Windows
Analysis Report
https://shoutout.wix.com/so/6aOvZIbaa/c?w=6l54s-JK7hLIg5qMcUMduwHAiQQEhSb_lSGP5TtpgAA.eyJ1IjoiaHR0cHM6Ly9oYW5kYm9va2luYy13dml5YS5mb3Jtc3RhY2suY29tL2Zvcm1zL2hhbmRib29rX2luYyIsInIiOiJhNjAxNmI4ZC1kMDMwLTRmMDQtOThjMy1mMjYxOGY0ZDg1ZWMiLCJtIjoibWFpbCIsImMiOiJlZjMwYzlkNC01ZTJhLTRjMjItYWQyZS1kN2JhOTQwYjMyYz
Overview
General Information
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64_ra
chrome.exe (PID: 6156 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// shoutout.w ix.com/so/ 6aOvZIbaa/ c?w=6l54s- JK7hLIg5qM cUMduwHAiQ QEhSb_lSGP 5TtpgAA.ey J1IjoiaHR0 cHM6Ly9oYW 5kYm9va2lu Yy13dml5YS 5mb3Jtc3Rh Y2suY29tL2 Zvcm1zL2hh bmRib29rX2 luYyIsInIi OiJhNjAxNm I4ZC1kMDMw LTRmMDQtOT hjMy1mMjYx OGY0ZDg1ZW MiLCJtIjoi bWFpbCIsIm MiOiJlZjMw YzlkNC01ZT JhLTRjMjIt YWQyZS1kN2 JhOTQwYjMy YzkifQ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 6740 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2160 --fi eld-trial- handle=196 4,i,780211 5661714614 81,6419157 8938944625 19,262144 --disable- features=O ptimizatio nGuideMode lDownloadi ng,Optimiz ationHints ,Optimizat ionHintsFe tching,Opt imizationT argetPredi ction /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
- • Phishing
- • Compliance
- • Networking
- • System Summary
- • Boot Survival
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
glb-editor.wix.com | 34.149.206.255 | true | false | high | |
www.google.com | 142.250.191.100 | true | false | high | |
shoutout.wix.com | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.191.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
34.149.206.255 | glb-editor.wix.com | United States | 2686 | ATGS-MMD-ASUS | false |
IP |
---|
192.168.2.16 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1439861 |
Start date and time: | 2024-05-10 23:10:34 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 30s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://shoutout.wix.com/so/6aOvZIbaa/c?w=6l54s-JK7hLIg5qMcUMduwHAiQQEhSb_lSGP5TtpgAA.eyJ1IjoiaHR0cHM6Ly9oYW5kYm9va2luYy13dml5YS5mb3Jtc3RhY2suY29tL2Zvcm1zL2hhbmRib29rX2luYyIsInIiOiJhNjAxNmI4ZC1kMDMwLTRmMDQtOThjMy1mMjYxOGY0ZDg1ZWMiLCJtIjoibWFpbCIsImMiOiJlZjMwYzlkNC01ZTJhLTRjMjItYWQyZS1kN2JhOTQwYjMyYzkifQ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 12 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean0.win@14/11@6/4 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, d llhost.exe, SIHClient.exe, Sgr mBroker.exe, conhost.exe, svch ost.exe - Excluded IPs from analysis (wh
itelisted): 142.250.190.131, 1 42.250.190.46, 142.250.112.84, 34.104.35.123, 142.250.190.67 , 142.250.190.14 - Excluded domains from analysis
(whitelisted): clients1.googl e.com, fs.microsoft.com, clien ts2.google.com, accounts.googl e.com, edgedl.me.gvt1.com, sls cr.update.microsoft.com, updat e.googleapis.com, clientservic es.googleapis.com, clients.l.g oogle.com, fe3cr.delivery.mp.m icrosoft.com - Not all processes where analyz
ed, report is missing behavior information - VT rate limit hit for: https:
//shoutout.wix.com/so/6aOvZIba a/c?w=6l54s-JK7hLIg5qMcUMduwHA iQQEhSb_lSGP5TtpgAA.eyJ1IjoiaH R0cHM6Ly9oYW5kYm9va2luYy13dml5 YS5mb3Jtc3RhY2suY29tL2Zvcm1zL2 hhbmRib29rX2luYyIsInIiOiJhNjAx NmI4ZC1kMDMwLTRmMDQtOThjMy1mMj YxOGY0ZDg1ZWMiLCJtIjoibWFpbCIs ImMiOiJlZjMwYzlkNC01ZTJhLTRjMj ItYWQyZS1kN2JhOTQwYjMyYzkifQ
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2673 |
Entropy (8bit): | 3.9874266051560943 |
Encrypted: | false |
SSDEEP: | 48:8Bd5ThFpHYZidAKZdA1FehwiZUklqehay+3:8tvc9y |
MD5: | 9F57E18C721857907A648664076B8149 |
SHA1: | FD5AF53F596CEC8E5AB1EDAFC576B320BE06345C |
SHA-256: | F55598168ADBBC01056ABF4EEC5B9BD3780E707AA56794A160F52BDBC784BCCD |
SHA-512: | 662E68F3BB7306BE44AC24AB0C49C9FF2DA0896B3FEC7495818C9EFBE8D0E77E1EACBAFC23DB3B8F720E2795AEEB53A375B3437D730200A4CD08FF61F10FFB6E |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 4.00325788543279 |
Encrypted: | false |
SSDEEP: | 48:82d5ThFpHYZidAKZdA1seh/iZUkAQkqehty+2:8AvS9Qgy |
MD5: | D17CDC4637E0AEF7BE01C6BC9C210506 |
SHA1: | 8166140BE783A18001C50353B800DF8DE3743FAF |
SHA-256: | FEAEE23E50101181F120015F8B7B7A17A80AF02D82C3D5260D30066642EF5616 |
SHA-512: | B570F74BB6CA280DD04FB85FA79514D59448EDEB7BBCD4944F59FD322C0F454B811172EE63F3BEBAA64ADA33B183182E411EE416BAB4A9AF61101739A68EE932 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2689 |
Entropy (8bit): | 4.0100713235629994 |
Encrypted: | false |
SSDEEP: | 48:8Od5ThFAHYZidAKZdA14meh7sFiZUkmgqeh7sDy+BX:84vNnxy |
MD5: | DCEF2CD61D60AAD2ECA13F936B190906 |
SHA1: | 839A21F4C4053C7D35A826FBD147B180FB12BCB5 |
SHA-256: | 4AE803D9173F8D0B4AD3F9FAFDD72EEEBABF19B5A1D373139AA8FED87A6C0E4C |
SHA-512: | 463A8A4DFE0DA880901F45369C336349B971EB7B19780AEE73D530A8338D801EC06DD3FC78A7C7E6BBCF3151B051C5C75B8AD11FCF5FA5CABE6F56E0277557BE |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 4.001779467148793 |
Encrypted: | false |
SSDEEP: | 48:8Ld5ThFpHYZidAKZdA1TehDiZUkwqehpy+R:8fvJ7y |
MD5: | A96525C56C64769F3531EB6138F9D68D |
SHA1: | 280E0ABA7FB929239D7823C65854DB9F66DC658D |
SHA-256: | B442F6D3FA51C6303B2386B0573424468B2EF526FF47A5E793F011434307A5BC |
SHA-512: | 70243655BDA459B83C29D7EA8366FC8FC1F479E28CAAE6B365265A2C0EA4909639EC056B9676F7812BDA3A704D04012F05CDE422987DF6496E6E7F74CDAF6183 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9896318524588636 |
Encrypted: | false |
SSDEEP: | 48:8Nd5ThFpHYZidAKZdA1dehBiZUk1W1qehHy+C:85vZ9ny |
MD5: | A5A5719481EAAD560381379B3E2F8421 |
SHA1: | 3B32D8414D81701302ACAFD80FD74C172940392C |
SHA-256: | 732664FCEBE0CE02CAD47EA3FD631C8F6BEF706EB422D368488C2814B825E4B8 |
SHA-512: | 0FA9D65CD0B7E4CEBA2B2D7F1435104E50C837C2F9388E5FEA50B61AB51416353F15FCCF18E4FD15EE6C29AAAA32E53CA60882D0F518C7CDD1BA6FD065F631A7 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9997950022709023 |
Encrypted: | false |
SSDEEP: | 48:80Fd5ThFpHYZidAKZdA1duTeehOuTbbiZUk5OjqehOuTbxy+yT+:80xvhTfTbxWOvTbxy7T |
MD5: | DBE930B560FB9BE3C600D8C85E93719C |
SHA1: | 3A47F2D8BB02D3FE91083C36D92D4D8849CA8A32 |
SHA-256: | DC7479FE38D336BFB601F4B098D30FE49C38D0B78B8A72784E8A9E8B0185EFEF |
SHA-512: | F9C01214B4B548D2A2458D3A9678599B0D5744B7EDEC64671B5755366ECF444F1EE88FF11EE3FDFA4404199BC17A91597C68B4045A6EBE2A9EA697CF6C548704 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3477 |
Entropy (8bit): | 7.62062671084744 |
Encrypted: | false |
SSDEEP: | 48:YL08hg30XQD/GJi0h9Gen8dh1eViQuAGalNf4geuwo/BsR6:YL08hgkQbl0h9H8QViTlS4pPol |
MD5: | F4FEB61D53BC0DE67557513853FA54F1 |
SHA1: | C1219A3DA6D6130C9CA4F3E52F96A91077B16041 |
SHA-256: | 295A1F6F927FD11A3842A4C9F508B4152ECA150CB4C54D6CFB64736FAD659B80 |
SHA-512: | 20CE839D90305E05F2EC9EC322AE660F8D43DDD2705F67269B2231F0150575A168B7B33B22C813609BCB7E111F0B97ECC475BCCB53DB0283ACC4A9FB2774E833 |
Malicious: | false |
Reputation: | low |
URL: | https://shoutout.wix.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3477 |
Entropy (8bit): | 7.62062671084744 |
Encrypted: | false |
SSDEEP: | 48:YL08hg30XQD/GJi0h9Gen8dh1eViQuAGalNf4geuwo/BsR6:YL08hgkQbl0h9H8QViTlS4pPol |
MD5: | F4FEB61D53BC0DE67557513853FA54F1 |
SHA1: | C1219A3DA6D6130C9CA4F3E52F96A91077B16041 |
SHA-256: | 295A1F6F927FD11A3842A4C9F508B4152ECA150CB4C54D6CFB64736FAD659B80 |
SHA-512: | 20CE839D90305E05F2EC9EC322AE660F8D43DDD2705F67269B2231F0150575A168B7B33B22C813609BCB7E111F0B97ECC475BCCB53DB0283ACC4A9FB2774E833 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 200 |
Entropy (8bit): | 5.2639618154094325 |
Encrypted: | false |
SSDEEP: | 6:YAqISEnEWFSkaSLNOWvwhBIyxjR1ZllCuFDKexPAatZ5:YZITn/FNnhwhBI0t1ZllCuFDKeeatZ5 |
MD5: | CC1B41E5559C63581526135988D7DF9A |
SHA1: | 90482300AEC737A0C16386A8FDE503B2AA947524 |
SHA-256: | 2914A7B5EE011C4D01E74D1279A770021DBA93FCB97DC9B6BF878E32D7946E13 |
SHA-512: | E94934E723E86DADA271BA50997D0E712A1E88ED8A0134D56665ECC0F86BF0AB0467FF4FC8EF8C9BCACCE03C6D3DE415AD0ADD50205BFACC8AB9D5EAA4119634 |
Malicious: | false |
Reputation: | low |
URL: | https://shoutout.wix.com/so/6aOvZIbaa/c?w=6l54s-JK7hLIg5qMcUMduwHAiQQEhSb_lSGP5TtpgAA.eyJ1IjoiaHR0cHM6Ly9oYW5kYm9va2luYy13dml5YS5mb3Jtc3RhY2suY29tL2Zvcm1zL2hhbmRib29rX2luYyIsInIiOiJhNjAxNmI4ZC1kMDMwLTRmMDQtOThjMy1mMjYxOGY0ZDg1ZWMiLCJtIjoibWFpbCIsImMiOiJlZjMwYzlkNC01ZTJhLTRjMjItYWQyZS1kN2JhOTQwYjMyYzkifQ |
Preview: |
Download Network PCAP: filtered – full
- Total Packets: 117
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 10, 2024 23:11:06.996704102 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:06.996711016 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:06.996762037 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:06.999695063 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:06.999708891 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.241626978 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.242614985 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.242630005 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.243751049 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.243803978 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.245563984 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.245649099 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.245681047 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.286196947 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.286210060 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.333162069 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.645798922 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.645940065 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.646008968 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.646887064 CEST | 49704 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.646924019 CEST | 443 | 49704 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.705497026 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.705533981 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.705610037 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.705856085 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.705868959 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.943219900 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.943608046 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.943625927 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.943977118 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.944314003 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.944374084 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:07.944490910 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:07.988118887 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.264621019 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.264662981 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.264692068 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.264750004 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.264769077 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.264813900 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.269330025 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.269386053 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.269448042 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.270896912 CEST | 49706 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.270911932 CEST | 443 | 49706 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.396795988 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.396831989 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.396935940 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.397188902 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.397205114 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.634185076 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.634571075 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.634604931 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.635677099 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.635766983 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.636171103 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.636245012 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.636374950 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.636387110 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.690145016 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.954020977 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.954082966 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.954112053 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.954231024 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.954256058 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.954309940 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.955039978 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:08.955090046 CEST | 443 | 49708 | 34.149.206.255 | 192.168.2.16 |
May 10, 2024 23:11:08.955158949 CEST | 49708 | 443 | 192.168.2.16 | 34.149.206.255 |
May 10, 2024 23:11:09.816857100 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
May 10, 2024 23:11:10.122188091 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
May 10, 2024 23:11:10.730135918 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
May 10, 2024 23:11:11.753643990 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:11.753681898 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:11.753753901 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:11.754045010 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:11.754065990 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:11.937165022 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
May 10, 2024 23:11:11.991117954 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:11.991574049 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:11.991591930 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:11.992599010 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:11.992697954 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:11.993968010 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:11.994033098 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:12.047163010 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:12.047184944 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:12.095149994 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:14.347181082 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
May 10, 2024 23:11:16.159171104 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.159224987 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.159324884 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.161036015 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.161057949 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.321968079 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:16.322021008 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:16.322181940 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:16.323514938 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:16.323543072 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:16.389556885 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.389741898 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.392971992 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.392985106 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.393403053 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.437788010 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.480123997 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.617147923 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.617228031 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.617285967 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.617371082 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.617391109 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.617407084 CEST | 49713 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.617412090 CEST | 443 | 49713 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.662542105 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.662587881 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.662669897 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.663074017 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.663094997 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.886406898 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.886504889 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.887752056 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.887764931 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.888047934 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.889142036 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:16.934832096 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:16.934910059 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:16.936110020 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:16.937868118 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:16.937872887 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:16.938129902 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:16.991142988 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.004232883 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.052133083 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.123476028 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:17.123557091 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:17.123641014 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:17.124697924 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:17.124720097 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:17.124732971 CEST | 49715 | 443 | 192.168.2.16 | 23.221.246.93 |
May 10, 2024 23:11:17.124737978 CEST | 443 | 49715 | 23.221.246.93 | 192.168.2.16 |
May 10, 2024 23:11:17.525094986 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525130987 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525139093 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525177002 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525202036 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525211096 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525221109 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.525243998 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525254965 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525279999 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.525310040 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.525327921 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.525366068 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.538789034 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.538810015 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.538831949 CEST | 49714 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:17.538839102 CEST | 443 | 49714 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:17.980638027 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
May 10, 2024 23:11:18.284197092 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
May 10, 2024 23:11:18.890194893 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
May 10, 2024 23:11:19.161192894 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
May 10, 2024 23:11:20.099210024 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
May 10, 2024 23:11:21.984093904 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:21.984178066 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:21.984324932 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:22.448417902 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:11:22.512213945 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
May 10, 2024 23:11:22.752238989 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:11:23.089900970 CEST | 49709 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:11:23.089924097 CEST | 443 | 49709 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:11:23.360291004 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:11:24.574217081 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:11:26.986244917 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:11:27.322304010 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
May 10, 2024 23:11:28.775248051 CEST | 49673 | 443 | 192.168.2.16 | 204.79.197.203 |
May 10, 2024 23:11:31.795277119 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:11:36.928316116 CEST | 49678 | 443 | 192.168.2.16 | 20.189.173.10 |
May 10, 2024 23:11:41.398358107 CEST | 49680 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:11:53.665497065 CEST | 49696 | 80 | 192.168.2.16 | 72.21.81.240 |
May 10, 2024 23:11:53.665601969 CEST | 49697 | 80 | 192.168.2.16 | 72.21.81.240 |
May 10, 2024 23:11:53.774759054 CEST | 80 | 49696 | 72.21.81.240 | 192.168.2.16 |
May 10, 2024 23:11:53.774785042 CEST | 80 | 49697 | 72.21.81.240 | 192.168.2.16 |
May 10, 2024 23:11:53.774856091 CEST | 49696 | 80 | 192.168.2.16 | 72.21.81.240 |
May 10, 2024 23:11:53.774873972 CEST | 49697 | 80 | 192.168.2.16 | 72.21.81.240 |
May 10, 2024 23:11:53.883397102 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:53.883433104 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:53.883553982 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:53.883949041 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:53.883961916 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:54.489651918 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:54.489823103 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:54.491784096 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:54.491797924 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:54.492093086 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:54.493767977 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:54.540116072 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:55.085585117 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:55.085608006 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:55.085622072 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:55.085701942 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:55.085728884 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:55.085751057 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:55.085813999 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:55.089087963 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:55.089102030 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:11:55.089121103 CEST | 49716 | 443 | 192.168.2.16 | 40.127.169.103 |
May 10, 2024 23:11:55.089127064 CEST | 443 | 49716 | 40.127.169.103 | 192.168.2.16 |
May 10, 2024 23:12:11.699729919 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:11.699774981 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:11.699898005 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:11.700136900 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:11.700149059 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:11.746443033 CEST | 49688 | 443 | 192.168.2.16 | 204.79.197.200 |
May 10, 2024 23:12:11.987557888 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:11.987893105 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:11.987920046 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:11.988277912 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:11.988607883 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:11.988692045 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:12.033389091 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:21.934149981 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:21.934226990 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:21.934344053 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:23.095997095 CEST | 49718 | 443 | 192.168.2.16 | 142.250.191.100 |
May 10, 2024 23:12:23.096028090 CEST | 443 | 49718 | 142.250.191.100 | 192.168.2.16 |
May 10, 2024 23:12:45.395812035 CEST | 49699 | 80 | 192.168.2.16 | 192.229.211.108 |
May 10, 2024 23:12:45.505063057 CEST | 80 | 49699 | 192.229.211.108 | 192.168.2.16 |
May 10, 2024 23:12:45.505170107 CEST | 49699 | 80 | 192.168.2.16 | 192.229.211.108 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 10, 2024 23:11:06.842248917 CEST | 53689 | 53 | 192.168.2.16 | 1.1.1.1 |
May 10, 2024 23:11:06.842431068 CEST | 59800 | 53 | 192.168.2.16 | 1.1.1.1 |
May 10, 2024 23:11:06.936152935 CEST | 53 | 60044 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:06.953027964 CEST | 53 | 59800 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:06.953656912 CEST | 53 | 53689 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:06.958477974 CEST | 53 | 56722 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:07.642287016 CEST | 53 | 49897 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:08.281311989 CEST | 51132 | 53 | 192.168.2.16 | 1.1.1.1 |
May 10, 2024 23:11:08.281498909 CEST | 62647 | 53 | 192.168.2.16 | 1.1.1.1 |
May 10, 2024 23:11:08.392648935 CEST | 53 | 51132 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:08.396178007 CEST | 53 | 62647 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:11.640347004 CEST | 51643 | 53 | 192.168.2.16 | 1.1.1.1 |
May 10, 2024 23:11:11.640578985 CEST | 51668 | 53 | 192.168.2.16 | 1.1.1.1 |
May 10, 2024 23:11:11.751950979 CEST | 53 | 51668 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:11.752615929 CEST | 53 | 51643 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:24.707195044 CEST | 53 | 63571 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:11:43.443274021 CEST | 53 | 64616 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:12:06.020838022 CEST | 53 | 60503 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:12:06.901540041 CEST | 53 | 63239 | 1.1.1.1 | 192.168.2.16 |
May 10, 2024 23:12:14.149048090 CEST | 138 | 138 | 192.168.2.16 | 192.168.2.255 |
May 10, 2024 23:12:35.168931007 CEST | 53 | 59059 | 1.1.1.1 | 192.168.2.16 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
May 10, 2024 23:11:06.842248917 CEST | 192.168.2.16 | 1.1.1.1 | 0x813f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 10, 2024 23:11:06.842431068 CEST | 192.168.2.16 | 1.1.1.1 | 0xff30 | Standard query (0) | 65 | IN (0x0001) | false | |
May 10, 2024 23:11:08.281311989 CEST | 192.168.2.16 | 1.1.1.1 | 0xe041 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 10, 2024 23:11:08.281498909 CEST | 192.168.2.16 | 1.1.1.1 | 0xd599 | Standard query (0) | 65 | IN (0x0001) | false | |
May 10, 2024 23:11:11.640347004 CEST | 192.168.2.16 | 1.1.1.1 | 0x95c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 10, 2024 23:11:11.640578985 CEST | 192.168.2.16 | 1.1.1.1 | 0xb750 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
May 10, 2024 23:11:06.953027964 CEST | 1.1.1.1 | 192.168.2.16 | 0xff30 | No error (0) | verticals.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:06.953027964 CEST | 1.1.1.1 | 192.168.2.16 | 0xff30 | No error (0) | editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:06.953027964 CEST | 1.1.1.1 | 192.168.2.16 | 0xff30 | No error (0) | glb-editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:06.953656912 CEST | 1.1.1.1 | 192.168.2.16 | 0x813f | No error (0) | verticals.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:06.953656912 CEST | 1.1.1.1 | 192.168.2.16 | 0x813f | No error (0) | editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:06.953656912 CEST | 1.1.1.1 | 192.168.2.16 | 0x813f | No error (0) | glb-editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:06.953656912 CEST | 1.1.1.1 | 192.168.2.16 | 0x813f | No error (0) | 34.149.206.255 | A (IP address) | IN (0x0001) | false | ||
May 10, 2024 23:11:08.392648935 CEST | 1.1.1.1 | 192.168.2.16 | 0xe041 | No error (0) | verticals.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:08.392648935 CEST | 1.1.1.1 | 192.168.2.16 | 0xe041 | No error (0) | editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:08.392648935 CEST | 1.1.1.1 | 192.168.2.16 | 0xe041 | No error (0) | glb-editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:08.392648935 CEST | 1.1.1.1 | 192.168.2.16 | 0xe041 | No error (0) | 34.149.206.255 | A (IP address) | IN (0x0001) | false | ||
May 10, 2024 23:11:08.396178007 CEST | 1.1.1.1 | 192.168.2.16 | 0xd599 | No error (0) | verticals.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:08.396178007 CEST | 1.1.1.1 | 192.168.2.16 | 0xd599 | No error (0) | editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:08.396178007 CEST | 1.1.1.1 | 192.168.2.16 | 0xd599 | No error (0) | glb-editor.wix.com | CNAME (Canonical name) | IN (0x0001) | false | ||
May 10, 2024 23:11:11.751950979 CEST | 1.1.1.1 | 192.168.2.16 | 0xb750 | No error (0) | 65 | IN (0x0001) | false | |||
May 10, 2024 23:11:11.752615929 CEST | 1.1.1.1 | 192.168.2.16 | 0x95c | No error (0) | 142.250.191.100 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.16 | 49704 | 34.149.206.255 | 443 | 6740 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-10 21:11:07 UTC | 938 | OUT | |
2024-05-10 21:11:07 UTC | 1001 | IN | |
2024-05-10 21:11:07 UTC | 211 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.16 | 49706 | 34.149.206.255 | 443 | 6740 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-10 21:11:07 UTC | 911 | OUT | |
2024-05-10 21:11:08 UTC | 633 | IN | |
2024-05-10 21:11:08 UTC | 622 | IN | |
2024-05-10 21:11:08 UTC | 1255 | IN | |
2024-05-10 21:11:08 UTC | 1255 | IN | |
2024-05-10 21:11:08 UTC | 345 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.16 | 49708 | 34.149.206.255 | 443 | 6740 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-10 21:11:08 UTC | 395 | OUT | |
2024-05-10 21:11:08 UTC | 633 | IN | |
2024-05-10 21:11:08 UTC | 622 | IN | |
2024-05-10 21:11:08 UTC | 1255 | IN | |
2024-05-10 21:11:08 UTC | 1255 | IN | |
2024-05-10 21:11:08 UTC | 345 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.16 | 49713 | 23.221.246.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-10 21:11:16 UTC | 161 | OUT | |
2024-05-10 21:11:16 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.16 | 49715 | 23.221.246.93 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-10 21:11:16 UTC | 239 | OUT | |
2024-05-10 21:11:17 UTC | 870 | IN | |
2024-05-10 21:11:17 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.16 | 49714 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-10 21:11:17 UTC | 306 | OUT | |
2024-05-10 21:11:17 UTC | 560 | IN | |
2024-05-10 21:11:17 UTC | 15824 | IN | |
2024-05-10 21:11:17 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.16 | 49716 | 40.127.169.103 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-10 21:11:54 UTC | 306 | OUT | |
2024-05-10 21:11:55 UTC | 560 | IN | |
2024-05-10 21:11:55 UTC | 15824 | IN | |
2024-05-10 21:11:55 UTC | 9633 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 23:11:05 |
Start date: | 10/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 1 |
Start time: | 23:11:05 |
Start date: | 10/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f9810000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |