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249723802025381 11/30/22-00:54:56.463103 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249748802825766 11/30/22-00:55:42.098367 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249737802024313 11/30/22-00:55:21.614296 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497562025483 11/30/22-00:55:58.723099 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249702802825766 11/30/22-00:54:14.871390 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249737802024318 11/30/22-00:55:21.614296 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249730802825766 11/30/22-00:55:08.823725 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249706802024313 11/30/22-00:54:22.484255 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249734802024313 11/30/22-00:55:16.065951 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497352025483 11/30/22-00:55:19.347023 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249706802024318 11/30/22-00:54:22.484255 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497522025483 11/30/22-00:55:50.930381 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497172025483 11/30/22-00:54:47.032787 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249733802825766 11/30/22-00:55:14.244291 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497392025483 11/30/22-00:55:26.908255 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249720802025381 11/30/22-00:54:51.608521 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249749802021641 11/30/22-00:55:43.976237 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.865320532014169 11/30/22-00:54:43.751689 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65320 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249735802825766 11/30/22-00:55:17.863854 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.852079532014169 11/30/22-00:55:32.870195 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52079 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497012025483 11/30/22-00:54:14.085146 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249731802025381 11/30/22-00:55:10.632751 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249709802024318 11/30/22-00:54:29.164231 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249745802024318 11/30/22-00:55:36.377571 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249709802024313 11/30/22-00:54:29.164231 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249705802825766 11/30/22-00:54:20.168790 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249745802024313 11/30/22-00:55:36.377571 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249704802024318 11/30/22-00:54:18.966132 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249704802024313 11/30/22-00:54:18.966132 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249717802024313 11/30/22-00:54:45.540558 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249722802825766 11/30/22-00:54:54.732179 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249703802025381 11/30/22-00:54:16.960834 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.849302532014169 11/30/22-00:54:20.078245 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 49302 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249711802024313 11/30/22-00:54:33.859062 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249728802825766 11/30/22-00:55:05.285201 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249705802021641 11/30/22-00:54:20.168790 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249711802024318 11/30/22-00:54:33.859062 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249738802021641 11/30/22-00:55:23.450513 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.865385532014169 11/30/22-00:55:49.289719 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65385 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249740802825766 11/30/22-00:55:27.193434 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497452025483 11/30/22-00:55:37.973570 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497462025483 11/30/22-00:55:39.906968 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
95.213.216.202192.168.2.380497402025483 11/30/22-00:55:28.902821 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249717802024318 11/30/22-00:54:45.540558 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249701802024313 11/30/22-00:54:12.581436 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249738802825766 11/30/22-00:55:23.450513 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497132025483 11/30/22-00:54:39.587400 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249701802024318 11/30/22-00:54:12.581436 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249756802825766 11/30/22-00:55:57.533680 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497022025483 11/30/22-00:54:16.469088 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249750802825766 11/30/22-00:55:45.758418 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249743802021641 11/30/22-00:55:32.962709 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249740802021641 11/30/22-00:55:27.193434 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249729802025381 11/30/22-00:55:07.068054 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249752802024313 11/30/22-00:55:49.378987 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249741802025381 11/30/22-00:55:29.247109 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249726802025381 11/30/22-00:55:01.673863 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249752802024318 11/30/22-00:55:49.378987 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.856042532014169 11/30/22-00:54:35.894646 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 56042 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.853844532014169 11/30/22-00:55:03.396283 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 53844 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.38.8.8.862050532014169 11/30/22-00:54:33.763792 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 62050 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249728802021641 11/30/22-00:55:05.285201 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497512025483 11/30/22-00:55:49.068855 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249755802024318 11/30/22-00:55:55.653974 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
95.213.216.202192.168.2.380497182025483 11/30/22-00:54:49.052316 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
192.168.2.38.8.8.852547532014169 11/30/22-00:55:01.596754 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 52547 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249755802024313 11/30/22-00:55:55.653974 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249727802024318 11/30/22-00:55:03.486766 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249713802025381 11/30/22-00:54:37.979213 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249756802021641 11/30/22-00:55:57.533680 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.865459532014169 11/30/22-00:55:47.178193 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 65459 | 53 | 192.168.2.3 | 8.8.8.8 |
95.213.216.202192.168.2.380497072025483 11/30/22-00:54:26.372322 | TCP | 2025483 | ET TROJAN LokiBot Fake 404 Response | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
192.168.2.395.213.216.20249715802021641 11/30/22-00:54:42.060768 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249712802825766 11/30/22-00:54:35.972913 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249753802825766 11/30/22-00:55:51.242717 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.38.8.8.854153532014169 11/30/22-00:55:51.152832 | UDP | 2014169 | ET DNS Query for .su TLD (Soviet Union) Often Malware Related | 54153 | 53 | 192.168.2.3 | 8.8.8.8 |
192.168.2.395.213.216.20249754802025381 11/30/22-00:55:53.496270 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
192.168.2.395.213.216.20249727802024313 11/30/22-00:55:03.486766 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 30, 2022 00:54:07.252681971 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:07.317872047 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:07.318666935 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:07.324934006 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:07.390002012 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:07.390280008 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:07.454189062 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:08.932713032 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:08.932929993 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:08.932929993 CET | 49699 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:08.997078896 CET | 80 | 49699 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:09.427567959 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:09.484437943 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:09.484872103 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:09.487690926 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:09.545456886 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:09.545732975 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:09.602526903 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:11.058943987 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:11.059271097 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:11.251259089 CET | 49700 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:11.308391094 CET | 80 | 49700 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:12.515145063 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:12.578533888 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:12.578650951 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:12.581435919 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:12.644690037 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:12.644942999 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:12.708281040 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:14.085145950 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:14.085324049 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:14.085324049 CET | 49701 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:14.148653984 CET | 80 | 49701 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:14.796390057 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:14.863887072 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:14.864324093 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:14.871390104 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:14.938833952 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:14.939245939 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:15.006510973 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:16.469088078 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:16.469213009 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:16.469305038 CET | 49702 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:16.536587954 CET | 80 | 49702 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:16.901004076 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:16.957978010 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:16.958115101 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:16.960834026 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:17.017646074 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:17.017842054 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:17.074562073 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:18.541620016 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:18.541914940 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:18.541914940 CET | 49703 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:18.598728895 CET | 80 | 49703 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:18.898685932 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:18.963310003 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:18.963515997 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:18.966131926 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:19.030903101 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:19.031228065 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:19.095748901 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:19.714504957 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:19.714649916 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:19.722553015 CET | 49704 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:19.787149906 CET | 80 | 49704 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:20.097837925 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:20.161624908 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:20.161886930 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:20.168790102 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:20.232583046 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:20.232693911 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:20.296284914 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:21.783216000 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:21.783595085 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:21.783595085 CET | 49705 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:21.847395897 CET | 80 | 49705 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:22.417725086 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:22.481591940 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:22.481817961 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:22.484255075 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:22.547919989 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:22.548185110 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:22.611813068 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:24.053488970 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:24.053700924 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:24.053700924 CET | 49706 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:24.117465019 CET | 80 | 49706 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:24.644469023 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:24.708810091 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:24.709328890 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:24.716723919 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:24.780909061 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:24.781121969 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:24.845062971 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:26.372322083 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:26.372553110 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:26.372901917 CET | 49707 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:26.436924934 CET | 80 | 49707 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:26.735404968 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:26.800751925 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:26.800952911 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:26.803652048 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:26.868796110 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:26.868957043 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:26.933984041 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:28.382638931 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:28.382777929 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:28.382778883 CET | 49708 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:28.448436022 CET | 80 | 49708 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:29.066101074 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:29.122601986 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:29.122786045 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:29.164231062 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:29.220624924 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:29.220927000 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:29.277586937 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:30.691042900 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:30.691278934 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:30.691428900 CET | 49709 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:30.747807980 CET | 80 | 49709 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:31.844077110 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:31.908207893 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:31.908368111 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:31.910937071 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:31.975022078 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:31.975130081 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:32.039067984 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:33.459515095 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:33.459865093 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:33.459933043 CET | 49710 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:33.525604010 CET | 80 | 49710 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:33.782614946 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:33.839637041 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:33.839822054 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:33.859061956 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:33.916126013 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:33.916356087 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:33.973261118 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:35.462241888 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:35.462493896 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:35.462584972 CET | 49711 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:35.519414902 CET | 80 | 49711 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:35.913698912 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:35.970079899 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:35.970185041 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:35.972913027 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:36.029299974 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:36.032005072 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:36.088288069 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:37.552263021 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:37.552381992 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:37.552381992 CET | 49712 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:37.609476089 CET | 80 | 49712 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:37.898960114 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:37.965244055 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:37.965348959 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:37.979212999 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:38.045309067 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:38.045681953 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:38.111735106 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:39.587399960 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:39.587636948 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:39.588252068 CET | 49713 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:39.653244972 CET | 80 | 49713 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:39.909919024 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:39.974522114 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:39.974756002 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:39.977727890 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:40.042501926 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:40.042785883 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:40.107534885 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:41.602416039 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:41.604454994 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:41.604455948 CET | 49714 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:41.669280052 CET | 80 | 49714 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:41.998399973 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:42.055399895 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:42.056597948 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:42.060767889 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:42.117670059 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:42.120702982 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:42.177629948 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:43.541337013 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:43.541443110 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:43.541507006 CET | 49715 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:43.598397970 CET | 80 | 49715 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:43.769913912 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:43.826594114 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:43.826715946 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:43.829219103 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:43.885807037 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:43.885901928 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:43.942477942 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:45.204539061 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:45.204745054 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:45.204745054 CET | 49716 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:45.261375904 CET | 80 | 49716 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:45.480798960 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:45.537395954 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:45.537679911 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:45.540558100 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:45.597280979 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:45.597480059 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:45.654186964 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:47.032787085 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:47.032946110 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:47.058496952 CET | 49717 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:47.115341902 CET | 80 | 49717 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:47.489988089 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:47.553695917 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:47.553802013 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:47.592006922 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:47.655783892 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:47.657054901 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:47.720890045 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:49.052315950 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:49.052567005 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:49.052567959 CET | 49718 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:49.116251945 CET | 80 | 49718 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:49.560311079 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:49.624638081 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:49.624974012 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:49.641508102 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:49.705724955 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:49.705965042 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:49.772209883 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:51.280994892 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:51.281199932 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:51.281199932 CET | 49719 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:51.345415115 CET | 80 | 49719 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:51.548526049 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:51.605362892 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:51.605673075 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:51.608520985 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:51.665606022 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:51.668618917 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:51.725402117 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:53.259308100 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:53.259599924 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:53.260018110 CET | 49720 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:53.316739082 CET | 80 | 49720 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:53.497282982 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:53.561186075 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:53.561407089 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:53.572062016 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:53.635884047 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:53.635982037 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:53.699680090 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:54.418787003 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:54.419008017 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:54.419059038 CET | 49721 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:54.482815981 CET | 80 | 49721 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:54.670505047 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:54.727052927 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:54.729609966 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:54.732178926 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:54.788742065 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:54.789618969 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:54.845973015 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:56.166551113 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:56.166851044 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:56.167161942 CET | 49722 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:56.223620892 CET | 80 | 49722 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:56.396608114 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:56.460263014 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:56.460342884 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:56.463103056 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:56.526700020 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:56.526835918 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:56.590533972 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:57.894669056 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:57.895031929 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:57.895031929 CET | 49723 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:57.958792925 CET | 80 | 49723 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:58.125056028 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:58.181525946 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:58.181694031 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:58.184483051 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:58.240962029 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:58.242203951 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:58.298794031 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:59.594971895 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:59.595192909 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:59.597685099 CET | 49724 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:59.654140949 CET | 80 | 49724 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:59.862596035 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:59.927382946 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:59.927499056 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:59.930840969 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:54:59.996124983 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:54:59.996385098 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:00.061088085 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:01.390775919 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:01.390856981 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:01.390960932 CET | 49725 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:01.455671072 CET | 80 | 49725 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:01.614711046 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:01.671113014 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:01.671252012 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:01.673862934 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:01.730237961 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:01.730465889 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:01.786848068 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:03.204140902 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:03.204266071 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:03.204340935 CET | 49726 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:03.260652065 CET | 80 | 49726 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:03.414943933 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:03.479100943 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:03.479541063 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:03.486766100 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:03.551842928 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:03.552114010 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:03.617244959 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:04.982566118 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:04.982990980 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:04.983076096 CET | 49727 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:05.047188044 CET | 80 | 49727 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:05.207638979 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:05.278845072 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:05.278989077 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:05.285201073 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:05.356693029 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:05.356775045 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:05.428106070 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:06.759571075 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:06.760262966 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:06.760387897 CET | 49728 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:06.831724882 CET | 80 | 49728 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:06.989644051 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:07.060533047 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:07.060817003 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:07.068053961 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:07.139190912 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:07.142729998 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:07.213907003 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:08.539654016 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:08.539772987 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:08.539851904 CET | 49729 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:08.610599041 CET | 80 | 49729 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:08.755198956 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:08.818732023 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:08.818875074 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:08.823724985 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:08.887221098 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:08.887696981 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:08.952023983 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:10.337694883 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:10.338476896 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:10.338607073 CET | 49730 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:10.402264118 CET | 80 | 49730 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:10.566430092 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:10.630012035 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:10.630254030 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:10.632750988 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:10.696681976 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:10.697035074 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:10.760850906 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:12.166821003 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:12.166995049 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:12.166995049 CET | 49731 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:12.230671883 CET | 80 | 49731 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:12.397857904 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:12.454653978 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:12.454866886 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:12.457820892 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:12.515181065 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:12.519223928 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:12.576708078 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:13.950021982 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:13.950387955 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:13.951273918 CET | 49732 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:14.008239985 CET | 80 | 49732 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:14.185133934 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:14.241457939 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:14.241565943 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:14.244291067 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:14.300695896 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:14.300803900 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:14.356933117 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:15.751744032 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:15.755505085 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:15.755600929 CET | 49733 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:15.812007904 CET | 80 | 49733 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:16.004370928 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:16.061487913 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:16.063473940 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:16.065951109 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:16.122412920 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:16.123481035 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:16.180047989 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:17.565495014 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:17.565593004 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:17.565663099 CET | 49734 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:17.622051001 CET | 80 | 49734 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:17.802988052 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:17.859404087 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:17.859607935 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:17.863853931 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:17.920332909 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:17.920523882 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:17.976902008 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:19.347023010 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:19.347120047 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:19.347496986 CET | 49735 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:19.403734922 CET | 80 | 49735 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:19.583940029 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:19.640748024 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:19.640861988 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:19.643476009 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:19.700324059 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:19.700479031 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:19.757318020 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:21.118366957 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:21.118597984 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:21.235958099 CET | 49736 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:21.292860031 CET | 80 | 49736 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:21.548213959 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:21.611660957 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:21.611757994 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:21.614295959 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:21.677872896 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:21.678060055 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:21.741621017 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:23.147008896 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:23.147200108 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:23.150054932 CET | 49737 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:23.213816881 CET | 80 | 49737 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:23.390598059 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:23.447422981 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:23.447587013 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:23.450512886 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:23.507425070 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:23.507752895 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:23.564448118 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:24.982215881 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:24.982362986 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:24.982462883 CET | 49738 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:25.039313078 CET | 80 | 49738 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:25.207818985 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:25.264349937 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:25.264487028 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:25.267085075 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:25.324078083 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:25.324280977 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:25.380676985 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:26.908255100 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:26.908451080 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:26.908452034 CET | 49739 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:26.965130091 CET | 80 | 49739 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:27.123436928 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:27.187022924 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:27.187329054 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:27.193434000 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:27.257107019 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:27.257441998 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:27.321250916 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:28.902821064 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:28.903115034 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:28.903115034 CET | 49740 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:28.966690063 CET | 80 | 49740 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:29.181029081 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:29.244118929 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:29.244323015 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:29.247108936 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:29.310338974 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:29.312683105 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:29.376096964 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:30.821604013 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:30.821768045 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:30.821768045 CET | 49741 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:30.885057926 CET | 80 | 49741 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:31.041150093 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:31.098012924 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:31.098140955 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:31.101063967 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:31.158945084 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:31.159028053 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:31.215954065 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:32.668199062 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:32.668359041 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:32.668557882 CET | 49742 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:32.725229979 CET | 80 | 49742 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:32.891294956 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:32.955029964 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:32.955296993 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:32.962708950 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:33.026671886 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:33.026784897 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:33.090379953 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:34.122250080 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:34.122378111 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:34.122379065 CET | 49743 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:34.186547995 CET | 80 | 49743 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:34.336832047 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:34.393754959 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:34.394207001 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:34.401350975 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:34.458348989 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:34.458682060 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:34.515522957 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:36.086250067 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:36.086574078 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:36.086646080 CET | 49744 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:36.143685102 CET | 80 | 49744 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:36.305556059 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:36.369642019 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:36.370085955 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:36.377571106 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:36.441842079 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:36.442002058 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:36.506124020 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:37.973570108 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:37.977447033 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:37.994298935 CET | 49745 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:38.058605909 CET | 80 | 49745 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:38.215667009 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:38.272118092 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:38.272234917 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:38.275173903 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:38.331401110 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:38.333534956 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:38.390136957 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:39.906968117 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:39.907114983 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:39.907172918 CET | 49746 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:39.963509083 CET | 80 | 49746 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:40.151000023 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:40.207727909 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:40.207912922 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:40.214632988 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:40.271559000 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:40.271949053 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:40.328738928 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:41.771804094 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:41.772068977 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:41.772069931 CET | 49747 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:41.828773022 CET | 80 | 49747 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:42.022281885 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:42.087943077 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:42.088301897 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:42.098366976 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:42.164235115 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:42.166110039 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:42.232266903 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:43.661912918 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:43.662535906 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:43.664011002 CET | 49748 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:43.729532957 CET | 80 | 49748 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:43.916825056 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:43.973140001 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:43.973423958 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:43.976237059 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:44.032557964 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:44.034007072 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:44.090533018 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:45.483573914 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:45.483691931 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:45.483772993 CET | 49749 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:45.540266037 CET | 80 | 49749 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:45.696420908 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:45.753129959 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:45.753353119 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:45.758418083 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:45.815217972 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:45.815349102 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:45.872066975 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:46.963833094 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:46.966191053 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:46.966192007 CET | 49750 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:47.023200035 CET | 80 | 49750 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:47.199429989 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:47.270355940 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:47.274290085 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:47.279515028 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:47.352221012 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:47.352607965 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:47.423551083 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:49.068855047 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:49.069000959 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:49.069001913 CET | 49751 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:49.139884949 CET | 80 | 49751 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:49.310100079 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:49.374298096 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:49.376203060 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:49.378987074 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:49.443128109 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:49.446521044 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:49.510756016 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:50.930381060 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:50.930756092 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:50.930757046 CET | 49752 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:50.995115995 CET | 80 | 49752 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:51.174263954 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:51.231029034 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:51.231292009 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:51.242717028 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:51.299602032 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:51.299818039 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:51.356714964 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:52.887247086 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:52.887528896 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:52.887574911 CET | 49753 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:52.945564032 CET | 80 | 49753 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:53.413743973 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:53.470174074 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:53.470912933 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:53.496269941 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:53.552856922 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:53.554918051 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:53.611341953 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:55.161061049 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:55.161240101 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:55.161240101 CET | 49754 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:55.217797995 CET | 80 | 49754 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:55.587070942 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:55.650820971 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:55.650958061 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:55.653974056 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:55.717514992 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:55.717783928 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:55.781785011 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:57.270721912 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:57.271272898 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:57.273473024 CET | 49755 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:57.337918997 CET | 80 | 49755 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:57.465915918 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:57.529999018 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:57.530544996 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:57.533679962 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:57.597755909 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:57.599260092 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:57.663528919 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:58.723098993 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:58.723207951 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:58.723279953 CET | 49756 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:58.788446903 CET | 80 | 49756 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:58.887741089 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:58.946193933 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:58.946315050 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:58.948900938 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:59.005773067 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:59.005871058 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:59.065747976 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:59.773200035 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:59.779139042 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:59.779177904 CET | 49757 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:55:59.835975885 CET | 80 | 49757 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:55:59.959078074 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:00.022310019 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:00.022512913 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:00.034214020 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:00.097515106 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:00.097791910 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:00.161053896 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:00.797030926 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:00.797266006 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:00.797266006 CET | 49758 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:00.860564947 CET | 80 | 49758 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:00.980782986 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:01.037372112 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:01.037604094 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:01.042443991 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:01.098797083 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:01.099145889 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:01.155508995 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:01.793951035 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
Nov 30, 2022 00:56:01.794126987 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:01.794150114 CET | 49759 | 80 | 192.168.2.3 | 95.213.216.202 |
Nov 30, 2022 00:56:01.850579977 CET | 80 | 49759 | 95.213.216.202 | 192.168.2.3 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 30, 2022 00:54:06.875981092 CET | 49977 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:07.240958929 CET | 53 | 49977 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:09.401173115 CET | 57840 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:09.420834064 CET | 53 | 57840 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:11.706173897 CET | 57990 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:12.468837023 CET | 53 | 57990 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:14.412322998 CET | 52387 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:14.780765057 CET | 53 | 52387 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:16.879287004 CET | 56924 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:16.898757935 CET | 53 | 56924 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:18.863516092 CET | 60625 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:18.881309032 CET | 53 | 60625 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:20.078244925 CET | 49302 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:20.096685886 CET | 53 | 49302 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:22.160619020 CET | 53975 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:22.415709972 CET | 53 | 53975 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:24.370686054 CET | 51139 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:24.639362097 CET | 53 | 51139 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:26.705693960 CET | 52955 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:26.723373890 CET | 53 | 52955 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:28.778636932 CET | 60582 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:29.064884901 CET | 53 | 60582 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:31.820801973 CET | 57134 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:31.840390921 CET | 53 | 57134 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:33.763792038 CET | 62050 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:33.781332970 CET | 53 | 62050 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:35.894645929 CET | 56042 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:35.912352085 CET | 53 | 56042 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:37.879678965 CET | 59636 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:37.897547007 CET | 53 | 59636 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:39.891168118 CET | 55638 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:39.908864975 CET | 53 | 55638 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:41.979608059 CET | 57704 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:41.997195005 CET | 53 | 57704 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:43.751688957 CET | 65320 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:43.768886089 CET | 53 | 65320 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:45.460011959 CET | 60767 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:45.479480982 CET | 53 | 60767 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:47.470066071 CET | 65107 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:47.487802982 CET | 53 | 65107 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:49.539402962 CET | 53848 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:49.559163094 CET | 53 | 53848 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:51.528645039 CET | 57571 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:51.546144009 CET | 53 | 57571 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:53.455722094 CET | 58691 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:53.473742008 CET | 53 | 58691 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:54.648302078 CET | 53305 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:54.668741941 CET | 53 | 53305 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:56.376061916 CET | 59433 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:56.395571947 CET | 53 | 59433 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:58.103972912 CET | 60749 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:58.123743057 CET | 53 | 60749 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:54:59.841953039 CET | 56949 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:54:59.861439943 CET | 53 | 56949 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:01.596754074 CET | 52547 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:01.613591909 CET | 53 | 52547 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:03.396282911 CET | 53844 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:03.413459063 CET | 53 | 53844 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:05.186135054 CET | 65017 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:05.205918074 CET | 53 | 65017 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:06.970989943 CET | 53466 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:06.988650084 CET | 53 | 53466 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:08.735474110 CET | 57743 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:08.753017902 CET | 53 | 57743 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:10.547934055 CET | 53623 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:10.565411091 CET | 53 | 53623 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:12.379224062 CET | 61416 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:12.396709919 CET | 53 | 61416 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:14.166464090 CET | 65196 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:14.183665037 CET | 53 | 65196 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:15.985743046 CET | 58708 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:16.003206015 CET | 53 | 58708 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:17.784200907 CET | 59581 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:17.801747084 CET | 53 | 59581 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:19.563471079 CET | 53049 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:19.582814932 CET | 53 | 53049 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:21.529314041 CET | 60088 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:21.547068119 CET | 53 | 60088 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:23.368357897 CET | 63562 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:23.385291100 CET | 53 | 63562 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:25.189213991 CET | 53428 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:25.206536055 CET | 53 | 53428 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:27.103034019 CET | 65511 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:27.120949030 CET | 53 | 65511 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:29.162121058 CET | 59820 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:29.179055929 CET | 53 | 59820 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:31.020256042 CET | 64595 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:31.039771080 CET | 53 | 64595 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:32.870194912 CET | 52079 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:32.889683008 CET | 53 | 52079 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:34.318233967 CET | 64823 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:34.335309029 CET | 53 | 64823 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:36.286011934 CET | 51992 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:36.303749084 CET | 53 | 51992 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:38.197046041 CET | 58119 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:38.214360952 CET | 53 | 58119 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:40.126117945 CET | 49166 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:40.145720959 CET | 53 | 49166 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:42.001540899 CET | 58301 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:42.019203901 CET | 53 | 58301 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:43.898413897 CET | 63446 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:43.915456057 CET | 53 | 63446 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:45.675020933 CET | 49874 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:45.694405079 CET | 53 | 49874 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:47.178193092 CET | 65459 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:47.198072910 CET | 53 | 65459 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:49.289719105 CET | 65385 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:49.307233095 CET | 53 | 65385 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:51.152832031 CET | 54153 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:51.172306061 CET | 53 | 54153 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:53.393349886 CET | 64602 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:53.412369013 CET | 53 | 64602 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:55.557055950 CET | 50784 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:55.574852943 CET | 53 | 50784 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:57.444180012 CET | 64121 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:57.463988066 CET | 53 | 64121 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:58.869049072 CET | 64967 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:58.886452913 CET | 53 | 64967 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:55:59.940840960 CET | 60825 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:55:59.957931995 CET | 53 | 60825 | 8.8.8.8 | 192.168.2.3 |
Nov 30, 2022 00:56:00.958663940 CET | 49201 | 53 | 192.168.2.3 | 8.8.8.8 |
Nov 30, 2022 00:56:00.977658987 CET | 53 | 49201 | 8.8.8.8 | 192.168.2.3 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Nov 30, 2022 00:54:06.875981092 CET | 192.168.2.3 | 8.8.8.8 | 0x6188 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:09.401173115 CET | 192.168.2.3 | 8.8.8.8 | 0x5d3b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:11.706173897 CET | 192.168.2.3 | 8.8.8.8 | 0xb7e8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:14.412322998 CET | 192.168.2.3 | 8.8.8.8 | 0x4082 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:16.879287004 CET | 192.168.2.3 | 8.8.8.8 | 0x22b9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:18.863516092 CET | 192.168.2.3 | 8.8.8.8 | 0xeaac | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:20.078244925 CET | 192.168.2.3 | 8.8.8.8 | 0x28fb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:22.160619020 CET | 192.168.2.3 | 8.8.8.8 | 0xee98 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:24.370686054 CET | 192.168.2.3 | 8.8.8.8 | 0x2624 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:26.705693960 CET | 192.168.2.3 | 8.8.8.8 | 0x5477 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:28.778636932 CET | 192.168.2.3 | 8.8.8.8 | 0xdecc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:31.820801973 CET | 192.168.2.3 | 8.8.8.8 | 0x1c2d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:33.763792038 CET | 192.168.2.3 | 8.8.8.8 | 0xf2e6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:35.894645929 CET | 192.168.2.3 | 8.8.8.8 | 0x1fc5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:37.879678965 CET | 192.168.2.3 | 8.8.8.8 | 0xbad | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:39.891168118 CET | 192.168.2.3 | 8.8.8.8 | 0x785c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:41.979608059 CET | 192.168.2.3 | 8.8.8.8 | 0xabaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:43.751688957 CET | 192.168.2.3 | 8.8.8.8 | 0x692b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:45.460011959 CET | 192.168.2.3 | 8.8.8.8 | 0x4377 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:47.470066071 CET | 192.168.2.3 | 8.8.8.8 | 0xbe7a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:49.539402962 CET | 192.168.2.3 | 8.8.8.8 | 0x9c9a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:51.528645039 CET | 192.168.2.3 | 8.8.8.8 | 0xb58 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:53.455722094 CET | 192.168.2.3 | 8.8.8.8 | 0xdac7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:54.648302078 CET | 192.168.2.3 | 8.8.8.8 | 0xaacd | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:56.376061916 CET | 192.168.2.3 | 8.8.8.8 | 0x479c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:58.103972912 CET | 192.168.2.3 | 8.8.8.8 | 0xea9f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:54:59.841953039 CET | 192.168.2.3 | 8.8.8.8 | 0x16e7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:01.596754074 CET | 192.168.2.3 | 8.8.8.8 | 0x35c4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:03.396282911 CET | 192.168.2.3 | 8.8.8.8 | 0x8db7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:05.186135054 CET | 192.168.2.3 | 8.8.8.8 | 0xa497 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:06.970989943 CET | 192.168.2.3 | 8.8.8.8 | 0x67db | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:08.735474110 CET | 192.168.2.3 | 8.8.8.8 | 0x7db5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:10.547934055 CET | 192.168.2.3 | 8.8.8.8 | 0x1fa1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:12.379224062 CET | 192.168.2.3 | 8.8.8.8 | 0x4f02 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:14.166464090 CET | 192.168.2.3 | 8.8.8.8 | 0x4ab6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:15.985743046 CET | 192.168.2.3 | 8.8.8.8 | 0x3921 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:17.784200907 CET | 192.168.2.3 | 8.8.8.8 | 0xc7dc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:19.563471079 CET | 192.168.2.3 | 8.8.8.8 | 0x46b9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:21.529314041 CET | 192.168.2.3 | 8.8.8.8 | 0x213 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:23.368357897 CET | 192.168.2.3 | 8.8.8.8 | 0x1d07 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:25.189213991 CET | 192.168.2.3 | 8.8.8.8 | 0x6e37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:27.103034019 CET | 192.168.2.3 | 8.8.8.8 | 0xea01 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:29.162121058 CET | 192.168.2.3 | 8.8.8.8 | 0x4235 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:31.020256042 CET | 192.168.2.3 | 8.8.8.8 | 0xa106 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:32.870194912 CET | 192.168.2.3 | 8.8.8.8 | 0x86ee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:34.318233967 CET | 192.168.2.3 | 8.8.8.8 | 0x2d83 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:36.286011934 CET | 192.168.2.3 | 8.8.8.8 | 0xbdf8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:38.197046041 CET | 192.168.2.3 | 8.8.8.8 | 0x23f4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:40.126117945 CET | 192.168.2.3 | 8.8.8.8 | 0x856e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:42.001540899 CET | 192.168.2.3 | 8.8.8.8 | 0x3a49 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:43.898413897 CET | 192.168.2.3 | 8.8.8.8 | 0x4c7e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:45.675020933 CET | 192.168.2.3 | 8.8.8.8 | 0xd354 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:47.178193092 CET | 192.168.2.3 | 8.8.8.8 | 0x8af6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:49.289719105 CET | 192.168.2.3 | 8.8.8.8 | 0xc369 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:51.152832031 CET | 192.168.2.3 | 8.8.8.8 | 0xe950 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:53.393349886 CET | 192.168.2.3 | 8.8.8.8 | 0x9913 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:55.557055950 CET | 192.168.2.3 | 8.8.8.8 | 0x2074 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:57.444180012 CET | 192.168.2.3 | 8.8.8.8 | 0x2543 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:58.869049072 CET | 192.168.2.3 | 8.8.8.8 | 0x92c3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:55:59.940840960 CET | 192.168.2.3 | 8.8.8.8 | 0x3488 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 30, 2022 00:56:00.958663940 CET | 192.168.2.3 | 8.8.8.8 | 0x58c4 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Nov 30, 2022 00:54:07.240958929 CET | 8.8.8.8 | 192.168.2.3 | 0x6188 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:09.420834064 CET | 8.8.8.8 | 192.168.2.3 | 0x5d3b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:12.468837023 CET | 8.8.8.8 | 192.168.2.3 | 0xb7e8 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:14.780765057 CET | 8.8.8.8 | 192.168.2.3 | 0x4082 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:16.898757935 CET | 8.8.8.8 | 192.168.2.3 | 0x22b9 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:18.881309032 CET | 8.8.8.8 | 192.168.2.3 | 0xeaac | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:20.096685886 CET | 8.8.8.8 | 192.168.2.3 | 0x28fb | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:22.415709972 CET | 8.8.8.8 | 192.168.2.3 | 0xee98 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:24.639362097 CET | 8.8.8.8 | 192.168.2.3 | 0x2624 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:26.723373890 CET | 8.8.8.8 | 192.168.2.3 | 0x5477 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:29.064884901 CET | 8.8.8.8 | 192.168.2.3 | 0xdecc | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:31.840390921 CET | 8.8.8.8 | 192.168.2.3 | 0x1c2d | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:33.781332970 CET | 8.8.8.8 | 192.168.2.3 | 0xf2e6 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:35.912352085 CET | 8.8.8.8 | 192.168.2.3 | 0x1fc5 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:37.897547007 CET | 8.8.8.8 | 192.168.2.3 | 0xbad | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:39.908864975 CET | 8.8.8.8 | 192.168.2.3 | 0x785c | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:41.997195005 CET | 8.8.8.8 | 192.168.2.3 | 0xabaf | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:43.768886089 CET | 8.8.8.8 | 192.168.2.3 | 0x692b | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:45.479480982 CET | 8.8.8.8 | 192.168.2.3 | 0x4377 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:47.487802982 CET | 8.8.8.8 | 192.168.2.3 | 0xbe7a | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:49.559163094 CET | 8.8.8.8 | 192.168.2.3 | 0x9c9a | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:51.546144009 CET | 8.8.8.8 | 192.168.2.3 | 0xb58 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:53.473742008 CET | 8.8.8.8 | 192.168.2.3 | 0xdac7 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:54.668741941 CET | 8.8.8.8 | 192.168.2.3 | 0xaacd | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:56.395571947 CET | 8.8.8.8 | 192.168.2.3 | 0x479c | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:58.123743057 CET | 8.8.8.8 | 192.168.2.3 | 0xea9f | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:54:59.861439943 CET | 8.8.8.8 | 192.168.2.3 | 0x16e7 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:01.613591909 CET | 8.8.8.8 | 192.168.2.3 | 0x35c4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:03.413459063 CET | 8.8.8.8 | 192.168.2.3 | 0x8db7 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:05.205918074 CET | 8.8.8.8 | 192.168.2.3 | 0xa497 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:06.988650084 CET | 8.8.8.8 | 192.168.2.3 | 0x67db | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:08.753017902 CET | 8.8.8.8 | 192.168.2.3 | 0x7db5 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:10.565411091 CET | 8.8.8.8 | 192.168.2.3 | 0x1fa1 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:12.396709919 CET | 8.8.8.8 | 192.168.2.3 | 0x4f02 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:14.183665037 CET | 8.8.8.8 | 192.168.2.3 | 0x4ab6 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:16.003206015 CET | 8.8.8.8 | 192.168.2.3 | 0x3921 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:17.801747084 CET | 8.8.8.8 | 192.168.2.3 | 0xc7dc | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:19.582814932 CET | 8.8.8.8 | 192.168.2.3 | 0x46b9 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:21.547068119 CET | 8.8.8.8 | 192.168.2.3 | 0x213 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:23.385291100 CET | 8.8.8.8 | 192.168.2.3 | 0x1d07 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:25.206536055 CET | 8.8.8.8 | 192.168.2.3 | 0x6e37 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:27.120949030 CET | 8.8.8.8 | 192.168.2.3 | 0xea01 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:29.179055929 CET | 8.8.8.8 | 192.168.2.3 | 0x4235 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:31.039771080 CET | 8.8.8.8 | 192.168.2.3 | 0xa106 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:32.889683008 CET | 8.8.8.8 | 192.168.2.3 | 0x86ee | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:34.335309029 CET | 8.8.8.8 | 192.168.2.3 | 0x2d83 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:36.303749084 CET | 8.8.8.8 | 192.168.2.3 | 0xbdf8 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:38.214360952 CET | 8.8.8.8 | 192.168.2.3 | 0x23f4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:40.145720959 CET | 8.8.8.8 | 192.168.2.3 | 0x856e | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:42.019203901 CET | 8.8.8.8 | 192.168.2.3 | 0x3a49 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:43.915456057 CET | 8.8.8.8 | 192.168.2.3 | 0x4c7e | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:45.694405079 CET | 8.8.8.8 | 192.168.2.3 | 0xd354 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:47.198072910 CET | 8.8.8.8 | 192.168.2.3 | 0x8af6 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:49.307233095 CET | 8.8.8.8 | 192.168.2.3 | 0xc369 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:51.172306061 CET | 8.8.8.8 | 192.168.2.3 | 0xe950 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:53.412369013 CET | 8.8.8.8 | 192.168.2.3 | 0x9913 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:55.574852943 CET | 8.8.8.8 | 192.168.2.3 | 0x2074 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:57.463988066 CET | 8.8.8.8 | 192.168.2.3 | 0x2543 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:58.886452913 CET | 8.8.8.8 | 192.168.2.3 | 0x92c3 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:55:59.957931995 CET | 8.8.8.8 | 192.168.2.3 | 0x3488 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false | ||
Nov 30, 2022 00:56:00.977658987 CET | 8.8.8.8 | 192.168.2.3 | 0x58c4 | No error (0) | 95.213.216.202 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.3 | 49699 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:07.324934006 CET | 121 | OUT | |
Nov 30, 2022 00:54:07.390280008 CET | 121 | OUT | |
Nov 30, 2022 00:54:08.932713032 CET | 122 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.2.3 | 49700 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:09.487690926 CET | 123 | OUT | |
Nov 30, 2022 00:54:09.545732975 CET | 123 | OUT | |
Nov 30, 2022 00:54:11.058943987 CET | 123 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
10 | 192.168.2.3 | 49709 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:29.164231062 CET | 135 | OUT | |
Nov 30, 2022 00:54:29.220927000 CET | 135 | OUT | |
Nov 30, 2022 00:54:30.691042900 CET | 136 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
11 | 192.168.2.3 | 49710 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:31.910937071 CET | 137 | OUT | |
Nov 30, 2022 00:54:31.975130081 CET | 137 | OUT | |
Nov 30, 2022 00:54:33.459515095 CET | 137 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
12 | 192.168.2.3 | 49711 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:33.859061956 CET | 138 | OUT | |
Nov 30, 2022 00:54:33.916356087 CET | 138 | OUT | |
Nov 30, 2022 00:54:35.462241888 CET | 139 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
13 | 192.168.2.3 | 49712 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:35.972913027 CET | 139 | OUT | |
Nov 30, 2022 00:54:36.032005072 CET | 140 | OUT | |
Nov 30, 2022 00:54:37.552263021 CET | 140 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
14 | 192.168.2.3 | 49713 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:37.979212999 CET | 141 | OUT | |
Nov 30, 2022 00:54:38.045681953 CET | 141 | OUT | |
Nov 30, 2022 00:54:39.587399960 CET | 141 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
15 | 192.168.2.3 | 49714 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:39.977727890 CET | 142 | OUT | |
Nov 30, 2022 00:54:40.042785883 CET | 143 | OUT | |
Nov 30, 2022 00:54:41.602416039 CET | 143 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
16 | 192.168.2.3 | 49715 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:42.060767889 CET | 144 | OUT | |
Nov 30, 2022 00:54:42.120702982 CET | 144 | OUT | |
Nov 30, 2022 00:54:43.541337013 CET | 144 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
17 | 192.168.2.3 | 49716 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:43.829219103 CET | 145 | OUT | |
Nov 30, 2022 00:54:43.885901928 CET | 146 | OUT | |
Nov 30, 2022 00:54:45.204539061 CET | 146 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
18 | 192.168.2.3 | 49717 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:45.540558100 CET | 147 | OUT | |
Nov 30, 2022 00:54:45.597480059 CET | 147 | OUT | |
Nov 30, 2022 00:54:47.032787085 CET | 147 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
19 | 192.168.2.3 | 49718 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:47.592006922 CET | 148 | OUT | |
Nov 30, 2022 00:54:47.657054901 CET | 148 | OUT | |
Nov 30, 2022 00:54:49.052315950 CET | 149 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
2 | 192.168.2.3 | 49701 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:12.581435919 CET | 124 | OUT | |
Nov 30, 2022 00:54:12.644942999 CET | 124 | OUT | |
Nov 30, 2022 00:54:14.085145950 CET | 125 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
20 | 192.168.2.3 | 49719 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:49.641508102 CET | 149 | OUT | |
Nov 30, 2022 00:54:49.705965042 CET | 150 | OUT | |
Nov 30, 2022 00:54:51.280994892 CET | 151 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
21 | 192.168.2.3 | 49720 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:51.608520985 CET | 152 | OUT | |
Nov 30, 2022 00:54:51.668618917 CET | 152 | OUT | |
Nov 30, 2022 00:54:53.259308100 CET | 152 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
22 | 192.168.2.3 | 49721 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:53.572062016 CET | 153 | OUT | |
Nov 30, 2022 00:54:53.635982037 CET | 154 | OUT | |
Nov 30, 2022 00:54:54.418787003 CET | 154 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
23 | 192.168.2.3 | 49722 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:54.732178926 CET | 155 | OUT | |
Nov 30, 2022 00:54:54.789618969 CET | 155 | OUT | |
Nov 30, 2022 00:54:56.166551113 CET | 155 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
24 | 192.168.2.3 | 49723 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:56.463103056 CET | 156 | OUT | |
Nov 30, 2022 00:54:56.526835918 CET | 156 | OUT | |
Nov 30, 2022 00:54:57.894669056 CET | 157 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
25 | 192.168.2.3 | 49724 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:58.184483051 CET | 157 | OUT | |
Nov 30, 2022 00:54:58.242203951 CET | 158 | OUT | |
Nov 30, 2022 00:54:59.594971895 CET | 158 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
26 | 192.168.2.3 | 49725 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:59.930840969 CET | 159 | OUT | |
Nov 30, 2022 00:54:59.996385098 CET | 159 | OUT | |
Nov 30, 2022 00:55:01.390775919 CET | 159 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
27 | 192.168.2.3 | 49726 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:01.673862934 CET | 160 | OUT | |
Nov 30, 2022 00:55:01.730465889 CET | 161 | OUT | |
Nov 30, 2022 00:55:03.204140902 CET | 161 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
28 | 192.168.2.3 | 49727 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:03.486766100 CET | 162 | OUT | |
Nov 30, 2022 00:55:03.552114010 CET | 162 | OUT | |
Nov 30, 2022 00:55:04.982566118 CET | 162 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
29 | 192.168.2.3 | 49728 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:05.285201073 CET | 163 | OUT | |
Nov 30, 2022 00:55:05.356775045 CET | 163 | OUT | |
Nov 30, 2022 00:55:06.759571075 CET | 164 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
3 | 192.168.2.3 | 49702 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:14.871390104 CET | 125 | OUT | |
Nov 30, 2022 00:54:14.939245939 CET | 126 | OUT | |
Nov 30, 2022 00:54:16.469088078 CET | 126 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
30 | 192.168.2.3 | 49729 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:07.068053961 CET | 164 | OUT | |
Nov 30, 2022 00:55:07.142729998 CET | 165 | OUT | |
Nov 30, 2022 00:55:08.539654016 CET | 165 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
31 | 192.168.2.3 | 49730 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:08.823724985 CET | 166 | OUT | |
Nov 30, 2022 00:55:08.887696981 CET | 166 | OUT | |
Nov 30, 2022 00:55:10.337694883 CET | 166 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
32 | 192.168.2.3 | 49731 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:10.632750988 CET | 167 | OUT | |
Nov 30, 2022 00:55:10.697035074 CET | 168 | OUT | |
Nov 30, 2022 00:55:12.166821003 CET | 168 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
33 | 192.168.2.3 | 49732 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:12.457820892 CET | 169 | OUT | |
Nov 30, 2022 00:55:12.519223928 CET | 169 | OUT | |
Nov 30, 2022 00:55:13.950021982 CET | 169 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
34 | 192.168.2.3 | 49733 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:14.244291067 CET | 170 | OUT | |
Nov 30, 2022 00:55:14.300803900 CET | 170 | OUT | |
Nov 30, 2022 00:55:15.751744032 CET | 171 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
35 | 192.168.2.3 | 49734 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:16.065951109 CET | 171 | OUT | |
Nov 30, 2022 00:55:16.123481035 CET | 172 | OUT | |
Nov 30, 2022 00:55:17.565495014 CET | 172 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
36 | 192.168.2.3 | 49735 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:17.863853931 CET | 173 | OUT | |
Nov 30, 2022 00:55:17.920523882 CET | 173 | OUT | |
Nov 30, 2022 00:55:19.347023010 CET | 173 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
37 | 192.168.2.3 | 49736 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:19.643476009 CET | 174 | OUT | |
Nov 30, 2022 00:55:19.700479031 CET | 175 | OUT | |
Nov 30, 2022 00:55:21.118366957 CET | 175 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
38 | 192.168.2.3 | 49737 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:21.614295959 CET | 176 | OUT | |
Nov 30, 2022 00:55:21.678060055 CET | 176 | OUT | |
Nov 30, 2022 00:55:23.147008896 CET | 177 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
39 | 192.168.2.3 | 49738 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:23.450512886 CET | 177 | OUT | |
Nov 30, 2022 00:55:23.507752895 CET | 178 | OUT | |
Nov 30, 2022 00:55:24.982215881 CET | 178 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
4 | 192.168.2.3 | 49703 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:16.960834026 CET | 127 | OUT | |
Nov 30, 2022 00:54:17.017842054 CET | 127 | OUT | |
Nov 30, 2022 00:54:18.541620016 CET | 127 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
40 | 192.168.2.3 | 49739 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:25.267085075 CET | 179 | OUT | |
Nov 30, 2022 00:55:25.324280977 CET | 179 | OUT | |
Nov 30, 2022 00:55:26.908255100 CET | 179 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
41 | 192.168.2.3 | 49740 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:27.193434000 CET | 180 | OUT | |
Nov 30, 2022 00:55:27.257441998 CET | 180 | OUT | |
Nov 30, 2022 00:55:28.902821064 CET | 181 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
42 | 192.168.2.3 | 49741 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:29.247108936 CET | 182 | OUT | |
Nov 30, 2022 00:55:29.312683105 CET | 182 | OUT | |
Nov 30, 2022 00:55:30.821604013 CET | 182 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
43 | 192.168.2.3 | 49742 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:31.101063967 CET | 183 | OUT | |
Nov 30, 2022 00:55:31.159028053 CET | 183 | OUT | |
Nov 30, 2022 00:55:32.668199062 CET | 184 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
44 | 192.168.2.3 | 49743 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:32.962708950 CET | 184 | OUT | |
Nov 30, 2022 00:55:33.026784897 CET | 185 | OUT | |
Nov 30, 2022 00:55:34.122250080 CET | 185 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
45 | 192.168.2.3 | 49744 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:34.401350975 CET | 186 | OUT | |
Nov 30, 2022 00:55:34.458682060 CET | 186 | OUT | |
Nov 30, 2022 00:55:36.086250067 CET | 186 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
46 | 192.168.2.3 | 49745 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:36.377571106 CET | 187 | OUT | |
Nov 30, 2022 00:55:36.442002058 CET | 187 | OUT | |
Nov 30, 2022 00:55:37.973570108 CET | 188 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
47 | 192.168.2.3 | 49746 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:38.275173903 CET | 189 | OUT | |
Nov 30, 2022 00:55:38.333534956 CET | 189 | OUT | |
Nov 30, 2022 00:55:39.906968117 CET | 189 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
48 | 192.168.2.3 | 49747 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:40.214632988 CET | 190 | OUT | |
Nov 30, 2022 00:55:40.271949053 CET | 191 | OUT | |
Nov 30, 2022 00:55:41.771804094 CET | 191 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
49 | 192.168.2.3 | 49748 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:42.098366976 CET | 192 | OUT | |
Nov 30, 2022 00:55:42.166110039 CET | 192 | OUT | |
Nov 30, 2022 00:55:43.661912918 CET | 192 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
5 | 192.168.2.3 | 49704 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:18.966131926 CET | 128 | OUT | |
Nov 30, 2022 00:54:19.031228065 CET | 128 | OUT | |
Nov 30, 2022 00:54:19.714504957 CET | 129 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
50 | 192.168.2.3 | 49749 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:43.976237059 CET | 193 | OUT | |
Nov 30, 2022 00:55:44.034007072 CET | 193 | OUT | |
Nov 30, 2022 00:55:45.483573914 CET | 194 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
51 | 192.168.2.3 | 49750 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:45.758418083 CET | 194 | OUT | |
Nov 30, 2022 00:55:45.815349102 CET | 195 | OUT | |
Nov 30, 2022 00:55:46.963833094 CET | 195 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
52 | 192.168.2.3 | 49751 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:47.279515028 CET | 196 | OUT | |
Nov 30, 2022 00:55:47.352607965 CET | 196 | OUT | |
Nov 30, 2022 00:55:49.068855047 CET | 196 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
53 | 192.168.2.3 | 49752 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:49.378987074 CET | 197 | OUT | |
Nov 30, 2022 00:55:49.446521044 CET | 198 | OUT | |
Nov 30, 2022 00:55:50.930381060 CET | 198 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
54 | 192.168.2.3 | 49753 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:51.242717028 CET | 199 | OUT | |
Nov 30, 2022 00:55:51.299818039 CET | 199 | OUT | |
Nov 30, 2022 00:55:52.887247086 CET | 199 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
55 | 192.168.2.3 | 49754 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:53.496269941 CET | 200 | OUT | |
Nov 30, 2022 00:55:53.554918051 CET | 200 | OUT | |
Nov 30, 2022 00:55:55.161061049 CET | 201 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
56 | 192.168.2.3 | 49755 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:55.653974056 CET | 201 | OUT | |
Nov 30, 2022 00:55:55.717783928 CET | 202 | OUT | |
Nov 30, 2022 00:55:57.270721912 CET | 202 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
57 | 192.168.2.3 | 49756 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:57.533679962 CET | 203 | OUT | |
Nov 30, 2022 00:55:57.599260092 CET | 203 | OUT | |
Nov 30, 2022 00:55:58.723098993 CET | 203 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
58 | 192.168.2.3 | 49757 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:55:58.948900938 CET | 204 | OUT | |
Nov 30, 2022 00:55:59.005871058 CET | 205 | OUT | |
Nov 30, 2022 00:55:59.773200035 CET | 205 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
59 | 192.168.2.3 | 49758 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:56:00.034214020 CET | 206 | OUT | |
Nov 30, 2022 00:56:00.097791910 CET | 206 | OUT | |
Nov 30, 2022 00:56:00.797030926 CET | 206 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
6 | 192.168.2.3 | 49705 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:20.168790102 CET | 130 | OUT | |
Nov 30, 2022 00:54:20.232693911 CET | 130 | OUT | |
Nov 30, 2022 00:54:21.783216000 CET | 130 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
60 | 192.168.2.3 | 49759 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:56:01.042443991 CET | 207 | OUT | |
Nov 30, 2022 00:56:01.099145889 CET | 207 | OUT | |
Nov 30, 2022 00:56:01.793951035 CET | 208 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
7 | 192.168.2.3 | 49706 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:22.484255075 CET | 131 | OUT | |
Nov 30, 2022 00:54:22.548185110 CET | 131 | OUT | |
Nov 30, 2022 00:54:24.053488970 CET | 132 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
8 | 192.168.2.3 | 49707 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:24.716723919 CET | 132 | OUT | |
Nov 30, 2022 00:54:24.781121969 CET | 133 | OUT | |
Nov 30, 2022 00:54:26.372322083 CET | 133 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
9 | 192.168.2.3 | 49708 | 95.213.216.202 | 80 | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
Nov 30, 2022 00:54:26.803652048 CET | 134 | OUT | |
Nov 30, 2022 00:54:26.868957043 CET | 134 | OUT | |
Nov 30, 2022 00:54:28.382638931 CET | 134 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 00:53:56 |
Start date: | 30/11/2022 |
Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x3d0000 |
File size: | 865280 bytes |
MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | .Net C# or VB.NET |
Yara matches: |
|
Reputation: | low |
Target ID: | 1 |
Start time: | 00:54:03 |
Start date: | 30/11/2022 |
Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x1d0000 |
File size: | 865280 bytes |
MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Target ID: | 2 |
Start time: | 00:54:03 |
Start date: | 30/11/2022 |
Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x360000 |
File size: | 865280 bytes |
MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Target ID: | 3 |
Start time: | 00:54:03 |
Start date: | 30/11/2022 |
Path: | C:\Users\user\Desktop\INV.2022LB0362 FORM CO (2).exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xc70000 |
File size: | 865280 bytes |
MD5 hash: | BAED30AEA51E6000571219633AA745B0 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Execution Graph
Execution Coverage: | 11.4% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 0% |
Total number of Nodes: | 105 |
Total number of Limit Nodes: | 9 |
Graph
Function 00FAB6C9 Relevance: 6.1, APIs: 4, Instructions: 122threadCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAB6D0 Relevance: 6.1, APIs: 4, Instructions: 120threadCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAFD2E Relevance: 1.6, APIs: 1, Instructions: 117COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAFD38 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA5365 Relevance: 1.6, APIs: 1, Instructions: 100COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA3DE4 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA9B32 Relevance: 1.6, APIs: 1, Instructions: 73libraryCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAB8F2 Relevance: 1.6, APIs: 1, Instructions: 70COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA9841 Relevance: 1.6, APIs: 1, Instructions: 67COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAB8F8 Relevance: 1.6, APIs: 1, Instructions: 62COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA94B8 Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FA98B0 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAE5B0 Relevance: .3, Instructions: 315COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAC164 Relevance: .3, Instructions: 265COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00FAE5A0 Relevance: .2, Instructions: 222COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |