Windows
Analysis Report
https://sclreg.com/122861d2-a974-4dcc-80de-fc04620cb773/
Overview
General Information
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 7052 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 5772 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2388 --fi eld-trial- handle=221 6,i,164820 9360826122 7541,11496 2425812962 219,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- chrome.exe (PID: 1912 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt ps://sclre g.com/1228 61d2-a974- 4dcc-80de- fc04620cb7 73/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_BlockedWebSite | Yara detected BlockedWebSite | Joe Security |
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: | ||
Source: | SlashNext: |
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: |
Phishing |
---|
Source: | File source: | ||
Source: | File source: |
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Process Injection | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 4 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 5 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | phishing | ||
100% | SlashNext | Credential Stealing type: Phishing & Social usering |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | phishing | ||
100% | Avira URL Cloud | phishing | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
a.nel.cloudflare.com | 35.190.80.1 | true | false | unknown | |
www.google.com | 142.250.185.132 | true | false | unknown | |
sclreg.com | 172.67.175.197 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
true | unknown | ||
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
172.67.175.197 | sclreg.com | United States | 13335 | CLOUDFLARENETUS | false |
IP |
---|
192.168.2.7 |
192.168.2.6 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1446885 |
Start date and time: | 2024-05-24 00:30:23 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 3m 10s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | https://sclreg.com/122861d2-a974-4dcc-80de-fc04620cb773/ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 7 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal64.phis.win@16/9@8/6 |
EGA Information: | Failed |
HCA Information: |
|
- Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 216.58.212.163, 108.177.15.84, 172.217.16.142, 34.104.35.123, 13.85.23.86, 93.184.221.240, 192.229.221.95, 20.3.187.198, 13.95.31.18, 172.217.18.3
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: https://sclreg.com/122861d2-a974-4dcc-80de-fc04620cb773/
Input | Output |
---|---|
URL: https://sclreg.com/122861d2-a974-4dcc-80de-fc04620cb773/ Model: Perplexity: mixtral-8x7b-instruct | { "loginform": false, "reasons": [ "The text does not contain any form fields for a user to input data.", "There is no mention of a username, password, or any other type of login credentials.", "The text is actually a warning about a potential phishing attempt and does not contain a login form." ] } |
O Warning Suspected Phishing This website has been reported for potential phishing. Phishing is when a site attempts to steal sensitive information by falsely presenting as a safe source. Leam More Ignore & Proceed Cloudflare Ray ID: 88887ebf5a6b7cb2 Your IP: Click to reveal Performance & security by Claudflare | |
URL: https://sclreg.com/122861d2-a974-4dcc-80de-fc04620cb773/ Model: gpt-4o | ```json { "riskscore": 1, "reasons": "The provided JavaScript code appears to manipulate the DOM to reveal or hide elements related to an IP address in the footer. There are no obvious signs of malicious activity such as data exfiltration, credential stealing, or unauthorized access. The code is relatively simple and does not perform any suspicious actions. However, any code that manipulates the DOM could potentially be used for phishing if combined with other malicious scripts, hence a minimal risk score of 1." } |
(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c.classList.add("hidden");a.getElementById("cf-footer-ip").classList.remove("hidden")}))}var a=document;document.addEventListener&&a.addEventListener("DOMContentLoaded",d)})(); |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
URL: | https://sclreg.com/cdn-cgi/images/icon-exclamation.png?1376755637 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 452 |
Entropy (8bit): | 7.0936408308765495 |
Encrypted: | false |
SSDEEP: | 12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK |
MD5: | C33DE66281E933259772399D10A6AFE8 |
SHA1: | B9F9D500F8814381451011D4DCF59CD2D90AD94F |
SHA-256: | F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016 |
SHA-512: | 5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 272 |
Entropy (8bit): | 5.215211155178454 |
Encrypted: | false |
SSDEEP: | 6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoIRCw1KBFEcXaoD:J0+oxBeRmR9etdzRxGezHttma+ |
MD5: | C887869904BCCDBD10124890DC4B75A0 |
SHA1: | 95F448AD0A86DB5F86489A5A6D8338D0CA1DAE99 |
SHA-256: | 031C255C5692EB688D7B5E7F35D6982CF6CC1D44D7F7B3F3BBBABF5AD9522807 |
SHA-512: | 0C6244187B12E9890BEAC5F77FFC0BD4F07F0A291063FA68823970CE96792B05AC3C219DA52392FF3CD1EFE5140C1433C4FD7E6C72BBC16CF4DEF7DA54FAB4D8 |
Malicious: | false |
Reputation: | low |
URL: | https://sclreg.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4432 |
Entropy (8bit): | 5.1002037549320685 |
Encrypted: | false |
SSDEEP: | 96:1j9jwIjYjUDK/D5DMF+BOiso0A2ZLimxrR79PaQxJbGD:1j9jhjYjIK/Vo+tsRZOmxr59ieJGD |
MD5: | 133250926C5CF49D2C7DBF8BE5F3FA08 |
SHA1: | 31472FE5B9D3D4464DB28003BA75ABC14979ADC6 |
SHA-256: | 1DFBC4CB76B25DAF75C853639D3940DAC7C24E8C82FCCD2D1036C7D9C2141EDD |
SHA-512: | FE8F6DB5498421271010EA1115F4098BF80D86F66C14B1FB943FD36BF4ACB10904BE8D23908109FDDE9095328A00B7848136B389E128B8BDDB3F8648D32D1442 |
Malicious: | false |
Reputation: | low |
URL: | https://sclreg.com/122861d2-a974-4dcc-80de-fc04620cb773/ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 24051 |
Entropy (8bit): | 4.941039417164537 |
Encrypted: | false |
SSDEEP: | 192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk |
MD5: | 5E8C69A459A691B5D1B9BE442332C87D |
SHA1: | F24DD1AD7C9080575D92A9A9A2C42620725EF836 |
SHA-256: | 84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091 |
SHA-512: | 6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42 |
Malicious: | false |
Reputation: | low |
URL: | https://sclreg.com/cdn-cgi/styles/cf.errors.css |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 24, 2024 00:31:07.307964087 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 00:31:07.307964087 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 00:31:07.636061907 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 00:31:14.435419083 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.435453892 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.435570955 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.435949087 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.435955048 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.436019897 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.436167002 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.436178923 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.436387062 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.436398983 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.985239029 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.985738039 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.985752106 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.986815929 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.986922026 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.988289118 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:14.988354921 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:14.988646030 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.016608000 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.016993046 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.017004967 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.020567894 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.020654917 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.021083117 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.021145105 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.029275894 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.029285908 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.075917006 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.075917006 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.075939894 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.122113943 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.143428087 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.146680117 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.146759987 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.146799088 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.146806002 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.146869898 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.149935007 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.150126934 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.150197029 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.157582998 CEST | 49704 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.157603025 CEST | 443 | 49704 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.163219929 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.206537962 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.290432930 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.296936035 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.297033072 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.297070980 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.297091961 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.297162056 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.297168970 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.303656101 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.303930044 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.303940058 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.315474987 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.315570116 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.315633059 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.315649033 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.316168070 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.320128918 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.324755907 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.324841022 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.324841976 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.324872017 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.325006008 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.403359890 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.404920101 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.405018091 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.405038118 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.405056953 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.405345917 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.409760952 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.409934044 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.410012007 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.410129070 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.410156965 CEST | 443 | 49705 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.410171986 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.410255909 CEST | 49705 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.444670916 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.444715977 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.444825888 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.445564985 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:15.445594072 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:15.972678900 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.016434908 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.016469955 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.017039061 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.021445990 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.021548033 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.022250891 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.062500954 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.154455900 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.154558897 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.154616117 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.162648916 CEST | 49708 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.162662029 CEST | 443 | 49708 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.187968016 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.187994003 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.188064098 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.188682079 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.188694954 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.291212082 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.291245937 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.291317940 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.293534994 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.293570995 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.691173077 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.705039024 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.705115080 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.706228971 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.707293987 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.707449913 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.707627058 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.750535965 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.795200109 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.795541048 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.795588017 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.799705982 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.799819946 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.800451040 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.800617933 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.800731897 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.800750017 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.853363991 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.915874958 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 00:31:16.915874958 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 00:31:16.963819027 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.964003086 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:16.964066029 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.966006041 CEST | 49710 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:16.966022968 CEST | 443 | 49710 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:17.023865938 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:17.023997068 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:17.024051905 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:17.025213003 CEST | 49709 | 443 | 192.168.2.6 | 172.67.175.197 |
May 24, 2024 00:31:17.025222063 CEST | 443 | 49709 | 172.67.175.197 | 192.168.2.6 |
May 24, 2024 00:31:17.239653111 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 00:31:17.359441042 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.359549046 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.359688044 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.367557049 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:31:17.367587090 CEST | 443 | 49714 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:31:17.367778063 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:31:17.368949890 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:31:17.368959904 CEST | 443 | 49714 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:31:17.369824886 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.369837999 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.842082024 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:17.842135906 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:17.842206955 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:17.854794025 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:17.854814053 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:17.873934984 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.874644995 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.874660015 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.875740051 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.875818968 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.878261089 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.878489017 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.878494024 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.878514051 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.931518078 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:17.931560040 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:17.978393078 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.019541979 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.027535915 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.027614117 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.129301071 CEST | 49713 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.129328966 CEST | 443 | 49713 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.134452105 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.134500980 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.134569883 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.159235954 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.159265041 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.509083986 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.509170055 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.514175892 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.514195919 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.514538050 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.556520939 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.564918995 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.610508919 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.636955023 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.637473106 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.637502909 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.637876034 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.638386011 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.638583899 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.638772011 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.686501026 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.822154999 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.822242975 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.822318077 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.822551012 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.822608948 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.822644949 CEST | 49715 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.822664022 CEST | 443 | 49715 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.862508059 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.862572908 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.862648964 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.862974882 CEST | 49716 | 443 | 192.168.2.6 | 35.190.80.1 |
May 24, 2024 00:31:18.862992048 CEST | 443 | 49716 | 35.190.80.1 | 192.168.2.6 |
May 24, 2024 00:31:18.876105070 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.876137018 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.876210928 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.877146959 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:18.877157927 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:18.941838026 CEST | 443 | 49698 | 173.222.162.64 | 192.168.2.6 |
May 24, 2024 00:31:18.941931963 CEST | 49698 | 443 | 192.168.2.6 | 173.222.162.64 |
May 24, 2024 00:31:19.580207109 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:19.580419064 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:19.584815979 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:19.584830046 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:19.585055113 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:19.586610079 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:19.634502888 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:19.899806976 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:19.899964094 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:19.900213003 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:19.900940895 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:19.900990009 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:19.901022911 CEST | 49717 | 443 | 192.168.2.6 | 2.19.104.72 |
May 24, 2024 00:31:19.901038885 CEST | 443 | 49717 | 2.19.104.72 | 192.168.2.6 |
May 24, 2024 00:31:47.385413885 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:31:47.430502892 CEST | 443 | 49714 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:31:47.471410990 CEST | 443 | 49714 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:31:47.471934080 CEST | 49714 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:17.327294111 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:17.327327013 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:17.327398062 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:17.327685118 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:17.327701092 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:17.974335909 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:17.974822044 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:17.974844933 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:17.975864887 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:17.975924969 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:17.977813959 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:17.977884054 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:18.026882887 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:18.026896954 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:18.073745966 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:27.894259930 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:27.894397974 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
May 24, 2024 00:32:27.894470930 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:28.997783899 CEST | 49727 | 443 | 192.168.2.6 | 142.250.185.132 |
May 24, 2024 00:32:28.997811079 CEST | 443 | 49727 | 142.250.185.132 | 192.168.2.6 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
May 24, 2024 00:31:12.772005081 CEST | 53 | 59366 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:12.785552979 CEST | 53 | 62773 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:13.837867022 CEST | 53 | 64288 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:14.401232958 CEST | 57539 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:14.403409004 CEST | 51732 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:14.421665907 CEST | 53 | 57539 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:14.435415983 CEST | 53 | 51732 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:16.257869005 CEST | 63908 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:16.258430958 CEST | 60140 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:16.271969080 CEST | 53 | 63908 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:16.286367893 CEST | 53 | 60140 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:17.266474962 CEST | 54411 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:17.266650915 CEST | 55501 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:17.267313957 CEST | 53900 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:17.267446041 CEST | 52916 | 53 | 192.168.2.6 | 1.1.1.1 |
May 24, 2024 00:31:17.306504011 CEST | 53 | 53900 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:17.306535006 CEST | 53 | 55501 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:17.306549072 CEST | 53 | 54411 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:17.306566000 CEST | 53 | 52916 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:31.061525106 CEST | 53 | 50503 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:31:50.099350929 CEST | 53 | 64944 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:32:12.345211029 CEST | 53 | 53132 | 1.1.1.1 | 192.168.2.6 |
May 24, 2024 00:32:13.069550037 CEST | 53 | 51858 | 1.1.1.1 | 192.168.2.6 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
May 24, 2024 00:31:14.435544968 CEST | 192.168.2.6 | 1.1.1.1 | c22b | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
May 24, 2024 00:31:14.401232958 CEST | 192.168.2.6 | 1.1.1.1 | 0x1bad | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 24, 2024 00:31:14.403409004 CEST | 192.168.2.6 | 1.1.1.1 | 0xa709 | Standard query (0) | 65 | IN (0x0001) | false | |
May 24, 2024 00:31:16.257869005 CEST | 192.168.2.6 | 1.1.1.1 | 0x3521 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 24, 2024 00:31:16.258430958 CEST | 192.168.2.6 | 1.1.1.1 | 0x9a80 | Standard query (0) | 65 | IN (0x0001) | false | |
May 24, 2024 00:31:17.266474962 CEST | 192.168.2.6 | 1.1.1.1 | 0x572 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 24, 2024 00:31:17.266650915 CEST | 192.168.2.6 | 1.1.1.1 | 0x81bf | Standard query (0) | 65 | IN (0x0001) | false | |
May 24, 2024 00:31:17.267313957 CEST | 192.168.2.6 | 1.1.1.1 | 0x8f40 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
May 24, 2024 00:31:17.267446041 CEST | 192.168.2.6 | 1.1.1.1 | 0xc29b | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
May 24, 2024 00:31:14.421665907 CEST | 1.1.1.1 | 192.168.2.6 | 0x1bad | No error (0) | 172.67.175.197 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:31:14.421665907 CEST | 1.1.1.1 | 192.168.2.6 | 0x1bad | No error (0) | 104.21.17.113 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:31:14.435415983 CEST | 1.1.1.1 | 192.168.2.6 | 0xa709 | No error (0) | 65 | IN (0x0001) | false | |||
May 24, 2024 00:31:16.271969080 CEST | 1.1.1.1 | 192.168.2.6 | 0x3521 | No error (0) | 172.67.175.197 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:31:16.271969080 CEST | 1.1.1.1 | 192.168.2.6 | 0x3521 | No error (0) | 104.21.17.113 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:31:16.286367893 CEST | 1.1.1.1 | 192.168.2.6 | 0x9a80 | No error (0) | 65 | IN (0x0001) | false | |||
May 24, 2024 00:31:17.306504011 CEST | 1.1.1.1 | 192.168.2.6 | 0x8f40 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:31:17.306549072 CEST | 1.1.1.1 | 192.168.2.6 | 0x572 | No error (0) | 35.190.80.1 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:31:17.306566000 CEST | 1.1.1.1 | 192.168.2.6 | 0xc29b | No error (0) | 65 | IN (0x0001) | false | |||
May 24, 2024 00:31:29.239487886 CEST | 1.1.1.1 | 192.168.2.6 | 0x2c31 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
May 24, 2024 00:31:29.239487886 CEST | 1.1.1.1 | 192.168.2.6 | 0x2c31 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:31:43.341581106 CEST | 1.1.1.1 | 192.168.2.6 | 0xe1f2 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
May 24, 2024 00:31:43.341581106 CEST | 1.1.1.1 | 192.168.2.6 | 0xe1f2 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:32:05.253689051 CEST | 1.1.1.1 | 192.168.2.6 | 0xde64 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
May 24, 2024 00:32:05.253689051 CEST | 1.1.1.1 | 192.168.2.6 | 0xde64 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
May 24, 2024 00:32:25.587352037 CEST | 1.1.1.1 | 192.168.2.6 | 0x529b | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
May 24, 2024 00:32:25.587352037 CEST | 1.1.1.1 | 192.168.2.6 | 0x529b | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.6 | 49704 | 172.67.175.197 | 443 | 5772 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:14 UTC | 690 | OUT | |
2024-05-23 22:31:15 UTC | 539 | IN | |
2024-05-23 22:31:15 UTC | 830 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 872 | IN | |
2024-05-23 22:31:15 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.6 | 49705 | 172.67.175.197 | 443 | 5772 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:15 UTC | 584 | OUT | |
2024-05-23 22:31:15 UTC | 411 | IN | |
2024-05-23 22:31:15 UTC | 958 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN | |
2024-05-23 22:31:15 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.6 | 49708 | 172.67.175.197 | 443 | 5772 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:16 UTC | 639 | OUT | |
2024-05-23 22:31:16 UTC | 409 | IN | |
2024-05-23 22:31:16 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.6 | 49709 | 172.67.175.197 | 443 | 5772 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:16 UTC | 613 | OUT | |
2024-05-23 22:31:17 UTC | 604 | IN | |
2024-05-23 22:31:17 UTC | 279 | IN | |
2024-05-23 22:31:17 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.6 | 49710 | 172.67.175.197 | 443 | 5772 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:16 UTC | 380 | OUT | |
2024-05-23 22:31:16 UTC | 409 | IN | |
2024-05-23 22:31:16 UTC | 452 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.6 | 49713 | 35.190.80.1 | 443 | 5772 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:17 UTC | 519 | OUT | |
2024-05-23 22:31:18 UTC | 336 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.6 | 49715 | 2.19.104.72 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:18 UTC | 161 | OUT | |
2024-05-23 22:31:18 UTC | 467 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.6 | 49716 | 35.190.80.1 | 443 | 5772 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:18 UTC | 466 | OUT | |
2024-05-23 22:31:18 UTC | 450 | OUT | |
2024-05-23 22:31:18 UTC | 168 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.6 | 49717 | 2.19.104.72 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-05-23 22:31:19 UTC | 239 | OUT | |
2024-05-23 22:31:19 UTC | 535 | IN | |
2024-05-23 22:31:19 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 18:31:08 |
Start date: | 23/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 18:31:11 |
Start date: | 23/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 18:31:13 |
Start date: | 23/05/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff684c40000 |
File size: | 3'242'272 bytes |
MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |