Windows
Analysis Report
http://abu.usaday.biz/jquery-3.6.0.min.js
Overview
Detection
Score: | 72 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
chrome.exe (PID: 6504 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" --sta rt-maximiz ed "about: blank MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) chrome.exe (PID: 7048 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2180 --fi eld-trial- handle=204 0,i,138858 5368886845 847,648267 9812835657 815,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
chrome.exe (PID: 4312 cmdline:
C:\Program Files\Goo gle\Chrome \Applicati on\chrome. exe" "http ://abu.usa day.biz/jq uery-3.6.0 .min.js MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
- • AV Detection
- • Phishing
- • Compliance
- • Networking
- • System Summary
- • Boot Survival
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: |
Source: | Virustotal: | Perma Link |
Source: | Virustotal: | Perma Link |
Source: | Avira URL Cloud: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | File created: | Jump to behavior |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 11 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | 4 Non-Application Layer Protocol | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | 5 Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | 3 Ingress Tool Transfer | SIM Card Swap | Carrier Billing Fraud |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | malware | ||
7% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
8% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | malware |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
a.nel.cloudflare.com | 35.190.80.1 | true | false | high | |
accounts.google.com | 142.250.217.141 | true | false | high | |
abu.usaday.biz | 172.67.148.211 | true | false |
| unknown |
www.google.com | 172.217.12.132 | true | false | high | |
clients.l.google.com | 142.250.72.174 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.211.108 | true | false |
| unknown |
clients2.google.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false |
| unknown | |
false | unknown | ||
false | high | ||
false | high | ||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.217.141 | accounts.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.12.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
172.67.148.211 | abu.usaday.biz | United States | 13335 | CLOUDFLARENETUS | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
142.250.72.174 | clients.l.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.3 |
Joe Sandbox Version: | 38.0.0 Ammolite |
Analysis ID: | 1322536 |
Start date and time: | 2023-10-10 05:15:23 +02:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 2m 58s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://abu.usaday.biz/jquery-3.6.0.min.js |
Analysis system description: | Windows 10 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 14 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal72.win@17/8@12/7 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, d llhost.exe, SIHClient.exe, Sgr mBroker.exe, conhost.exe, svch ost.exe - Excluded IPs from analysis (wh
itelisted): 209.197.3.8, 192.2 29.211.108, 142.250.68.67, 34. 104.35.123 - Excluded domains from analysis
(whitelisted): ocsp.digicert. com, edgedl.me.gvt1.com, slscr .update.microsoft.com, ocsp.ed ge.digicert.com, update.google apis.com, ctldl.windowsupdate. com, clientservices.googleapis .com, cds.d2s7q6s2.hwcdn.net, wu-bg-shim.trafficmanager.net, fe3cr.delivery.mp.microsoft.c om - Not all processes where analyz
ed, report is missing behavior information
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 3.9792222409972267 |
Encrypted: | false |
SSDEEP: | 48:8EdvTTvVnHGidAKZdA1kLehwiZUklqehXy+3:8M/VtIy |
MD5: | D292DFFA546FCF61DAA4371EF003C21E |
SHA1: | F33323CE23B16043A0DB886E180378ACD24DA736 |
SHA-256: | 875B492F9685D392E06A2EF72552880FEEE9FF62671545FE9C0D12AEE278E1C8 |
SHA-512: | 32A4529595C237695486958076E551A8E00CA9FA53C738C1D9A874AECB3C60C8D161BC4BD85865A6989B906F89C744C00E759284F435CA62E4400912BE9B480F |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.993035146443153 |
Encrypted: | false |
SSDEEP: | 48:8NdvTTvVnHGidAKZdA1DLeh/iZUkAQkqeh4y+2:8v/Vx9QVy |
MD5: | E94583FE1ECD8F98ECFF507EB9000563 |
SHA1: | E8057004CBA164BDDFD3EDC5C07EB6D8D6407DEB |
SHA-256: | 3F832301D8856DB2C19AF1CCD6AA425501D9145A1790C56E91EDA5FC7A70E720 |
SHA-512: | 3ED746A15BC3002B8B5CD67EBB36A8A6D30CD851ADA8D43EC885B44CDF1D2921A5CF917ABE3162A8623E1D7743CC5D0C84E9756DE1F7CF0C034BDE4DD5A31939 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2691 |
Entropy (8bit): | 4.004804305461457 |
Encrypted: | false |
SSDEEP: | 48:8edvTTvCnHGidAKZdA14PLeh7sFiZUkmgqeh7sGy+BX:8a/CHn0y |
MD5: | 5789A73ED0845850F9ED5C8C94F21E44 |
SHA1: | A73740FE759260F92B60DC394CF52B4E2DA8C814 |
SHA-256: | C10A4A66EAD437D89FE72CF69819C66BD246E36A72604697669E18B137B9696D |
SHA-512: | E3764E571582CD6264D410931EC7F64DCC6A30C50ED0BE6AFEB676E40B23AFEEB4602775B21652F5A3AB74C3557EB8BC77902D4B8ED793CB388436BE08DDB803 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.989919206923258 |
Encrypted: | false |
SSDEEP: | 48:8ldvTTvVnHGidAKZdA1mLehDiZUkwqehMy+R:83/VEey |
MD5: | 724E9C4D9E305C769DA21A6D68CFAD88 |
SHA1: | D7106E4DC2375B876228168ED899563A438B0780 |
SHA-256: | 485087EE5B32285F154575EC4E41C19BD34D795A222D4F703C8DD038040B598F |
SHA-512: | D11A4908B04BE38AB2EC10E7FDA12D8886FDFE27A92D9FBB12927C02AB5021162830BEB9C83CECA2DDA029D8246713A5DC06503B11D0BB2B4EAE329BFC1CBD6F |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.980034117174271 |
Encrypted: | false |
SSDEEP: | 48:8hdvTTvVnHGidAKZdA1oLehBiZUk1W1qehyy+C:8D/VU9Sy |
MD5: | 8BC4BAD54F705CCD2F15223BD18BA15F |
SHA1: | 82EE081E5DFC9F468BEEE790E07B0B473EAC280F |
SHA-256: | 7214D31119D63722FA57F2648A006B2B21D8356E737FA787CAA529DA7030E60F |
SHA-512: | B117739DB9530B43C72E085C0CFF33293A5BE2B1971B6A946BC5360C74A8F3F187A9D51296779F6F9B414F4FBB8BB0A6F0B6681B2F9E55AA6CFDBC432ED3F749 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9936222401408714 |
Encrypted: | false |
SSDEEP: | 48:8EdvTTvVnHGidAKZdA1duTBLehOuTbbiZUk5OjqehOuTb0y+yT+:8M/VpT6TbxWOvTb0y7T |
MD5: | 8EBBDEEC73024A42D65651A3A7C024B4 |
SHA1: | 772CF8A00E47A29BE86C0685F535FD23382D1509 |
SHA-256: | B3BF7E2C0C918B6A743A731EB85C2D84899A5F76259B128A4220AB89EBB72A31 |
SHA-512: | 150B002238E2E7C2B80E955C838068879C53990C051F0E73828197A2FBA0FC31BF5AE62D428510F31F760505977F1643CD5F133CA78042826A40AF2E9CDE6E00 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2790 |
Entropy (8bit): | 4.014199679075213 |
Encrypted: | false |
SSDEEP: | 48:8gSj5JOcKOuAbJ8Y8TekEzJYWYuBCDZGkME4B42RDQuqTqyDq5+fAMzTg:8gU5JBKO5bYErBOGk54i2RDQLuymcIKg |
MD5: | 2E51882E7E71D0BA057E01A1AE6EB27F |
SHA1: | 187D28C005CCA065C209EDF3B879ECBC716865EE |
SHA-256: | CDB8068B3F61457084FE0B1534D4B634969965A9B7CEA1DE8331D2A7F904868E |
SHA-512: | 4E938DA7C2EE83DA2E5EAD45C6B92079572D658173534C0168A275E592F066CC85DDF25B070EE7668AB41407AAF64DB6A8BBD8F6C134E916360A8D174B1C03F5 |
Malicious: | false |
Reputation: | low |
URL: | https://abu.usaday.biz/jquery-3.6.0.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 580 |
Entropy (8bit): | 4.8136327677200565 |
Encrypted: | false |
SSDEEP: | 12:TjeRHdHiHZdtklI5rPiCNGlTF5TF5TF5TF5TF5TFK:neRH988lTPTPTPTPTPTc |
MD5: | 19BD47CCBB05E0D9EC3C0116300204D3 |
SHA1: | 495403F5ABA96F0A4451AD3871E0049153F8CD8A |
SHA-256: | 9E3DAD9D075C73DC68D76BDFEE5A2400BB8DA07094C1059544B434177A8789F0 |
SHA-512: | 66BB2D5D37CD095ADF9DC6D33DBBF86B89B7149B4BCEC8BE7EC27014C536F436DCD142EFA96E3BB4C5C07570CC9D2D71F2D4669B1F7B8BDA183ED8EC0F2D1A9B |
Malicious: | false |
Reputation: | low |
URL: | https://abu.usaday.biz/favicon.ico |
Preview: |
Download Network PCAP: filtered – full
- Total Packets: 160
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 10, 2023 05:16:04.607671022 CEST | 49671 | 443 | 192.168.2.3 | 204.79.197.203 |
Oct 10, 2023 05:16:07.529481888 CEST | 49676 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:07.529603004 CEST | 49677 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:07.529613972 CEST | 49675 | 443 | 192.168.2.3 | 104.98.116.155 |
Oct 10, 2023 05:16:07.533260107 CEST | 49674 | 443 | 192.168.2.3 | 173.222.162.43 |
Oct 10, 2023 05:16:07.935857058 CEST | 49672 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:09.387603045 CEST | 49681 | 443 | 192.168.2.3 | 20.189.173.5 |
Oct 10, 2023 05:16:09.420186996 CEST | 49671 | 443 | 192.168.2.3 | 204.79.197.203 |
Oct 10, 2023 05:16:09.701385021 CEST | 49681 | 443 | 192.168.2.3 | 20.189.173.5 |
Oct 10, 2023 05:16:10.310745001 CEST | 49681 | 443 | 192.168.2.3 | 20.189.173.5 |
Oct 10, 2023 05:16:11.008964062 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.009043932 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.009135962 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.009923935 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.009988070 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.010052919 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.010270119 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.010301113 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.010468006 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.010500908 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.420255899 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.420350075 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.420519114 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.420563936 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.420644999 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.420670033 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.421189070 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.421257019 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.422481060 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.422488928 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.422564030 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.423753977 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.423753977 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.423830986 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.423999071 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.424005985 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.424314976 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.424401045 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.424477100 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.424491882 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.478318930 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.478451014 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.525217056 CEST | 49681 | 443 | 192.168.2.3 | 20.189.173.5 |
Oct 10, 2023 05:16:11.766113997 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.766561985 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.766644955 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.766906977 CEST | 49713 | 443 | 192.168.2.3 | 142.250.72.174 |
Oct 10, 2023 05:16:11.766946077 CEST | 443 | 49713 | 142.250.72.174 | 192.168.2.3 |
Oct 10, 2023 05:16:11.814753056 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.814831018 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.814893961 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.816134930 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:11.816216946 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.816313028 CEST | 49714 | 443 | 192.168.2.3 | 142.250.217.141 |
Oct 10, 2023 05:16:11.816343069 CEST | 443 | 49714 | 142.250.217.141 | 192.168.2.3 |
Oct 10, 2023 05:16:12.653964996 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:12.654057026 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:12.654150009 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:12.654505014 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:12.654541016 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.003983021 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.004307032 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.004339933 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.005387068 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.005465031 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.008788109 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.008860111 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.009388924 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.009407997 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.061278105 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.308012009 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:13.308264971 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:13.371685982 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.371714115 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.371911049 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.371932030 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.372118950 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.373002052 CEST | 49715 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.373044014 CEST | 443 | 49715 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.457556963 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.457626104 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.457704067 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.458046913 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.458081007 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.792773008 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.793138981 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.793167114 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.793487072 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.793895006 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.793955088 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.794154882 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:13.838460922 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:13.932147026 CEST | 49681 | 443 | 192.168.2.3 | 20.189.173.5 |
Oct 10, 2023 05:16:14.173526049 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:14.173639059 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:14.173712969 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:14.177268982 CEST | 49717 | 443 | 192.168.2.3 | 172.67.148.211 |
Oct 10, 2023 05:16:14.177318096 CEST | 443 | 49717 | 172.67.148.211 | 192.168.2.3 |
Oct 10, 2023 05:16:14.341728926 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:14.341789961 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:14.341866016 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:14.342349052 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:14.342365026 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:14.700180054 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:14.700494051 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:14.700527906 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:14.701702118 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:14.701864004 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.012866020 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.012950897 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.012981892 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.013183117 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.071748018 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.071780920 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.118438005 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.236120939 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.236203909 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.236387014 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.239609957 CEST | 49718 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.239655018 CEST | 443 | 49718 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.241127968 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.241214037 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.241307020 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.241863012 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.241894960 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.267874956 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.267955065 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:15.268038988 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.268537998 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.268573046 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:15.597950935 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.598472118 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.598534107 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.598954916 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.599683046 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.599752903 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.600034952 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.635339022 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:15.636082888 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.636126041 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:15.637833118 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:15.637937069 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.639473915 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.639573097 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:15.642469883 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.680943966 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.680963993 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:15.727826118 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:15.988507032 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.988614082 CEST | 443 | 49719 | 35.190.80.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.988913059 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.988914013 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:15.988914013 CEST | 49719 | 443 | 192.168.2.3 | 35.190.80.1 |
Oct 10, 2023 05:16:17.134116888 CEST | 49674 | 443 | 192.168.2.3 | 173.222.162.43 |
Oct 10, 2023 05:16:17.134171963 CEST | 49676 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:17.134179115 CEST | 49675 | 443 | 192.168.2.3 | 104.98.116.155 |
Oct 10, 2023 05:16:17.134210110 CEST | 49677 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:17.540744066 CEST | 49672 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:18.743846893 CEST | 49681 | 443 | 192.168.2.3 | 20.189.173.5 |
Oct 10, 2023 05:16:19.025278091 CEST | 49671 | 443 | 192.168.2.3 | 204.79.197.203 |
Oct 10, 2023 05:16:25.629079103 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:25.629265070 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:25.629405975 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:26.154649973 CEST | 49720 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:16:26.154719114 CEST | 443 | 49720 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:16:27.840143919 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:27.840178013 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:27.840274096 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:27.843182087 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:27.843190908 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:28.273758888 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.353467941 CEST | 49681 | 443 | 192.168.2.3 | 20.189.173.5 |
Oct 10, 2023 05:16:28.436680079 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.436989069 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.437091112 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.437093973 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.437149048 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.437222004 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.437278986 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.437284946 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.437638044 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.600338936 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.600392103 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.600452900 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.600487947 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.652381897 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.789794922 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:28.789899111 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:28.799215078 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:28.799228907 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:28.799742937 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:28.814735889 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.815145016 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.815212011 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.821551085 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.821625948 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.821851969 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.821921110 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.853382111 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:28.984286070 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.984306097 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.984321117 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.984337091 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:28.984391928 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:28.987073898 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:29.031547070 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:29.040139914 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:29.064541101 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:29.064591885 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:29.064646959 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:29.064668894 CEST | 49709 | 443 | 192.168.2.3 | 104.98.116.138 |
Oct 10, 2023 05:16:29.086481094 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.227343082 CEST | 443 | 49709 | 104.98.116.138 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710170984 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710225105 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710244894 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710261106 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710297108 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:29.710318089 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710336924 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710342884 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:29.710366964 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710369110 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:29.710386992 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:29.710414886 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:29.710542917 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710624933 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:29.710635900 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710736036 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:29.710797071 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:30.203058004 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:30.203079939 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:30.203121901 CEST | 49721 | 443 | 192.168.2.3 | 40.68.123.157 |
Oct 10, 2023 05:16:30.203125954 CEST | 443 | 49721 | 40.68.123.157 | 192.168.2.3 |
Oct 10, 2023 05:16:57.994929075 CEST | 49707 | 443 | 192.168.2.3 | 23.65.35.190 |
Oct 10, 2023 05:16:57.994946957 CEST | 49708 | 80 | 192.168.2.3 | 23.64.190.239 |
Oct 10, 2023 05:16:58.158081055 CEST | 443 | 49707 | 23.65.35.190 | 192.168.2.3 |
Oct 10, 2023 05:16:58.158195972 CEST | 443 | 49707 | 23.65.35.190 | 192.168.2.3 |
Oct 10, 2023 05:16:58.158382893 CEST | 49707 | 443 | 192.168.2.3 | 23.65.35.190 |
Oct 10, 2023 05:16:58.158394098 CEST | 80 | 49708 | 23.64.190.239 | 192.168.2.3 |
Oct 10, 2023 05:16:58.158433914 CEST | 49707 | 443 | 192.168.2.3 | 23.65.35.190 |
Oct 10, 2023 05:16:58.158478975 CEST | 49708 | 80 | 192.168.2.3 | 23.64.190.239 |
Oct 10, 2023 05:17:07.248732090 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:07.248811960 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:07.248891115 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:07.249648094 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:07.249680042 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:08.177505970 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:08.177669048 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:08.182224035 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:08.182246923 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:08.182662964 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:08.184911013 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:08.226480007 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:09.100327969 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:09.100389004 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:09.100429058 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:09.100663900 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:09.100745916 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:09.100788116 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:09.101039886 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:09.104595900 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:09.104635954 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:09.104654074 CEST | 49722 | 443 | 192.168.2.3 | 40.127.169.103 |
Oct 10, 2023 05:17:09.104662895 CEST | 443 | 49722 | 40.127.169.103 | 192.168.2.3 |
Oct 10, 2023 05:17:15.251873016 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:15.251940012 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:15.252029896 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:15.252701998 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:15.252722025 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:15.614530087 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:15.615031004 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:15.615113974 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:15.615447998 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:15.615901947 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:15.616012096 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:15.665930033 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:25.606395006 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:25.606472969 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Oct 10, 2023 05:17:25.606545925 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:27.042831898 CEST | 49727 | 443 | 192.168.2.3 | 172.217.12.132 |
Oct 10, 2023 05:17:27.042880058 CEST | 443 | 49727 | 172.217.12.132 | 192.168.2.3 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 10, 2023 05:16:10.844350100 CEST | 51292 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:10.844708920 CEST | 50746 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:10.845242977 CEST | 61345 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:10.845524073 CEST | 56156 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:10.999979019 CEST | 53 | 63166 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:11.008119106 CEST | 53 | 50746 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:11.008163929 CEST | 53 | 51292 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:11.008177042 CEST | 53 | 61345 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:11.008842945 CEST | 53 | 56156 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:11.977457047 CEST | 53 | 57209 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:12.307085991 CEST | 61203 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:12.307429075 CEST | 55257 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:12.476754904 CEST | 53 | 61203 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:12.477375984 CEST | 53 | 55257 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:12.482376099 CEST | 58980 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:12.482548952 CEST | 51503 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:12.651099920 CEST | 53 | 51503 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:12.652868986 CEST | 53 | 58980 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:14.176481962 CEST | 52456 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:14.176950932 CEST | 60748 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:14.340353012 CEST | 53 | 52456 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:14.340567112 CEST | 53 | 60748 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.101687908 CEST | 60544 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:15.101965904 CEST | 59385 | 53 | 192.168.2.3 | 1.1.1.1 |
Oct 10, 2023 05:16:15.265678883 CEST | 53 | 60544 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:15.266284943 CEST | 53 | 59385 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:30.302982092 CEST | 53 | 54128 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:16:49.236227036 CEST | 53 | 62769 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:17:10.498723030 CEST | 53 | 62481 | 1.1.1.1 | 192.168.2.3 |
Oct 10, 2023 05:17:11.783973932 CEST | 138 | 138 | 192.168.2.3 | 192.168.2.255 |
Oct 10, 2023 05:17:12.820024967 CEST | 53 | 55605 | 1.1.1.1 | 192.168.2.3 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 10, 2023 05:16:10.844350100 CEST | 192.168.2.3 | 1.1.1.1 | 0x6964 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 10, 2023 05:16:10.844708920 CEST | 192.168.2.3 | 1.1.1.1 | 0x749f | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 10, 2023 05:16:10.845242977 CEST | 192.168.2.3 | 1.1.1.1 | 0x5675 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 10, 2023 05:16:10.845524073 CEST | 192.168.2.3 | 1.1.1.1 | 0xef65 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 10, 2023 05:16:12.307085991 CEST | 192.168.2.3 | 1.1.1.1 | 0xee51 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 10, 2023 05:16:12.307429075 CEST | 192.168.2.3 | 1.1.1.1 | 0x3642 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 10, 2023 05:16:12.482376099 CEST | 192.168.2.3 | 1.1.1.1 | 0x8ee5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 10, 2023 05:16:12.482548952 CEST | 192.168.2.3 | 1.1.1.1 | 0xc604 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 10, 2023 05:16:14.176481962 CEST | 192.168.2.3 | 1.1.1.1 | 0xa803 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 10, 2023 05:16:14.176950932 CEST | 192.168.2.3 | 1.1.1.1 | 0x744b | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 10, 2023 05:16:15.101687908 CEST | 192.168.2.3 | 1.1.1.1 | 0x1029 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 10, 2023 05:16:15.101965904 CEST | 192.168.2.3 | 1.1.1.1 | 0x274e | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 10, 2023 05:16:04.087738991 CEST | 1.1.1.1 | 192.168.2.3 | 0x8649 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:04.087738991 CEST | 1.1.1.1 | 192.168.2.3 | 0x8649 | No error (0) | 192.229.211.108 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:11.008119106 CEST | 1.1.1.1 | 192.168.2.3 | 0x749f | No error (0) | clients.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:11.008163929 CEST | 1.1.1.1 | 192.168.2.3 | 0x6964 | No error (0) | clients.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:11.008163929 CEST | 1.1.1.1 | 192.168.2.3 | 0x6964 | No error (0) | 142.250.72.174 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:11.008177042 CEST | 1.1.1.1 | 192.168.2.3 | 0x5675 | No error (0) | 142.250.217.141 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:12.476754904 CEST | 1.1.1.1 | 192.168.2.3 | 0xee51 | No error (0) | 172.67.148.211 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:12.476754904 CEST | 1.1.1.1 | 192.168.2.3 | 0xee51 | No error (0) | 104.21.63.171 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:12.477375984 CEST | 1.1.1.1 | 192.168.2.3 | 0x3642 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 10, 2023 05:16:12.651099920 CEST | 1.1.1.1 | 192.168.2.3 | 0xc604 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 10, 2023 05:16:12.652868986 CEST | 1.1.1.1 | 192.168.2.3 | 0x8ee5 | No error (0) | 172.67.148.211 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:12.652868986 CEST | 1.1.1.1 | 192.168.2.3 | 0x8ee5 | No error (0) | 104.21.63.171 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:14.340353012 CEST | 1.1.1.1 | 192.168.2.3 | 0xa803 | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:15.265678883 CEST | 1.1.1.1 | 192.168.2.3 | 0x1029 | No error (0) | 172.217.12.132 | A (IP address) | IN (0x0001) | false | ||
Oct 10, 2023 05:16:15.266284943 CEST | 1.1.1.1 | 192.168.2.3 | 0x274e | No error (0) | 65 | IN (0x0001) | false |
|
Timestamp | Source IP | Source Port | Dest IP | Dest Port | Subject | Issuer | Not Before | Not After | JA3 SSL Client Fingerprint | JA3 SSL Client Digest |
---|---|---|---|---|---|---|---|---|---|---|
Oct 10, 2023 05:16:28.437222004 CEST | 104.98.116.138 | 443 | 192.168.2.3 | 49709 | CN=r.bing.com, O=Microsoft Corporation, L=Redmond, ST=WA, C=US CN=Microsoft RSA TLS CA 01, O=Microsoft Corporation, C=US | CN=Microsoft RSA TLS CA 01, O=Microsoft Corporation, C=US CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE | Tue Nov 15 21:16:38 CET 2022 Wed Jul 22 01:00:00 CEST 2020 | Wed Nov 15 21:16:38 CET 2023 Tue Oct 08 09:00:00 CEST 2024 | 771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-5-10-11-13-35-16-23-65281,29-23-24,0 | 28a2c9bd18a11de089ef85a160da29e4 |
CN=Microsoft RSA TLS CA 01, O=Microsoft Corporation, C=US | CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE | Wed Jul 22 01:00:00 CEST 2020 | Tue Oct 08 09:00:00 CEST 2024 |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.3 | 49713 | 142.250.72.174 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:11 UTC | 0 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.2.3 | 49714 | 142.250.217.141 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:11 UTC | 0 | OUT | |
2023-10-10 03:16:11 UTC | 1 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
10 | 192.168.2.3 | 49719 | 35.190.80.1 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:15 UTC | 11 | OUT | |
2023-10-10 03:16:15 UTC | 11 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
11 | 35.190.80.1 | 443 | 192.168.2.3 | 49719 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:15 UTC | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
12 | 192.168.2.3 | 49721 | 40.68.123.157 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:29 UTC | 12 | OUT | |
2023-10-10 03:16:29 UTC | 12 | IN | |
2023-10-10 03:16:29 UTC | 13 | IN | |
2023-10-10 03:16:29 UTC | 28 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
13 | 192.168.2.3 | 49722 | 40.127.169.103 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:17:08 UTC | 36 | OUT | |
2023-10-10 03:17:09 UTC | 37 | IN | |
2023-10-10 03:17:09 UTC | 37 | IN | |
2023-10-10 03:17:09 UTC | 53 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
2 | 142.250.72.174 | 443 | 192.168.2.3 | 49713 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:11 UTC | 1 | IN | |
2023-10-10 03:16:11 UTC | 2 | IN | |
2023-10-10 03:16:11 UTC | 2 | IN | |
2023-10-10 03:16:11 UTC | 2 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
3 | 142.250.217.141 | 443 | 192.168.2.3 | 49714 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:11 UTC | 2 | IN | |
2023-10-10 03:16:11 UTC | 4 | IN | |
2023-10-10 03:16:11 UTC | 4 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
4 | 192.168.2.3 | 49715 | 172.67.148.211 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:13 UTC | 4 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
5 | 172.67.148.211 | 443 | 192.168.2.3 | 49715 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:13 UTC | 5 | IN | |
2023-10-10 03:16:13 UTC | 5 | IN | |
2023-10-10 03:16:13 UTC | 6 | IN | |
2023-10-10 03:16:13 UTC | 7 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
6 | 192.168.2.3 | 49717 | 172.67.148.211 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:13 UTC | 8 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
7 | 172.67.148.211 | 443 | 192.168.2.3 | 49717 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:14 UTC | 9 | IN | |
2023-10-10 03:16:14 UTC | 9 | IN | |
2023-10-10 03:16:14 UTC | 10 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
8 | 192.168.2.3 | 49718 | 35.190.80.1 | 443 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:15 UTC | 10 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
9 | 35.190.80.1 | 443 | 192.168.2.3 | 49718 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2023-10-10 03:16:15 UTC | 10 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 05:16:08 |
Start date: | 10/10/2023 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7c89f0000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 05:16:09 |
Start date: | 10/10/2023 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7c89f0000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 8 |
Start time: | 05:16:11 |
Start date: | 10/10/2023 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7c89f0000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |